JP5776981B2 - Network relay device - Google Patents

Description

  The present invention relates to a network relay device.

  As a conventional technique, a technique for performing communication between packets and frames between communication devices such as routers is disclosed (for example, see Patent Document 1).

  The technique of Patent Document 1 is a technique for determining increase / decrease in path capacity according to the amount of traffic transmitted by the path, and employs a path capacity increase determination step and a path capacity decrease determination step having two or more determination criteria. doing.

  For this reason, according to the technique of Patent Document 1, it is possible to determine whether the path capacity increases or decreases in consideration of both long-term and short-term traffic fluctuations by the path capacity increase determination step and the path capacity decrease determination step. It is considered that a high-quality path can be provided to the upper layer network while preventing loss.

JP 2007-43646 A

  In a network relay device, a microburst may occur. Here, “microburst” is a short-term and random change in communication state caused by bursty traffic, and is a state in which a large amount of communication occurs suddenly in a short time.

Specifically, a microburst is a traffic characteristic that bursts in less than 1 second, and is averaged in a traffic plot at intervals of several seconds and cannot be detected.
Then, identify the port of the switch where such a microburst is occurring, identify where the microburst originates (malicious user) (who), and then in real time There is a desire to detect.

Here, the requirements for specifying the source of the microburst are as follows.
(1) The ability to detect microbursts.
Since microburst is a state in which a large amount of communication occurs suddenly in a short time, it is not known when and where it occurs. Therefore, in order to detect a microburst, it is necessary to constantly monitor the traffic of each communication port of the network relay device.
(2) The transmission source of the frame being relayed can be specified.
In order to specify the transmission source of the frame being relayed, it is necessary to capture (capture) the contents of the frame being relayed by the control unit of the network relay device.

  As a technique to satisfy both of the requirements (1) and (2) above, the control unit of the network relay device constantly monitors the traffic of each communication port of the network relay device and captures the contents of the frame being relayed. A method (in short, a method of constantly monitoring the contents of the frame being relayed by the control unit) can be considered. However, since this method requires constant monitoring by the control unit, it is unrealistic considering the processing load and performance of the control unit.

  Therefore, an object of the present invention is to provide a technique capable of specifying the source of the microburst while reducing the processing load in the control unit as much as possible.

In order to solve the above-described problem, a network relay device of the present invention includes a reception port that receives a frame, a control unit that executes processing for managing the content of the frame, and a reception amount of the frame received by the reception port A reference value defining unit that predefines a reference value related to the received amount in order to classify the frames received by the receiving port into a plurality of groups including a specific group, and the measurement Determining whether or not the received amount of the frame measured by the unit exceeds the reference value defined in the reference value defining unit, so that the frame received by the receiving port is included in the plurality of groups. A determination unit that determines which of the groups belongs, and a determination result that the determination result by the determination unit belongs to the specific group In some cases, the contents of the frame received by the receiving port, a network relay device and a transmitter that transmits to the control unit.
The network relay device according to the present invention includes a control unit that controls frame relay, a reception port that receives the frame, a measurement unit that measures a reception amount of the frame received by the reception port, and the measurement When the received amount of the frame measured by the unit belongs to a predetermined range, the network relay device includes a transmission unit that transmits the content of the frame while belonging to the predetermined range to the control unit.

  According to the present invention, it is possible to specify the source of the microburst while reducing the processing burden on the control unit as much as possible.

It is a figure showing network system 10 of a 1st embodiment. It is a block diagram which shows the structure of the network relay apparatus 20 of 1st Embodiment. It is a conceptual diagram explaining operation | movement of switching LSI40 of 1st Embodiment. It is a flowchart which shows the content of a part of information processing performed by switching LSI40 of 1st Embodiment. It is a block diagram which shows the structure of the network relay apparatus 20-2 of 2nd Embodiment. It is a conceptual diagram explaining operation | movement of the switching LSI40 of 2nd Embodiment. It is a flowchart which shows the one part content of the information processing performed by switching LSI40 of 2nd Embodiment.

Hereinafter, embodiments of the present invention will be described with reference to the drawings.
[First Embodiment]
FIG. 1 is a diagram illustrating a network system 10 according to the first embodiment.
The network system 10 includes a plurality of network relay devices 20 (20a to 20d) connected to each other, a plurality of external terminals 30 (30a to 30d) connected to the network relay device 20, and the like.

  The network relay device 20 is a switch that relays frames, and has a plurality of ports 22. The plurality of ports 22 function as a reception port that receives a frame and a transmission port that transmits a frame. The network relay devices 20 are connected to each other by a communication cable 24.

[External terminal]
The external terminal 30 is an information processing apparatus operated by a user, and for example, a desktop or notebook personal computer can be applied. The network relay device 20 and the external terminal 30 are connected by a communication cable 24. In the illustrated example, the network relay device 20 and the external terminal 30 are directly connected via the communication cable 24, but may be indirectly connected via a relay device such as a hub.

FIG. 2 is a block diagram illustrating a configuration of the network relay device 20 according to the first embodiment.
The network relay device 20 includes a port 22, a switching LSI (Large Scale Integration) 40, a relay unit 50, a memory 60, and a control unit 70.

〔port〕
A plurality of ports 22 are provided according to the number of ports provided in the network relay device 20. In the illustrated example, only three ports 22 are shown.

[Switching LSI]
The switching LSI 40 performs processing such as encoding or decoding, and transmits a frame from the port 22 to the relay unit 50 or from the relay unit 50 to the port 22.
The switching LSI 40 includes a measurement unit 42, a reference value defining unit 44, a determination unit 46, and a transmission unit 48.

[Measurement section]
The measurement unit 42 monitors the reception amount (reception band) of the frame received by the port 22 and measures the reception amount of the frame received by the port 22.

[Standard Value Specification]
The reference value defining unit 44 categorizes the frames received by the port 22 into three groups including a specific group (a specific group, a first non-specific group, and a second non-specific group). The reference value for the received amount of is defined in advance.

(Judgment part)
The determination unit 46 determines whether or not the frame received by the port 22 is 3 by determining whether or not the reception amount of the frame measured by the measurement unit 42 exceeds the reference value defined by the reference value defining unit 44. It is determined which of the two groups belongs.

[Transmitter]
When the determination result by the determination unit 46 is a determination result that the determination unit 46 belongs to a specific group, the transmission unit 48 transmits the content of the frame received by the port 22 to the control unit 70 that controls the network relay device 20. . In this case, the transmitter 48 duplicates (copies) the frame received by the port 22 and transmits the duplicated frame to the controller 70.
Further, when transmitting the duplicated frame to the control unit 70, the transmission unit 48 receives the frame 22 that has received a frame determined to belong to a specific group from among the plurality of ports 22 in the content of the duplicated frame. The information (reception port number, etc.) for specifying is added and transmitted.

[Relay part]
The relay unit 50 is in charge of a function of a MAC (Media Access Control) layer in cooperation with the memory 60 and the control unit 70.
The relay unit 50 is configured by, for example, an ASIC (Application Specific Integrated Circuit), an FPGA (Field Programmable Gate Array), or the like. The relay unit 50 includes an input processing unit 52 and an output processing unit 54.

〔memory〕
The memory 60 is a storage device capable of reading and writing, and stores an FDB (Forwarding Data Base) 62. In the FDB 62, the number of the port 22 and the MAC address are registered in association with each other.

[Frame content storage]
Further, the memory 60 stores a frame content storage unit 64. The frame content storage unit 64 stores the content of the frame transmitted from the transmission unit 48 and information (reception port number) for specifying the port 22.

[Input processing unit]
Based on the destination MAC address in the frame, the input processing unit 52 sets the output destination port 22 while referring to the FDB 62 and the like, and performs processing for transmitting the frame to the output processing unit 54. Further, the input processing unit 52 performs processing for registering the transmission source MAC address in the frame received from the switching LSI 40 in the FDB 62 in association with the number of the port 22 that received the frame.

[Output processing unit]
The output processing unit 54 transmits the frame received from the input processing unit 52 to the switching LSI 40.

(Control part)
The control unit 70 is configured by a CPU (Central Processing Unit) and controls the network relay device 20. The control unit 70 has a frame content management unit 76.

[Frame Content Management Department]
The frame content management unit 76 executes processing for managing information transmitted from the transmission unit 48 of the switching LSI 40. Specifically, the process of storing the content of the frame transmitted from the transmission unit 48 and the information (reception port number) for specifying the port 22 in the frame content storage unit 64 is executed.

  Here, the frame stored in the frame content storage unit 64 includes, for example, a destination MAC address, a source MAC address, a destination IP (Internet Protocol) address, a source IP address, and a virtual network identification. A VID (Virtual LAN ID) indicating a number is included.

  FIG. 3 is a conceptual diagram for explaining the operation of the switching LSI 40 of the first embodiment. In the figure, the vertical axis represents the reception band of the frame, and the horizontal axis represents time.

Here, the reference value defining unit 44 of the switching LSI 40 of the first embodiment defines two levels of reference values. The first reference value is a first reference value, and the second reference value is a second reference value that is larger than the first reference value.
For example, the first reference value is a value of “99.9%” of the maximum reception band (maximum reception amount) that is the maximum reception band (reception amount) that can be received by the network relay device 20, and the second reference value The value may be set to a value larger than the first reference value by about “64 kbytes / second”, which is a minimum setting unit described later.

In the first embodiment, the area is set as follows based on the value of the reception band.
Green area: When the value of the reception band is 0 or more and less than the first reference value Yellow area: The value of the reception band is more than the first reference value and less than the second reference value Red area: When the reception band value is greater than or equal to the second reference value

  In the first embodiment, in order to classify received frames into three groups, the green region is defined as a first non-specific group, the yellow region is defined as a specific group, and the red region is defined as a second non-specific group. doing.

Therefore, when the received amount of frames does not exceed the first reference value, the determining unit 46 determines that the received frame belongs to the first non-specific group (green region).
The determination unit 46 determines that the received frame belongs to a specific group (yellow region) when the received amount of the frame exceeds the first reference value and does not exceed the second reference value. .
Furthermore, when the received amount of frames exceeds the second reference value, the determination unit 46 determines that the frame belongs to the second non-specific group (red region).

  Here, the value obtained by subtracting the first reference value from the second reference value is the minimum value (minimum setting unit) that can be set by the network relay device 20. The minimum setting unit is a value that varies depending on the specifications and performance of the network relay device 20. For example, if the device can set a reference value every “64 kbytes / second”, the minimum reference unit is changed from the second reference value to the first reference value. The value obtained by subtracting is 64 kbytes / second, which is the lowest bandwidth that can be set. Thus, the reason for setting the interval between the first reference value and the second reference value to the minimum value is to set the yellow area corresponding to the specific group as small as possible.

[Time t0 to t1]
At time t0 to t1, a frame having a relatively small reception band is received at the port 22. In this case, the determination unit 46 determines that the received frame is a frame belonging to the first non-specific group (green region). For this reason, the transmission unit 48 performs no operation.

[Time t1 to t2]
From time t1 to t2, a frame having a large reception band is received at the port 22. For this reason, the waveform in the figure rises rapidly. However, this waveform is not so large as to reach the yellow region corresponding to a specific group. In this case, the determination unit 46 determines that the received frame is a frame belonging to the first non-specific group (green region). For this reason, the transmission unit 48 performs no operation.

[Time t2 to t3]
From time t2 to t3, a frame with a small reception band is received at the port 22. In this case, the determination unit 46 determines that the received frame is a frame belonging to the first non-specific group (green region). For this reason, the transmission unit 48 performs no operation.

[Time t3 to t4]
From time t3 to t4, a frame having a large reception band is received at the port 22. For this reason, the waveform in the figure rises rapidly. This waveform is such that it reaches the red region corresponding to the second non-specific group beyond the yellow region corresponding to the specific group. In this case, the determination unit 46 determines that the received frame is a frame belonging to the specific group (yellow region), and then determines that the received frame is a frame belonging to the second non-specific group (red region).

  Then, while the determination unit 46 determines that the frame belongs to a specific group (yellow region), the transmission unit 48 controls the network relay device 20 with the content of the frame received by the port 22. It transmits to the control part 70. That is, when the received amount of frames measured by the measuring unit 42 belongs to a predetermined range (a range corresponding to a specific group), the transmitting unit 48 controls the contents of the frame while belonging to the predetermined range to the control unit 70. Send to. However, if the determination unit 46 determines that the frame belongs to the second non-specific group (red region), no operation is performed.

[After time t4]
After time t4, the port 22 has received a frame with a relatively small reception band. In this case, the determination unit 46 determines that the received frame is a frame belonging to the first non-specific group (green region). For this reason, the transmission unit 48 performs no operation.

  FIG. 4 is a flowchart showing a part of the information processing executed by the switching LSI 40 of the first embodiment.

  Step S10: First, the reception amount (reception band) of the frame is notified from the measurement unit 42 of the switching LSI 40 to the determination unit 46 of the switching LSI 40.

Step S12: Next, the determination unit 46 of the switching LSI 40 determines whether or not the received amount of frames is less than the first reference value.
As a result, when the determination unit 46 of the switching LSI 40 determines that the amount of received frames is less than the first reference value (Yes), the control process ends.
On the other hand, when the determination unit 46 of the switching LSI 40 determines that the amount of received frames is equal to or greater than the first reference value (No), the control process proceeds to step S14.

Step S14: Further, the determination unit 46 of the switching LSI 40 determines whether or not the received amount of frames is less than the second reference value.
As a result, when the determination unit 46 of the switching LSI 40 determines that the amount of received frames is less than the second reference value (Yes), the control process proceeds to step S16.
On the other hand, when the determination unit 46 of the switching LSI 40 determines that the amount of received frames is equal to or greater than the second reference value (No), the control process ends.

Step S16: The transmission unit 48 transmits the content of the frame received by the port 22 to the control unit 70 that controls the network relay device 20. The content of the frame transmitted to the control unit 70 is managed by the frame content management unit 76.
When the above procedure is completed, the control process ends. However, these series of processes are processes executed in a loop state while the switching LSI 40 is operating.

Thus, according to the first embodiment, there are the following effects.
(1) The received frames are grouped according to the received amount, and the contents of the frames are transmitted to the control unit 70 only when belonging to a specific group (yellow region). Can be transmitted to the unit 70. Therefore, the generation source of the microburst can be specified while reducing the processing load on the control unit 70 as much as possible as compared with the method of constantly monitoring the contents of the frame being relayed by the control unit.
(2) Although the microburst is unknown when and where it occurs, since the received amount of frames is monitored on the switching LSI 40 side, the microburst can be detected accurately and the control unit 70 The processing burden can be reduced.

(3) Since the content of the frame is transmitted to the control unit 70 as long as the received amount reaches the yellow region corresponding to the specific group, the time during which the received amount stays in the specific group (yellow region) is extreme. Even if it is a short time, the content of the frame can be reliably transmitted to the control unit 70.
(4) When the received amount passes through the yellow region corresponding to the specific group and shifts to the red region corresponding to the second non-specific group, the content of the frame is not transmitted to the control unit 70. The content of the frame is not continuously transmitted to 70.

(5) When a microburst occurs, the received amount reaches the yellow region corresponding to a specific group, so the frame content management unit 76 of the control unit 70 stores the frame content storage unit 64 in the transmission unit 48. The contents of the transmitted frame and information for specifying the port 22 are stored. For this reason, for example, when the network administrator analyzes information stored in the frame content storage unit 64, it is affected by the external terminal 30 that has caused the occurrence of the microburst, or has been affected (packet loss has occurred). The external terminal 30 can be specified. For example, the external terminal 30 causing the problem can be identified by confirming the transmission source MAC address and the reception port number. Thereby, a tenant (such as a company that provides a network service from a communication carrier) that uses the external terminal 30 can also be specified. In this embodiment, the control unit 70 ends the process when the frame content is stored in the frame content storage unit 64, but further proceeds from there to analyze the frame content in the control unit 70. It is also possible to notify that the microburst has occurred by transmitting the contents of the frame from the control unit 70 to the management external terminal 30.

(6) Since a specific group (yellow region) is defined using the first reference value and the second reference value, not only microbursts but also various traffic characteristics can be handled. For example, in order to specify the microburst, the first reference value and the second reference value may be set close to the maximum reception band as in the present embodiment. On the other hand, by setting the first reference value and the second reference value to values that can be arbitrarily changed, for example, by setting the first reference value to “about 70%” of the maximum reception band (maximum reception amount). It is also possible to identify traffic characteristics that are not as severe as microbursts, but to some extent suddenly.

(7) Since the first non-specific group and the second non-specific group are set in addition to the specific group, the specific group can be a clearer group. Further, the yellow area corresponding to the specific group is an area that is sandwiched between the green area corresponding to the first non-specific group and the red area corresponding to the second non-specific group. The yellow region corresponding to a specific group can be set as one closed region, so that the control process can be prevented from becoming complicated and a clearer control process can be realized.

(8) Since the value obtained by subtracting the first reference value from the second reference value is the minimum value that can be set by the network relay device 20, the yellow area corresponding to the specific group may be made as small as possible. It is possible to suppress the waveform of the reception band from staying in the yellow region, and as a result, the processing load on the control unit 70 can be reduced.

(9) When the determination result by the determination unit 46 is a determination result that the transmission unit 48 belongs to either the first non-specific group (green region) or the second non-specific group (red region), The content of the frame received by the port 22 is not transmitted to the control unit 70. For this reason, not only can the processing load of the control unit 70 when the received frame belongs to other than a specific group (yellow region) be reduced, but also the processing load on the switching LSI 40 side can be reduced.

(10) Since the measurement unit 42, the reference value defining unit 44, the determination unit 46, and the transmission unit 48 are provided in the same integrated circuit (switching LSI 40), the content of the frame is transmitted after measuring the received amount. The series of processes up to can be completed in the same circuit group, and the process can be speeded up. Moreover, since a series of processes so far are processes not related to the control unit 70, the processing load on the control unit 70 can be reduced.

[Second Embodiment]
FIG. 5 is a block diagram illustrating a configuration of the network relay device 20-2 according to the second embodiment. Note that, in the following description, the same reference numerals are given to matters common to the above-described first embodiment, and overlapping descriptions are omitted as appropriate.

  The network relay device 20-2 of the second embodiment is different from that of the first embodiment in the setting contents of the reference value by the reference value defining unit 44-2 and the determination contents by the determining unit 46-2. It has become.

  The reference value defining unit 44-2 defines the first reference value and the second reference value that is the same value as the first reference value as the reference value. For this reason, in the second embodiment, the first reference value and the second reference value are the same value, and one common reference value is substantially defined.

  The determination unit 46-2 determines whether the reception amount of the frame measured by the measurement unit 42 exceeds the common reference value (first reference value and second reference value) defined in the reference value defining unit 44-2. It is determined which of the three groups the frame received by the port 22 belongs to.

  FIG. 6 is a conceptual diagram for explaining the operation of the switching LSI 40 of the second embodiment. In the figure, the vertical axis represents the reception band of the frame, and the horizontal axis represents time.

  Here, the reference value defining unit 44-2 of the switching LSI 40 according to the second embodiment defines one common reference value (first reference value and second reference value). For example, the common reference value can be set to “99.9%” of the maximum reception band (maximum reception amount).

In the second embodiment, the area is set as follows based on the value of the reception band.
Green region: When the value of the reception band is a value greater than or equal to 0 and less than the common reference value Red region: When the value of the reception band is a value greater than or equal to the common reference value For this reason, in the second embodiment, Although there is no wide yellow area as in the first embodiment, the yellow area exists on the common reference value.

  Similarly, in the second embodiment, in order to classify received frames into three groups, the green area is set as the first non-specific group, the yellow area is set as the specific group, and the red area is set as the second non-specific group. It stipulates.

When the received amount of frames does not exceed the common reference value, the determining unit 46-2 determines that the received frame belongs to the first non-specific group (green region).
Further, the determination unit 46-2 determines that the received frame belongs to the second non-specific group (red region) when the reception amount of the frame exceeds the common reference value.
Furthermore, even if the received amount of the frame exceeds the common reference value, the determination unit 46-2 determines that the specific group (yellow) if the excess amount is within a certain value range (for example, within about 3 kbytes). It is determined that it belongs to (region).

  In the present embodiment, whether or not the excess amount is within a certain value range is determined using a maximum bucket size mechanism. Here, “maximum bucket size” means that even if the amount of received frames exceeds a certain boundary, only the set maximum bucket size is regarded as not exceeding the certain boundary. This is a value that allows communication only in the capacity of the maximum bucket size.

Then, by setting the maximum bucket size, it is possible to adjust the responsiveness when the amount of received frames shifts from one area to another.
For example, when the maximum bucket size is set to “0”, the transition to the next area is made at the time when the boundary of the area is exceeded.
On the other hand, if the maximum bucket size is set to “3 kbytes”, for example, even if the area boundary is exceeded, it is considered that the area boundary is not exceeded up to 3 kbytes, and the boundary is exceeded up to 3 kbytes. Assuming that the user stays in the previous area, an operation related to the previous area that exceeds the boundary can be performed.

In this embodiment, a maximum bucket size of 3 kbytes is set for the boundary between the green region and the red region (substantially, the boundary between the yellow region and the red region). Even if the transition is made, the operation in the yellow region is performed for the excess amount up to 3 kbytes.
If the maximum bucket size is set to 3 kbytes, the contents of the frame can be transmitted to the control unit 70 for 3 kbytes. The reason why the maximum bucket size is set to 3 kbytes is that the contents of the frame can be sufficiently analyzed if there is a data amount of about 3 kbytes. In this embodiment, the maximum bucket size is set to 3 kbytes, but the maximum bucket size can be tuned by changing it according to the amount of data necessary to analyze the contents of the frame. It is.

[Time t0 to t1]
At time t0 to t1, a frame having a relatively small reception band is received at the port 22. In this case, the determination unit 46-2 determines that the received frame is a frame belonging to the first non-specific group (green region). For this reason, the transmission unit 48 performs no operation.

[Time t1 to t2]
From time t1 to t2, a frame having a large reception band is received at the port 22. For this reason, the waveform in the figure rises rapidly. However, this waveform is not enough to reach the common reference value. In this case, the determination unit 46-2 determines that the received frame is a frame belonging to the first non-specific group (green region). For this reason, the transmission unit 48 performs no operation.

[Time t2 to t3]
From time t2 to t3, a frame with a small reception band is received at the port 22. In this case, the determination unit 46-2 determines that the received frame belongs to the first non-specific group (green region). For this reason, the transmission unit 48 performs no operation.

[Time t3 to t4]
From time t3 to t4, a frame having a large reception band is received at the port 22. For this reason, the waveform in the figure rises rapidly. And this waveform is a waveform which reaches the red area | region corresponding to a 2nd non-specific group exceeding a common reference value. In this case, the determination unit 46-2 determines that the received frame is a frame belonging to a specific group (yellow region) only for a certain excess (3 kbytes), and then further increases the certain excess. It is determined that the frame exceeding the frame belongs to the second non-specific group (red region).

  Then, while the determination unit 46-2 determines that the transmission unit 48 is a frame belonging to a specific group (yellow region), the transmission unit 48 converts the content of the frame received by the port 22 into the network relay device 20-. 2 is transmitted to the control unit 70 that controls 2. However, if the determination unit 46-2 determines that the frame belongs to the second non-specific group (red region), no operation is performed.

[After time t4]
After time t4, the port 22 has received a frame with a relatively small reception band. In this case, the determination unit 46-2 determines that the received frame is a frame belonging to the first non-specific group (green region). For this reason, the transmission unit 48 performs no operation.

  FIG. 7 is a flowchart showing a part of the information processing executed by the switching LSI 40 of the second embodiment.

  Step S20: First, the reception amount (reception band) of the frame is notified from the measurement unit 42 of the switching LSI 40 to the determination unit 46-2 of the switching LSI 40.

Step S22: Next, the determination unit 46-2 of the switching LSI 40 determines whether or not the amount of received frames is less than the common reference value.
As a result, when the determination unit 46-2 of the switching LSI 40 determines that the amount of received frames is less than the common reference value (Yes), the control process ends.
On the other hand, when the determination unit 46-2 of the switching LSI 40 determines that the amount of received frames is equal to or greater than the common reference value (No), the control process proceeds to step S24.

Step S24: Further, the determination unit 46-2 of the switching LSI 40 determines whether or not the excess amount of received frames is less than a certain value. Here, the excess amount is an excess amount from the common reference value.
As a result, when the determination unit 46-2 of the switching LSI 40 determines that the excess amount is less than a certain value (Yes), the control process proceeds to step S26.
On the other hand, when the determination unit 46-2 of the switching LSI 40 determines that the excess amount is equal to or greater than a certain value (No), the control process ends.

Step S26: The transmission unit 48 transmits the contents of the frame received by the port 22 to the control unit 70 that controls the network relay device 20-2. The content of the frame transmitted to the control unit 70 is managed by the frame content management unit 76.
When the above procedure is completed, the control process ends. However, these series of processes are processes executed in a loop state while the switching LSI 40 is operating.

Thus, according to the second embodiment, in addition to the effects of the first embodiment, there are the following effects.
(1) Although two reference values are defined in the first embodiment, a common reference value that is one reference value is defined in the second embodiment. For this reason, the width of the yellow region corresponding to the specific group is substantially eliminated, and the green region corresponding to the first non-specific group and the red region corresponding to the second non-specific group become a continuous region. . Therefore, there is an effect that the contents of the frame can be transmitted to the control unit 70 only at the moment when the common reference value is exceeded.
(2) In the second embodiment, a specific value related to the excess amount is set to an extremely small value (for example, a value smaller than the minimum setting unit defined in the first embodiment). The width of the yellow region corresponding to the group can be substantially eliminated. As a result, it is possible to avoid that the reception amount continues to stay in the yellow region corresponding to the specific group, and as a result, it is possible to prevent the content of the frame from being continuously transmitted to the control unit 70. Can do. In other words, when the control method of the first embodiment described above is employed, the reception band may continue to enter the yellow region depending on the value of the reception band. In this case, the contents of the frame are copied to the control unit 70. There is a risk of being continued. On the other hand, if the control method of the second embodiment is adopted, since the common reference value in which the first reference value and the second reference value are the same is adopted, the reception band is continuously in the yellow region. It is possible to avoid the risk that the contents of the frame will continue to be copied to the control unit 70 without continuing to enter the frame.

The present invention can be implemented with various modifications and substitutions without being limited to the above-described embodiment.
For example, the number of network relay devices configuring the network system, the number of ports, various setting values, and the like are shown as examples, and are not limited thereto.

DESCRIPTION OF SYMBOLS 10 Network system 20 (20a-20d), 20-2 Network relay apparatus 22 Port 24 Communication cable 30 (30a-30d) External terminal 40 Switching LSI
42 measurement unit 44, 44-2 reference value defining unit 46, 46-2 determination unit 48 transmission unit 50 relay unit 52 input processing unit 54 output processing unit 60 memory 62 FDB
64 Frame content storage unit 70 Control unit 76 Frame content management unit

Claims (9)

A receiving port for receiving the frame;
A control unit that executes processing for managing the contents of the frame;
A measurement unit for measuring the reception amount of the frame received by the reception port;
A reference value defining unit that predefines a reference value related to the received amount in order to classify the frames received by the receiving port into a plurality of groups including a specific group;
By determining whether the received amount of the frame measured by the measuring unit exceeds a reference value defined in the reference value defining unit, the frame received by the receiving port is the plurality of frames. A determination unit for determining which group of the group belongs;
When the determination result by the determination unit is a determination result that belongs to the specific group, a transmission unit that transmits the content of the frame received by the reception port to the control unit ,
The reference value defining part is:
As the reference value, a first reference value and a second reference value that is larger than the first reference value are defined,
The determination unit
A network relay device that determines that the received amount belongs to the specific group when the received amount exceeds the first reference value and the received amount does not exceed the second reference value . The network relay device according to claim 1 ,
The plurality of groups are:
In addition to the specific group, including a first non-specific group and a second non-specific group,
The determination unit
If the received amount does not exceed the first reference value, it is determined that the received amount belongs to the first non-specific group,
A network relay device that determines that the received amount exceeds the second reference value and belongs to the second non-specific group. In the network relay device according to claim 1 or 2 ,
A value obtained by subtracting the first reference value from the second reference value is
Network relay device that is the minimum value that can be set in the network relay device. A receiving port for receiving the frame;
A control unit that executes processing for managing the contents of the frame;
A measurement unit for measuring the reception amount of the frame received by the reception port;
A reference value defining unit that predefines a reference value related to the received amount in order to classify the frames received by the receiving port into a plurality of groups including a specific group;
By determining whether the received amount of the frame measured by the measuring unit exceeds a reference value defined in the reference value defining unit, the frame received by the receiving port is the plurality of frames. A determination unit for determining which group of the group belongs;
When the determination result by the determination unit is a determination result that belongs to the specific group, a transmission unit that transmits the content of the frame received by the reception port to the control unit;
With
The reference value defining part is:
As the reference value, a first reference value and a second reference value that is the same value as the first reference value are defined,
The determination unit
A network relay device that determines that the received amount belongs to the specific group even if the received amount exceeds the first reference value and the second reference value if the excess amount is within a certain value range. The network relay device according to claim 4 ,
The plurality of groups are:
In addition to the specific group, including a first non-specific group and a second non-specific group,
The determination unit
If the received amount does not exceed the first reference value and the second reference value, it is determined that the received amount belongs to the first non-specific group,
When the received amount exceeds the first reference value and the second reference value, and the excess amount is not within the certain value range, it belongs to the second non-specific group Judgment Network relay device. The network relay device according to any one of claims 1 to 5 ,
The controller is
A network relay device that stores the contents of the frame transmitted by the transmission unit. In the network relay device according to claim 2 or 5 ,
The transmitter is
When the determination result by the determination unit is a determination result that belongs to either the first non-specific group or the second non-specific group, the control unit controls the content of the frame received by the reception port. Network relay device that does not transmit to the network. The network relay device according to any one of claims 1 to 7 ,
The measuring unit, the reference value defining unit, the determining unit, and the transmitting unit are:
Network relay device provided in the same integrated circuit. The network relay device according to any one of claims 1 to 8 ,
The receiving port is
There are several,
The transmitter is
A network relay device that transmits the content of the frame with information for identifying a reception port that has received a frame determined to belong to the specific group from among the plurality of reception ports.

Images