CN119544613A

CN119544613A - Flow control method, device, storage medium and computer equipment

Info

Publication number: CN119544613A
Application number: CN202411758302.5A
Authority: CN
Inventors: 赵子发
Original assignee: Tianyi Shilian Technology Co ltd
Current assignee: Tianyi Shilian Technology Co ltd
Priority date: 2024-12-02
Filing date: 2024-12-02
Publication date: 2025-02-28

Abstract

According to the flow control method, the flow control device, the storage medium and the computer equipment, after program deployment is started, the XDP interface directly acquires the data packet sent by the client at the network interface and extracts the streaming session information in the data packet, so that the transparency and the expandability of the system can be realized through the custom configuration of the XDP interface. In addition, in the flow control strategy configured by the XDP interface, when the data packet is a request packet, the pull flow count is updated based on the pull flow session information, and the updating result is subjected to threshold comparison, so that the request packet is redirected, limited or blocked, thereby effectively dispersing the flow and the load and improving the stability and the performance of the system. When the data packet is a response packet, error count updating is carried out based on the streaming session information, threshold comparison is carried out on the updating result, and blocking operation is carried out on the response packet when the threshold is exceeded, so that the client can be prevented from continuously retrying or sending malicious requests, and the safety of the system is improved.

Description

Flow control method, device, storage medium and computer equipment

Technical Field

The present application relates to the field of data communications technologies, and in particular, to a flow control method, a device, a storage medium, and a computer apparatus.

Background

The real-time streaming protocol (RTSP) is a network protocol, which is specially used for streaming audio and video data, and provides a user with streaming media control functions such as play, pause, fast forward, reverse, etc. In the RTSP service system, the RTSP server is responsible for receiving a request of a client and responding to provide high-quality real-time streaming media data. Therefore, to cope with increasing user demands and improve overall performance and stability of the system, in practical applications, multiple RTSP servers are often deployed to distribute traffic and load balancing.

However, the existing multi-server architecture still has difficulty in coping with the problems of server traffic surge and overload of system caused by simultaneous or frequent requests of a large number of clients, and in addition, it has difficulty in identifying and limiting malicious requests of clients, and is easy to receive interference. Therefore, the client lacks an effective flow control mechanism in the process of pulling, and the client is insufficient in prevention capability, so that the stability and the safety of the system are poor.

Disclosure of Invention

The application aims to at least solve one of the technical defects, in particular to the technical defects that the client lacks an effective flow control mechanism in the process of pulling flow, the precaution capability of the client is insufficient, and the stability and the safety of a system are poor in the prior art.

The application provides a flow control method, which comprises the following steps:

Acquiring a data packet sent by a client through a preset XDP interface, and extracting streaming session information in the data packet, wherein the type of the data packet comprises a request packet and a response packet, and the streaming session information comprises a target IP address and a source IP address;

When the data packet is a request packet, carrying out the pulling flow counting update on a pulling flow counting container based on the pulling flow session information to obtain the total pulling flow number of the target IP address and the repeated pulling flow number corresponding to the request packet;

When the repeated stream number is detected to exceed the response threshold of the target IP address, intercepting the request packet, and returning an interception response packet containing an optimal IP address to the client so that the client redirects the optimal IP address to carry out a stream pulling session request;

when the total number of the pull streams is detected to exceed a preset control threshold, carrying out current limiting operation or blocking operation on the request packet;

And when the data packet is a response packet, performing error count updating on an error count container based on the streaming session information to obtain an error streaming number of the source IP address, and performing blocking operation on the response packet when the error streaming number exceeds an error threshold of the source IP address.

Optionally, the extracting the streaming session information in the data packet includes:

Performing header analysis on the data packet to obtain an IP header and a TCP header, wherein the IP header comprises a target IP address and a source IP address;

Extracting a session request of the data packet, and a session identifier and a status code of the session request based on the TCP header;

and generating streaming session information according to the target IP address, the source IP address, the session identifier and the state code.

Optionally, the updating the pull count of the pull count container based on the pull session information to obtain a total pull number of the target IP address and a repeated pull number corresponding to the request packet includes:

Extracting a target IP address and a session identifier in the streaming session information;

Retrieving a total number of pull streams corresponding to the target IP address from a pull stream counting container, and retrieving a repeated number of pull streams corresponding to the session identifier from the total number of pull streams;

and respectively adding 1 count to the total number of the pull streams and the repeated number of the pull streams to update the pull stream counting container to obtain the latest total number of the pull streams and the repeated number of the pull streams.

Optionally, the returning, to the client, an interception response packet including an optimal IP address, so that the client redirects the optimal IP address to perform a streaming session request, including:

the method comprises the steps of obtaining total number of pull streams received by each request server, and sequencing all the total number of pull streams according to a sequence from low to high to obtain a sequencing result;

acquiring the IP address of the request server with the lowest total pull stream number in the sequencing result as an optimal IP address, and generating an interception response packet according to the optimal IP address;

And returning the interception response packet to the client so that the client redirects the request packet to a request server corresponding to the optimal IP address.

Optionally, the preset control threshold comprises a first threshold and a second threshold, wherein the first threshold is smaller than the second threshold;

And when the total number of pull streams is detected to exceed a preset control threshold, performing current limiting operation or blocking operation on the request packet, including:

Performing a current limiting operation on the request packet when the total number of pull streams is detected to exceed the first threshold but not exceed the second threshold;

and when the total number of pull streams is detected to exceed the second threshold, blocking the request packet.

Optionally, the updating the error count container to obtain the error pull stream number of the source IP address based on the pull stream session information includes:

Extracting a source IP address and a state code in the streaming session information, and judging whether the state code is a data error or not;

If not, directly obtaining the error pulling flow number corresponding to the source IP address from the error counting container;

If yes, adding 1 to count the error pulling flow number corresponding to the source IP address in the error counting container, and acquiring the latest error pulling flow number.

Optionally, the method further comprises:

acquiring update data of the pull flow counting container or the error counting container, and synchronously updating storage data of a database according to the update data;

And carrying out health evaluation on the request server at regular time according to the stored data in the database, and dynamically adjusting the configuration information of the XDP interface according to an evaluation result.

The application also provides a flow control device, comprising:

The system comprises a data packet analysis module, a data packet analysis module and a data processing module, wherein the data packet analysis module is used for acquiring a data packet sent by a client through a preset XDP interface and extracting streaming session information in the data packet, wherein the type of the data packet comprises a request packet and a response packet;

The container updating module is used for carrying out the pulling flow counting updating on the pulling flow counting container based on the pulling flow session information when the packet type is a request packet, so as to obtain the total pulling flow number of the target IP address and the repeated pulling flow number corresponding to the request packet;

The first flow control module is used for intercepting the request packet when detecting that the repeated pull stream number exceeds the response threshold of the target IP address, and returning an interception response packet containing an optimal IP address to the client so as to redirect the client to the optimal IP address for carrying out a pull stream session request;

The second flow control module is used for carrying out current limiting operation or blocking operation on the request packet when the total number of pull streams is detected to exceed a preset control threshold;

And the third flow control module is used for carrying out error count updating on the error count container based on the streaming session information when the packet type is a response packet, obtaining the error streaming number of the source IP address, and carrying out blocking operation on the response packet when the error streaming number exceeds the error threshold of the source IP address.

The present application also provides a storage medium having stored therein computer readable instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of the flow control method as set forth in any one of the above embodiments.

The application also provides a computer device comprising one or more processors and a memory;

The memory has stored therein computer readable instructions which, when executed by the one or more processors, perform the steps of the flow control method as set forth in any one of the above embodiments.

From the above technical solutions, the embodiment of the present application has the following advantages:

After the program deployment is started, the XDP interface can directly acquire the data packet sent by the client at the network interface and extract the streaming session information in the data packet, including the target IP address and the source IP address, so that the application can realize the transparency and the expandability of the system without modifying the software code of the related server through the custom configuration of the XDP interface. In addition, in the flow control strategy configured by the XDP interface, when the data packet is a request packet, the pull flow counting container can be updated based on the pull flow session information to obtain the total pull flow number of the target IP address and the repeated pull flow number corresponding to the request packet, when the repeated pull flow number is detected to exceed the response threshold value of the target IP address, the request packet is intercepted, and an interception response packet containing the optimal IP address is returned to the client, so that the client redirects the optimal IP address to perform the pull flow session request, and when the total pull flow number is detected to exceed the preset control threshold value, the request packet can be subjected to the flow limiting operation or the blocking operation, so that the flow and the load can be effectively dispersed, and the stability and the performance of the system are improved. When the data packet is a response packet, the error counting container is updated based on the streaming session information to obtain the error streaming number of the source IP address, and when the error streaming number exceeds the error threshold of the source IP address, the response packet is blocked, so that the client can be prevented from continuously retrying or sending malicious requests, and the safety of the system is improved.

Drawings

In order to more clearly illustrate the embodiments of the application or the technical solutions of the prior art, the drawings which are used in the description of the embodiments or the prior art will be briefly described, it being obvious that the drawings in the description below are only some embodiments of the application, and that other drawings can be obtained from these drawings without inventive faculty for a person skilled in the art.

Fig. 1 is a schematic flow chart of a flow control method according to an embodiment of the present application;

FIG. 2 is a schematic flow chart of a redirection operation procedure according to an embodiment of the present application;

FIG. 3 is a schematic diagram of a flow control mechanism according to an embodiment of the present application;

FIG. 4 is a schematic diagram of a flow control mechanism according to an embodiment of the present application;

FIG. 5 is a schematic diagram of a flow control device according to an embodiment of the present application;

fig. 6 is a schematic diagram of an internal structure of a computer device according to an embodiment of the present application.

Detailed Description

The following description of the embodiments of the present application will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present application, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.

The existing multi-server architecture still has difficulty in coping with the problems of server traffic surge and overload system load caused by simultaneous or frequent requests of a large number of clients, and in addition, has difficulty in identifying and limiting malicious requests of the clients, and is easy to receive interference. Therefore, the client lacks an effective flow control mechanism in the process of pulling, and the client is insufficient in prevention capability, so that the stability and the safety of the system are poor.

Based on the above, the application provides the following technical scheme, and the specific scheme is as follows:

In one embodiment, as shown in fig. 1, fig. 1 is a flow chart of a flow control method according to an embodiment of the present application, where the flow control method specifically includes the following steps:

S110, acquiring a data packet sent by a client through a preset XDP interface, and extracting streaming session information in the data packet, wherein the type of the data packet comprises a request packet and a response packet, and the streaming session information comprises a target IP address and a source IP address.

In this step, when the client initiates a streaming request to the request server, for example, when an RTSP data packet is sent to the RTSP server, the computer device may acquire the data packet sent by the client at the network interface through the XDP interface, and extract streaming session information in the data packet. Through the custom configuration of the XDP interface, the application can directly process the data packet at the network interface, and does not need to modify the software code of the related server, thereby realizing the transparency and the expandability of the system.

Among them, RTSP (REAL TIME STREAMING Protocol) is a Protocol for transmitting audio and video data over a network, which uses TCP or UDP Protocol for data transmission, providing control of streaming media such as play, pause, fast forward and rewind functions. And the RTSP server is a main device for providing an RTSP service, which can receive and respond to an RTSP request of a client to provide real-time streaming media data.

In addition, the XDP interface adopted by the application is constructed based on XDP (Express Data Path, fast data plane). The XDP herein refers to an efficient packet processing framework, so that packets can be processed directly at the entry of the network interface card driver, thereby reducing the processing time of the packets in the operating system kernel. Through XDP, the application can rapidly filter and forward RTSP data packets, and improves the processing efficiency of the system.

Before implementing load balancing and flow control on the multi-server rack, the computer device may receive a configuration file written by a user, load the configuration file into a user space program and start the configuration file, compile the configuration file in a kernel space to obtain eBPF XDP program, and then construct an XDP interface based on the eBPF XDP program, so that the XDP interface directly intercepts a data packet at a network interface, and avoid multiple switching of the data packet between a user state and a kernel state, thereby significantly improving processing performance of network data. The configuration file may be a YAML file written by Python, which is used to define parameter information such as a threshold value, an RTSP server address, redis connection information, and a speed limit value.

Specifically, the computer device may determine the type of the intercepted data packet, including the request packet and the response packet, so that different control measures may be adopted to perform flow control based on different types, so as to implement load balancing. After the data packet sent by the client is obtained, the computer equipment can extract the streaming session information by analyzing the protocol header information in the data packet, and in the streaming session information, besides the basic protocol information of the data packet, such as a source port number and a target port number, the streaming metadata can also cover more specific streaming metadata, such as a source IP address, a target IP address and the like, so that the flow direction and the characteristics of network traffic can be identified, and the direction is provided for traffic control and optimization. The source IP address refers to the IP address of the data packet initiator, i.e., the client, and the destination IP address refers to the destination of the data packet, i.e., the IP address of the request server.

And S120, when the data packet is a request packet, carrying out the pull stream count updating on the pull stream counting container based on the pull stream session information to obtain the total pull stream number of the target IP address and the repeated pull stream number corresponding to the request packet.

In this step, after determining that the data packet is the request packet in step S110, the computer device may perform a pull calculation update on the pull counting container based on the pull session information, so as to obtain a total number of pull flows of the target IP address and a repeated number of pull flows corresponding to the request packet, so as to perform flow control based on the total number of pull flows and the repeated number of pull flows.

It will be appreciated that in the present application, the pull flow counting container may refer to a data structure BPF MAP provided through eBPF framework when XDP is used for high-speed packet processing, and the BPF MAP refers to a data storage structure in kernel mode, which allows data to be efficiently stored and accessed in the XDP procedure, providing support for packet processing and state tracking. Through the counting management of the BPF MAP, when the computer equipment detects a request packet, the counting can be inquired and updated in the MAP through session information such as a target IP address, and the switching between a kernel mode and a user mode is not required to be frequently invoked.

Specifically, each time a request packet is received, the computer device may look up in the pull count container whether a record of the target IP address already exists. If so, the system will update the corresponding count value, i.e. increment on the basis of the total number of pull streams, and calculate and update the repeated number of pull streams corresponding to the current request packet, wherein the repeated number of pull streams is the repeated request count based on the same target IP address, and can be used for identifying malicious requests or abnormal frequent pull stream behaviors. Therefore, the computer equipment can take the total number of pull streams and the repeated number of pull streams as reference indexes, and further realize flow control.

S130, when the repeated stream drawing exceeds the response threshold of the target IP address, intercepting the request packet, and returning an interception response packet containing the optimal IP address to the client so as to enable the client to redirect the optimal IP address to carry out the stream drawing session request.

In this step, after the repeated number of pull flows corresponding to the request packet is obtained in step S120, the computer device may perform threshold detection on the repeated number of pull flows, and when detecting that the repeated number of pull flows exceeds the response threshold of the target IP address, intercept the request packet, and return an interception response packet containing the optimal IP address to the client, so that the client redirects the optimal IP address to perform a pull session request, thereby preventing the traffic and the system load of a single request server from being too high, and affecting the stability and the pull efficiency of the system.

The response threshold refers to an upper limit set by the computer device when processing the pull stream request, and is used for measuring whether the number of repeated pull stream requests of the same request packet in a specific target IP address is too high. If a certain request packet reaches or exceeds the threshold value in the number of repeated pull streams of its corresponding target IP address, it is indicated that the request packet has too high request frequency, which will cause stress or potential risk to server resources and system performance, so that the computer device needs to perform splitting processing on the request packet.

Specifically, when the computer device detects that the repeated number of pull streams of the target IP address requested by the request packet exceeds a preset response threshold, the system triggers an automatic interception mechanism to intercept the request packet, so as to prevent potential problems of traffic abuse and resource overload. The computer device may also construct and return an intercept response packet containing the optimal IP address calculated by the system computer device during the intercept operation. This optimal IP address is typically evaluated in real-time based on the current network environment and load conditions, and points to the IP address of the less loaded requesting server node for the client to reinitiate the pull request. By providing the clients with redirection suggestions for optimal IP addresses, the computer device can efficiently distribute traffic load, reducing the request pressure of a single server.

And S140, when the total number of the pull streams is detected to exceed the preset control threshold, performing current limiting operation or blocking operation on the request packet.

In this step, after the total number of pull flows corresponding to the request packet is obtained in step S120, the computer device may perform threshold detection on the total number of pull flows, and perform a current limiting operation or a blocking operation on the request packet when detecting that the total number of pull flows exceeds a preset control threshold, so that the flow and the load may be effectively dispersed, and stability and performance of the system may be improved.

For example, after receiving the request packet, the computer device may monitor the total number of pull flows in the target IP address requested by the request packet in real time, and compare the total number of pull flows with a preset control threshold value for detection. When the computer device detects that the total number of pull streams of the target IP address exceeds this control threshold, a current limit or block operation is triggered to protect system resources from server overload.

In particular, during a throttling operation, the computer device may dynamically reduce the rate of response to the target IP address request, delaying or batching portions of the request, thereby gradually reducing the peak flow without completely interrupting service, ensuring that the requested server load remains within a controllable range. In addition, under the condition of serious traffic abnormality, the computer equipment can also take blocking operation, namely directly refusing the new streaming request to the target IP address and returning an error state or a prompt message, thereby rapidly relieving the pressure of the server and avoiding the resource consumption of a malicious request or a high-frequency request to the server.

And S150, when the data packet is a response packet, performing error count updating on the error count container based on the streaming session information to obtain the error streaming number of the source IP address, and performing blocking operation on the response packet when the error streaming number exceeds the error threshold of the source IP address.

In this step, after determining that the data packet is a response packet in step S110, the computer device may update the error count container based on the streaming session information to obtain an error streaming number of the source IP address, so that when the error streaming number exceeds an error threshold of the source IP address, the response packet may be blocked, thereby preventing the client from continuously retrying or sending a malicious request, and improving the security of the system.

It should be noted that, in the present application, the data structure of the error counting container is consistent with that of the pull stream counting container, and no description is given here.

Specifically, after determining that the received data packet type is a response packet, the computer device may further update a corresponding error count container based on the streaming session information, so as to accurately track the number of erroneous streaming requests per source IP address. The error count container stores pull request status information for each source IP address, including the number of failures. Once detecting that a response packet sent by a certain source IP address generates an error, the device increases the error count of the source IP address, ensures real-time recording of each abnormal request, triggers blocking operation when the error pulling flow number of the source IP address reaches or exceeds an error threshold value, intercepts or refuses the response packet from the source IP address, and can prevent resource waste and security risk brought to a server by excessive retry or potential malicious request behaviors of a client.

It can be understood that the blocking mechanism not only can effectively reduce unnecessary network traffic, but also can remarkably improve the safety and stability of the server. By limiting frequent error requests, the computer device may protect system core resources from being maliciously occupied, reducing the risk of denial of service (DoS) attacks. In addition, the setting of the error threshold value can be dynamically adjusted according to specific service demands so as to flexibly cope with different network environments and load conditions and avoid influencing normal requests of legal users.

In the above embodiment, after the program deployment is started, the XDP interface may directly obtain the data packet sent by the client at the network interface, and extract the streaming session information in the data packet, including the target IP address and the source IP address, so, through the custom configuration of the XDP interface, the present application may not need to modify the software code of the relevant server, thereby implementing transparency and expandability of the system. In addition, in the flow control strategy configured by the XDP interface, when the data packet is a request packet, the pull flow counting container can be updated based on the pull flow session information to obtain the total pull flow number of the target IP address and the repeated pull flow number corresponding to the request packet, when the repeated pull flow number is detected to exceed the response threshold value of the target IP address, the request packet is intercepted, and an interception response packet containing the optimal IP address is returned to the client, so that the client redirects the optimal IP address to perform the pull flow session request, and when the total pull flow number is detected to exceed the preset control threshold value, the request packet can be subjected to the flow limiting operation or the blocking operation, so that the flow and the load can be effectively dispersed, and the stability and the performance of the system are improved. When the data packet is a response packet, the error counting container is updated based on the streaming session information to obtain the error streaming number of the source IP address, and when the error streaming number exceeds the error threshold of the source IP address, the response packet is blocked, so that the client can be prevented from continuously retrying or sending malicious requests, and the safety of the system is improved.

In one embodiment, the process of extracting the streaming session information in the data packet in step S110 may include:

And S111, carrying out header analysis on the data packet to obtain an IP header and a TCP header, wherein the IP header comprises a target IP address and a source IP address.

And S112, extracting a session request of the data packet, and a session identifier and a status code of the session request based on the TCP header.

S113, generating the streaming session information according to the target IP address, the source IP address, the session identification and the status code.

In this embodiment, when extracting the streaming session information in the data packet, the computer device may first parse the data packet to obtain an IP header and a TCP header, then obtain a target IP address and a source IP address from the IP header, and extract, based on the TCP header, a session request of the data packet and a session identifier and a status code of the session request, so as to generate streaming session information according to the target IP address, the source IP address, the session identifier and the status code.

Specifically, the computer device may use the bpf_hdr_pointer macro to obtain pointers to the packet header from packet metadata, such as XDP metadata, and then access the IP header and TCP header of the packet via the pointers. The computer device may then parse the IP header and the TCP header, respectively, to obtain a source IP address and a destination IP address in the IP header, and a source port and a destination port in the TCP header. Since RTSP generally uses TCP port 554 to communicate, in the present application, when the computer device detects that the destination port of the data packet is 554, it indicates that the data packet is an RTSP stream, at this time, the computer device may continue to scan and parse the TCP load of the data packet to obtain a character string beginning with "RTSP://", and further extract and obtain a complete RTSP URL for identifying specific session request information, such as session identifier, status code, and the like. Finally, the computer device may combine the parsed individual information to obtain the pull session information for the data packet.

In one embodiment, the process of updating the pull count container based on the pull session information to obtain the total number of pull streams of the target IP address and the repeated number of pull streams corresponding to the request packet in step S120 may include:

And S121, extracting a target IP address and a session identifier in the pull stream session information.

And S122, retrieving the total number of pull streams corresponding to the target IP address from the pull stream counting container, and retrieving the repeated number of pull streams corresponding to the session identifier from the total number of pull streams.

And S123, respectively adding 1 count to the total number of the pull streams and the repeated number of the pull streams to update the pull stream counting container, so as to obtain the latest total number of the pull streams and the repeated number of the pull streams.

In this embodiment, when the computer device performs the pull-stream counting update on the pull-stream counting container, the target IP address and the session identifier in the pull-stream session information may be extracted first, then the total pull-stream number corresponding to the target IP address is retrieved from the pull-stream counting container, and the repeated pull-stream number corresponding to the session identifier is retrieved from the total pull-stream number, and then the computer device may perform the self-increment count of adding 1 to the total pull-stream number and the repeated pull-stream number, respectively, so as to update the pull-stream counting container, and obtain the latest total pull-stream number and the latest repeated pull-stream number.

The computer equipment can search in the pulling flow counting container according to the extracted target IP address to obtain the total pulling flow number corresponding to the target IP address, wherein the total pulling flow number is used for recording all pulling flow request numbers of the target IP address at the current moment and providing basic data for flow management and resource allocation. After the total number of pull streams is retrieved, the computer device can further and deeply retrieve the repeated number of pull streams corresponding to the session identifier, wherein the repeated number of pull streams is based on the count of the session identifier, records the repeated request number of the same session, and can be used for identifying potential abnormal traffic, such as high-frequency same session request or possible malicious behaviors.

It will be appreciated that once the total and duplicate pull streams are successfully retrieved, the computer device may perform a self-increment operation on the two counts, i.e., increment by 1, respectively, to reflect the new request for the request packet at this time. And then the computer equipment can restore the updated count into the pull stream count container, so as to ensure that the total pull stream number and the repeated pull stream number stored in the pull stream count container are the latest values, thereby accurately reflecting the current request load condition of the system. Therefore, the computer equipment can realize real-time tracking and fine counting of different sessions, is convenient for subsequent flow control and anomaly detection, and can provide accurate data support for a load balancing strategy so as to balance loads, improve stability and reduce potential abuse risks in a high concurrency environment.

In one embodiment, as shown in fig. 2, fig. 2 is a flow chart of a redirection operation procedure provided in the embodiment of the present application, in fig. 2, a process of returning an interception response packet containing an optimal IP address to a client in step S130 to enable the client to redirect the optimal IP address to perform a streaming session request may include:

S131, acquiring the total number of pull streams received by each request server, and sequencing the total number of pull streams according to the sequence from low to high to obtain a sequencing result.

S132, obtaining the IP address of the request server with the lowest total pull stream number in the sequencing result as an optimal IP address, and generating an interception response packet according to the optimal IP address.

And S133, returning the interception response packet to the client so that the client redirects the request packet to the request server corresponding to the optimal IP address.

In this embodiment, when performing a request redirection operation, the computer device may first obtain the total number of pull flows received by each request server, and sequence each total number of pull flows in order from low to high to obtain a sequencing result, and then may obtain an IP address of a request server with the lowest total number of pull flows in the sequencing result, as an optimal IP address, and generate an interception response packet according to the optimal IP address, so that the interception response packet may be returned to the client, so that the client redirects the request packet to the request server corresponding to the optimal IP address, thereby effectively dispersing the load, improving overall stability, and ensuring that the client can be smoothly connected to a suitable request server.

For example, after the client sends a request packet to a certain RTSP server, if the number of repeated pull streams of the RTSP server exceeds a preset response threshold, the computer device triggers eBPF a mechanism to intercept the pull stream request of the request packet and constructs a REDIRECT response of RTSP. The response packet contains a Location header, the value of which is the IP address of a new RTSP server, which is queried from the Redis database, where the statistics of the pull streams of the respective RTSP server are stored, so that the computer device can select the IP address of the RTSP server with the smallest number of pull streams to direct the client to redirect to the requesting server. After receiving the REDIRECT response, the client automatically initiates a new request according to the IP address in the Location header, and REDIRECTs the request to the RTSP server with lighter load.

Further, to prevent looping of the redirection procedure, the computer device may set a maximum number of redirections (max_ REDIRECTS) allowed by the source IP address of each client in the global configuration. When the number of redirection times of the client reaches the threshold, the computer equipment does not send a REDIRECT response any more, but directly receives the request of the client, so that redirection dead cycle or excessive redirection operation caused by the fact that the total number of the pull streams of the RTSP servers exceeds the threshold is avoided.

In one embodiment, the preset control threshold in step S140 may include a first threshold and a second threshold, where the first threshold is smaller than the second threshold, and when detecting that the total number of pull flows exceeds the preset control threshold, the process of performing the current limiting operation or the blocking operation on the request packet may include:

And S141, performing current limiting operation on the request packet when the total number of the pull streams is detected to exceed the first threshold value but not exceed the second threshold value.

And S142, when the total number of the pull streams exceeds a second threshold, blocking the request packet.

In this embodiment, the preset control threshold of the present application may include a first threshold and a second threshold, and the first threshold is smaller than the second threshold. Based on the above, the computer device may perform a current limiting operation on the request packet when detecting that the total number of pull streams exceeds the first threshold but does not exceed the second threshold, and may perform a blocking operation on the request packet when detecting that the total number of pull streams exceeds the second threshold, so as to improve stability and performance of the system.

Specifically, when the total number of pull streams exceeds the first threshold but does not reach the second threshold, it is indicated that the request load of the request server has started to increase at this time, but is still within an acceptable range. In this case, the computer device may perform a throttling operation, i.e., reduce the processing rate or delay response to new requests, so that traffic may be effectively balanced, avoiding system overload. The throttling manner may include queuing the processing request, delaying the response, or limiting the number of concurrent requests per source IP, among others, but is not limited herein. In addition, when the total number of pull streams exceeds the second threshold, it is indicated that the current flow of the request server exceeds the bearing range which can be processed by the request server, and overload risk or abnormal situation exists, at this time, the computer equipment can use the XDP_DROP method to block the request packet and directly reject to receive further pull stream requests, so as to quickly reduce the burden of the system and prevent the performance of a single node or the whole system from being reduced.

It will be appreciated that with this hierarchical threshold control strategy, the computer device is able to respond flexibly when a server traffic change is requested, effectively distributing and controlling traffic load. When the flow in the request server approaches to the upper limit, the computer equipment can balance the flow through the flow limiting operation, and when the flow reaches the degree that the flow cannot be borne, the computer equipment can rapidly cut off the high-load request through the blocking operation, so that the stable operation of the server is ensured, and the performance is improved.

In one embodiment, step S150 performs error count update on the error count container based on the streaming session information to obtain an error streaming number of the source IP address, including:

S151, extracting the source IP address and the state code in the pull stream session information, and judging whether the state code is a data error.

If not, the error stream number corresponding to the source IP address is directly obtained from the error count container S152.

And S153, if yes, adding 1 to count the error pulling flow number corresponding to the source IP address in the error counting container, and acquiring the latest error pulling flow number.

In this embodiment, when the computer device obtains the error pull stream number of the source IP address, the source IP address and the status code in the pull stream session information may be extracted first, and then it may be determined whether the status code is a data error. If the status code is not data error, the computer equipment can directly obtain the error pulling flow number corresponding to the source IP address from the error counting container, and if the status code is data error, the computer equipment can add 1 to the error pulling flow number corresponding to the source IP address in the error counting container to count up and count, and obtain the latest error pulling flow number.

It can be understood that the status code of the present application can be used to identify the processing result of the current request, if the status code displays "RTSP/1.0 401 Unauthorized", it indicates that the status code is data error, which indicates that there is an exception in the pull request corresponding to the response packet, otherwise, it indicates that the pull request of the response packet has been successfully processed, and the computer device does not need to make additional error statistics on the pull request.

Specifically, when the status code is a data error, the computer device may perform a self-increment operation on the error pull stream number corresponding to the source IP address in the error count container, i.e. add 1, so as to immediately update the error count container, thereby ensuring that the computer device records the latest error pull stream data. When the state code is not data error, the error pulling number is kept unchanged, and the error counting container does not need to be updated with extra counts, so that the computer equipment can directly obtain the error pulling number corresponding to the source IP address from the error counting container.

In one embodiment, the method may further comprise:

And S160, acquiring update data of the pull stream counting container or the error counting container, and synchronously updating the storage data of the database according to the update data.

And S170, carrying out health evaluation on the request server at regular time according to the stored data in the database, and dynamically adjusting the configuration information of the XDP interface according to the evaluation result.

In this embodiment, when there is a count update in the pull-count container or the error-count container, the computer device may acquire update data of the pull-count container or the error-count container, and synchronously update the storage data of the database according to the update data. Based on the method, the computer equipment can perform health evaluation on the request server according to the storage data in the database at regular time, and dynamically adjust the configuration information of the XDP interface according to the evaluation result, so that the safety and stability of the system are further improved.

Specifically, by maintaining synchronized updates of the database and the counting container, the computer device can periodically access the stored data in the database and perform health assessment of the operation of each requesting server. Such an evaluation process may include analyzing the total number of pull streams, the number of duplicate pull streams, the number of error requests, and other key metrics for each server to determine the load status and operational health of the server. And then according to the evaluation result, the computer equipment can dynamically adjust the configuration information of the XDP interface, realize more accurate flow control, prevent the overload of a single server or the occurrence of performance bottleneck, and simultaneously effectively cope with abnormal requests and malicious flows.

It can be appreciated that the application forms a high-efficiency feedback loop among the pull-flow counting container, the error counting container, the database and the XDP interface, ensures that the computer equipment can monitor the health condition of the server in real time and make adjustments rapidly when required, thus not only improving the stability and the safety of the system, but also enhancing the adaptability to high concurrency environment, thereby being capable of keeping high-efficiency and stable operation under load fluctuation or potential threat.

For better explanation of the flow control method of the present application, the following will further explain by referring to fig. 3 and fig. 4, schematically, as shown in fig. 3 and fig. 4, fig. 3 is a schematic frame diagram of a flow control mechanism provided by an embodiment of the present application, and fig. 4 is a schematic logic diagram of a flow control mechanism provided by an embodiment of the present application.

In fig. 3, the flow control mechanism is mainly composed of 3 parts, namely a user space, a kernel space and a configuration file. The computer device may load the configuration file into the user space boot program, compile and load eBPF XDP the program through the user space program, and configure the network interface to receive the data packet through the interface obtained by the configuration and perform the data packet processing through the kernel space processing logic, and then store the processing result into eBPF maps (counting container). Further, the user space may also read data from eBPF maps and write the data into the Redis database for storage, so that the data may be periodically queried from the Redis database, and further, health detection may be performed on the RTSP server, and the stored data in the Redis database may be monitored and whether the command of the TC module is triggered may be determined to perform bandwidth limitation on the client, so as to perform current limitation on the data packet sent by the client.

Further, the present application is further illustrated by the kernel space processing logic of the kernel space portion of the flow control mechanism by FIG. 4. In fig. 4, after receiving the data packet, the computer device may extract and parse the pull stream session information such as the ethernet header, the IP header, and the TCP header in the data packet. The computer device can then extract the source IP address and the user name information of the RTSP pull stream session when judging the data packet is a request packet, the user name information can be used for representing the session identification of the request packet, therefore, based on the source IP address and the user name information, the computer device can count the repeated pull stream number of each RTSP server, if the repeated pull stream number exceeds a threshold A (response threshold), a response packet is constructed and returned, otherwise, the request packet is allowed to pass, in addition, the computer device can count the total pull stream number of each RTSP server, if the total pull stream number exceeds a threshold B (first threshold), the current limiting is triggered, if the total pull stream number exceeds a threshold C, the IP is blocked, otherwise, the request packet is allowed to pass. In addition, when the data packet is judged to be a response packet, the computer device may count 401 Unauthorized an error, that is, a response packet whose status code is wrong, and obtain a source IP address of the response packet, if the error pull stream count corresponding to the source IP address exceeds the error threshold, then blocking a subsequent request of the source IP address, otherwise, allowing the response packet to pass.

The flow control device provided by the embodiment of the present application is described below, and the flow control device described below and the flow control method described above may be referred to correspondingly.

In one embodiment, as shown in fig. 5, fig. 5 is a schematic structural diagram of a flow control device according to an embodiment of the present application, and the present application further provides a flow control device, including a packet parsing module 210, a container updating module 220, a first flow control module 230, a second flow control module 240, and a third flow control module 250, which specifically includes the following steps:

the data packet parsing module 210 is configured to obtain a data packet sent by the client through a preset XDP interface, and extract streaming session information in the data packet, where the type of the data packet includes a request packet and a response packet, and the streaming session information includes a target IP address and a source IP address.

And the container updating module 220 is configured to perform a pull count update on the pull count container based on the pull session information when the packet type is the request packet, so as to obtain a total pull number of the target IP address and a repeated pull number corresponding to the request packet.

The first flow control module 230 is configured to intercept the request packet when detecting that the repeated pull stream number exceeds the response threshold of the target IP address, and return an interception response packet containing the optimal IP address to the client, so that the client redirects the optimal IP address to perform a pull stream session request.

The second flow control module 240 is configured to perform a current limiting operation or a blocking operation on the request packet when the total number of pull streams is detected to exceed the preset control threshold.

And the third flow control module 250 is configured to perform error count update on the error count container based on the pull stream session information when the packet type is a response packet, obtain an error pull stream number of the source IP address, and perform blocking operation on the response packet when the error pull stream number exceeds an error threshold of the source IP address.

In one embodiment, the packet parsing module 210 may include:

And the header analysis submodule is used for carrying out header analysis on the data packet to obtain an IP header and a TCP header, wherein the IP header comprises a target IP address and a source IP address.

And the data extraction sub-module is used for extracting the session request of the data packet, the session identifier and the status code of the session request based on the TCP header.

And the information generation sub-module is used for generating streaming session information according to the target IP address, the source IP address, the session identifier and the status code.

In one embodiment, the container update module 220 may include:

the identification extraction sub-module is used for extracting the target IP address and the session identification in the streaming session information.

And the pull stream number detection sub-module is used for retrieving the total pull stream number corresponding to the target IP address from the pull stream counting container and retrieving the repeated pull stream number corresponding to the session identifier from the total pull stream number.

And the pull stream counting sub-module is used for respectively adding 1 count to the total pull stream number and the repeated pull stream number so as to update the pull stream counting container and obtain the latest total pull stream number and the latest repeated pull stream number.

In one embodiment, the first flow control module 230 may include:

and the data sequencing sub-module is used for acquiring the total number of the pull streams received by each request server, sequencing the total number of the pull streams according to the sequence from low to high, and obtaining a sequencing result.

The address selection sub-module is used for acquiring the IP address of the request server with the lowest total pull stream number in the sequencing result, taking the IP address as an optimal IP address, and generating an interception response packet according to the optimal IP address.

And the redirection sub-module is used for returning the interception response packet to the client so that the client redirects the request packet to the request server corresponding to the optimal IP address.

In one embodiment, the preset control threshold in the second flow control module 240 may include a first threshold and a second threshold, where the first threshold is smaller than the second threshold, and the second flow control module 240 may further include:

And the current limiting sub-module is used for limiting the current of the request packet when the total number of the pull streams is detected to exceed the first threshold value but not exceed the second threshold value.

And the blocking sub-module is used for blocking the request packet when the total number of the pull streams exceeds a second threshold value.

In one embodiment, the flow control module 250 includes:

and the state code judging sub-module is used for extracting the source IP address and the state code in the streaming session information and judging whether the state code is a data error or not.

And the first acquisition submodule is used for directly acquiring the error pulling flow number corresponding to the source IP address from the error counting container when the state code is not data error.

And the second acquisition submodule is used for adding 1 to count the error pull stream number corresponding to the source IP address in the error count container when the state code is data error and acquiring the latest error pull stream number.

In one embodiment, the apparatus may further include:

And the database updating module is used for acquiring the updating data of the pull flow counting container or the error counting container and synchronously updating the storage data of the database according to the updating data.

And the configuration dynamic adjustment module is used for carrying out health evaluation on the request server at regular time according to the stored data in the database and dynamically adjusting the configuration information of the XDP interface according to the evaluation result.

In one embodiment, the present application also provides a storage medium having stored therein computer readable instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of the flow control method as set forth in any one of the above embodiments.

In one embodiment, the present application also provides a computer device having stored therein computer readable instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of the flow control method as set forth in any one of the above embodiments.

Schematically, as shown in fig. 6, fig. 6 is a schematic internal structure of a computer device according to an embodiment of the present application, and the computer device 300 may be provided as a server. Referring to FIG. 6, computer device 300 includes a processing component 302 that further includes one or more processors, and memory resources represented by memory 301, for storing instructions, such as applications, executable by processing component 302. The application program stored in the memory 301 may include one or more modules each corresponding to a set of instructions. Further, the processing component 302 is configured to execute instructions to perform the flow control method of any of the embodiments described above.

The computer device 300 may also include a power supply component 303 configured to perform power management of the computer device 300, a wired or wireless network interface 304 configured to connect the computer device 300 to a network, and an input output (I/O) interface 305. The computer device 300 may operate based on an operating system stored in the memory 301, such as Windows Server TM, mac OS XTM, unix, linux, free BSDTM, or the like.

It will be appreciated by those skilled in the art that the structure shown in FIG. 6 is merely a block diagram of some of the structures associated with the present inventive arrangements and is not limiting of the computer device to which the present inventive arrangements may be applied, and that a particular computer device may include more or fewer components than shown, or may combine some of the components, or have a different arrangement of components.

Finally, it is further noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises an element.

In the present specification, each embodiment is described in a progressive manner, and each embodiment focuses on the difference from other embodiments, and may be combined according to needs, and the same similar parts may be referred to each other.

The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims

1. A method of flow control, the method comprising:

2. The flow control method according to claim 1, wherein the extracting the streaming session information in the data packet includes:

3. The flow control method according to claim 1, wherein the updating the pull count for the pull count container based on the pull session information to obtain the total number of pull streams of the target IP address and the repeated number of pull streams corresponding to the request packet includes:

4. The flow control method according to claim 1, wherein the returning, to the client, an interception response packet containing an optimal IP address, so that the client redirects the optimal IP address to make a streaming session request, includes:

5. The flow control method of claim 1, wherein the preset control threshold comprises a first threshold and a second threshold, the first threshold being less than the second threshold;

6. The flow control method according to claim 1, wherein the updating the error count container based on the streaming session information to obtain the error streaming number of the source IP address includes:

7. The flow control method of claim 1, wherein the method further comprises:

8. A flow control device, comprising:

9. A storage medium having stored therein computer readable instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of the flow control method of any of claims 1 to 7.

10. A computer device includes one or more processors and a memory;

Stored in the memory are computer readable instructions which, when executed by the one or more processors, perform the steps of the flow control method of any one of claims 1 to 7.