CN114172854A - Message mirror image, mirror image configuration method, virtual switch and mirror image configuration device - Google Patents

Message mirror image, mirror image configuration method, virtual switch and mirror image configuration device Download PDF

Info

Publication number
CN114172854A
CN114172854A CN202111455295.8A CN202111455295A CN114172854A CN 114172854 A CN114172854 A CN 114172854A CN 202111455295 A CN202111455295 A CN 202111455295A CN 114172854 A CN114172854 A CN 114172854A
Authority
CN
China
Prior art keywords
data flow
mirror image
virtual
message
flow table
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202111455295.8A
Other languages
Chinese (zh)
Other versions
CN114172854B (en
Inventor
王剑
金凯斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
New H3C Big Data Technologies Co Ltd
Original Assignee
New H3C Big Data Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by New H3C Big Data Technologies Co Ltd filed Critical New H3C Big Data Technologies Co Ltd
Priority to CN202111455295.8A priority Critical patent/CN114172854B/en
Publication of CN114172854A publication Critical patent/CN114172854A/en
Application granted granted Critical
Publication of CN114172854B publication Critical patent/CN114172854B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/70Virtual switches
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/20Support for services
    • H04L49/208Port mirroring
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/35Switches specially adapted for specific applications
    • H04L49/354Switches specially adapted for specific applications for supporting virtual local area networks [VLAN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45562Creating, deleting, cloning virtual machine instances
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45595Network integration; Enabling network access in virtual machine instances

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The embodiment of the invention relates to a message mirror image, a mirror image configuration method, a virtual switch and a mirror image configuration device, wherein the method comprises the following steps: acquiring a mirror image message; analyzing the mirror image message to obtain analysis content; according to the analysis content, searching a first data flow table corresponding to the analysis content from the pre-acquired data flow tables; mapping service virtual cloud network identification information included in the analysis content into mirror image virtual cloud network identification information according to the first data flow table; adding the mirror image virtual cloud network identification information into the analysis content, and then generating a new mirror image message; and forwarding the new mirror image message to the monitoring equipment according to the first data flow table. In this way, the monitoring device can monitor the new mirror image message and determine the virtual machine corresponding to the mirror image message or the corresponding service virtual cloud network according to the mirror image virtual cloud network identification information in the new mirror image message.

Description

Message mirror image, mirror image configuration method, virtual switch and mirror image configuration device
Technical Field
The embodiment of the invention relates to the technical field of communication, in particular to a message mirror image, a mirror image configuration method, a virtual switch and a mirror image configuration device.
Background
In the prior art, mirroring is to copy a specified source end packet to a destination end (which may be a virtual machine or other device and is generally connected to a data monitoring device), so that a user can analyze the copied packet by using the data monitoring device, thereby implementing network monitoring and troubleshooting.
Generally, a physical machine cluster includes a plurality of physical machines all in the same virtual cloud network environment, and each physical machine is provided with a plurality of virtual machines. If different Virtual machines are designated, different Virtual Local Area networks (vlans for short) are designated, one side of the monitoring equipment can identify the corresponding Virtual machine according to different service vlans, and then the data monitoring equipment is utilized to analyze the mirror image message, so that Network monitoring and fault removal of the Virtual machine are realized.
However, in actual situations, the number of existing virtual machines is huge, and it is not possible to specify different service vlans for each virtual machine. When the virtual machines on different physical machines correspond to the vlan with the same name, the monitoring device cannot identify which virtual machine receives or sends the mirror flow generated by the data message. Therefore, operations such as network monitoring and troubleshooting of the virtual machine cannot be realized according to the mirror image message.
Disclosure of Invention
The application provides a message mirror image, a mirror image configuration method, a virtual switch and a mirror image configuration device, which are used for solving the problem that in the prior art, when virtual machines on different physical machines correspond to a vlan with the same name, a monitoring device cannot distinguish which virtual machine sends a mirror image message generated by a data message, and further cannot realize network monitoring, fault removal and other operations on the virtual machine.
In a first aspect, the present application provides a packet mirroring method, where the method is performed by a first virtual switch, and the method includes:
acquiring a mirror image message;
analyzing the mirror image message to obtain analysis content;
according to the analysis content, searching a first data flow table corresponding to the analysis content from the pre-acquired data flow tables;
mapping service virtual cloud network identification information included in the analysis content into mirror image virtual cloud network identification information according to the first data flow table;
generating a new mirror image message according to the analysis content carrying the mirror image virtual network identification information;
and forwarding the new mirror image message to the monitoring equipment according to the first data flow table.
In an optional embodiment, the parsing further includes, in addition to the service virtual cloud network identification information: one or more of the following field information: a source port field, a destination port field of the mirror image message, and an input port field of the mirror image message; according to the analysis content, a first data flow table corresponding to the analysis content is searched from a pre-acquired data flow table, and the method specifically comprises the following steps:
matching the fields in the analyzed content with corresponding fields of each data flow table in the pre-acquired data flow tables;
and when the field in the analysis content is matched with a corresponding field in any data flow table in the pre-acquired data flow tables, determining the data flow table as a first data flow table.
In one optional embodiment, each of the pre-fetched data flow tables includes a priority; before matching the field in the analysis content with the corresponding field of each data flow table in the pre-acquired data flow tables, the method further includes:
sorting the pre-acquired data flow tables according to the priority, and generating a sorting sequence corresponding to the data flow tables;
and based on the sorting sequence corresponding to the data flow table, one data flow table is sequentially extracted from the pre-acquired data flow tables, and the fields in the analysis content are matched with the corresponding fields of the currently sorted data flow table.
In an optional embodiment, the first data flow table further includes: mirror image virtual cloud network identification information corresponding to the service virtual cloud network identification information, and an operation instruction for indicating that the service virtual cloud network identification information is mapped to the mirror image virtual cloud network identification information;
according to the first data flow table, mapping service virtual cloud network identification information included in the analysis content into mirror image virtual cloud network identification information, specifically including:
extracting an operation instruction and mirror image virtual cloud network identification information from the first data flow table;
and executing the operation instruction, and mapping the service virtual cloud network identification information into mirror image virtual cloud network identification information.
In a second aspect, the present application provides a mirror message configuration method, which is executed by a message mirror configuration device, and includes:
when the configuration file of the virtual machine is monitored to be changed, analyzing the changed configuration file to obtain an analysis file;
when cross-device mirroring operation on the data message received or sent by the virtual machine is determined according to the analysis file, the data flow table corresponding to the virtual machine is downloaded to the first virtual switch, so that the first virtual switch can execute corresponding operation on the mirroring message corresponding to the data message according to the data flow table.
In an optional embodiment, when determining to perform a cross-device mirroring operation on a data packet received or sent by a virtual machine according to a parsing file, the method further includes:
detecting whether mirror bridge ports are respectively established in a first virtual switch and a second virtual switch to be in communication connection with the first virtual switch;
and when determining that the mirror bridge port is not created in the first virtual switch and/or the second virtual switch, creating the mirror bridge port on the side where the mirror bridge port is not created, wherein the second virtual switch is in communication connection with the virtual machine and is used for generating a mirror message corresponding to the data message.
In a third aspect, the present application provides a virtual switch, where the virtual switch is a first virtual switch, and the virtual switch includes:
the acquisition module is used for acquiring the mirror image message;
the analysis module is used for analyzing the mirror image message to obtain analysis content;
the processing module is used for searching a first data flow table corresponding to the analysis content from the pre-acquired data flow table according to the analysis content;
the mapping module is used for mapping the service virtual cloud network identification information included in the analysis content into mirror image virtual cloud network identification information according to the first data flow table;
the message generation module is used for generating a new mirror image message according to the analysis content carrying the mirror image virtual network identification information;
and the transmission module is used for transmitting the new mirror image message to the monitoring equipment according to the first data flow table.
In an optional embodiment, the parsing further includes, in addition to the service virtual cloud network identification information: one or more of the following field information: a source port field, a destination port field of the mirror image message, and an input port field of the mirror image message;
the processing module is specifically used for matching the fields in the analysis content with corresponding fields of each data flow table in the pre-acquired data flow tables;
and when the field in the analysis content is matched with a corresponding field in any data flow table in the pre-acquired data flow tables, determining the data flow table as a first data flow table.
In one optional embodiment, each of the pre-fetched data flow tables includes a priority;
the processing module is also used for sorting the pre-acquired data flow tables according to the priority and generating a sorting sequence corresponding to the data flow tables;
and based on the sorting sequence corresponding to the data flow table, one data flow table is sequentially extracted from the pre-acquired data flow tables, and the fields in the analysis content are matched with the corresponding fields of the currently sorted data flow table.
In an optional embodiment, the first data flow table further includes: mirror image virtual cloud network identification information corresponding to the service virtual cloud network identification information, and an operation instruction for indicating that the service virtual cloud network identification information is mapped to the mirror image virtual cloud network identification information;
the mapping module is specifically used for extracting an operation instruction from the first data flow table and mirroring virtual cloud network identification information;
and executing the operation instruction, and mapping the service virtual cloud network identification information into mirror image virtual cloud network identification information.
In a fourth aspect, the present application provides a packet mirror configuration device, where the packet mirror configuration device includes:
the monitoring module is used for monitoring whether the configuration file of the virtual machine changes;
the analysis module is used for analyzing the changed configuration file to acquire an analysis file after the monitoring module monitors that the configuration file of the virtual machine is changed;
and the downloading module is used for downloading the data flow table corresponding to the virtual machine to the first virtual switch when determining to execute cross-device mirroring operation on the data message received or sent by the virtual machine according to the analysis file, so that the first virtual switch can execute corresponding operation on the mirroring message corresponding to the data message according to the data flow table.
Compared with the prior art, the technical scheme provided by the embodiment of the application has the following advantages:
the message mirroring method provided by the embodiment of the application obtains a mirror message, wherein the mirror message is a mirror message generated according to a data message received or sent by a virtual machine. And analyzing the mirror image message, and searching a first data flow table corresponding to the analysis content from the pre-acquired data flow table according to the analysis content. And mapping the service virtual network cloud identification information included in the analysis content into mirror image virtual network cloud identification information according to the first data flow table. And then, after adding the mirror image virtual network cloud identification information into the analysis content, generating a new mirror image message, and forwarding the new mirror image message to the monitoring equipment according to the first data flow table. The mirror image virtual cloud network identification information is identification information pre-configured according to a virtual machine or a service virtual cloud network. Therefore, the monitoring device can monitor the new mirror image message and determine the virtual machine corresponding to the mirror image message according to the mirror image virtual cloud network identification information in the new mirror image message. Therefore, any virtual machine in the virtual cloud environment can be accurately monitored.
Drawings
Fig. 1 is a schematic flow chart of a message mirroring method according to an embodiment of the present invention;
fig. 2 is a schematic diagram of a message mirroring system architecture according to the present invention;
FIG. 3 is a schematic diagram illustrating the flow communication between different bridges according to the present invention;
FIG. 4 is a block diagram of a structure for implementing a cross-device mirroring operation based on a first virtual switch and a second virtual switch according to the present invention;
FIG. 5 is a schematic diagram of a mirror image of P2P provided by the present invention;
fig. 6 is a schematic flow chart of another message mirroring method according to an embodiment of the present invention;
fig. 7 is a schematic flow chart of another message mirroring method according to an embodiment of the present invention;
fig. 8 is a schematic flow chart of a message mirror configuration method according to an embodiment of the present invention;
fig. 9 is a block diagram of a virtual switch according to an embodiment of the present invention;
fig. 10 is a block diagram of a message mirror configuration apparatus according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
For the convenience of understanding of the embodiments of the present invention, the following description will be further explained with reference to specific embodiments, which are not to be construed as limiting the embodiments of the present invention.
To solve the technical problem mentioned in the background art, an embodiment of the present application provides a message mirroring method, specifically referring to fig. 1, where fig. 1 is a schematic flow diagram of a message mirroring method provided in an embodiment of the present invention. Before describing the implementation steps of the method, a message mirroring system to which the method is applicable will be described first. The message mirror system is borne on the physical machine. Specifically, as shown in fig. 2, the physical machines include a virtual machine VM1, a virtual machine VM2, a virtual machine VM3, a virtual machine VM … …, and the like (not described, only 3 virtual machines VM1 to VM3 are shown in the figure). Different traffic vlans are specified in a second virtual switch (vswitch 1 shown in the figure) for virtual machines on the same physical host. And normally forwarding the service message (which can also be called as service flow) through the service vlan.
As shown in fig. 2, taking VM1 of the virtual machine as an example, the service packet for VM1 of the virtual machine is forwarded through ethernet interface eth 0. When the cross-device mirroring operation needs to be performed on the data message received or sent by the virtual machine in the configuration information corresponding to the VM1, the mirroring operation is performed on the data message in the second switch. The mirrored message is then forwarded to the patch port of the first virtual switch (vswitch 2 in fig. 2) through a pre-created patch port in the second virtual switch (neither of which is shown). The first virtual switch acquires a data flow table of the virtual machine corresponding to the data message in advance. After the first virtual switch analyzes the data message, the data flow table can be searched from the pre-acquired data flow table according to the analysis content, and then the service vlan identification information carried in the analysis content is mapped into mirror image vlan identification information according to the data flow table.
The mirror vlan identification information is identification information that is pre-configured when a user wishes to distinguish between different virtual machines. So that the subsequent monitoring equipment can distinguish different virtual machines according to the mirror image vlan identification information, and the monitoring, fault removal and other work of different virtual machines can be realized. Therefore, the first virtual switch further needs to generate a new mirror message according to the adjusted analysis content (i.e., mapping the service vlan identifier information in the analysis content to the mirror vlan identifier information), and then transmit the new mirror message to the monitoring device according to the first data flow table. In an alternative example, the identification information may be a vlan tag. As shown in fig. 2, the second vm switch transmits the mirror message to the monitoring device through the ethernet interface eth 1.
By the mode, the monitoring equipment can identify which virtual machine corresponds to according to the mirror image message. Therefore, when the virtual machine is determined to have a fault according to the mirror image message, the fault can be timely eliminated.
Consider that there may be multiple bridges in a virtualized environment, with bridges not being common by default, i.e., the first virtual switch and the second virtual switch are "isolated" from each other and do not communicate, in general. In order to implement the cross-device mirroring operation on the data packet in the virtual machine VM1, in this embodiment of the application, specifically referring to fig. 3, a "patch" port is configured for the first virtual switch and the second virtual switch, and the two virtual switches implement traffic intercommunication between different bridges by configuring the butted patch ports. Fig. 3 shows a schematic diagram of the traffic interworking between different bridges.
In fig. 3, eth11 is an ethernet interface in one virtual machine, and eth12 is an ethernet interface in another virtual machine. The two Netdev _ vports in the figure are virtual network ports that establish communication connections with eth11 and eth12, respectively. These two virtual network ports are located in mirror bridge br0 and in mirror bridge br1, respectively. And the two mirror bridges are in communication connection through a patch port.
The br0 and the br1 respectively manage the traffic forwarding of ports on the br, and the br0 and the br1 do not influence each other, and communication cannot be performed before a patch port is not created. After creating patch ports on br0 and br1, respectively, the direct traffic intercommunication between br0 and br1 can be realized.
Based on the above principle, the traffic intercommunication between the first virtual switch and the second virtual switch can be realized.
It should be noted that creating the patch port is not performed by the first virtual switch or the second virtual switch, but performed by a third party. Therefore, the message mirroring system further comprises a message mirroring configuration device.
And the message mirror image configuration device is used for monitoring whether the configuration file of the virtual machine is changed. That is, not all the received or transmitted data packets of the virtual machines need to be monitored by the monitoring device. Only when the worker thinks that the data message of some virtual machines needs to be monitored, certain configuration is carried out on the virtual machines, namely the configuration files of the virtual machines are adjusted, namely the mirror image configuration of the mirror image files is increased.
Therefore, when the message mirror configuration device monitors that the configuration file of the virtual machine is changed, the changed configuration file is analyzed, and then whether mirror configuration is added or not is judged according to the analysis file. If the mirror configuration is increased and it is determined that the cross-device mirror operation needs to be subsequently performed on the data packet received or sent by the virtual machine, it is detected whether a patch port (possibly created as needed before) has been configured in the first virtual switch and the second virtual switch that need to perform the cross-device mirror operation. If not, respectively creating in the first virtual switch and the second virtual switch, otherwise, skipping the step of creating the patch port.
And then downloading the data flow table corresponding to the virtual machine to the first virtual switch from a storage position preset by a worker. So that the first virtual switch executes corresponding operation according to the data flow table. The specific operations have been described above and will not be described herein.
Fig. 4 is a block diagram of a structure for implementing a cross-device mirroring operation based on a first virtual switch and a second virtual switch according to the present invention. Specifically, as shown in fig. 4, the virtual machine includes a plurality of virtual machines, each of which is connected to a virtual network port through an ethernet interface, for example, the virtual machine VM0 establishes a communication connection with the virtual network interface vnet0 through an ethernet interface eth0, and the virtual machine VM1 establishes a communication connection with the virtual network interface vnet1 through an ethernet interface eth 0.
After receiving the data packet sent by the virtual machine VM1 through the vnet0 interface in the second virtual switch, the specific processing items of the data packet are determined according to the configuration information corresponding to the virtual machine VM1, for example, the packet is forwarded to the vnet2 interface. And performing mirroring operation on the forwarding packet. Specifically, the mirroring operation is a cross-device mirroring operation, and first, a Port-to-Port (P2P) operation needs to be performed in the second virtual switch.
The P2P is operated as one of the ways for implementing OVS conventional port mirroring, that is, port-to-port mirroring, configuration of a mirroring source port a and a destination port B, configuration of P2P mirroring, which can copy a port a packet to a port B, and can specify a direction in the configuration, and select a mirroring port a ingress/egress direction packet to a mirroring destination port.
A mirror principle architecture diagram of a particular P2P is shown with reference to fig. 5. The original packet in host 10 generates a mirror packet through source port a in virtual switch 20, and then forwards the mirror packet to destination port (portB), and forwards the mirror packet to data monitoring device 30 through the destination port.
In this document, the port mirroring operation across the devices is to be implemented, and is a message mirroring of a designated port in the bridge. The P2P mirror destination port in this embodiment is a mirror bridge port-patch port on the second virtual switch, named petbr _ src, and as shown in fig. 4, the bridge where the mirror bridge port is located is br _ src (a bridge constructed on the second virtual switch), which is connected to a service network, that is, a network of service traffic inside the virtual machine. After the P2P mirror is executed on the second virtual switch, a communication connection is established with the mirror bridge port of the first virtual switch through the patch port of the second switch, the name of the mirror bridge port on the first virtual switch is petbr _ dst, as shown in fig. 4, the bridge where the bridge is located is br _ dst (the bridge constructed on the first virtual switch), and the bridge is connected to the collection network (i.e., the network connected to the traffic monitoring device). And after the mirror image message reaches a patch port in the first switch, the first switch analyzes the mirror image message, then matches the mirror image message with a flow table pre-configured in the first switch, and executes subsequent operation. The specific implementation will be described in detail in the corresponding method embodiments below.
In the above, the functional components included in the message mirroring system and the functions executed by each functional component are described, and specific execution processes can be referred to below.
Specifically, referring to fig. 1, the message mirroring method includes the following steps:
step 110, obtaining the mirror image message.
Specifically, the mirror image message is a mirror image message generated according to a data message received or sent by the virtual machine.
In a specific embodiment, the virtual machine establishes a communication connection with a second virtual switch, and the second virtual switch establishes a communication connection with the first virtual switch. In the second virtual switch, port mirroring operation is executed, a data message received or sent by the virtual machine is generated into a mirror message, and then the mirror message is transmitted to the first virtual switch, so that the first virtual switch executes subsequent operation after receiving the mirror message.
And step 120, analyzing the mirror image message to obtain analysis content.
Step 130, according to the analysis content, a first data flow table corresponding to the analysis content is searched from the pre-acquired data flow tables.
In an optional example, besides the mirror virtual cloud network identification information, the parsed content may further include one or more of the following field information: a source port field, a destination port field of the mirror message, and an input port field of the mirror message.
The input port field may be a patch port field in the second virtual switch, and the source port field is a virtual network port field in the virtual switch that receives the data packet corresponding to the mirror packet, where the two fields have a certain difference.
The pre-acquired data flow table at least comprises the following fields: a source port of the mirror image message, an input port of the mirror image message, a priority of the mirror image message, and a destination port of the mirror image message.
Based on the analysis content and some same or corresponding fields in the data flow table, the first data flow table corresponding to the analysis content can be searched from the pre-acquired data flow table in a field matching mode.
Step 140, mapping the service virtual cloud network identification information included in the analysis content into mirror image virtual cloud network identification information according to the first data flow table.
Specifically, the identification information of the mirror image virtual cloud network is identification information preconfigured according to the virtual machine.
That is, in order to avoid that service networks corresponding to different virtual machines have the same name, for example, all are vlan3, it is impossible to distinguish which virtual machine has the mirror packet generated from the data packet and forward the mirror packet to the monitoring device, and therefore, the service vlan id information may be mapped to the mirror vlan id information, for example, the service vlan corresponding to virtual machine 10 is vlan3, and the service vlan corresponding to virtual machine 20 is also vlan 3. When the specific mapping is performed, the service vlan3 of the virtual machine 10 is mapped to vlan300, and the service vlan3 corresponding to the virtual machine 20 is mapped to vlna 301. And specifically mapping which mirror image vlan is configured in advance according to the requirement of a worker, and adding the identification information of the mirror image vlan into the data flow table so that the first virtual switch can execute the operation to complete the distinction of the mirror image messages of different virtual machines.
And 150, generating a new mirror image message according to the analysis content carrying the mirror image virtual network identification information.
Step 160, forwarding the new mirror image packet to the monitoring device according to the first data flow table.
Specifically, the first data flow table includes not only the above-mentioned information, but also a transmission path of the mirror packet, for example, to which monitoring device the data is transmitted through an ethernet interface in the second virtual switch.
Therefore, the first virtual switch further needs to forward the new mirror packet to the monitoring device according to the first data flow table, so that the monitoring device monitors the mirror packet.
The message mirroring method provided by the embodiment of the invention obtains the mirror image message, wherein the mirror image message is generated according to the data message received or sent by the virtual machine. And analyzing the mirror image message, and searching a first data flow table corresponding to the analysis content from the pre-acquired data flow table according to the analysis content. And mapping the service virtual network cloud identification information included in the analysis content into mirror image virtual network cloud identification information according to the first data flow table. And then, after adding the mirror image virtual network cloud identification information into the analysis content, generating a new mirror image message, and forwarding the new mirror image message to the monitoring equipment according to the first data flow table. The mirror image virtual cloud network identification information is identification information pre-configured according to a virtual machine or a service virtual cloud network. Therefore, the monitoring device can monitor the new mirror image message and determine the virtual machine corresponding to the mirror image message according to the mirror image virtual cloud network identification information in the new mirror image message. Therefore, any virtual machine in the virtual cloud environment can be accurately monitored.
Optionally, on the basis of the foregoing embodiment, another message mirroring method is further provided in the embodiment of the present invention, specifically referring to fig. 6, the same or similar contents as those in the foregoing embodiment are not described again, but how to search a first data flow table corresponding to the parsing content from a pre-obtained data flow table according to the parsing content is emphasized, specifically referring to the following, including:
step 610, matching the field in the analysis content with the corresponding field of each data flow table in the pre-acquired data flow tables.
Step 620, when the field in the parsing content matches with a corresponding field in any data flow table in the pre-acquired data flow tables, determining that the data flow table is the first data flow table.
Specifically, as described above, the data flow table and the parsing contents include some identical or corresponding fields. Therefore, it is only necessary to match the field in the analysis content with the corresponding (same) field of each of the pre-acquired data flow tables.
Once the field in the parsed content matches a corresponding field in any of the pre-acquired data flow tables, it may be determined that the data flow table is the first data flow table.
Optionally, the contents in the data flow table may include, but are not limited to, the following field contents: cookie-0 x9528in _ port-40001 dl _ vlan-tagActio ns-pop _ vlan-0 x8100set _ vlan _ vid-mirror _ vlan _ tagliplink
Wherein, Cookie is the serial number of the mirror image flow table of the unified function, 0x9528 is used for indicating the mirror image of the bridge port; in _ port represents a source port, and in _ port is patch _ port _ name and represents a patch port name set as the acquisition network by the source port; priority represents priority; a dl _ vlan _ tag, which represents vlan identification information of the virtual machine service traffic, where in this embodiment, the identification information is vlan tag information; actions are pop _ vlan, which represents an action of removing the service vlan, that is, removing the service vlan tag; push _ vlan represents that a vlan tag is marked, and 0x8100 represents a message with a vlan identifier. set _ vlan _ vid is mirror _ vlan _ tag, and indicates that the vlan tag is set as a mirror vlan tag; uplink, which represents the physical port of the acquisition network, i.e. the destination port.
In an alternative example, it is contemplated that the data packets may be configured with different priorities based on their importance. In the process of forwarding the data packet, the data packet with a high priority may have a high requirement on the latency.
Therefore, the priority may also be included in the data flow table. Before matching the field in the analysis content with the corresponding field of each data flow table in the pre-acquired data flow tables, the method further includes:
sorting the pre-acquired data flow tables according to the priority, and generating a sorting sequence corresponding to the data flow tables;
and based on the sorting sequence corresponding to the data flow table, one data flow table is sequentially extracted from the pre-acquired data flow tables, and the fields in the analysis content are matched with the corresponding fields of the currently sorted data flow table.
That is, the higher the priority of the data flow table is, the higher the latency requirement corresponding to the corresponding data packet is, matching is performed in advance, and once matching is successful, forwarding work of the mirror image packet is immediately performed.
Optionally, on the basis of any one of the above method embodiments, another message mirroring method is further provided in the embodiments of the present invention, and the same or similar contents as those in the above embodiments are also not repeated in this method embodiment, but how to map the service virtual cloud network identification information included in the analysis content into mirrored virtual cloud network identification information according to the first data flow table is further described. See in particular fig. 7.
Wherein, still include in the first data flow table: the service virtual cloud network identification information comprises mirror image virtual cloud network identification information corresponding to the service virtual cloud network identification information and an operation instruction used for indicating that the service virtual cloud network identification information is mapped into the mirror image virtual cloud network identification information.
Step 710, extracting an operation instruction from the first data flow table, and mirroring virtual cloud network identification information.
And 720, executing an operation instruction, and mapping the service virtual cloud network identification information into mirror image virtual cloud network identification information.
Namely, the original service vlan identification information in the mirror image message is removed, and the mirror image vlan identification information is added.
By the mode, the virtual machine executing the mirror image operation can be conveniently reversely deduced by the monitoring equipment according to the mirror image identification information, and the virtual machine can be monitored, debugged and the like.
It should be noted that, in the foregoing embodiment, only one virtual network port including the indication information is taken as an example for description, actually, the virtual network port including the indication information may include multiple virtual network ports in the unified virtual switch, and the virtual network ports may all be used to implement cross-device and port-specific message mirroring operation by using the above scheme. That is, the scheme of this embodiment may implement mirroring a single virtual machine traffic to the same designated port, and may also implement mirroring a plurality of virtual machine traffic to the same designated port. The same mirror image configuration is adopted by the multiple virtual network ports, so that the flow mirror image of the virtual machines of the multiple ports to the destination port is realized, the occupation condition of system resources can be reduced, and the consumption of environment resources is reduced.
Corresponding to the foregoing method embodiment, an embodiment of the present invention further provides a message mirror configuration method, specifically referring to fig. 8, where the method is executed by a message mirror configuration apparatus, and includes:
step 810, after monitoring that the configuration file of the virtual machine is changed, analyzing the changed configuration file to obtain an analysis file.
The message mirror image configuration device monitors whether the configuration file of the virtual machine is changed in real time. And once monitoring that the configuration file changes, immediately downloading the configuration file, analyzing the configuration file, and acquiring an analysis file.
And step 820, when determining that cross-device mirroring operation is performed on the data message received or sent by the virtual machine according to the analysis file, downloading a data flow table corresponding to the virtual machine to the first virtual switch.
Specifically, when it is determined according to the parsing file that the cross-device mirroring operation is performed on the data packet received or sent by the virtual machine, the data flow table corresponding to the virtual machine is downloaded to the first virtual switch, so that the first virtual switch performs subsequent operations according to the data flow table. The operation that the first virtual switch needs to execute according to the data flow table has been described above, and is not described here again.
Optionally, when determining to perform a cross-device mirroring operation on a data packet received or sent by the virtual machine according to the parsed file, the method further includes:
detecting whether mirror bridge ports are respectively established in a first virtual switch and a second virtual switch to be in communication connection with the first virtual switch;
when it is determined that no mirror bridge port is created in the first virtual switch and/or the second virtual switch, a mirror bridge port is created on the side where the mirror bridge port is not created.
Specifically, the second virtual switch establishes communication connection with the virtual machine to generate a mirror message corresponding to the data message. The premise that the second virtual switch and the first virtual switch establish communication connection is that patch ports are configured in the two virtual switches to realize mirror bridge connection. Therefore, when it is determined that no mirror bridge port is created in the first virtual switch and/or the second virtual switch, a mirror bridge port, that is, a patch port, needs to be created on the side where the mirror bridge port is not created.
According to the message mirror image configuration method provided by the embodiment of the invention, after the configuration file of the virtual machine is monitored to be changed, the changed configuration file is analyzed, and the analysis file is obtained. And when determining that the data message received or sent by the virtual machine executes cross-device mirroring operation according to the analysis file, downloading a data flow table corresponding to the virtual machine into the first virtual switch so that the first virtual switch executes corresponding operation on the mirroring message corresponding to the data message according to the data flow table. The data flow table is downloaded to the first virtual switch, so that the subsequent first virtual switch can analyze the mirror image message after receiving the mirror image message, search the data flow table corresponding to the analysis content, and map the service virtual cloud network identification information in the data flow table into the mirror image virtual cloud network identification information. After the operation, the first virtual switch can send the mirror image message to the monitoring device according to the data flow table, and the monitoring device can also identify the virtual machine corresponding to the mirror image message or the service virtual cloud network according to the mirror image virtual cloud network identification information in the new mirror image message after receiving the new mirror image message. Therefore, any virtual machine in the virtual cloud environment or any group of virtual machines establishing communication connection with the service virtual cloud network can be accurately monitored.
In the above, for several embodiments of the method for mirroring a message provided by the present application, other embodiments of mirroring a message provided by the present application are described below, and specifically refer to the following.
Fig. 9 is a block diagram of a virtual switch structure according to an embodiment of the present invention, where the virtual switch structure includes: the device comprises an acquisition module 901, an analysis module 902, a processing module 903, a mapping module 904, a message generation module 905 and a transmission module 906.
An obtaining module 901, configured to obtain a mirror image packet;
the parsing module 902 is configured to parse the mirror image packet to obtain parsing content;
the processing module 903 is configured to search a first data flow table corresponding to the analysis content from the pre-acquired data flow tables according to the analysis content;
a mapping module 904, configured to map, according to the first data flow table, service virtual cloud network identification information included in the analysis content into mirror virtual cloud network identification information;
a message generation module 905, configured to generate a new mirror message according to an analysis content carrying mirror virtual network identification information;
the transmitting module 906 is configured to transmit the new mirror image packet to the monitoring device according to the first data flow table.
In an alternative example, the obtaining module 901 is a (virtual) mirror bridge port of a virtual switch referred to in this embodiment.
Optionally, the parsing content includes, in addition to the service virtual cloud network identification information, further: one or more of the following field information: a source port field, a destination port field of the mirror message, and an input port field of the mirror message.
The processing module 903 is specifically configured to match a field in the analysis content with a corresponding field of each of the pre-acquired data flow tables;
and when the field in the analysis content is matched with a corresponding field in any data flow table in the pre-acquired data flow tables, determining the data flow table as a first data flow table.
Optionally, each data flow table in the pre-acquired data flow tables includes a priority;
the processing module 903 is further configured to sort the pre-acquired data flow tables according to the priority, and generate a sort order corresponding to the data flow tables;
and based on the sorting sequence corresponding to the data flow table, one data flow table is sequentially extracted from the pre-acquired data flow tables, and the fields in the analysis content are matched with the corresponding fields of the currently sorted data flow table.
Optionally, the first data flow table further includes: mirror image virtual cloud network identification information corresponding to the service virtual cloud network identification information, and an operation instruction for indicating that the service virtual cloud network identification information is mapped to the mirror image virtual cloud network identification information;
a mapping module 904, specifically configured to extract an operation instruction from the first data flow table, and mirror virtual cloud network identification information;
and executing the operation instruction, and mapping the service virtual cloud network identification information into mirror image virtual cloud network identification information.
The functions executed by each component in the virtual switch provided in the embodiments of the present invention have been described in detail in any of the above method embodiments, and therefore, are not described herein again.
The virtual switch provided by the embodiment of the invention acquires the mirror image message, wherein the mirror image message is generated according to the data message received or sent by the virtual machine. And analyzing the mirror image message, and searching a first data flow table corresponding to the analysis content from the pre-acquired data flow table according to the analysis content. And mapping the service virtual network cloud identification information included in the analysis content into mirror image virtual network cloud identification information according to the first data flow table. And then, after adding the mirror image virtual network cloud identification information into the analysis content, generating a new mirror image message, and forwarding the new mirror image message to the monitoring equipment according to the first data flow table. The mirror image virtual cloud network identification information is identification information pre-configured according to a virtual machine or a service virtual cloud network. Therefore, the monitoring device can monitor the new mirror image message and determine the virtual machine corresponding to the mirror image message according to the mirror image virtual cloud network identification information in the new mirror image message. Therefore, any virtual machine in the virtual cloud environment can be accurately monitored.
Fig. 10 is a block diagram of a configuration apparatus for message mirroring according to an embodiment of the present invention, where the apparatus includes: a monitoring module 1001, a parsing module 1002, and a downloading module 1003.
A monitoring module 1001, configured to monitor whether a configuration file of a virtual machine changes;
the parsing module 1002 is configured to parse the configuration file of the virtual machine after the monitoring module 1001 monitors that the configuration file of the virtual machine is changed, and obtain a parsed file;
the downloading module 1003 is configured to, when it is determined according to the analysis file that the cross-device mirroring operation is performed on the data packet received or sent by the virtual machine, download the data flow table corresponding to the virtual machine to the first virtual switch, so that the first virtual switch performs a corresponding operation on the mirror packet corresponding to the data packet according to the data flow table.
Optionally, the apparatus further comprises: a detection module 1004 and a creation module 1005;
a detecting module 1004, configured to detect whether mirror bridge ports have been created in the first virtual switch and a second virtual switch to be communicatively connected to the first virtual switch;
a creating module 1005, configured to create a mirror bridge port on a side where the mirror bridge port is not created when it is determined that the mirror bridge port is not created in the first virtual switch and/or the second virtual switch, where the second virtual switch establishes a communication connection with the virtual machine, so as to generate a mirror message corresponding to the data message.
The functions executed by each component in the message mirror image configuration apparatus provided in the embodiment of the present invention have been described in detail in any of the above method embodiments, and therefore, are not described herein again.
According to the message mirror image configuration device provided by the embodiment of the invention, after the configuration file of the virtual machine is monitored to be changed, the changed configuration file is analyzed, and the analysis file is obtained. And when determining that the data message received or sent by the virtual machine executes cross-device mirroring operation according to the analysis file, downloading a data flow table corresponding to the virtual machine into the first virtual switch so that the first virtual switch executes corresponding operation on the mirroring message corresponding to the data message according to the data flow table. The data flow table is downloaded to the first virtual switch, so that the subsequent first virtual switch can analyze the mirror image message after receiving the mirror image message, search the data flow table corresponding to the analysis content, and map the service virtual cloud network identification information in the data flow table into the mirror image virtual cloud network identification information. After the operation, the first virtual switch can send the mirror image message to the monitoring device according to the data flow table, and the monitoring device can also identify the virtual machine corresponding to the mirror image message or the service virtual cloud network according to the mirror image virtual cloud network identification information in the new mirror image message after receiving the new mirror image message. Therefore, any virtual machine in the virtual cloud environment or any group of virtual machines establishing communication connection with the service virtual cloud network can be accurately monitored.
The embodiment of the present application further provides a message mirror processing system, where the system includes a first virtual switch, a second virtual switch, and a message mirror configuration device, and is used to perform interactive communication with the virtual machine and the monitoring device, so as to implement the method steps corresponding to any of the above method embodiments.
Embodiments of the present application further provide a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the steps of the message mirroring method provided in any one of the foregoing method embodiments, or implements the steps of the message mirroring configuration method provided in any one of the foregoing method embodiments.
It is noted that, in this document, relational terms such as "first" and "second," and the like, may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The foregoing are merely exemplary embodiments of the present invention, which enable those skilled in the art to understand or practice the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (10)

1. A method of message mirroring, the method performed by a first virtual switch, the method comprising:
acquiring a mirror image message;
analyzing the mirror image message to obtain analysis content;
according to the analysis content, searching a first data flow table corresponding to the analysis content from a pre-acquired data flow table;
mapping the service virtual cloud network identification information included in the analysis content into mirror image virtual cloud network identification information according to the first data flow table;
generating a new mirror image message according to the analysis content carrying the mirror image virtual network identification information;
and forwarding the new mirror image message to a monitoring device according to the first data flow table.
2. The method according to claim 1, wherein the parsing further includes, in addition to the service virtual cloud network identification information: one or more of the following field information: a source port field, a destination port field, and an input port field of the mirror message; the searching, according to the analysis content, a first data flow table corresponding to the analysis content from pre-acquired data flow tables specifically includes:
matching the fields in the analysis content with corresponding fields of each data flow table in the pre-acquired data flow tables;
and when the field in the analysis content is matched with a corresponding field in any data flow table in the pre-acquired data flow tables, determining the data flow table as the first data flow table.
3. The method of claim 2, wherein each of the pre-fetched data flow tables includes a priority; before the matching the field in the analysis content with the corresponding field of each of the pre-acquired data flow tables, the method further includes:
sorting the pre-acquired data flow tables according to the priority, and generating a sorting sequence corresponding to the data flow tables;
and sequentially extracting one data flow table from the pre-acquired data flow tables based on the sorting sequence corresponding to the data flow tables, and matching the fields in the analysis content with the corresponding fields of the currently sorted data flow table.
4. The method of any of claims 1-3, further comprising, in the first data flow table: mirror image virtual cloud network identification information corresponding to the service virtual cloud network identification information, and an operation instruction for indicating that the service virtual cloud network identification information is mapped to the mirror image virtual cloud network identification information;
the mapping, according to the first data flow table, the service virtual cloud network identification information included in the analysis content to mirror image virtual cloud network identification information specifically includes:
extracting the operation instruction and the mirror image virtual cloud network identification information from the first data flow table;
and executing the operation instruction, and mapping the service virtual cloud network identification information into mirror image virtual cloud network identification information.
5. A message mirror configuration method, wherein the method is executed by a message mirror configuration device, and the method comprises:
when the configuration file of the virtual machine is monitored to be changed, analyzing the changed configuration file to obtain an analysis file;
and when determining to execute cross-device mirroring operation on the data message received or sent by the virtual machine according to the analysis file, downloading a data flow table corresponding to the virtual machine to a first virtual switch, so that the first virtual switch executes corresponding operation on the mirroring message corresponding to the data message according to the data flow table.
6. The method of claim 5, wherein when determining from the parsed file that a cross-device mirroring operation is performed on the data packet received or sent by the virtual machine, the method further comprises:
detecting whether mirror bridge ports are respectively established in the first virtual switch and a second virtual switch which is to be in communication connection with the first virtual switch;
and when it is determined that the mirror bridge port is not created in the first virtual switch and/or the second virtual switch, creating the mirror bridge port on the side where the mirror bridge port is not created, wherein the second virtual switch establishes communication connection with the virtual machine to generate a mirror message corresponding to the data message.
7. A virtual switch, wherein the virtual switch is a first virtual switch, comprising:
the acquisition module is used for acquiring the mirror image message;
the analysis module is used for analyzing the mirror image message to obtain analysis content;
the processing module is used for searching a first data flow table corresponding to the analysis content from a pre-acquired data flow table according to the analysis content;
the mapping module is used for mapping the service virtual cloud network identification information included in the analysis content into mirror image virtual cloud network identification information according to the first data flow table;
the message generation module is used for generating a new mirror image message according to the analysis content carrying the mirror image virtual network identification information;
and the transmission module is used for transmitting the new mirror image message to the monitoring equipment according to the first data flow table.
8. The virtual switch of claim 7, wherein the parsed content includes, in addition to the business virtual cloud network information: one or more of the following field information: a source port field, a destination port field, and an input port field of the mirror message;
the processing module is specifically configured to match a field in the analysis content with a corresponding field of each of the pre-acquired data flow tables;
and when the field in the analysis content is matched with a corresponding field in any data flow table in the pre-acquired data flow tables, determining the data flow table as the first data flow table.
9. The virtual switch of claim 8, wherein each of the pre-fetched data flow tables includes a priority;
the processing module is further configured to sort the pre-acquired data flow tables according to the priority, and generate a sort order corresponding to the data flow tables;
and sequentially extracting one data flow table from the pre-acquired data flow tables based on the sorting sequence corresponding to the data flow tables, and matching the fields in the analysis content with the corresponding fields of the currently sorted data flow table.
10. A message mirror configuration device, wherein the message mirror configuration device comprises:
the monitoring module is used for monitoring whether the configuration file of the virtual machine changes;
the analysis module is used for analyzing the changed configuration file to acquire an analysis file after the monitoring module monitors that the configuration file of the virtual machine is changed;
and the downloading module is used for downloading a data flow table corresponding to the virtual machine to a first virtual switch when determining to execute cross-device mirroring operation on the data message received or sent by the virtual machine according to the analysis file, so that the first virtual switch executes corresponding operation on the mirroring message corresponding to the data message according to the data flow table.
CN202111455295.8A 2021-11-30 2021-11-30 Report Wen Jingxiang, mirror image configuration method, virtual switch and mirror image configuration device Active CN114172854B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111455295.8A CN114172854B (en) 2021-11-30 2021-11-30 Report Wen Jingxiang, mirror image configuration method, virtual switch and mirror image configuration device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111455295.8A CN114172854B (en) 2021-11-30 2021-11-30 Report Wen Jingxiang, mirror image configuration method, virtual switch and mirror image configuration device

Publications (2)

Publication Number Publication Date
CN114172854A true CN114172854A (en) 2022-03-11
CN114172854B CN114172854B (en) 2024-03-19

Family

ID=80482181

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111455295.8A Active CN114172854B (en) 2021-11-30 2021-11-30 Report Wen Jingxiang, mirror image configuration method, virtual switch and mirror image configuration device

Country Status (1)

Country Link
CN (1) CN114172854B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114884905A (en) * 2022-04-18 2022-08-09 深信服科技股份有限公司 Flow mirroring method, device, equipment and computer storage medium
CN115208904A (en) * 2022-06-29 2022-10-18 深圳星云智联科技有限公司 Flow monitoring method and related equipment
CN117041272A (en) * 2023-10-07 2023-11-10 腾讯科技(深圳)有限公司 Data processing method, device, equipment and storage medium

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060002370A1 (en) * 2004-07-02 2006-01-05 Nortel Networks Limited VLAN support of differentiated services
US20070153799A1 (en) * 2006-01-03 2007-07-05 Alcatel Providing services over hybrid networks
CN101325531A (en) * 2008-07-26 2008-12-17 中兴通讯股份有限公司 Forwarding method and system for virtual LAN
CN101594243A (en) * 2009-06-30 2009-12-02 中兴通讯股份有限公司 A kind of multicast spanning virtual local area networks implementation method based on optical network unit
CN105049361A (en) * 2012-06-06 2015-11-11 瞻博网络公司 Identifying likely faulty components in a distributed system
US20150372943A1 (en) * 2014-06-22 2015-12-24 Cisco Technology, Inc. Framework for network technology agnostic multi-cloud elastic extension and isolation
CN105743734A (en) * 2016-01-22 2016-07-06 北京航空航天大学 Virtual machine mirror image flow transmission control method and virtual machine mirror image flow transmission control device
CN108512678A (en) * 2017-02-27 2018-09-07 中国科学院信息工程研究所 A kind of method and system of the equipment access of virtual network in kind based on overlay technologies
CN108900384A (en) * 2018-07-20 2018-11-27 新华三云计算技术有限公司 Network flow monitoring method, apparatus and system, computer readable storage medium
CN110635987A (en) * 2019-09-09 2019-12-31 新华三信息安全技术有限公司 Message transmission method, device, equipment and machine readable storage medium
CN110838964A (en) * 2018-08-16 2020-02-25 上海仪电(集团)有限公司中央研究院 Network docking system for virtual network and physical network

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060002370A1 (en) * 2004-07-02 2006-01-05 Nortel Networks Limited VLAN support of differentiated services
US20070153799A1 (en) * 2006-01-03 2007-07-05 Alcatel Providing services over hybrid networks
CN101325531A (en) * 2008-07-26 2008-12-17 中兴通讯股份有限公司 Forwarding method and system for virtual LAN
WO2010012143A1 (en) * 2008-07-26 2010-02-04 中兴通讯股份有限公司 Method and system of virtual local area network data forwarding
CN101594243A (en) * 2009-06-30 2009-12-02 中兴通讯股份有限公司 A kind of multicast spanning virtual local area networks implementation method based on optical network unit
CN105049361A (en) * 2012-06-06 2015-11-11 瞻博网络公司 Identifying likely faulty components in a distributed system
US20150372943A1 (en) * 2014-06-22 2015-12-24 Cisco Technology, Inc. Framework for network technology agnostic multi-cloud elastic extension and isolation
CN105743734A (en) * 2016-01-22 2016-07-06 北京航空航天大学 Virtual machine mirror image flow transmission control method and virtual machine mirror image flow transmission control device
CN108512678A (en) * 2017-02-27 2018-09-07 中国科学院信息工程研究所 A kind of method and system of the equipment access of virtual network in kind based on overlay technologies
CN108900384A (en) * 2018-07-20 2018-11-27 新华三云计算技术有限公司 Network flow monitoring method, apparatus and system, computer readable storage medium
CN110838964A (en) * 2018-08-16 2020-02-25 上海仪电(集团)有限公司中央研究院 Network docking system for virtual network and physical network
CN110635987A (en) * 2019-09-09 2019-12-31 新华三信息安全技术有限公司 Message transmission method, device, equipment and machine readable storage medium

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
LIANG MIN WANG等: "Implementation of a high-throughput virtual switch port monitoring system", 《2021 IEEE INTERNATIONAL CONFERENCE ON NETWORKING,ARCHITECTURE AND STORAGE(NAS)》, 22 November 2021 (2021-11-22) *
刘汉江;欧亮;陈文华;唐宏;: "基于SDN的跨数据中心承载技术", 电信科学, no. 03, 20 March 2016 (2016-03-20) *
黄志兰;陈楠;刘京松;关天强;林宝洪;: "基于OpenDaylight和白盒机的通用SDN系统设计与实现", 广东通信技术, no. 08, 15 August 2017 (2017-08-15) *

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114884905A (en) * 2022-04-18 2022-08-09 深信服科技股份有限公司 Flow mirroring method, device, equipment and computer storage medium
CN114884905B (en) * 2022-04-18 2023-11-07 深信服科技股份有限公司 Traffic mirroring method, traffic mirroring device, traffic mirroring equipment and computer storage medium
CN115208904A (en) * 2022-06-29 2022-10-18 深圳星云智联科技有限公司 Flow monitoring method and related equipment
CN117041272A (en) * 2023-10-07 2023-11-10 腾讯科技(深圳)有限公司 Data processing method, device, equipment and storage medium
CN117041272B (en) * 2023-10-07 2024-01-30 腾讯科技(深圳)有限公司 Data processing method, device, equipment and storage medium

Also Published As

Publication number Publication date
CN114172854B (en) 2024-03-19

Similar Documents

Publication Publication Date Title
CN114172854B (en) Report Wen Jingxiang, mirror image configuration method, virtual switch and mirror image configuration device
US9935851B2 (en) Technologies for determining sensor placement and topology
US10158563B2 (en) Flow based overlay network
CN108471383B (en) Message forwarding method, device and system
US9608841B2 (en) Method for real-time synchronization of ARP record in RSMLT cluster
CN104718723B (en) For the networking in virtual network and the frame of security service
US20160301603A1 (en) Integrated routing method based on software-defined network and system thereof
CN109952746A (en) Physics and virtual network function are integrated in business chain network environment
US9674080B2 (en) Proxy for port to service instance mapping
US20140365634A1 (en) Programmable Network Analytics Processing via an Inspect/Apply-Action Applied to Physical and Virtual Entities
US10178068B2 (en) Translating network attributes of packets in a multi-tenant environment
KR101326983B1 (en) Apparatus and method for controlling traffic
CN113867884B (en) Method and system for computer network and storage medium
US20160299958A1 (en) Method and apparatus for visual logging in networking systems
CN113630301B (en) Data transmission method, device and equipment based on intelligent decision and storage medium
CN107454132B (en) Method and device for supporting multi-tenant network transmission
US20180198704A1 (en) Pre-processing of data packets with network switch application -specific integrated circuit
CN113497755B (en) Data forwarding method, system and equipment
US11115337B2 (en) Network traffic segregation on an application basis in a virtual computing environment
CN114172789A (en) Virtual device link detection method, device, equipment and storage medium
KR20180057282A (en) Method, apparatus and computer program for service fuction chainnig
CN114765567A (en) Communication method and communication system
US20150180775A1 (en) Communication System, Control Apparatus, Communication Method, and Program
He et al. Traffic steering of middlebox policy chain based on SDN
CN114884882B (en) Flow visualization method, device, equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant