CN115426295A - Automatic monitoring method for IDC internetwork routing abnormity - Google Patents

Automatic monitoring method for IDC internetwork routing abnormity Download PDF

Info

Publication number
CN115426295A
CN115426295A CN202210200968.3A CN202210200968A CN115426295A CN 115426295 A CN115426295 A CN 115426295A CN 202210200968 A CN202210200968 A CN 202210200968A CN 115426295 A CN115426295 A CN 115426295A
Authority
CN
China
Prior art keywords
idc
routing
route
address
ebgp
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210200968.3A
Other languages
Chinese (zh)
Inventor
武迎春
黎宇
燕飞
王立俊
李宜明
徐海
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Runstone Technology Inc
Original Assignee
Beijing Runstone Technology Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Runstone Technology Inc filed Critical Beijing Runstone Technology Inc
Priority to CN202210200968.3A priority Critical patent/CN115426295A/en
Publication of CN115426295A publication Critical patent/CN115426295A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0805Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
    • H04L43/0811Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking connectivity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/14Routing performance; Theoretical aspects

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Environmental & Geological Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses an automatic monitoring method for IDC internetwork routing abnormity, which comprises the following steps: step 1) establishing a whole network IP address model, comprising: establishing a corresponding relation between each VPN internal IP address field and each IDC AS number in the whole network according to the network planning data, and using the corresponding relation AS reference data of EBGP routing analysis; step 2) IDC-DCI EBGP routing data acquisition, which comprises the following steps: using BMP protocol to collect original route data of EBGP session between IDC border router and DCI border router in real time; step 3) IDC EBGP routing data analysis, which comprises the following steps: and by comparing the routing data acquired by the BMP protocol with the whole network IP address model, the abnormal route and the occurrence time of the abnormal route are discovered.

Description

Automatic monitoring method for routing abnormity between IDC networks
Technical Field
The invention belongs to the field of communication, and relates to a method for monitoring routing abnormity between IDC networks.
Background
With the wide application of cloud computing technology, telecom operators and large-scale enterprises often build a plurality of IDC networks as network platforms for carrying services and applications, and meanwhile, in order to achieve flexible deployment and migration of the services and applications among the IDC networks, the telecom operators and the large-scale enterprises often use DCI networks to connect the IDCs, so that network-level intercommunication among the IDCs is achieved.
The BGP routing protocol is used AS a standard protocol for IP routing exchange between two Autonomous Systems (AS), is widely applied to IDC-DCI interconnection scenes, and realizes that VPN uses an IPv4 protocol or an IPv6 protocol for intercommunication between different IDCs. Although the BGP routing protocol can implement flexible bidirectional routing control between ases by setting a flexible routing policy, complexity caused by the flexibility of such policy easily causes routing errors, and causes partial or complete interruption of communication between IDCs, thereby seriously affecting services carried by the IDCs.
An example scenario in which IDC-DCI networks implement interconnection using the BGP protocol is shown in fig. 1. The specific environment is as follows:
1. in the example scenario, four IDC networks and one DCI network are included, wherein the four IDC networks are IDC-1, IDC-2, IDC-3 and IDC-4 respectively. Each network is respectively used as an independent autonomous domain, and the corresponding autonomous domain numbers are respectively b, c, d and e; the autonomous domain number of the DCI network is a.
2. Three VPNs are deployed in the whole network, namely VPN x, VPN y and VPN z. VPN x is deployed at IDC-1, IDC-2 and IDC-3; the VPN y is deployed in IDC-1 and IDC-3; the VPN y is deployed at IDC-2, IDC-3 and IDC-4;
3. the four IDC networks are respectively connected with the DCI network in a physical mode, an EBGP session is established between boundary equipment of interconnection of the IDC and the DCI network, routes of three VPNs are exchanged between the IDC and the DCI network by using a BGP routing protocol, and the route exchange mode uses an option-A or option-B mode specified in IETF technical standard RFC4364 to realize the intercommunication of the VPNs across the IDCs.
4. In order to guarantee the security of the network or realize the requirements of backup of network routes and the like, two-way BGP strategies are deployed at two ends of an EBGP session between the IDC and the DCI to control the receiving and transmitting routes of the BGP session.
In the above scenario, if the configuration of the BGP session policy is faulty, it is often easy to cause route loss or route error, which causes interruption of VPN communication between different IDCs, and seriously affects network-supported services and applications.
In an actual network environment, the number of IDC networks and VPN networks is not limited to the number in the illustrated figure.
Disclosure of Invention
The invention aims to provide an automatic monitoring method for IDC internetwork routing abnormity.
The technical scheme adopted by the invention for solving the technical problems is as follows:
an automatic monitoring method for IDC internetwork routing abnormity comprises the following steps:
step 1) establishing a whole network IP address model, comprising:
establishing a corresponding relation between each VPN internal IP address field and each IDCAS number in the whole network according to network planning data, and using the corresponding relation as reference data of EBGP routing analysis;
step 2) IDC-DCIEBGP routing data acquisition, which comprises the following steps:
using BMP protocol to collect original route data of EBGP session between IDC border router and DCI border router in real time;
step 3) IDCEBGP routing data analysis, comprising:
and by comparing the routing data acquired by the BMP protocol with the IP address model of the whole network, discovering the abnormal route and the occurrence time of the abnormal route.
After the scheme is adopted, the BGP route of the bidirectional exchange between the IDC and the DCI can be automatically monitored at the IDC side in the IDC-DCI interconnection scene, and the abnormal route of the bidirectional VPN route of the IDC can be automatically found. By using the method, the inter-AS communication interruption caused by BGP routing abnormity can be timely found and positioned.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and drawings.
Drawings
The present invention will be described in detail below with reference to the accompanying drawings so that the above advantages of the present invention will be more apparent. Wherein the content of the first and second substances,
fig. 1 is a diagram illustrating a scenario in which an IDC-DCI network uses a BGP protocol to implement interconnection in the prior art;
FIG. 2 is a flow chart of the method for automatically monitoring IDC inter-net routing anomaly of the present invention;
FIG. 3 is a schematic diagram of a routing data collection method of the present invention;
fig. 4 is a schematic diagram of the route acquisition content in the present invention.
Detailed Description
The following detailed description will be given with reference to the accompanying drawings and examples to explain how to apply the technical means to solve the technical problems and to achieve the technical effects. It should be noted that, as long as there is no conflict, the embodiments and the features of the embodiments of the present invention may be combined with each other, and the technical solutions formed are within the scope of the present invention.
Additionally, the steps illustrated in the flow charts of the figures may be performed in a computer system such as a set of computer-executable instructions and, although a logical order is illustrated in the flow charts, in some cases, the steps illustrated or described may be performed in an order different than here.
Specifically, as shown in fig. 2, in order to overcome the drawbacks of the prior art, the present invention provides an automatic monitoring method for IDC inter-net routing anomaly, which includes:
step 1) establishing a whole network IP address model, which comprises the following steps:
establishing a corresponding relation between each VPN internal IP address segment and each IDCAS number in the whole network according to network planning data, and using the corresponding relation as reference data for EBGP routing analysis;
step 2) IDC-DCIEBGP routing data acquisition, which comprises the following steps:
using BMP protocol to collect original route data of EBGP session between IDC border router and DCI border router in real time;
step 3) IDCEBGP routing data analysis, which comprises the following steps:
and by comparing the routing data acquired by the BMP protocol with the whole network IP address model, the abnormal route and the occurrence time of the abnormal route are discovered.
After the scheme is adopted, the BGP route of the bidirectional exchange between the IDC and the DCI can be automatically monitored at the IDC side in the IDC-DCI interconnection scene, and the abnormal route of the bidirectional VPN route of the IDC can be automatically found. By using the method, the inter-AS communication interruption caused by BGP routing abnormity can be timely found and positioned.
The method can realize the following abnormal routing analysis of bidirectional exchange between IDC-DCI:
1. the IDC sends route missing and route missing time;
2. IDC sends error route (route prefix should not be sent) and error route sending time;
3. the DC receives the route loss and the route loss time;
4. the IDC receives routing errors (routing prefixes which should not be sent or routing prefixes with errors of the home AS number), error routing sending time and error routing source autonomous domain numbers.
The present invention is described in detail with reference to specific embodiments, wherein the method for automatically monitoring inter-IDC-network routing anomaly mainly includes the following steps:
step 1, establishing a whole network IP address model:
establishing a corresponding relation between each VPN internal IP address field and each IDCAS number in the whole network according to network planning data, and using the corresponding relation as reference data of EBGP routing analysis;
step 2, IDC-DCIEBGP routing data acquisition:
using BMP protocol to collect original route data of EBGP session between IDC border router and DCI border router in real time;
step 3, IDCEBGP routing data analysis:
and by comparing the routing data acquired by the BMP protocol with the whole network IP address model, the abnormal route and the occurrence time of the abnormal route are discovered.
The step 1 of establishing the whole network IP address model mainly comprises the following steps:
and according to the network planning data, establishing a corresponding relation among RD of each VPN in the whole network, a maximum polymerizable IP address field list of the IP address used by the WN in each IDC and the IDC autonomous domain number, and taking the corresponding relation as reference data of EBGP routing analysis.
Taking the scenario shown in fig. 1 as an example, three VPNs, namely VPN x, VPN y, and VPN z, are deployed in the total network planning. Wherein, VPN x is distributed in IDC-1, IDC-2 and IDC-3. In IDC-1, the IP address field used by VPN x is Prefix-11, prefix-12,... And Prefix-1m; in IDC-2, the IP address field used by VPN x is Prefix-21, prefix-22,... And Prefix-2n; in IDC-4, the IP address field used by VPN x is Prefix-41, prefix-42, prefix-4p.
All the IP address fields in the same IDC are expressed according to the mode of the maximum polymerizable address field, namely the IP address fields combined into one address field can be expressed by using the combined address field until all the IP address fields can not be combined. For example, the IPv4 address field 10.1.0.0/24 and the IP address field 10.1.1.0/24 are represented by the address field 10.1.0.0/23.
Among the above IP address fields, only IP address fields that have already been enabled in the network are contained.
Among the above IP address fields, only IP address fields that require communication between different IDCs are included.
According to the planning data of each IDC AS number, the corresponding autonomous domain numbers of IDC-1, IDC-2, IDC-3 and IDC-4 are b, c, d and e respectively.
The RD for VPNx is designated RD-x according to the RD planning data for VPNs.
According to the planning data, a full-network IP address model of the VPN x is established as follows:
Figure BSA0000267543800000051
the IP address models of VPNy and VPNz are built in the same manner as described above.
The IP address models of all the VPNs in the whole network form a whole network IP address model.
Step 2, in the IDC-DCIEBGP routing data acquisition, the method specifically comprises the following steps:
and using a BMP protocol to collect complete information of the bidirectional route exchanged between the IDC and the DCI through the EBGP in real time from the IDC side.
Taking IDC-1 in fig. 1 as an example, the route data acquisition method is as shown in fig. 3, where an acquisition server establishes a BMP session with a border router GW of IDC-1, and acquires BGP route transmission and reception information of an EBGP session between the IDC-1 border router and a DCI route using the BMP session.
In fig. 4, GW1 is an IDC-1 side border router, and GW2 is a border router interconnecting GW1 on the DCI side.
Each VPN across a plurality of IDCs is deployed in IDC-1, a routing table VRF corresponding to the VPN exists in GW1 and GW2, and meanwhile, an independent EBGP session needs to be established for the VPN between GW1 and GW2 for exchanging the routing of the VRF.
Taking VPNx in fig. 4 as an example, in GW1, the VRF corresponding to the VPN is VRFx, and RD-x is allocated to the VRF, in GW2, the VRF corresponding to the VPN is VRFx, and between GW1 and GW2, an EBGP session is established for the VRF, and a route of the VRFx is exchanged using the session.
The routing information exchanged with the EBGP session corresponding to the VRFx includes two directions, which respectively issue routing information for the GW1 to GW2 direction and routing information for the GW2 to GW1 direction.
The process and content of the route information release from the GW1 to the GW2 are as follows:
1. VPNx is used in IDC-1, BGP routing corresponding to an IP address field needing to communicate with other IDCs is stored in Post-Policy Adj-RIBs-Out after being processed by an outgoing Policy of an EBGP session between GW2 and GW1 corresponding to VRF x in GW1;
2. all routing information in Post-Policy Adj-RIBs-Out in GW1 is sent to GW2 through EBGP session;
3. GW2 receives the route through EBGP session, and then stores In Pre-Policy Adj-RIBs-In corresponding to the EBGP session In GW2;
4. GW2 processes Pre-Policy Adj-RIBs-In according to the 'entry Policy' corresponding to the EBGP session, then performs the subsequent BGP routing processing flow and distributes the corresponding route to other IDCs by using a BGP routing protocol, thereby realizing the communication from the host of the home VPNx In other IDCs to the host of the home VPNx In IDC-1.
The process and content of the route information release from the GW1 to the GW2 are as follows:
1. the IP address field used by VPNx in other IDCs (namely other IDCs except IDC-1) is issued to DCI through a BGP routing protocol, is synchronized to GW2, is processed by an outgoing strategy of an EBGP session between GW2 and GW1 corresponding to VRF x, and is stored in Post-Policy Adj-RIBs-Out;
2. all routing information in Post-Policy Adj-RIBs-Out in GW2 is sent to GW1 through EBGP session;
3. GW1 receives the route through EBGP session, and stores In GW1 Pre-Policy Adj-RIBs-In corresponding to the EBGP session;
4. GW1 processes Pre-Policy Adj-RIBs-In according to the entry strategy corresponding to the EBGP session, and then performs the subsequent BGP routing processing flow, so as to realize the communication from the host of the home VPNx In IDC-1 to the host of the home VPNx In other IDCs.
In the above process, if a certain IP address segment is added or the routing attribute of a certain IP address segment changes, the GW uses the UPDATE message of BGP to inform the other side, and adds or covers the original routing information of the corresponding IP address segment; if the route of a certain IP address segment needs to be cancelled, the GW uses a Withdraw message of BGP to inform the opposite side to delete the route information corresponding to the corresponding IP address.
In the scheme, the Pre-Policy Adj-RIBs-In and Post-Policy Adj-RIBs-Out of EBGP sessions of each border router In GW1 and DCI network and the change information thereof are collected by using a BMP protocol, so that the routing information bidirectionally transmitted by each EBGP session between GW1 and GW2 can be obtained. The information is routing information that is bidirectionally transmitted between the IDC and the DCI, and specifically includes the following data:
1. BGP session data, including the following:
and the RD of the VPN corresponding to each BGP session and the IP addresses of two ends of the BGP session.
2. The routing data transmitted by each BGP session includes the following:
sending time stamp of each sent UPDATE message, routing prefix contained in each sent UPDATE message, sending time stamp of each sent withdraw message, and routing prefix contained in each sent withdraw message.
3. The routing data received by each BGP session includes the following:
a routing prefix contained in each sent widget message, a receiving timestamp of each received UPDATE message, a routing prefix contained in each received UPDATE message, an AS-PATH attribute contained in each received UPDATE message, a sending timestamp of each received widget message, and a routing prefix contained in each received widget message.
Step 3, in IDCEBGP routing data analysis, screenshot comprises:
and analyzing the collected routing data based on the establishment of a whole network IP address model, and finding out the abnormal routing sent/received by each EBGP session in each VPN and the occurrence time of the abnormal routing. The abnormal routing includes the following categories:
missing transmission route, transmission wrong route (route prefix that should not be transmitted), loss of reception route, and reception route error (route prefix that should not be transmitted, or route prefix with wrong home AS number).
Taking IDC-DCI route monitoring performed on VPNx by IDC-1 in fig. 1 as an example, a specific analysis method is as follows:
1. analyzing abnormal routes, including missing routes and wrong routes, existing in the routes sent by the IDC to the DCI, and the specific method comprises the following steps:
in the data collected in 2.2, finding out each routing Prefix sent by each BGP session with RD-x RD, aggregating in a mode of a maximum polymerizable address segment, and then comparing each aggregated routing Prefix (marked AS P-ax) with all prefixes with RD-x RD and AS number equal to b in 2.1, wherein the specific comparison method is AS follows:
if the route Prefix P-ax is completely consistent with a certain Prefix, the route Prefix before aggregation contained in the P-ax is a correct route;
if the route Prefix P-ax belongs to a subnet of a certain Prefix (marked as Prefix-mn), the route Prefix before aggregation contained in the P-ax is a correct route; meanwhile, the set of routing prefixes P-missing = { P: elements in which P belongs to the Prefix-mn subnet and P does not belong to the P-ax subnet (where P is expressed in the most polymerizable manner) are all missing routes;
if a subnet with a certain Prefix (denoted as Prefix-mn) belonging to the routing Prefix P-ax exists, further analyzing all routing prefixes contained in P-ax before aggregation as follows:
if the route prefix before aggregation contains P-ax, the P-ax is the error route;
if the route Prefix P-x before aggregation is a subnet of P-ax, and the P-x is the same as or is a subnet of Prefix-mn, then the P-x is a correct route;
if P-x is different from Prefix-mn and is not a subnet of Prefix-mn, then P-x is the wrong route;
and if the routing Prefix P-ax is different from any Prefix and is not a subnet of any Prefix or is contained by any Prefix, the routing Prefix contained in the P-ax before aggregation is a wrong route.
If a certain Prefix is different from any routing Prefix P-ax, and any routing Prefix P-ax is not the subnet of the Prefix, the Prefix is a missing route;
2. analyzing the loss time of the missing route in the route sent by the IDC to the DCI, wherein the specific method comprises the following steps:
step 1, finding out each missing route, and searching a timestamp of a latest widraw message containing the missing route in a sending direction in a corresponding BGP session, wherein the timestamp is the missing time of the missing route;
if the widdraw message containing the missing route is not found, splitting the route into two routes, and searching the latest timestamp containing the two widdraw messages in the sending direction, wherein the timestamp is the missing time of the missing route;
and for the route which still has the route which can not be found after splitting, continuing to split the route into two routes, and repeating the steps until the route which contains the route is found in the sending direction or the route can not be split. In the process of splitting the route, in order to improve the efficiency of automatically realizing the method by adopting a software system, a lower limit of the granularity of splitting the route can be set according to the actual condition of the network, namely after the length of a mask code of the split route reaches the lower limit specified by the granularity, if the withdraw message is still not found, the continuous splitting of the route is stopped.
3. Analyzing the sending time of the error route sent by the IDC to the DCI, wherein the specific method comprises the following steps:
for each wrong route found in step 1, in the corresponding BGP session, a timestamp of the latest update message containing the route is searched in the sending direction, and the time is the sending time of the corresponding wrong route;
4. and analyzing the wrong route in the route received by the IDC from the DCI, wherein the specific method comprises the following steps:
in the data collected in 2.2, each routing Prefix (denoted as P-bx) received by each BGP session with RD-x RD is found, comparing with all the Prefix with RD-x RD in 2.1, wherein the specific comparison method is as follows:
if the P-bx is completely consistent with a certain Prefix or belongs to a subnet of a certain Prefix, and the last AS number in the AS-PATH attribute is consistent with the AS number corresponding to the Prefix in 2.1, the route is correct;
if the P-bx is completely consistent with a certain Prefix or belongs to a subnet of a certain Prefix, and the last AS number in the AS-PATH attribute is inconsistent with the AS number corresponding to the Prefix in 2.1, the route is an error route;
if a certain Prefix is the subnet of P-bx, then P-bx is the wrong route.
5. Analyzing a missing route in the route received by the IDC from the DCI, wherein the specific method comprises the following steps:
all correct routes found in the step 4 are aggregated according to the mode of the maximum aggregation address field, and then each aggregated route Prefix (marked as P-cx) is compared with all prefixes with RD-x RD in 2.1, wherein the specific comparison method is as follows:
if the route Prefix P-cx is completely consistent with a certain Prefix, the corresponding Prefix has no route loss;
if the routing Prefix P-cx belongs to a subnet of a Prefix (denoted as Prefix-mn), the routing Prefix set P-missing = { P: elements in which P belongs to the Prefix-mn subnet and P does not belong to the P-ax subnet (where P is expressed in the most polymerizable manner) are all missing routes;
6. analyzing the loss time of the IDC missing the route from the DCI received route, wherein the specific method comprises the following steps:
searching a timestamp of a latest withdraw message containing the missing route in a receiving direction in the corresponding BGP session for each missing route discovered in the step 5, wherein the time is the missing time of the missing route;
if the widdraw message containing the missing route is not found, splitting the route into two routes, and searching the latest timestamp containing the two widdraw messages in the receiving direction, wherein the timestamp is the missing time of the missing route;
and if the route which cannot be found out still exists after splitting, the route is continuously split into two routes, and the steps are repeated until the route which contains the route is found out in the receiving direction or the route cannot be split. In the process of splitting the route, in order to improve the efficiency of automatically realizing the method by adopting a software system, a lower limit of the granularity of splitting the route can be set according to the actual condition of the network, namely after the length of a mask code of the split route reaches the lower limit specified by the granularity, if the withdraw message is still not found, the continuous splitting of the route is stopped.
7. Analyzing the receiving time of the error route received by the IDC from the DCI, wherein the specific method comprises the following steps:
for each wrong route found in step 4, in the corresponding BGP session, a timestamp of the last update message containing the route is searched in the receiving direction, where the time is the sending time of the corresponding wrong route;
according to the method, all VPN route processing deployed in IDC-1, namely exception analysis of all routes bidirectionally exchanged between IDC-1 and DCI, is completed.
It should be noted that for simplicity of description, the above method embodiments are described as a series of acts, but those skilled in the art should understand that the present application is not limited by the described order of acts, as some steps may be performed in other orders or simultaneously according to the present application. Further, those skilled in the art should also appreciate that the embodiments described in the specification are preferred embodiments and that the acts and modules referred to are not necessarily required in this application.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects.
Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and so forth) having computer-usable program code embodied therein.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that changes may be made in the embodiments and/or equivalents thereof without departing from the spirit and scope of the invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (10)

1. An automatic monitoring method for IDC internetwork routing abnormity is characterized by comprising the following steps:
step 1) establishing a whole network IP address model, comprising:
establishing a corresponding relation between each VPN internal IP address field and an IDC autonomous domain AS number in the whole network according to network planning data, and using the corresponding relation AS reference data of EBGP routing analysis of an external border gateway protocol;
step 2) IDC-DCIEBGP routing data acquisition, which comprises the following steps:
using BMP protocol to collect original route data of EBGP session between IDC border router and DCI border router in real time;
step 3) IDCEBGP routing data analysis, comprising:
and by comparing the routing data acquired by the BMP protocol with the IP address model of the whole network, discovering the abnormal route and the occurrence time of the abnormal route.
2. The automatic monitoring method for the routing exception among the IDC networks according to claim 1, wherein the step 1) of establishing a full network IP address model specifically comprises:
and establishing a corresponding relation among a routing identifier RD of each VPN in the whole network, a maximum polymerizable IP address section list of the IP address used by the VPN in each IDC and an IDC autonomous domain number according to network planning data, and taking the corresponding relation as reference data of EBGP routing analysis.
3. The automatic monitoring method for IDC internetwork routing anomaly according to claim 2, characterized in that, according to network planning data, the corresponding relation among RD of each VPN in the whole network, the maximum polymerizable IP address segment list of the IP address used by the VPN in each IDC, and IDC autonomous domain number is established, and used as the reference data of EBGP routing analysis,
all IP address fields in the same IDC are expressed according to the mode of the maximum polymerizable address field, namely the IP address fields which are combined into one address field can be expressed by using the combined address field until all the IP address fields can not be combined;
only IP address fields which are enabled in the network are contained in the IP address fields;
among the above IP address fields, only IP address fields that require communication between different IDCs are included.
4. The method for automatically monitoring the routing abnormality between the IDC networks according to claim 1, wherein the step 2) specifically comprises the following steps:
the acquisition server establishes a BMP session with a boundary router GW of the IDC-1;
and acquiring BGP routing information of the EBGP session between the IDC-1 boundary router and the DCI route by using the BMP session.
5. Method for automatic monitoring of IDC inter-net routing anomalies according to claim 4, characterized in that in step 2),
GW1 is an IDC-1 side border router, GW2 is a border router with a DCI side interconnected with GW1, each VPN across multiple IDCs is deployed in IDC-1, and a routing table VRF corresponding to the VPN exists in GW1 and GW2;
between GW1 and GW2, an independent EBGP session needs to be established for the VPN, for exchanging the routes of the virtual route forwarding table VRF.
6. The method for automatically monitoring the routing abnormality among the IDC networks according to claim 5, wherein the step 2) specifically comprises the following steps:
in GW1, VRF corresponding to the VPN is VRFx, RD-x is allocated to the VRF, in GW2, VRF corresponding to the VPN is VRFx, and between GW1 and GW2, EBGP session is established for the VRF, and route of VRFx is exchanged by using the session;
the routing information exchanged with the EBGP session corresponding to the VRFx includes two directions, which respectively issue routing information for the GW1 to GW2 direction and routing information for the GW2 to GW1 direction.
7. The automatic monitoring method for IDC inter-network routing anomaly according to claim 6, wherein the process and content of the routing information distribution from GW1 to GW2 are as follows:
VPNx is used in IDC-1, BGP routing corresponding to an IP address field needing to communicate with other IDCs is stored in Post-Policy Adj-RIBs-Out after being processed by an outgoing Policy of an EBGP session between GW2 and GW1 corresponding to VRF x in GW1;
all routing information in Post-Policy Adj-RIBs-Out in GW1 is sent to GW2 through EBGP session;
GW2 receives the route through EBGP session, and stores In GW2 Pre-Policy Adj-RIBs-In corresponding to the EBGP session;
and the GW2 processes the Pre-Policy Adj-RIBs-In according to the 'direction-entering Policy' corresponding to the EBGP session, then performs subsequent BGP routing processing flow and distributes corresponding routes to other IDCs by using a BGP routing protocol, so that the communication from the host of the VPNx In other IDCs to the host of the VPNx In IDC-1 In the direction of the host is realized.
8. The automatic monitoring method for IDC inter-network routing anomaly according to claim 6, wherein the process and content of the routing information distribution from GW1 to GW2 are as follows:
the IP address fields used by VPNx in other IDCs are issued to DCI through a BGP routing protocol, are synchronized to GW2, are processed through an outbound strategy of an EBGP session between GW2 and GW1 corresponding to VRF x, and are stored in Post-Policy Adj-RIBs-Out;
all routing information in Post-Policy Adj-RIBs-Out in GW2 is sent to GW1 through EBGP session;
GW1 receives the above route through EBGP session, and then stores In Pre-Policy Adj-RIBs-In corresponding to the EBGP session In GW1;
GW1 processes Pre-Policy Adj-RIBs-In according to the 'entry Policy' corresponding to the EBGP session, and then performs the subsequent BGP routing processing flow, so as to realize the communication from the host of VPNx In IDC-1 to the host of VPNx In other IDCs.
9. The automatic monitoring method for IDC internetwork route abnormity according to claim 5, characterized in that if a certain IP address field is added or the route attribute of a certain IP address field changes, the GW uses the UPDATE message of BGP to inform the other side and add or cover the original route information of the corresponding IP address field;
if the route of a certain IP address field needs to be withdrawn, the GW uses the Withdraw message of BGP to inform the opposite side to delete the route information corresponding to the corresponding IP address.
10. The automatic monitoring method for the IDC inter-network routing anomaly according to claim 1, wherein the step 3) specifically comprises:
and establishing a whole network IP address model, analyzing the collected routing data, and finding out abnormal routes sent/received by each EBGP session in each VPN and the occurrence time of the abnormal routes.
CN202210200968.3A 2022-03-03 2022-03-03 Automatic monitoring method for IDC internetwork routing abnormity Pending CN115426295A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210200968.3A CN115426295A (en) 2022-03-03 2022-03-03 Automatic monitoring method for IDC internetwork routing abnormity

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210200968.3A CN115426295A (en) 2022-03-03 2022-03-03 Automatic monitoring method for IDC internetwork routing abnormity

Publications (1)

Publication Number Publication Date
CN115426295A true CN115426295A (en) 2022-12-02

Family

ID=84230558

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210200968.3A Pending CN115426295A (en) 2022-03-03 2022-03-03 Automatic monitoring method for IDC internetwork routing abnormity

Country Status (1)

Country Link
CN (1) CN115426295A (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1685675A (en) * 2002-10-28 2005-10-19 思科技术公司 Internal BGP downloader
CN110430076A (en) * 2019-07-31 2019-11-08 新华三技术有限公司合肥分公司 A kind of route management method and device
CN111106970A (en) * 2019-12-31 2020-05-05 腾讯科技(深圳)有限公司 Data monitoring method and device, electronic equipment and readable storage medium
CN111698189A (en) * 2019-03-11 2020-09-22 华为技术有限公司 BGP route identification method, device and equipment
CN112492056A (en) * 2020-11-13 2021-03-12 中盈优创资讯科技有限公司 IP address use analysis method and device
CN112702221A (en) * 2019-10-23 2021-04-23 中国电信股份有限公司 BGP abnormal route monitoring method and device
CN112953740A (en) * 2019-12-10 2021-06-11 中盈优创资讯科技有限公司 Method and device for monitoring routing information

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1685675A (en) * 2002-10-28 2005-10-19 思科技术公司 Internal BGP downloader
CN111698189A (en) * 2019-03-11 2020-09-22 华为技术有限公司 BGP route identification method, device and equipment
CN110430076A (en) * 2019-07-31 2019-11-08 新华三技术有限公司合肥分公司 A kind of route management method and device
CN112702221A (en) * 2019-10-23 2021-04-23 中国电信股份有限公司 BGP abnormal route monitoring method and device
CN112953740A (en) * 2019-12-10 2021-06-11 中盈优创资讯科技有限公司 Method and device for monitoring routing information
CN111106970A (en) * 2019-12-31 2020-05-05 腾讯科技(深圳)有限公司 Data monitoring method and device, electronic equipment and readable storage medium
CN112492056A (en) * 2020-11-13 2021-03-12 中盈优创资讯科技有限公司 IP address use analysis method and device

Similar Documents

Publication Publication Date Title
CN113812126B (en) Message transmission method, device and system, and readable storage medium
US7483374B2 (en) Method and apparatus for achieving dynamic capacity and high availability in multi-stage data networks using adaptive flow-based routing
CN105847069B (en) Physical pathway for virtual network stream of packets is determined
CN104869065A (en) Method and device for processing data message
JP2005348051A (en) Device and method for searching topology of network equipment
US20200280502A1 (en) Network device snapshots
US9467374B2 (en) Supporting multiple IEC-101/IEC-104 masters on an IEC-101/IEC-104 translation gateway
WO2021047011A1 (en) Data processing method and apparatus, and computer storage medium
EP1890438A1 (en) Method and apparatus for achieving dynamic capacity and high availability in multi-stage data networks using adaptive flow-based routing
CN112751767B (en) Routing information transmission method and device and data center internet
Wang et al. An Adaptive Broadcast and Multicast Traffic Cutting Framework to Improve Ethernet Efficiency by SDN.
CN105637806A (en) Method and apparatus for determining network topology, and centralized network state information storage device
CN107124297A (en) SNMP method for discovering network topology and device based on zabbix
US20230254244A1 (en) Path determining method and apparatus, and computer storage medium
Houidi et al. A new VPN routing approach for large scale networks
CN115426295A (en) Automatic monitoring method for IDC internetwork routing abnormity
CN114124802B (en) Cross-domain black hole route centralized management and control method and device
Cisco Gateway System Manual For use with the Cabletron MMAC Hub
Cisco Internetworking Technology Overview
KR102092015B1 (en) Method, apparatus and computer program for recognizing network equipment in a software defined network
CN107483340A (en) A kind of dynamic routing notifying method and SDN controllers and network system
CN116032690B (en) Virtual network scheduling method under edge computing scene
Sgier Visualizing bgp rib changes into forwarding plane by leveraging bmp and ipfix
CN112272143B (en) Route learning and forwarding method
EP4213457A1 (en) Determining an organizational level network topology

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination