CN116032807A - Detection method, detection device, electronic equipment and storage medium - Google Patents

Detection method, detection device, electronic equipment and storage medium Download PDF

Info

Publication number
CN116032807A
CN116032807A CN202111249834.2A CN202111249834A CN116032807A CN 116032807 A CN116032807 A CN 116032807A CN 202111249834 A CN202111249834 A CN 202111249834A CN 116032807 A CN116032807 A CN 116032807A
Authority
CN
China
Prior art keywords
data packets
probe
data packet
target
detection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111249834.2A
Other languages
Chinese (zh)
Inventor
何东标
曾英宇
林国强
曹飞
陈晓帆
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sangfor Technologies Co Ltd
Original Assignee
Sangfor Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sangfor Technologies Co Ltd filed Critical Sangfor Technologies Co Ltd
Priority to CN202111249834.2A priority Critical patent/CN116032807A/en
Publication of CN116032807A publication Critical patent/CN116032807A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The application discloses a detection method, a detection device, electronic equipment and a storage medium, wherein the detection method comprises the following steps: constructing a plurality of probe data packets corresponding to a plurality of transmission protocols; transmitting the plurality of detection data packets to a receiving end; receiving target data packets corresponding to the detection data packets sent by a receiving end; determining a detection result of the target line based on the target data packet; the target line is a network line between the transmitting end and the receiving end.

Description

Detection method, detection device, electronic equipment and storage medium
Technical Field
The embodiment of the application relates to the field of communication, in particular to a detection method, a detection device, electronic equipment and a storage medium.
Background
The client site and the site, such as the client and the server, can perform mutual access and intercommunication by constructing a tunnel, however, the internet state between the sites is completely a black box for the communication equipment (such as virtual private network (VPN, virtual Private Network) equipment) of the sites, and the state and the visibility of the network are completely still under network detection. Accordingly, there is a need to provide an efficient method of detecting network conditions between stations.
Disclosure of Invention
In order to solve the technical problems, the embodiments of the present application provide a detection method, a detection device, an electronic device, and a storage medium.
The embodiment of the application provides a detection method, which is applied to a transmitting end and comprises the following steps:
constructing a plurality of probe data packets corresponding to a plurality of transmission protocols;
transmitting the plurality of detection data packets to a receiving end;
receiving target data packets corresponding to the detection data packets sent by a receiving end;
determining a detection result of the target line based on the target data packet; the target line is a network line between the transmitting end and the receiving end.
In an optional embodiment of the present application, the constructing a plurality of probe packets corresponding to a plurality of transmission protocols includes:
for each of the plurality of transport protocols, constructing a plurality of probe packets having different byte numbers.
In an optional embodiment of the present application, the constructing a plurality of probe packets corresponding to a plurality of transmission protocols includes:
constructing a plurality of probe data packets with the same five-tuple for each of the plurality of transmission protocols; and/or the number of the groups of groups,
For each of the plurality of transport protocols, a plurality of probe packets having different quintuples are constructed.
In an optional embodiment of the present application, the transmitting end filters the plurality of probe data packets by using a BPF when transmitting the plurality of probe data packets, and filters the target data packets by using the BPF when receiving the target data packets.
In an optional embodiment of the present application, the determining, based on the target data packet, a detection result of the target line includes:
for each of the multiple transmission protocols, determining the time delay and the packet loss rate of a target line under the transmission protocol based on a received target data packet corresponding to a plurality of detection data packets corresponding to the transmission protocol;
and determining a flow management strategy of the target line under the transmission protocol based on the time delay and the packet loss rate.
In an optional embodiment of the present application, the sending the plurality of probe packets to the receiving end includes:
transmitting the plurality of probe data packets to a receiving end according to a first rule, wherein the first rule is used for indicating the transmission time and the transmission times of each probe data packet in the plurality of probe data packets and the time length for receiving a target data packet corresponding to each probe data packet;
Correspondingly, the determining the detection result of the target line based on the target data packet includes:
and determining a detection result of the target line based on the target data packet under the condition that the first rule is satisfied.
In an optional embodiment of the present application, the sending the plurality of probe packets to the receiving end includes:
transmitting the plurality of detection data packets to a receiving end according to a second rule; the second rule is used for indicating a time period for the sending end to send the plurality of detection data packets; the second rule includes a plurality of time periods;
correspondingly, the determining the detection result of the target line based on the target data packet includes:
and determining traffic management strategies of the target line in different time periods based on the target data packets received in the time periods.
In an optional embodiment of the present application, the sending the plurality of probe data packets to the receiving end includes:
transmitting the detection data packet in the sliding window;
and if the sliding window moving instruction fed back by the receiving end is received, moving the sliding window, and sending a new added detection data packet in the moving sliding window.
In an optional implementation manner of the present application, the target line is specifically a VPN tunnel;
Accordingly, after the step of determining the detection result of the target line based on the target data packet, the method further includes:
and converting the construction protocol of the VPN tunnel based on the detection result.
The embodiment of the application also provides a detection device, which is applied to a transmitting end and comprises:
a construction unit for constructing a plurality of probe data packets corresponding to a plurality of transmission protocols;
a transmitting unit, configured to transmit the plurality of probe data packets to a receiving end;
the receiving unit is used for receiving target data packets corresponding to the plurality of detection data packets sent by the receiving end;
a determining unit, configured to determine a detection result of the target line based on the target data packet; the target line is a network line between the transmitting end and the receiving end.
In an alternative embodiment of the present application, the construction unit is specifically configured to: for each of the plurality of transport protocols, constructing a plurality of probe packets having different byte numbers.
In an alternative embodiment of the present application, the construction unit is specifically configured to: constructing a plurality of probe data packets with the same five-tuple for each of the plurality of transmission protocols; and/or constructing a plurality of probe data packets having different five-tuple for each of the plurality of transmission protocols.
In an optional embodiment of the present application, the transmitting end filters the plurality of probe data packets by using a BPF when transmitting the plurality of probe data packets, and filters the target data packets by using the BPF when receiving the target data packets.
In an optional embodiment of the present application, the determining unit is specifically configured to: for each of the multiple transmission protocols, determining the time delay and the packet loss rate of a target line under the transmission protocol based on a received target data packet corresponding to a plurality of detection data packets corresponding to the transmission protocol; and determining a flow management strategy of the target line under the transmission protocol based on the time delay and the packet loss rate.
In an optional embodiment of the present application, the sending unit is specifically configured to: transmitting the plurality of probe data packets to a receiving end according to a first rule, wherein the first rule is used for indicating the transmission time and the transmission times of each probe data packet in the plurality of probe data packets and the time length for receiving a target data packet corresponding to each probe data packet;
correspondingly, the determining unit is specifically configured to: and determining a detection result of the target line based on the target data packet under the condition that the first rule is satisfied.
In an optional embodiment of the present application, the sending unit is specifically configured to: transmitting the plurality of detection data packets to a receiving end according to a second rule; the second rule is used for indicating a time period for the sending end to send the plurality of detection data packets; the second rule includes a plurality of time periods;
correspondingly, the determining unit is specifically configured to: and determining traffic management strategies of the target line in different time periods based on the target data packets received in the time periods.
In an optional embodiment of the present application, the sending unit is specifically configured to: transmitting the detection data packet in the sliding window; and if the sliding window moving instruction fed back by the receiving end is received, moving the sliding window, and sending a new added detection data packet in the moving sliding window.
In an optional implementation manner of the present application, the target line is specifically a VPN tunnel; after the determining unit determines the detection result of the target line based on the target data packet, the apparatus further includes:
and the conversion unit is used for converting the construction protocol of the VPN tunnel based on the detection result.
The embodiment of the application also provides electronic equipment, which comprises: the detection method comprises a memory and a processor, wherein the memory stores computer executable instructions, and the processor can realize the detection method according to the embodiment when executing the computer executable instructions on the memory.
The embodiment of the application also provides a computer storage medium, and executable instructions are stored on the storage medium, and when the executable instructions are executed by a processor, the detection method of the embodiment is realized.
According to the technical scheme, a transmitting end constructs a plurality of detection data packets corresponding to a plurality of transmission protocols; transmitting the plurality of detection data packets to a receiving end; receiving target data packets corresponding to the detection data packets sent by a receiving end; determining a detection result of the target line based on the target data packet; the target line is a network line between the transmitting end and the receiving end. Therefore, the network transmission quality between the detection sending end and the receiving end aiming at a plurality of different transmission protocols can be detected at the same time, so that the flow control behavior and the blocking behavior of an operator can be presumed to a certain extent, and a proper tunnel transmission mode is selected between the sending end and the receiving end according to the presumed result, so that the service is kept stable continuously.
Drawings
FIG. 1 is a block diagram of a detection system according to an embodiment of the present disclosure;
fig. 2 is a schematic flow chart of a detection method according to an embodiment of the present application;
Fig. 3 is a diagram of a data packet timeout retransmission process according to an embodiment of the present application;
fig. 4 is a schematic diagram of data packet transceiving in a probing process according to an embodiment of the present application;
fig. 5 is a schematic diagram of a packet loss statistical manner based on a sliding window according to an embodiment of the present application;
fig. 6 is a flowchart of a TCP protocol connection management provided in an embodiment of the present application;
fig. 7 is a schematic structural diagram of a detection device according to an embodiment of the present application;
fig. 8 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
For a more complete understanding of the features and technical content of the embodiments of the present application, reference should be made to the following detailed description of the embodiments of the present application, taken in conjunction with the accompanying drawings, which are for purposes of illustration only and not intended to limit the embodiments of the present application.
The following is an explanation of key terms related to the embodiments of the present application:
user datagram protocol (UDP, user Datagram Protocol), a transport layer communication protocol, provides a method for applications to send encapsulated internet protocol (IP, internet Protocol) packets without establishing a connection.
Transmission control protocol (TCP, transmission Control Protocol), a connection-oriented, reliable, byte stream based transport layer communication protocol.
The encapsulating security payload (ESP, encapsulate Security Payload), a protocol of the internet security protocol (IPSec, internet Protocol Security), is defined in RFC2406 for providing confidentiality and anti-replay services for IP, including confidentiality of packet content and limited traffic confidentiality.
And a virtual private network, which establishes a private network on a public network to carry out encryption communication. The VPN gateway has wide application in enterprise networks, and realizes remote access through encryption of data packets and conversion of destination addresses of the data packets.
The berkeley packet filter (BPF, berkeley Packet Filter) is an original interface of the data link layer on the Unix-like system, and provides the transceiving of the original link layer packets.
An internet service provider (ISP, internet Service Provider), abbreviated as operator, refers to an operator facing the public to provide the following information services: firstly, accessing service, namely helping a user access to the Internet; secondly, navigation service, namely helping users find the required information on the Internet; and thirdly, information service, namely, establishing a data service system, collecting, processing and storing information, periodically maintaining and updating, and providing information content service for users through a network.
The embodiment of the application firstly provides a detection method, namely an internet packet explorer (ping, packet pnternet groper) and a path detection (traceroute) for quality detection in the prior art. For the conventional scheme, the scheme has the following disadvantages:
(1) The transmission protocol is fixed, and the user data behavior cannot be flexibly simulated;
(2) The case of a long and short connection cannot be detected.
The conventional scheme can only detect the network line by adopting the data packet of the constructed tunneling mode/protocol, and cannot completely reflect the quality of the network line. For example, if the current tunnel is established in UDP mode, the conventional scheme can only detect the quality of the line for the UDP protocol, but cannot know the transmission quality for the TCP and ESP protocols on the network line.
Based on the above scheme, the embodiment of the application further provides a detection method in the following embodiment, which can support multi-branch access, and through flexibly changing the encapsulation protocol of the data packet, changing the size and the port of the data packet, and the like, not only can the transmission quality of a network line between a sending end and a receiving end aiming at various transmission protocols be detected, but also the connectivity of long and short connections between the sending end and the receiving end can be tested, the transmission quality of the network line can be comprehensively and carefully detected, and a basis is provided for selecting an optimal transmission mode between the sending end and the receiving end. In this embodiment of the present application, for VPN tunnel quality detection, if it is detected that a certain protocol, such as UDP, has relatively good transmission quality, and when the VPN tunnel is a non-UDP protocol, the protocol used for constructing the VPN tunnel may be converted, and of course, if the VPN tunnel is a UDP protocol, no protocol conversion may be required.
The technical scheme of the embodiment of the application aims at detecting the overall performance of the internet line and carrying out complete deduction on the behavior of an operator, and mainly comprises the following aspects:
(1) Simulating tunnel behavior; the simulated tunnel behavior mainly comprises: a. simulating different transmission protocols; constructing data packets based on different transmission protocols, and sending and receiving the data packets, and determining the transmission quality of a network line between a sending end and a receiving end for each transmission protocol; b. constructing data packets with different sizes; different network flows between a sending end and a receiving end are simulated by constructing data packets with different sizes, and the transmission quality of a network circuit to the network flows with different sizes is determined; c. establishing long connection and short connection; and determining the connectivity of the long connection and the short connection of the network line between the sending end and the receiving end by changing the port numbers of the sending end and/or the receiving end.
(2) And sending a detection data packet to detect.
(3) And (5) detecting result statistics and feedback.
Fig. 1 is a schematic diagram of a detection system provided in an embodiment of the present application, as shown in fig. 1, where a detection method in an embodiment of the present application is based on a sending end-server architecture design, and a sending end may be understood as a sending site or a branch device, generally a client; the receiving end is understood to mean a receiving station or headquarter device, typically a server. In fig. 1, a transmitting end mainly transmits a detection data packet and performs statistical analysis on detection results; the receiving end mainly receives the received detection data packet and sends the target data packet to the sending end.
The client is usually installed in a branch device and is responsible for actively initiating probing, and the server is usually installed in a headquarter device and is responsible for passively responding to the request of the client. As a preferred way, considering that the server side supports the requirement of high concurrency of the client side, the overall logic of the server side is biased to be simple, the main function is to respond to the request of the client side and return corresponding data packets, and the main management logic is completed at the client side.
Table 1 presents the roles of some of the modules in the architecture shown in fig. 1.
Table 1 description of the detection System architecture Module
Figure BDA0003322263170000081
Next, a technical solution of the embodiment of the present application will be described with reference to a probe architecture diagram shown in fig. 1. Fig. 2 is a schematic flow chart of a detection method provided in an embodiment of the present application, as shown in fig. 2, where the method is applied to a transmitting end, and the method includes the following steps:
step 201: a plurality of probe packets corresponding to a plurality of transport protocols are constructed.
In this embodiment of the present application, before a sending end constructs a probe packet, configuration information of a probe line is first read in from the configuration management module, where the configuration information includes IP address information of a receiving end.
In this embodiment of the present application, the client may simulate a plurality of probe packets corresponding to a plurality of transmission protocols by creating an original socket, where, for each transmission protocol, the number of constructed probe packets may be a plurality.
In this embodiment of the present application, specific protocols related to multiple transmission protocols are not specifically limited, and are specifically selected according to the detection requirement of the user, for example, the transmission protocols may be UDP protocol, TCP protocol, ESP protocol, or a protocol customized by the user according to the requirement.
In an optional embodiment of the present application, the step 201 specifically includes:
for each of the plurality of transport protocols, constructing a plurality of probe packets having different byte numbers.
In this embodiment of the present application, a plurality of detection packets with different byte numbers are configured to detect transmission conditions of network lines for different types of application traffic, for example, in this embodiment of the present application, line detection is performed using detection packets with fewer bytes, so that transmission quality of lines for text web page data can be determined, line detection is performed using detection packets with more byte numbers, and transmission quality of lines for video application data and game application data can be determined.
In an optional embodiment of the present application, step 201 may further specifically include:
constructing a plurality of probe data packets with the same quintuple for each of the plurality of transmission protocols, where the quintuple is: source port, source IP, destination port, destination IP, and transport layer protocol type. By constructing probe packets with the same five-tuple, connectivity of the network link to long connections can be probed. The long connection means: the five-tuple of the probe packet remains unchanged for a long time.
And/or
And constructing a plurality of detection data packets of different quintuples for each of the plurality of transmission protocols, thereby detecting connectivity of the network link to the short connection. Wherein the meanings of the different five-tuple are as follows: at least one of the five-tuple information is different.
For operators, long connections may be regarded as malicious traffic, blocking, and slow cards, so connectivity of long and short connections may be detected by the features described herein.
According to the technical scheme, connectivity of long and short connection of the line can be tested by defining the five-tuple in the data packet when the data packet is constructed. The connectivity of the line to the long connection can be tested by constructing a plurality of detection data packets with the same five-tuple, and the connectivity of the line to the short connection can be tested by constructing a plurality of detection data packets with different five-tuple.
Step 202: and transmitting the plurality of detection data packets to a receiving end.
In an optional embodiment of the present application, the transmitting end filters the plurality of probe data packets by using a BPF when transmitting the plurality of probe data packets, and filters the target data packets by using the BPF when receiving the target data packets.
In the embodiment of the application, the client can efficiently send the detection data packet and receive the target data packet by adopting a packet filtering scheme based on a high-performance berkeley packet filter (BPF, berkeley Packet Filter), so that statistics of detection results is efficiently performed based on the sent detection data packet and the received target data packet.
In an alternative embodiment of the present application, the filtering manner of the data packet may also use application layer data packet filtering, and on the other hand, in the high-version kernel, the eBPF may be used to directly return the detection result, without filtering the data packet to the application layer.
For application layer packet filtering, also referred to as application layer packet filtering (ASPF, application Specific Packet Filter), application layer packet filtering, i.e. state detection based packet filtering, also referred to as state firewall, maintains the state of each connection and examines the data of the application layer protocol to determine if the packet is allowed to pass. It works in conjunction with a common static firewall to facilitate security policies for the internal network. The ASPF is able to detect application layer protocol session information attempting to pass through the firewall, preventing the passage of non-conforming data messages.
For eBPF, eBPF is an abbreviation of extended BPF, and extended BPFeBPF is a brand new design introduced in kernel 3.15, and the original BPF is developed into a kernel virtual machine with more complex instruction set and wider application range. By "appending" the eBPF program to a specified code path in the kernel, all appended eBPF programs will be executed as the code path is traversed. The network program can be written by using the eBPF, the flow can be filtered by writing the program attached to the network socket, the flow is classified, and the network classifier operation is operated.
In an alternative embodiment of the present application, the above step 202 may be specifically implemented by:
and transmitting the plurality of detection data packets to a receiving end according to a first rule, wherein the first rule is used for indicating the transmission time and the transmission times of each detection data packet in the plurality of detection data packets and the time length for receiving the target data packet corresponding to each detection data packet.
In this embodiment, the time period for receiving the target data packet corresponding to each probe data packet is defined as a time threshold, where the time threshold is understood to be a time interval between the time of transmitting the probe data packet and the time of receiving the target data packet corresponding to the probe data packet, beyond which the retransmission of the probe data packet is considered to be required, or the line between the transmitting end and the receiving end is considered to be interrupted.
In this embodiment of the present application, since the first rule specifies the transmission time, the number of transmission times, and the time duration of receiving the target data packet corresponding to each of the plurality of data packets, the timing management module in fig. 1 may be used to set and manage, based on the first rule, the packet transmission interval (determined according to the transmission time of each of the plurality of probe data packets) of each of the plurality of probe data packets, the timeout retransmission time interval (determined according to the time duration of receiving the target data packet corresponding to the probe data packet, i.e., the time threshold) of each of the plurality of probe data packets, and the timeout retransmission time (determined according to the number of transmission times in the first rule).
In this embodiment of the present application, the timeout retransmission Time of each probe packet may be a Time value considered to be preset, or may be a Time value calculated by using an adaptive algorithm, where the Time value may be changed according to a real-Time transmission condition, for example, a Round Trip Time (RTT) of a packet obtained by each measurement is used to calculate a weighted average Round Trip Time, and a Time value slightly greater than the weighted average Round Trip Time is used as the timeout retransmission Time.
Fig. 3 is a diagram of a process of timeout retransmission of a probe packet according to an embodiment of the present application, where, for each probe packet corresponding to each transmission protocol, timeout retransmission of the probe packet is performed according to steps 301 to 305 shown in fig. 3.
By sending the detection data packets according to the first rule, after each detection data packet is sent, the sending end can be triggered to count the detection result of the detection packet, so that the detection result is prevented from being counted when the detection flow corresponding to the detection packet is not processed (if the overtime retransmission times are not reached and the receiving time of the target data packet is not reached), and error of the counting result is caused.
It can be understood that the statistical detection result in the embodiment of the present application includes the time-out retransmission times and the time-out retransmission times of each detection data packet.
In an alternative embodiment of the present application, the above step 202 may be further specifically performed as follows:
transmitting the plurality of detection data packets to a receiving end according to a second rule; the second rule is used for indicating a time period for the sending end to send the plurality of detection data packets; the second rule includes a plurality of time periods;
in this embodiment of the present application, the sending of the plurality of probe data packets is performed according to the second rule, and the time period for sending the plurality of probe data packets is mainly set in combination with the timing management module in fig. 1 of the sending end. It will be appreciated that the transmission quality of the network lines may be different during different time periods, for example, during early morning time periods, the network lines may have good transmission quality for any one of the transmission protocols, and also for data packets of different sizes. In the evening, the network line may only be able to have a good transmission quality for one of the multiple transmission protocols.
According to the technical scheme, the selection of the transmission time period of the detection data packet can be performed by using the selection function, namely the selection of the detection period is performed, so that the transmission quality of the network line in different time periods can be detected.
Step 203: and receiving target data packets corresponding to the plurality of detection data packets sent by the receiving end.
In this embodiment of the present application, the receiving end mainly sends, after receiving each probe packet sent by the sending end, a target packet corresponding to each probe packet to the sending end. When the receiving end wants to send the target data packet back, the receiving end can also add the uplink detection result of the target line into the target data packet.
In this embodiment of the present application, the uplink probing process is specifically a process of sending a probing data packet from a sending end to a receiving end, where the receiving end receives the probing data packet sent by the sending end, and the uplink probing result is a data transmission condition in the uplink probing process, such as an uplink transmission time of a data packet, a packet loss rate in the uplink transmission process of the data packet, and so on. The receiving end adds the uplink detection result into the target data packet and then sends the target data packet to the sending end, so that the sending end can obtain the uplink detection information (the uplink detection result can be calculated by the sending end of course), and then the sending end determines the downlink detection information by combining the received target data packet, so that the uplink detection information and the downlink detection information which complete one-time detection process can be obtained. In addition, the transmitting end can directly transmit the uplink detection information and the downlink detection information to the central server, so that the receiving end can be prevented from independently transmitting the uplink detection information to the central server, and the transmitting number of data packets in the counting process of the detection result is reduced.
In this embodiment of the present application, the target data packet returned by the receiving end may be a echo sounding data packet or an acknowledgement data packet. For the back display detection data packet, specifically, after the receiving end receives the detection data packet, other data in the detection data packet is kept unchanged, the source address and the target address of the detection data packet are modified (namely, the target address of the detection data packet is modified to be a transmitting end address, and the source address of the detection data packet is modified to be a receiving end address), then the target data packet is obtained, and the target data packet is transmitted from the receiving end to the transmitting end. For the acknowledgement data packet, specifically, after the receiving end receives the probe data packet, a notification message for notifying the sending end that the receiving end has received the probe data packet is sent to the sending end. In an alternative embodiment of the present application, the manner of sending and receiving the data packet may also be directly driven to receive the data packet, and the data packet is completely completed through a driver, which may, of course, also be completed by using a pure application layer.
Step 204: determining a detection result of the target line based on the target data packet; the target line is a network line between the transmitting end and the receiving end.
In this embodiment of the present application, the target line is specifically a VPN tunnel, and after determining a detection result of the target line based on the target data packet, the sending end may convert a construction protocol of the VPN tunnel based on the detection result.
Specifically, in an optional embodiment of the present application, the step 204 specifically includes:
for each of the multiple transmission protocols, determining network parameters such as time delay, packet loss rate and the like of a target line under the transmission protocol based on a received target data packet corresponding to a plurality of detection data packets corresponding to the transmission protocol;
based on the network parameters such as time delay and packet loss rate, the traffic management policy of the target line to the transmission protocol (for example, the traffic management policy of the network operator to the protocol) can be determined, so as to make a basis for the subsequent protocol selection. For example, if the transmission quality of the UDP protocol is found to be the best after the detection, the UDP protocol may be used for data transmission when the data is actually transmitted subsequently.
In an optional embodiment of the present application, the transmitting end sends the plurality of detection data packets to the receiving end by using an interactive window mechanism, and a specific manner of sending the plurality of detection data packets is as follows:
Transmitting the detection data packet in the sliding window;
and if the sliding window moving instruction fed back by the receiving end is received, moving the sliding window, and sending a new added detection data packet in the moving sliding window.
Fig. 4 is a schematic diagram of data packet transceiving in a specific probing process according to an embodiment of the present application. As shown in fig. 4, the transmitting end mainly detects the transmission delay and the packet loss rate of the UDP, ESP and TCP protocols by transmitting the detection data packet.
In an alternative embodiment of the present application, the transmission delay of the data packet may be directly obtained by using the Round Trip delay (RTT) of the data packet, and the packet loss condition is counted by using a sliding window manner shown in fig. 5. The following describes the manner in which the packet loss rate is counted in the sliding window shown in fig. 5.
For the sliding window mechanism, specifically, a transmitting window is set at a transmitting end, and a receiving window is set at a receiving end, as shown in fig. 5, the transmitting window and the receiving window with the number of windows being 16 can be set at the transmitting end and the receiving end, when the transmitting end is utilized to transmit the detection data packets to the receiving end, 5 detection data packets are divided into a group, for the 1 st to 5 th data packets transmitted, the transmitting end changes the value of the corresponding transmitting window from 1 to 0 after transmitting the 5 th data packets to the receiving end, and the single-ended transmission end changes the value of the corresponding window from 0 to 1 after receiving the target data packets corresponding to one or more detection data packets in the 1 st to 5 th detection data packets. So far, the transmitting end can calculate the packet loss rate of the first 5 transmitted data packets. In addition, based on a sliding window mechanism, after the sending end sends the 1 st to 5 th data packets to the receiving end, the receiving end judges that the sending end can further receive the 6 th to 15 th data packets and feeds back the information to the sending end, after the sending end receives the information, the sending end moves the sending window to the right by 5 windows and continues to send the 6 th to 10 th data packets, when the sending end sends the 6 th to 10 th data packets, the sending end only needs to confirm that the receiving end further has a receiving space (namely whether the receiving window still exists or not), whether the sending end has received the confirmation information of the first 1 st to 5 data packets fed back by the receiving end is not needed, after the sending end sends the 6 th to 10 th data packets, the value of the corresponding sending window is changed from 1 to 0, and after receiving the target data packet corresponding to one or more of the 6 th to 10 detection data packets, the value of the corresponding sending window is changed from 0 to 1. So far, the transmitting end can calculate the packet loss rate of the first 10 transmitted data packets. For the 11 th to 15 th data packets, the sending end can also send the 11 th to 15 th data packets under the condition that the acknowledgement information of the first 1 st to 10 th data packets fed back by the receiving end is not received and the receiving end is determined to have a residual receiving window, and determine the packet loss rate of the 1 st to 15 th data packets based on the receiving condition of the target data packets corresponding to the 11 th to 15 th detection data packets.
In the embodiment of the present application, the packet loss condition of the data packet in the current window is counted by using a sliding window mechanism, and with the movement of the sliding window, the arrival of each data packet can be calculated, without waiting for the calculation of the packet loss value after the whole group of data packets are fully received. In addition, the receiving capability of the receiving end to the detection data packet can be determined by utilizing a sliding window mechanism, when the receiving end does not have a residual receiving window, the sending end temporarily stops sending the data packet, and after the sending end confirms that the receiving end has received the detection data packet, namely, when the receiving end determines that the receiving end has the residual receiving window, the sending end sends the subsequent detection data packet, thereby being beneficial to lengthening the packet sending interval, reducing the cost in the detection aspect, avoiding the influence of the network link on the detection result, being influenced by the receiving end and avoiding inaccurate detection result.
In an optional embodiment of the present application, when the transmitting end transmits the plurality of probe data packets to the receiving end according to the first rule, the step 204 specifically includes:
and determining a detection result of the target line based on the target data packet under the condition that the first rule is satisfied.
Specifically, since the first rule is used to indicate the sending time, the sending times and the time length of receiving the target data packet corresponding to each of the plurality of probe data packets. When the transmitting end transmits the detection data packet and receives the target data packet, the hash table can be used for managing each detection connection, the key words in the hash table are used for recording the IP address pair information between the transmitting end and the receiving end, the value information in the hash table is used for recording the information such as the transmission time, retransmission times, receiving time and the like of the detection data packet related to the target line, and the transmission delay and the packet loss rate corresponding to each data packet are counted based on the information.
For the transmission delay, the transmitting end may determine that the transmission delay of the probe data packet is t2-t1 according to the recorded transmission time t1 of the probe data packet and the receiving time t2 of the target data packet corresponding to the probe data packet; for the packet loss rate, the determination may be performed according to the sliding window method shown in fig. 5.
Based on the recorded and counted protocols, the detection result of the target line for each transmission protocol can be counted. According to the detection result, the flow control behavior and the blocking behavior of the operator can be presumed to a certain extent, so that a proper VPN tunnel establishment protocol can be constructed under the VPN scene, and the service is ensured to be continuous and stable.
In an optional embodiment of the present application, when the transmitting end sends the plurality of probe data packets to the receiving end according to the second rule, the step 204 specifically includes:
and determining traffic management strategies of the target line in different time periods based on the target data packets received in the time periods. Specifically, since the second rule is used to instruct the sending end to send the time periods of the plurality of probe data packets. By detecting the target line in different time periods, the transmission quality of the network line in different time periods can be detected.
It should be noted that, for detecting a target line under the TCP protocol, in order to avoid blocking a TCP packet, a connection needs to be established through a three-way handshake before TCP detection; and creating a sub-thread based on the constructed hash table after the three-way handshake to perform packet sending detection. The specific process is performed sequentially according to steps 601 to 604 in fig. 6. In addition, for probing a target line under the TCP protocol, when a probe packet is retransmitted over time, a packet to be retransmitted includes a syn packet (a packet to be transmitted for establishing a TCP connection, capable of confirming whether or not a TCP connection is successfully established between a transmitting end and a receiving end) and a probe packet (each probe packet to be transmitted can be ensured to reach the receiving end). The method and the device can add the retransmission event into the timing management module of the transmitting end, count the confirmation time of the data packet of the type, and if the confirmation data packet is not obtained at a certain time interval, the data packet needs to be retransmitted and the next overtime time is recalculated.
According to the technical scheme, the construction conditions of the data packet can be flexibly changed, the packaging protocol of the data packet is changed, the size, the port and the like of the data packet are changed, the transmission quality of a network line between a sending end and a receiving end aiming at various transmission protocols can be detected, the connectivity of long and short connections between the sending end and the receiving end can be tested, the transmission quality of the network line is comprehensively and carefully detected, and a basis is provided for selecting an optimal transmission mode between the sending end and the receiving end. The embodiment of the application can be used for carrying out certain speculation on the flow control behavior and the blocking behavior of the operator, and selecting a proper tunneling mode between the sending end and the receiving end according to the speculation result, so as to keep the service stable continuously.
Fig. 7 is a schematic structural diagram of a detection device 700 provided in an embodiment of the present application, where the detection device 700 is applied to a receiving end, as shown in fig. 7, and the detection device 700 includes:
a constructing unit 701, configured to construct a plurality of probe packets corresponding to a plurality of transmission protocols;
a transmitting unit 702, configured to transmit the plurality of probe data packets to a receiving end;
a receiving unit 703, configured to receive a target data packet corresponding to the plurality of probe data packets sent by a receiving end;
A determining unit 704, configured to determine a detection result of the target line based on the target data packet; the target line is a network line between the transmitting end and the receiving end.
In an optional embodiment of the present application, the construction unit 701 is specifically configured to: for each of the plurality of transport protocols, constructing a plurality of probe packets having different byte numbers.
In an optional embodiment of the present application, the construction unit 701 is specifically configured to: constructing a plurality of probe data packets with the same five-tuple for each of the plurality of transmission protocols; and/or constructing a plurality of probe data packets having different five-tuple for each of the plurality of transmission protocols.
In an optional embodiment of the present application, the transmitting end filters the plurality of probe data packets by using a BPF when transmitting the plurality of probe data packets, and filters the target data packets by using the BPF when receiving the target data packets.
In an optional embodiment of the present application, the determining unit 704 is specifically configured to: for each of the multiple transmission protocols, determining the time delay and the packet loss rate of a target line under the transmission protocol based on a received target data packet corresponding to a plurality of detection data packets corresponding to the transmission protocol; and determining a flow management strategy of the target line under the transmission protocol based on the time delay and the packet loss rate.
In an optional embodiment of the present application, the sending unit 702 is specifically configured to: transmitting the plurality of probe data packets to a receiving end according to a first rule, wherein the first rule is used for indicating the transmission time and the transmission times of each probe data packet in the plurality of probe data packets and the time length for receiving a target data packet corresponding to each probe data packet;
accordingly, the determining unit 704 is specifically configured to: and determining a detection result of the target line based on the target data packet under the condition that the first rule is satisfied.
In an optional embodiment of the present application, the sending unit 702 is specifically configured to: transmitting the plurality of detection data packets to a receiving end according to a second rule; the second rule is used for indicating a time period for the sending end to send the plurality of detection data packets; the second rule includes a plurality of time periods;
accordingly, the determining unit 704 is specifically configured to: and determining traffic management strategies of the target line in different time periods based on the target data packets received in the time periods.
In an optional embodiment of the present application, the sending unit 702 is specifically configured to: transmitting the detection data packet in the sliding window; and if the sliding window moving instruction fed back by the receiving end is received, moving the sliding window, and sending a new added detection data packet in the moving sliding window.
In an optional implementation manner of the present application, the target line is specifically a VPN tunnel; after the determining unit 704 determines the detection result of the target line based on the target data packet, the apparatus further includes:
and a conversion unit 705, configured to convert, based on the detection result, a construction protocol of the VPN tunnel.
It will be appreciated by those skilled in the art that the function of each unit in the detection apparatus shown in fig. 7 can be understood with reference to the description of the detection method described above. The functions of the units in the detecting device shown in fig. 7 may be implemented by a program running on a processor, or may be implemented by a specific logic circuit.
The embodiment of the application also provides electronic equipment. Fig. 8 is a schematic hardware structure of an electronic device according to an embodiment of the present application, as shown in fig. 8, where the electronic device includes: a communication component 803 for data transmission, at least one processor 801 and a memory 802 for storing a computer program capable of running on the processor 801. The various components in the terminals are coupled together by a bus system 804. It is to be appreciated that the bus system 804 is employed to enable connected communications between these components. The bus system 804 includes a power bus, a control bus, and a status signal bus in addition to a data bus. But for clarity of illustration the various buses are labeled as bus system 804 in fig. 8.
Wherein the processor 801, when executing the computer program, performs at least the steps of the method shown in fig. 1.
It is to be appreciated that memory 802 can be either volatile memory or nonvolatile memory, and can include both volatile and nonvolatile memory. Wherein the nonvolatile Memory may be Read Only Memory (ROM), programmable Read Only Memory (PROM, programmable Read-Only Memory), erasable programmable Read Only Memory (EPROM, erasable Programmable Read-Only Memory), electrically erasable programmable Read Only Memory (EEPROM, electrically Erasable Programmable Read-Only Memory), magnetic random access Memory (FRAM, ferromagnetic random access Memory), flash Memory (Flash Memory), magnetic surface Memory, optical disk, or compact disk Read Only Memory (CD-ROM, compact Disc Read-Only Memory); the magnetic surface memory may be a disk memory or a tape memory. The volatile memory may be random access memory (RAM, random Access Memory), which acts as external cache memory. By way of example, and not limitation, many forms of RAM are available, such as static random access memory (SRAM, static Random Access Memory), synchronous static random access memory (SSRAM, synchronous Static Random Access Memory), dynamic random access memory (DRAM, dynamic Random Access Memory), synchronous dynamic random access memory (SDRAM, synchronous Dynamic Random Access Memory), double data rate synchronous dynamic random access memory (ddr SDRAM, double Data Rate Synchronous Dynamic Random Access Memory), enhanced synchronous dynamic random access memory (ESDRAM, enhanced Synchronous Dynamic Random Access Memory), synchronous link dynamic random access memory (SLDRAM, syncLink Dynamic Random Access Memory), direct memory bus random access memory (DRRAM, direct Rambus Random Access Memory). The memory 802 described in embodiments of the present application is intended to comprise, without being limited to, these and any other suitable types of memory.
The method disclosed in the embodiments of the present application may be applied to the processor 801 or implemented by the processor 801. The processor 801 may be an integrated circuit chip with signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuitry in hardware in the processor 801 or by instructions in software. The processor 801 may be a general purpose processor, DSP, or other programmable logic device, discrete gate or transistor logic device, discrete hardware components, or the like. The processor 801 may implement or perform the methods, steps, and logic blocks disclosed in embodiments of the present application. The general purpose processor may be a microprocessor or any conventional processor or the like. The steps of the method disclosed in the embodiments of the present application may be directly embodied in a hardware decoding processor or implemented by a combination of hardware and software modules in the decoding processor. The software modules may be located in a storage medium in a memory 802. The processor 801 reads information from the memory 802 and in combination with its hardware performs the steps of the method described above.
In an exemplary embodiment, the electronic device may be implemented by one or more application specific integrated circuits (ASIC, application Specific Integrated Circuit), DSP, programmable logic device (PLD, programmable Logic Device), complex programmable logic device (CPLD, complex Programmable Logic Device), FPGA, general purpose processor, controller, MCU, microprocessor, or other electronic component for performing the aforementioned call recording method.
Embodiments of the present application also provide a computer readable storage medium having a computer program stored thereon, wherein the program is at least for performing the steps of the method shown in fig. 1 when the program is executed by a processor. The computer readable storage medium may be a memory in particular. The memory may be the memory 802 as shown in fig. 8.
The technical solutions described in the embodiments of the present application may be arbitrarily combined without any conflict.
In several embodiments provided in the present application, it should be understood that the disclosed method and intelligent device may be implemented in other manners. The above described device embodiments are only illustrative, e.g. the division of the units is only one logical function division, and there may be other divisions in practice, such as: multiple units or components may be combined or may be integrated into another system, or some features may be omitted, or not performed. In addition, the various components shown or discussed may be coupled or directly coupled or communicatively coupled to each other via some interface, whether indirectly coupled or communicatively coupled to devices or units, whether electrically, mechanically, or otherwise.
The units described as separate units may or may not be physically separate, and units displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units; some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in each embodiment of the present application may be integrated in one second processing unit, or each unit may be separately used as one unit, or two or more units may be integrated in one unit; the integrated units may be implemented in hardware or in hardware plus software functional units.
The foregoing is merely specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily think about changes or substitutions within the technical scope of the present application, and the changes and substitutions are intended to be covered by the scope of the present application.

Claims (12)

1. A method for probing, wherein the method is applied to a transmitting end, and the method comprises:
Constructing a plurality of probe data packets corresponding to a plurality of transmission protocols;
transmitting the plurality of detection data packets to a receiving end;
receiving target data packets corresponding to the detection data packets sent by a receiving end;
determining a detection result of the target line based on the target data packet; the target line is a network line between the transmitting end and the receiving end.
2. The method of claim 1, wherein constructing a plurality of probe packets corresponding to a plurality of transport protocols comprises:
for each of the plurality of transport protocols, constructing a plurality of probe packets having different byte numbers.
3. The method of claim 1, wherein constructing a plurality of probe packets corresponding to a plurality of transport protocols comprises:
constructing a plurality of probe data packets with the same five-tuple for each of the plurality of transmission protocols; and/or the number of the groups of groups,
for each of the plurality of transport protocols, a plurality of probe packets having different quintuples are constructed.
4. A method according to any one of claims 1 to 3, wherein the sender filters the plurality of probe packets using a berkeley packet filter BPF when sending the plurality of probe packets and filters the target packet using the BPF when receiving the target packet.
5. A method according to any one of claims 1 to 3, wherein said determining a probing result for a target line based on said target data packet comprises:
for each of the multiple transmission protocols, determining the time delay and the packet loss rate of a target line under the transmission protocol based on a received target data packet corresponding to a plurality of detection data packets corresponding to the transmission protocol;
and determining a flow management strategy of the target line under the transmission protocol based on the time delay and the packet loss rate.
6. A method according to any one of claim 1 to 3, wherein,
the sending the plurality of probe data packets to a receiving end includes:
transmitting the plurality of probe data packets to a receiving end according to a first rule, wherein the first rule is used for indicating the transmission time and the transmission times of each probe data packet in the plurality of probe data packets and the time length for receiving a target data packet corresponding to each probe data packet;
correspondingly, the determining the detection result of the target line based on the target data packet includes:
and determining a detection result of the target line based on the target data packet under the condition that the first rule is satisfied.
7. A method according to any one of claim 1 to 3, wherein,
the sending the plurality of probe data packets to a receiving end includes:
transmitting the plurality of detection data packets to a receiving end according to a second rule; the second rule is used for indicating a time period for the sending end to send the plurality of detection data packets; the second rule includes a plurality of time periods;
correspondingly, the determining the detection result of the target line based on the target data packet includes:
and determining traffic management strategies of the target line in different time periods based on the target data packets received in the time periods.
8. The method according to any one of claims 1 to 7, wherein the transmitting the plurality of probe packets to a receiving end includes:
transmitting the detection data packet in the sliding window;
and if the sliding window moving instruction fed back by the receiving end is received, moving the sliding window, and sending a new added detection data packet in the moving sliding window.
9. The method according to any one of claims 1 to 7, wherein the target line is in particular a VPN tunnel;
accordingly, after the step of determining the detection result of the target line based on the target data packet, the method further includes:
And converting the construction protocol of the VPN tunnel based on the detection result.
10. A probe apparatus, the apparatus being applied to a transmitting end, the apparatus comprising:
a construction unit for constructing a plurality of probe data packets corresponding to a plurality of transmission protocols;
a transmitting unit, configured to transmit the plurality of probe data packets to a receiving end;
the receiving unit is used for receiving target data packets corresponding to the plurality of detection data packets sent by the receiving end;
a determining unit, configured to determine a detection result of the target line based on the target data packet; the target line is a network line between the transmitting end and the receiving end.
11. An electronic device, the electronic device comprising: a memory having stored thereon computer executable instructions which when executed by a processor perform the method of any of claims 1 to 9.
12. A computer storage medium having stored thereon executable instructions which when executed by a processor implement the method of any of claims 1 to 9.
CN202111249834.2A 2021-10-26 2021-10-26 Detection method, detection device, electronic equipment and storage medium Pending CN116032807A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111249834.2A CN116032807A (en) 2021-10-26 2021-10-26 Detection method, detection device, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111249834.2A CN116032807A (en) 2021-10-26 2021-10-26 Detection method, detection device, electronic equipment and storage medium

Publications (1)

Publication Number Publication Date
CN116032807A true CN116032807A (en) 2023-04-28

Family

ID=86073057

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111249834.2A Pending CN116032807A (en) 2021-10-26 2021-10-26 Detection method, detection device, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN116032807A (en)

Similar Documents

Publication Publication Date Title
US8799504B2 (en) System and method of TCP tunneling
US9049220B2 (en) Systems and methods for detecting and preventing flooding attacks in a network environment
US10085253B2 (en) Methods and apparatus for controlling wireless access points
US7636305B1 (en) Method and apparatus for monitoring network traffic
US20070240209A1 (en) Session persistence on a wireless network
US10355961B2 (en) Network traffic capture analysis
US20080177884A1 (en) Error control terminal discovery and updating
US11677675B2 (en) Method and system for determining a path maximum transmission unit (MTU) between endpoints of a generic routing encapsulation (GRE) tunnel
CN112838966A (en) UDP link monitoring method and system and electronic equipment
EP3525421B1 (en) Data transmission method and apparatus
CN107154917B (en) Data transmission method and server
CN114071544B (en) Network testing method and device and electronic equipment
CN108737413B (en) Data processing method and device of transmission layer and computer readable storage medium
US11252184B2 (en) Anti-attack data transmission method and device
FR2888695A1 (en) DETECTION OF INTRUSION BY MISMATCHING DATA PACKETS IN A TELECOMMUNICATION NETWORK
US9742587B2 (en) Negative acknowledgment of tunneled encapsulated media
Mogildea et al. QUIC over Satellite: Introduction and Performance Measurements
CN116032807A (en) Detection method, detection device, electronic equipment and storage medium
US20130325974A1 (en) Statistics reporting in a network test system
Seggelmann Sctp: Strategies to secure end-to-end communication
CN113067910B (en) NAT traversal method and device, electronic equipment and storage medium
CN112738032B (en) Communication system for preventing IP deception
CN116915653B (en) Method and system for detecting number of devices based on network address conversion
Strihagen Evaluation of publish–subscribe protocols for vehicle communications
Ekman Automobile Control Systems: Transition from Controller Area Networks to Ethernets

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination