TWI591983B - Path State Return Algorithm Based on Centralized Control Plane - Google Patents

Path State Return Algorithm Based on Centralized Control Plane Download PDF

Info

Publication number
TWI591983B
TWI591983B TW104136424A TW104136424A TWI591983B TW I591983 B TWI591983 B TW I591983B TW 104136424 A TW104136424 A TW 104136424A TW 104136424 A TW104136424 A TW 104136424A TW I591983 B TWI591983 B TW I591983B
Authority
TW
Taiwan
Prior art keywords
packet
path
switch
detection
network
Prior art date
Application number
TW104136424A
Other languages
Chinese (zh)
Other versions
TW201717582A (en
Inventor
yu-huang Zhu
hao-ran Xu
Yuan-Liang Lan
jing-li Liu
Original Assignee
Chunghwa Telecom Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chunghwa Telecom Co Ltd filed Critical Chunghwa Telecom Co Ltd
Priority to TW104136424A priority Critical patent/TWI591983B/en
Priority to JP2016206949A priority patent/JP6591950B2/en
Priority to CN201610939349.0A priority patent/CN107070673B/en
Publication of TW201717582A publication Critical patent/TW201717582A/en
Application granted granted Critical
Publication of TWI591983B publication Critical patent/TWI591983B/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0654Management of faults, events, alarms or notifications using network fault recovery
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0805Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
    • H04L43/0817Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking functioning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/28Routing or path finding of packets in data switching networks using route fault recovery
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/70Routing based on monitoring results

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Environmental & Geological Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Description

基於集中式控制平面的路徑狀態回報演算法 Path state return algorithm based on centralized control plane

本發明係有關一種路徑狀態回報演算法,尤指一種符合成本效益,著重於與其他網路管理應用程式與網路元件的相容,能在不影響其他應用程式的前提下與其結合,組成更完善的檢測工具,或是作為網路自我優化之用,並且採用集中式的控制平面路徑狀態回報演算機制,能夠追蹤資料流所流經的實際路徑,對網路管理者及網管應用程式提供更有效率地分析與排除障礙能力,有效減少了CAPEX(Capital Expenditure_資本性支出)和OPEX(Operating Expenditure_營運性支出)的基於集中式控制平面的路徑狀態回報演算法。 The present invention relates to a path state reward algorithm, especially a cost-effective one, which is compatible with other network management applications and network components, and can be combined with other applications without affecting other applications. Complete detection tools, or as a network self-optimization, and a centralized control plane path state return calculation mechanism, able to track the actual path through which the data stream flows, providing more network administrators and network management applications. Efficient analysis and removal of obstacles, effectively reducing the CAPEX (Capital Expenditure) and OPEX (Operating Expenditure_Operating Expenditure) based on the centralized control plane path state return algorithm.

在傳統網路當中,交換器與路由器除了需要轉發封包,亦需要了解網路拓樸,並決定將資料流的封包傳遞到目的地所需經過的路徑。如圖1傳統網路架構圖所示,負責決定路由規則的控制平面11分散在各個交換器與路由器中,網路管理者13若需要自訂路由規則,則必須連入各網路元件中分別設定。 In traditional networks, in addition to forwarding packets, switches and routers need to understand the network topology and decide the path through which packets of the data stream are passed to the destination. As shown in the traditional network architecture diagram of Figure 1, the control plane 11 responsible for determining the routing rules is dispersed among the switches and routers. If the network administrator 13 needs to customize the routing rules, it must be connected to each network component. set up.

此外,傳統網路的各網路元件為了瞭解網路拓樸等必要資訊,需要彼此交換各種訊息,如鏈路層發現協議(Link Layer Discovery Protocol,LLDP)封包,透過交換各自所認知到的網路資訊,彼此同步對於網路拓樸與狀態的認知,再根據事先定義好的網路協定或路由規則,由網路元件各自決定如何轉送收到的封包。 In addition, in order to understand the necessary information such as the network topology, the network components of the traditional network need to exchange various messages, such as Link Layer Discovery Protocol (LLDP) packets, by exchanging their respective networks. Road information, synchronized with each other for network topology and state awareness, and then based on pre-defined network protocols or routing rules, each network component decides how to forward received packets.

傳統網路的問題包含但不限於: Problems with traditional networks include but are not limited to:

1.將控制平面分散在硬體資源低落的交換器與路由器中,限制了網路的功能與彈性。 1. Distributing the control plane in switches and routers with low hardware resources limits the functionality and flexibility of the network.

2.龐大數量的訊息交換使得傳統網路的運行效率低落。 2. A huge amount of information exchange makes the operation of traditional networks inefficient.

3.各網路元件各自決定轉發行為的特性,讓網路管理者難以有效地偵測網路狀態並除錯。 3. Each network component determines the nature of the forwarding behavior, making it difficult for network administrators to effectively detect network status and debug.

由於其分散式的控制平面,傳統網路缺乏集中管理的機制,無法提供一個有效的網路管理工具供網路管理者13追蹤網路資訊以進行除錯。在網路出現問題時或因維運而需要獲取網路資訊時,網路管理者13只能主動取得各交換器或路由器的日誌21並分析,或透過遠端主機或路由器回傳的reply 22封包間接取得網路資訊,如圖2傳統網路除錯方式示意圖所示。 Due to its decentralized control plane, traditional networks lack a centralized management mechanism and cannot provide an effective network management tool for network administrators 13 to track network information for debugging. When there is a problem in the network or when you need to obtain network information due to maintenance, the network administrator 13 can only take the log 21 of each switch or router and analyze it, or return it through the remote host or router. The packet indirectly obtains network information, as shown in the schematic diagram of the traditional network debugging mode.

當網路規模超過一定程度時,交換器的日誌21數量便會難以分析,且網路管理者13無法即時獲得所需要的網路資訊。此外,由於網路管理者13無法確定封包的路徑,只能對所有交換器與路由器的日誌21進行分析。另一方面,透過遠端主機或路由器所傳回的reply 22封包所能間接取得的資訊類型有限,難以作為維運的有效根據。若因網路狀況無法回收端對端的reply 22封包,就無法經由此方式獲取所必須之路徑與網路資訊。 When the network size exceeds a certain level, the number of logs 21 of the switch will be difficult to analyze, and the network administrator 13 cannot immediately obtain the required network information. In addition, since the network manager 13 cannot determine the path of the packet, only the logs 21 of all switches and routers can be analyzed. On the other hand, the type of information that can be indirectly obtained by the reply 22 packet sent back by the remote host or router is limited, and it is difficult to be an effective basis for maintenance. If the end-to-end reply 22 packet cannot be recovered due to network conditions, it is impossible to obtain the necessary path and network information in this way.

傳統網路中最知名的網路除錯工具包括ping和traceroute。Ping的運作原理是向目標主機丟出ICMP echo要求,並根據收到的回應封包計算封包的遺失率與往返時間。Ping的缺點是所能取得的網路資訊較少,較難只根據其結果進行網路除錯。Traceroute可以取得封包在IP網路當中所經過的路由器列表,其運作原理是向網路依序丟出擁有不同存活時間(Time to Live,TTL)值的ICMP要 求封包,透過所收回的ICMP超時封包取得路徑上各路由器的資訊。Traceroute的缺點是只能取得路由器的資訊,無法取得路徑上的完整資訊,如交換器與鏈結的狀態。此外,traceroute的作法會對網路產生較多封包,若路徑上共有n個路由器,traceroute則會對路徑上的路由器造成共計O(n 2 )次的轉發行為。 The most well-known network debugging tools in traditional networks include ping and traceroute. Ping works by throwing ICMP echo requests to the target host and calculating the packet loss rate and round trip time based on the received response packets. The disadvantage of Ping is that it can get less network information, and it is more difficult to debug the network based on its results. Traceroute can obtain a list of routers that the packet passes through in the IP network. The operation principle is to sequentially drop ICMP request packets with different Time to Live (TTL) values to the network, and the ICMP timeout is recovered through the recovered. The packet gets the information of each router on the path. The disadvantage of Traceroute is that it only gets the information of the router and cannot get complete information on the path, such as the state of the switch and the link. In addition, the traceroute method will generate more packets for the network. If there are n routers in the path, traceroute will cause a total of O(n 2 ) forwarding behaviors for the routers on the path.

2014年,IBM發表了基於軟體定義網路(Software-Defined Networking,SDN)架構實作的SDN traceroute。SDN架構將交換器的控制平面與轉發平面分離,讓網路的管理者能夠控管SDN網路中的交換器的流表(Flow table)與轉發行為。SDN traceroute會向待測之起點交換器發送檢測封包,再透過SDN交換器可程式化的特性,使檢測封包每流經一段鏈結後就複製一份回傳給SDN控制器回報狀態,藉以確認封包在網路中所流經的完整路徑資訊。 In 2014, IBM released a software-defined network (Software-Defined) Networking, SDN) architecture implementation of SDN traceroute. The SDN architecture separates the control plane of the switch from the forwarding plane, allowing the network administrator to control the flow table and forwarding behavior of the switches in the SDN network. The SDN traceroute sends a detection packet to the starting switch to be tested, and then through the programmable features of the SDN switch, the detection packet is copied back to the SDN controller for return status after each link, so as to confirm The complete path information that the packet flows through the network.

然而,SDN traceroute假設能夠保留封包header中一定欄位作為回 傳檢測封包之用,禁止網路中所有元件與網管應用程式使用該欄位,這種作法是不切實際的。雖然SDN traceroute的開發者或許可以利用其權限要求所有的應用程式開發者都須遵守此規範,但仍會導致所控網路的自由度下降,無形中限制了其他SDN應用程式的功能。此外,封包header中所能使用的位元數有限,可能導致多個檢測封包對應到同一個標籤,若檢測封包被其他應用程式複製了冗餘的備份發送至網路中,SDN traceroute就可能無法正確量測路徑。 However, SDN traceroute assumes that it can retain certain fields in the packet header as back. It is impractical to use the detection packet to prevent all components in the network from being used by the network management application. Although developers of SDN traceroute may be able to use their permissions to require all application developers to comply with this specification, it will still result in a decrease in the freedom of the controlled network, which inevitably limits the functionality of other SDN applications. In addition, the number of bits that can be used in the packet header is limited, which may result in multiple detection packets corresponding to the same label. If the detection packet is copied by other applications and the redundant backup is sent to the network, the SDN traceroute may not be able to. Correct measurement path.

2014年2月1日公開之我國專利編號第201406114號「用以供應網路路徑之轉譯通訊期資訊」,提及一種系統和方法,其會接收對應於與一個伺服器相聯結的通訊期之通訊期資訊(SESSION INFORMATION),以及會將通訊期資訊轉譯成包括一個拓撲佈局參數和一個資料參數的經轉譯之通訊期資訊。該經轉譯之通訊期資訊係為指引一個控制器依據該經轉譯之通訊期資訊來供應 一個網路路徑。該網路路徑係使依從該拓撲佈局參數和資料參數。與本發明透過發送模擬待檢測資料流的檢測封包,再一一回收網路元件收到檢測封包時傳回的路徑狀態回報,可以精確地追蹤資料流所流經實際路徑的演算方法並不相同。 China Patent No. 201406114, "Translation of Communication Period Information for Supplying Network Paths", published on February 1, 2014, refers to a system and method that receives a communication period corresponding to a server. SESSION INFORMATION, and translates the communication period information into translated communication period information including a topology layout parameter and a data parameter. The translated communication period information is directed to direct a controller to supply based on the translated communication period information. A network path. The network path is such that it conforms to the topology layout parameters and data parameters. Compared with the detection packet of the present invention by transmitting the simulated data stream to be detected, and recovering the path state report returned when the network component receives the detection packet, the calculation method for accurately tracking the flow of the data flow through the actual path is not the same. .

如2014年8月20日公開之CN103997432號Measuring system and method for supporting analysis of OpenFlow application performance提及一種支援量化分析OpenFlow應用性能的測量系統及方法。它基於一個OpenFlow網路和一台測量伺服器,所述OpenFlow網路包括一個控制器和n台分別與控制器連接的交換機,n台交換機接受控制器的OpenFlow控制;控制器和n個交換機擴充本地日誌功能和時鐘同步功能後成為測量實體受測量伺服器集中控制。其特點包括:無集中式性能瓶頸,測量本身對網路應用干擾小;能夠全面獲取資料平面和控制平面資訊;能夠得到控制平面與資料平面之間的交互關係。並不是如本案是用集中式控制平面的路徑狀態回報演算方式,可以追蹤資料流所流經的實際路徑狀態,協助網路管理者及其網管應用程式更有效率地分析與排除故障。 As disclosed on August 20, 2014, CN103997432, Measuring system and The method for supporting analysis of OpenFlow application performance refers to a measurement system and method that supports quantitative analysis of OpenFlow application performance. It is based on an OpenFlow network consisting of a controller and n switches connected to the controller, n switches accepting OpenFlow control of the controller; controller and n switch expansions The local logging function and the clock synchronization function become the measurement entity centralized control by the measurement server. Its characteristics include: no centralized performance bottleneck, the measurement itself has little interference to the network application; it can comprehensively acquire the data plane and the control plane information; and can obtain the interaction relationship between the control plane and the data plane. It is not the case that the path state return calculation method of the centralized control plane is used, which can track the actual path state of the data flow and help the network administrator and its network management application to analyze and troubleshoot more efficiently.

本發明一種基於集中式控制平面的路徑狀態回報演算法,可以追 蹤資料流所流經的實際路徑狀態。相較於ping,本發明能夠將更多的網路資訊回報給網路管理者。相較於traceroute,本發明能夠以較少的訊息量找出所控網路中指定資料流經過的實際路徑,減少偵測動作對網路造成的負擔。相較於SDN traceroute,由於本發明使用封包的payload內容作為檢測封包的辨別依據,並不限制其他應用程式對封包header的使用與修改,可在與其他網路管理應用程式高度相容的前提下,獲得正確的檢測結果。 The invention provides a path state return algorithm based on a centralized control plane, which can be chased Trace the actual path state through which the data stream flows. Compared to ping, the present invention can report more network information to network administrators. Compared with the traceroute, the present invention can find out the actual path of the specified data stream in the controlled network with a small amount of information, and reduce the burden on the network caused by the detection action. Compared with the SDN traceroute, the present invention uses the payload content of the packet as the basis for detecting the packet, and does not limit the use and modification of the packet header by other applications, and can be highly compatible with other network management applications. , get the correct test results.

本案發明人鑑於前述系統和方法之不足之處,乃亟思創新發明,經長時間苦心孤詣並潛心研究後,終於成功研發完成本件一種基於集中式控制平面的路徑狀態回報演算法。 In view of the inadequacies of the foregoing systems and methods, the inventor of the present invention is innovative and invented. After a long period of painstaking research and painstaking research, he finally succeeded in researching and developing a path state return algorithm based on a centralized control plane.

本發明提出了一種基於集中式控制平面的路徑狀態回報演算法,可以追蹤資料流所流經的實際路徑狀態,協助網路管理者及其網管應用程式更有效率地分析與排除故障。本發明的設計著重於與其他網路管理應用程式與網路元件的相容,透過將檢測封包的辨別資訊填在payload中,因此能在不限制封包header的使用與修改的前提下,獲得正確的檢測結果。 The invention proposes a path state return algorithm based on a centralized control plane, which can track the actual path state flowing through the data stream, and assist the network administrator and its network management application to analyze and troubleshoot more efficiently. The design of the present invention focuses on compatibility with other network management applications and network components. By filling in the identification information of the detection packet, it can be correctly obtained without restricting the use and modification of the packet header. Test results.

本發明一種基於集中式控制平面的路徑狀態回報演算法,透過發送模擬待檢測資料流的檢測封包,再一一回收網路元件收到檢測封包時傳回的路徑狀態回報,可以精確地追蹤資料流所流經的實際路徑,協助網路管理者更有效率地找出問題元件以排除故障。此外,考量了與其他網路管理應用程式間的相容議題,本發明將辨識資訊填寫在封包payload的作法,能在不限制其他網路管理應用程式的前提下進行檢測。因此可和其他網管應用程式良好結合,作為未來開發其他網管程式時的重要基礎工具。 The invention provides a path state report algorithm based on a centralized control plane, which can accurately track data by transmitting a detection packet simulating a data stream to be detected, and then recovering a path state report returned by the network component when receiving the detection packet. The actual path through which the flow flows helps the network administrator to more efficiently identify problem components to troubleshoot. In addition, considering the compatibility issues with other network management applications, the present invention fills the identification information into the payload of the packet and can detect it without restricting other network management applications. Therefore, it can be combined with other network management applications as an important basic tool for future development of other network management programs.

11‧‧‧控制平面 11‧‧‧Control plane

12‧‧‧轉發平面 12‧‧‧ Forwarding plane

13‧‧‧網路管理者 13‧‧‧Network Manager

21‧‧‧日誌 21‧‧‧Log

22‧‧‧reply 22‧‧‧reply

31‧‧‧創建階段 31‧‧‧Creation phase

32‧‧‧檢測階段 32‧‧‧Detection phase

33‧‧‧回報階段 33‧‧‧Return phase

311‧‧‧給出要查測的資料流資訊 311‧‧‧ Give the data flow information to be tested

312‧‧‧模擬實際封包產生檢測封包 312‧‧‧ Simulated actual packet generation detection packet

321‧‧‧將檢測封包發送給起點交換器 321‧‧‧Send the test packet to the origin switch

322‧‧‧等待並接收交換器即時回報 322‧‧‧ Waiting and receiving the switch for immediate return

323‧‧‧終點交換器已回報 323‧‧‧The destination switch has been rewarded

324‧‧‧已到時間上限 324‧‧‧ has reached the time limit

331‧‧‧回報最終結果 331‧‧‧Return the final result

41‧‧‧向起點交換器發送檢測封包 41‧‧‧Send detection packets to the originating switch

42‧‧‧起點交換器將檢測封包傳回實體伺服器 42‧‧‧The starting switch returns the detection packet to the physical server

43‧‧‧按照路由規則將檢測封包傳遞給下一個交換器 43‧‧‧ Pass the test packet to the next switch according to the routing rules

44‧‧‧交換器將檢測封包傳回伺服器以回報狀態 44‧‧‧The switch sends the detection packet back to the server to report the status

45‧‧‧將檢測封包傳遞給路徑上的下一個交換器 45‧‧‧ Pass the test packet to the next switch on the path

46‧‧‧起點交換器 46‧‧‧ starting point exchanger

圖1為傳統網路架構圖;圖2A~2B為傳統網路除錯方式示意圖; 圖3為本發明之基於集中式控制平面的路徑狀態回報演算法流程圖;圖4為本發明之檢測封包傳遞流程示意圖。 1 is a conventional network architecture diagram; FIG. 2A-2B are schematic diagrams of a conventional network debugging manner; FIG. 3 is a flowchart of a path state report algorithm based on a centralized control plane according to the present invention; FIG. 4 is a schematic diagram of a process of transmitting a test packet according to the present invention.

本發明一種基於集中式控制平面的路徑狀態回報演算法,會根據所欲檢測之資料流資訊產生出檢測封包,再向起點交換器發送檢測封包。透過使網路中所控制的各網路元件在收到檢測封包時主動回報結果,來確認指定的資料流在網路中所流經的實際路徑,作為網路環境除錯的判斷依據。 The invention provides a path state report algorithm based on a centralized control plane, which generates a detection packet according to the data flow information to be detected, and then sends a detection packet to the starting switch. By making the network components controlled by the network actively report the results when receiving the detection packet, the actual path through which the specified data stream flows in the network is confirmed, which serves as a basis for determining the debugging of the network environment.

本發明的檢測流程主要分為三個階段,分別是創建階段31、檢測階段32與回報階段33,其流程圖如圖3所示。 The detection process of the present invention is mainly divided into three phases, namely, a creation phase 31, a detection phase 32 and a reward phase 33, and the flowchart thereof is as shown in FIG.

在創建階段31,先產生出模擬欲檢測的資料流封包的檢測封包,作為檢測該資料流在網路中所會流經的實際路徑之用,其包括給出要查測的資料流資訊311步驟和模擬實際封包產生檢測封包312步驟。首先給出要查測的資料流資訊311步驟,係根據所欲檢測的資料流資訊,如來源MAC、目的地MAC、來源IP和目的地IP等可用來識別封包的資訊,產生出檢測封包的header,以確保檢測封包會與欲檢測的資料流封包具有同樣的路由行為。接著模擬實際封包產生檢測封包312步驟,在檢測封包的payload填入專屬的關鍵字,以分辨檢測封包與其他擁有相同header的封包。此作法並不限制其他應用程式對封包header的使用與修改,能更好的與其相容。 In the creation phase 31, a detection packet simulating the data stream packet to be detected is first generated as a detection of the actual path through which the data stream flows in the network, which includes giving the data stream information to be detected 311. The steps and simulation of the actual packet generation detect packet 312 steps. First, the data stream information 311 step to be detected is based on the data stream information to be detected, such as source MAC, destination MAC, source IP, and destination IP, etc., which can be used to identify the packet information, and generate a detection packet. Header to ensure that the detection packet will have the same routing behavior as the data stream packet to be detected. Then, the actual packet generation detection packet 312 step is simulated, and the payload of the detection packet is filled in a unique keyword to distinguish the detection packet from other packets having the same header. This method does not restrict the use and modification of the packet header by other applications, and is better compatible with it.

完成檢測封包的創建之後,即進入檢測階段32,進行發送檢測封包給網路管理者所欲檢測路徑所經的交換器,進行路徑檢測,其中,交換器至少包括位於欲檢測路徑起點之交換器及位於欲檢測路徑終點之交換器,其步 驟包括將檢測封包發送給起點交換器321步驟、等待並接收交換器即時回報322步驟、終點交換器已回報323判斷步驟和已到時間上限324判斷步驟。其中將檢測封包發送給起點交換器321步驟,主要向起點交換器發送在創建階段產生出的檢測封包;等待並接收交換器即時回報322步驟,主要等待接收交換器所回報之檢測封包;終點交換器已回報323判斷步驟,主要判斷終點交換器是否已回報,若是則進入回報最終結果331步驟,否則進入已到時間上限324判斷步驟;已到時間上限324判斷步驟,主要判斷檢測時間上限是否已到,若是則進入回報最終結果331步驟,否則回到等待並接收交換器即時回報322步驟。 After the detection packet is created, the detection process is performed, and the detection packet is sent to the switch that the network administrator wants to detect the path, and the path detection is performed. The switch includes at least the switch located at the beginning of the path to be detected. And the switch at the end of the path to be detected, the step The step includes transmitting the detection packet to the start switch 321 step, waiting for and receiving the switch immediate return 322 step, the destination switch has reported 323 determining step, and the reached time upper limit 324 determining step. The detecting packet is sent to the starting switch 321 step, and the detecting packet generated in the creation phase is mainly sent to the starting switch; the process of waiting for and receiving the immediate return of the switch 322, mainly waiting for the detecting packet reported by the receiving switch; The device has reported 323 judging steps, mainly determining whether the end switch has been rewarded, and if so, entering the return final result 331 step, otherwise entering the time limit upper limit 324 judging step; the time upper limit 324 judging step has been reached, mainly determining whether the detecting time upper limit has been To, if yes, enter the return final result 331 steps, otherwise return to the wait and receive the switch instant return 322 steps.

由如圖4所示檢測封包傳遞流程示意圖更可以了解檢測階段32之實際運作情形。首先,先向起點交換器46發送在創建階段產生出的檢測封包(步驟41)。交換器收到檢測封包後會主動將檢測封包傳回本發明演算法所在之實體伺服器(步驟42),然後再按照路由規則將檢測封包傳遞給下一個交換器(步驟43),進行後續檢測。步驟41至42是為了檢測起點交換器的運作狀況,確定起點交換器是否能夠確實傳回檢測封包。後續的路徑檢測會按照步驟44至步驟45的模式重複進行,以檢測每段鏈結與交換器的狀態:交換器將檢測封包傳回伺服器以回報狀態(步驟44),接著再將檢測封包傳遞給路徑上的下一個交換器(步驟45)。 The actual operation of the detection phase 32 can be understood by the schematic diagram of the detection packet delivery process as shown in FIG. First, the detection packet generated in the creation phase is first transmitted to the origin switch 46 (step 41). After receiving the detection packet, the switch will actively send the detection packet back to the physical server where the algorithm of the present invention is located (step 42), and then pass the detection packet to the next switch according to the routing rule (step 43) for subsequent detection. . Steps 41 to 42 are for detecting the operation status of the origin switch, and determining whether the origin switch can actually return the detection packet. Subsequent path detection is repeated in accordance with the pattern from step 44 to step 45 to detect the status of each link and switch: the switch sends the detection packet back to the server to report the status (step 44), and then detects the packet. Passed to the next switch on the path (step 45).

在欲檢測之資料流的終點交換器傳回檢測封包,或是到達檢測時間上限之後,即進入回報階段,其包括回報最終結果331步驟。此時回報最終結果331步驟,會向網路管理者回報檢測階段時根據網路元件回報的狀況所拼湊出的資料流實際路徑與路徑狀態。 At the end of the data stream to be detected, the switch returns the detection packet, or after reaching the upper limit of the detection time, it enters the reward phase, which includes the step of returning the final result 331. At this point, the final result 331 step is returned, and the network manager returns the actual path and path state of the data stream that is pieced together according to the status of the network component return during the detection phase.

本發明可以適用於數種不同的路由案例,包含但不限於single path、routing、multipath routing、multicast routing等案例。此外,本發明的設計著重於與其他網路管理應用程式與網路元件的相容,能在不影響其他應用程式的前提下與其結合,組成更完善的檢測工具,或是作為網路自我優化之用。 The present invention can be applied to several different routing cases, including but not limited to single path, routing, multipath routing, multicast routing, and the like. In addition, the design of the present invention focuses on compatibility with other network management applications and network components, can be combined with other applications, and constitutes a more comprehensive detection tool or self-optimized as a network. Use.

對於single path的資料流,本發明能夠檢測其所流經的實際路徑。而對於所經過的路徑不只一條的資料流,如multi-path與multicast資料流等,由於檢測封包也會像實際封包被複製成多份,本發明依然能根據各交換器回傳的封包分析此資料流所流經的完整路徑以及封包的總量等資訊。 For a single path data stream, the present invention is able to detect the actual path through which it flows. For the data stream that passes through more than one path, such as multi-path and multicast data stream, since the detection packet is also copied into multiple copies as the actual packet, the present invention can still analyze the packet according to the packet returned by each switch. Information such as the full path through which the data stream flows and the total amount of packets.

由於本發明使用封包的payload內容作為檢測封包的辨別依據,與使用封包header欄位的作法相比,可在不影響其他應用程度的前提下,提供資料流的實際路徑作為其他模組的檢測與優化依據,以下列舉幾個整合使用案例:透過與本發明結合,routing應用程式可以在建置路徑後,檢查資料流的實際路徑與運算邏輯是否一致,作為除錯依據。Rerouting應用程式可以根據本發明的檢測結果得知當前路徑是否暢通,並取得路徑回報的延遲時間,當資料流無法透過當前路徑到達目的地或延遲過高時就自動更換路徑。透過本發明回傳的資料流實際路徑,Statistics與Stress Test應用程式將可以精確地針對資料流所流經的實際路徑作操作,避免對網路造成額外的負擔。 Since the present invention uses the payload content of the packet as the basis for detecting the packet, compared with the method of using the packet header field, the actual path of the data stream can be provided as the detection of other modules without affecting the degree of other applications. Based on the optimization, several integrated use cases are listed below: By combining with the present invention, the routing application can check whether the actual path of the data stream is consistent with the operation logic after the path is established, as a basis for debugging. The Rerouting application can know whether the current path is unblocked according to the detection result of the present invention, and obtain the delay time of the path return. When the data stream cannot reach the destination through the current path or the delay is too high, the path is automatically replaced. Through the actual path of the data stream returned by the present invention, the Statistics and Stress Test applications will be able to accurately target the actual path through which the data stream flows, thereby avoiding an additional burden on the network.

除了偵測網路狀態,本發明也能用來檢測伺服器的運作狀況,如DHCP Server等。透過將客戶端所送出的實際封包內容分別填入檢測封包的header與payload內,再將此模擬實際封包的檢測封包發送至連接客戶端的交換 器,即可使檢測封包經由與實際封包相同的路徑傳送至伺服器,再獲取伺服器的回應封包,作為判斷伺服器狀態的依據。 In addition to detecting network status, the present invention can also be used to detect the operation of a server, such as a DHCP server. By filling the actual packet content sent by the client into the header and payload of the detection packet, and sending the detection packet simulating the actual packet to the connection client. The device can transmit the detection packet to the server via the same path as the actual packet, and then obtain the response packet of the server as the basis for judging the state of the server.

本發明演算法的核心在於統一收集網路元件在收到檢測封包時的回報,並透過將辨識資訊填入payload而非header以避免影響其他應用程式運作。只要使用的網路架構能夠滿足以上兩個條件,就能實作本發明演算法。 The core of the algorithm of the present invention is to uniformly collect the return of the network component when receiving the detection packet, and fill the identification information into the payload instead of the header to avoid affecting the operation of other applications. The algorithm of the present invention can be implemented as long as the network architecture used can satisfy the above two conditions.

實作本發明演算法的其中一個選擇是SDN(Software-Defined Networking_軟體定義網路)網路架構,我們可以將本發明演算法實作為SDN的網管應用程式,利用SDN網路架構可程式化的特性自定義SDN交換器的轉發行為,使所有SDN交換器在收到檢測封包時,除了按照原路由規則轉發外,再進行回報路徑狀態資訊給本發明應用程式,以達成集中式控制的設計。 One of the choices for implementing the algorithm of the present invention is the SDN (Software-Defined Networking) network architecture. We can use the algorithm of the present invention as an SDN network management application, which can be programmed by using the SDN network architecture. The characteristics of the custom SDN switch forwarding behavior, so that all SDN switches receive the detection packet, in addition to forwarding according to the original routing rules, and then report the path status information to the application of the invention to achieve centralized control design .

本發明一種基於集中式控制平面的路徑狀態回報演算法與傳統習用技術相互比較時,更具備下列優點:本發明之一種基於集中式控制平面的路徑狀態回報演算法,可以追蹤資料流所流經的實際路徑狀態。 When the path state report algorithm based on the centralized control plane is compared with the conventional technology, the following advantages are obtained: a path state report algorithm based on the centralized control plane can track the flow of data streams. The actual path state.

1.相較於ping,本發明能夠將更多的網路資訊回報給網路管理者。 1. Compared to ping, the present invention can report more network information to network administrators.

2.相較於traceroute,本發明能夠以較少的訊息量找出所控網路中指定資料流經過的實際路徑,減少偵測動作對網路造成的負擔。 2. Compared with the traceroute, the present invention can find out the actual path of the specified data stream in the controlled network with a small amount of information, and reduce the burden on the network caused by the detection action.

3.相較於SDN traceroute,由於本發明使用封包的payload內容作為檢測封包的辨別依據,並不限制其他應用程式對封包header的使用與修改,可在與其他網路管理應用程式高度相容的前提下,獲得正確的檢測結果。 3. Compared with SDN traceroute, the present invention uses the payload content of the packet as the basis for detecting the packet, and does not limit the use and modification of the packet header by other applications, and is highly compatible with other network management applications. Under the premise, get the correct test results.

4.本發明著重於與其他網路管理應用程式與網路元件的相容,能在不影響其他應用程式的前提下與其結合,組成更完善的檢測工具,或是作為網路自我優化之用。 4. The present invention focuses on compatibility with other network management applications and network components, and can be combined with other applications without compromising other applications to form a more complete detection tool or as a network self-optimization. .

5.本發明採用集中式的控制平面路徑狀態回報演算機制,能夠追蹤資料流所流經的實際路徑,對網路管理者及網管應用程式提供更有效率地分析與排除障礙能力,能夠大大地減少了CAPEX和OPEX。 5. The present invention adopts a centralized control plane path state return calculation mechanism, which can track the actual path through which the data stream flows, and provides network administrators and network management applications with the ability to analyze and remove obstacles more efficiently, and can greatly Reduced CAPEX and OPEX.

上列詳細說明乃針對本發明之一可行實施例進行具體說明,惟該實施例並非用以限制本發明之專利範圍,凡未脫離本發明技藝精神所為之等效實施或變更,均應包含於本案之專利範圍中。 The detailed description of the present invention is intended to be illustrative of a preferred embodiment of the invention, and is not intended to limit the scope of the invention. The patent scope of this case.

綜上所述,本案不僅於技術思想上確屬創新,並具備習用之傳統方法所不及之上述多項功效,已充分符合新穎性及進步性之法定發明專利要件,爰依法提出申請,懇請 貴局核准本件發明專利申請案,以勵發明,至感德便。 To sum up, this case is not only innovative in terms of technical thinking, but also has many of the above-mentioned functions that are not in the traditional methods of the past. It has fully complied with the statutory invention patent requirements of novelty and progressiveness, and applied for it according to law. Approved this invention patent application, in order to invent invention, to the sense of virtue.

31‧‧‧創建階段 31‧‧‧Creation phase

32‧‧‧檢測階段 32‧‧‧Detection phase

33‧‧‧回報階段 33‧‧‧Return phase

311‧‧‧給出要查測的資料流資訊 311‧‧‧ Give the data flow information to be tested

312‧‧‧模擬實際封包產生檢測封包 312‧‧‧ Simulated actual packet generation detection packet

321‧‧‧將檢測封包發送給起點交換器 321‧‧‧Send the test packet to the origin switch

322‧‧‧等待並接收交換器即時回報 322‧‧‧ Waiting and receiving the switch for immediate return

323‧‧‧終點交換器已回報 323‧‧‧The destination switch has been rewarded

324‧‧‧已到時間上限 324‧‧‧ has reached the time limit

331‧‧‧回報最終結果 331‧‧‧Return the final result

Claims (7)

一種基於集中式控制平面的路徑狀態回報演算法,其主要包括:一創建階段,根據所欲檢測之資料流資訊模擬實際封包產生檢測封包;一檢測階段,發送檢測封包給所欲檢測路徑所經的交換器、等待並接收交換器即時回報、位於所欲檢測路徑終點之交換器已回報判斷及已到時間上限判斷,位於所欲檢測路徑終點之交換器已回報判斷主要係判斷終點之交換器是否已回報,若是則進入回報階段,否則進入已到時間上限判斷之步驟,已到時間上限判斷步驟主要係判斷檢測時間上限是否已到,若是則進入回報階段,否則回到等待並接收交換器即時回報之步驟;一回報階段,回報資料流流經之實際路徑與路徑狀態。 A path state return algorithm based on a centralized control plane, which mainly comprises: a creation phase, which simulates an actual packet to generate a detection packet according to the data stream information to be detected; and a detection phase, sends a detection packet to the desired detection path. The switch, the waiting and receiving switch real-time return, the switch at the end of the desired path has been judged and the time limit has been judged, and the switch at the end of the path to be detected has returned the switch that judges the main end point. Whether it has been reported, if it is, it will enter the return stage, otherwise it will enter the step of the time limit judgment. The time limit judgment step is mainly to judge whether the detection time limit has arrived, and if so, enter the return stage, otherwise return to the waiting and receive switch. The step of immediate return; a return phase that returns the actual path and path state through which the data stream flows. 如請求項1所述之基於集中式控制平面的路徑狀態回報演算法,其中根據所欲檢測之資料流資訊模擬實際封包產生檢測封包,係根據所欲檢測的資料流資訊,產生出檢測封包的header,以確保檢測封包會與欲檢測的資料流封包具有同樣的路由行為。 The path state report algorithm based on the centralized control plane according to claim 1, wherein the actual packet is generated according to the data stream information to be detected, and the detection packet is generated according to the data stream information to be detected. Header to ensure that the detection packet will have the same routing behavior as the data stream packet to be detected. 如請求項1或2所述之基於集中式控制平面的路徑狀態回報演算法,其中欲檢測之資料流資訊包括來源MAC、目的地MAC、來源IP或目的地IP之可用來識別封包的資訊。 The centralized state plane-based path state report algorithm according to claim 1 or 2, wherein the data stream information to be detected includes information of a source MAC, a destination MAC, a source IP, or a destination IP that can be used to identify the packet. 如請求項1所述之基於集中式控制平面的路徑狀態回報演算法,其中模擬實際封包產生檢測封包主要係於檢測封包的payload填入專屬的關鍵字,以使檢測封包與其他擁有相同header的封包有所區別。 The path state report algorithm based on the centralized control plane, as described in claim 1, wherein the actual packet generation detection packet is mainly used to detect the payload of the packet to fill in a unique keyword, so that the detection packet has the same header as the other. The package is different. 如請求項1所述之基於集中式控制平面的路徑狀態回報演算法,其中將檢測封包發送給位於所欲檢測路徑起點之交換器主要係向起點之交換器發送在創建階段產生出的檢測封包。 The path state report algorithm based on the centralized control plane according to claim 1, wherein the detection packet is sent to the switch located at the start of the path to be detected, and the switch is generated at the creation stage. . 如請求項1所述之基於集中式控制平面的路徑狀態回報演算法,其中等待並接收交換器即時回報主要係等待接收終點之交換器所回報之檢測封包。 The centralized state plane based path state report algorithm as claimed in claim 1, wherein the waiting and receiving switch immediate return is mainly a detection packet reported by the switch waiting for the receiving end. 如請求項1所述之基於集中式控制平面的路徑狀態回報演算法,其中回報階段係向網路管理者回報檢測階段時根據網路元件回報的狀況所拼湊出的資料流實際路徑與路徑狀態。 The path state report algorithm based on the centralized control plane according to claim 1, wherein the reward phase is the actual path and path state of the data stream that is patched according to the status of the network component report when the network manager reports the detection phase. .
TW104136424A 2015-11-05 2015-11-05 Path State Return Algorithm Based on Centralized Control Plane TWI591983B (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
TW104136424A TWI591983B (en) 2015-11-05 2015-11-05 Path State Return Algorithm Based on Centralized Control Plane
JP2016206949A JP6591950B2 (en) 2015-11-05 2016-10-21 Path state reporting calculation method based on centralized control plane
CN201610939349.0A CN107070673B (en) 2015-11-05 2016-11-01 Path state reporting method based on centralized control plane

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW104136424A TWI591983B (en) 2015-11-05 2015-11-05 Path State Return Algorithm Based on Centralized Control Plane

Publications (2)

Publication Number Publication Date
TW201717582A TW201717582A (en) 2017-05-16
TWI591983B true TWI591983B (en) 2017-07-11

Family

ID=58768751

Family Applications (1)

Application Number Title Priority Date Filing Date
TW104136424A TWI591983B (en) 2015-11-05 2015-11-05 Path State Return Algorithm Based on Centralized Control Plane

Country Status (3)

Country Link
JP (1) JP6591950B2 (en)
CN (1) CN107070673B (en)
TW (1) TWI591983B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108768769B (en) * 2018-05-17 2020-12-08 南方科技大学 Detection method and detection system for consistency of control plane and data plane and switch
TWI710231B (en) * 2020-02-27 2020-11-11 中華電信股份有限公司 Path quality report method crossed over multiple centralized control plane

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003110620A (en) * 2001-09-27 2003-04-11 Nippon Telegr & Teleph Corp <Ntt> Method and system for measuring delay in packet communication network, and gateway apparatus
US7127508B2 (en) * 2001-12-19 2006-10-24 Tropic Networks Inc. Method and system of measuring latency and packet loss in a network by using probe packets
US7733769B1 (en) * 2004-06-08 2010-06-08 Cisco Technology, Inc. Method and apparatus for identifying a media path in a network
US7917950B2 (en) * 2005-05-12 2011-03-29 Jds Uniphase Corporation Protocol-generic eavesdropping network device
CN101577661B (en) * 2008-05-09 2013-09-11 华为技术有限公司 Method and equipment for switching path
CN101656669B (en) * 2009-08-07 2011-09-28 杭州华三通信技术有限公司 Message processing method and apparatus of rapid rerouting mechanism
CN102404229B (en) * 2011-12-14 2013-03-13 华为技术有限公司 System, device and method for load balancing
CN103401726B (en) * 2013-07-19 2016-12-07 华为技术有限公司 Network path detection method and device, system
US9819551B2 (en) * 2013-11-20 2017-11-14 Big Switch Networks, Inc. Systems and methods for testing networks with a controller
WO2015119611A2 (en) * 2014-02-06 2015-08-13 Hewlett-Packard Development Company, L.P. Trace packet and path analysis in a software defined network
US9736053B2 (en) * 2014-03-25 2017-08-15 Nec Corporation Layer 2 path tracing through context encoding in software defined networking
CN104734907B (en) * 2014-12-19 2018-06-19 中国人民解放军理工大学 A kind of method for actively measuring OpenFlow network end-to-end path performances and its used system
CN104702468B (en) * 2015-03-05 2019-02-26 华为技术有限公司 Determine the method, apparatus and system of transmission path

Also Published As

Publication number Publication date
JP2017092957A (en) 2017-05-25
TW201717582A (en) 2017-05-16
JP6591950B2 (en) 2019-10-16
CN107070673B (en) 2020-05-22
CN107070673A (en) 2017-08-18

Similar Documents

Publication Publication Date Title
US9917745B2 (en) Validation of chained network services
Botta et al. A tool for the generation of realistic network workload for emerging networking scenarios
Wundsam et al. {OFRewind}: Enabling Record and Replay Troubleshooting for Networks
Lee et al. Network monitoring: Present and future
Alimi et al. Shadow configuration as a network management primitive
DK2730059T3 (en) Oam open flow driven by controller
US9191290B2 (en) Methods and devices for monitoring a data path
EP2951957B1 (en) Network switch simulation
CN104168193B (en) A kind of method and routing device of Virtual Router Redundancy Protocol fault detect
Wu et al. Virtual network diagnosis as a service
CN101145977B (en) A QoS monitoring system and its measuring method of IP data network
CN108270602A (en) A kind of detection method of data link, apparatus and system
CN104917641A (en) Method, device and system for testing packet loss
Geng et al. Design and implementation of network monitoring and scheduling architecture based on P4
TWI591983B (en) Path State Return Algorithm Based on Centralized Control Plane
CN105897580B (en) A kind of unrelated forwarding network quick fault testing of agreement and traffic protection switching method
CN102209010A (en) Network test system and method
US8750299B2 (en) Multicast tree discovery using 802.1ag
WO2016161716A1 (en) Multicast data stream monitoring method and device, and multicast forwarding device
TWI710231B (en) Path quality report method crossed over multiple centralized control plane
TWI792072B (en) Intelligent measurement system for software-defined network quality of experience and method thereof
Tachibana et al. A large-scale network diagnosis system based on user-cooperative active measurements
Xu et al. VegaNet: a virtualized experimentation platform for production networks with connectivity consistency
Kelian et al. Traffic engineering provisioning of multipath link failure recovery in distributed SDN controller environment
Li et al. RVIP: bridging live networks and software virtual networks for large scale network simulation at real time