CN101252475A - Message mirror-image method and apparatus - Google Patents
Message mirror-image method and apparatus Download PDFInfo
- Publication number
- CN101252475A CN101252475A CNA2008100903686A CN200810090368A CN101252475A CN 101252475 A CN101252475 A CN 101252475A CN A2008100903686 A CNA2008100903686 A CN A2008100903686A CN 200810090368 A CN200810090368 A CN 200810090368A CN 101252475 A CN101252475 A CN 101252475A
- Authority
- CN
- China
- Prior art keywords
- message
- mirror
- label value
- mpls
- local label
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention provides a message mirroring method used for a MPLS network, which comprises that the destination address of the monitored object is determined; the corresponding local label value to the monitored object address is searched in a MPLS forwarding table; an appointed port, on which the received message accorded with the local label value is mirrored. The technical proposal of the invention can ensure that the forward efficiency of the MPLS network can be enhanced.
Description
Technical field
The present invention relates to the communications field, in particular to a kind of message mirror-image method and device.
Background technology
A lot of network equipments are all supported image feature, and this function can be with one or more destination interfaces that need be copied to appointment by the flow of the source port of mirror image, and this port is also referred to as policing port, generally can connect watch-dogs such as network management platform.Monitor supervision platform has obtained these data by mirror image, just can carry out network flow quantitative analysis and supervision, also can be when equipment be under attack analytical attack feature and formulate counte-rplan.Mirror image is the behavior that is independent of outside the data forwarding, can not influence normal flow and transmit.
In real network, often need monitor, such as the flow of certain server of all-access is monitored at the flow that flows to certain network equipment.General method is, mates at the destination address field (DAF) in IP (Internetworking Protocol, the Internet protocol) head, then packet is mirrored on the watch-dog.
In fact, the function of mirror image is based on the realization of IP head mostly at present, perhaps based on ACL (Access Control List, Access Control List (ACL)) function realizes, that is to say, can carry out mirror image selectively to packet by the corresponding ACL of binding with two layers, three layers or four layers specific in OSI/RM (Open SystemInterconnection Reference Model, open systems interconnection reference model) model packet header.
In realizing process of the present invention, the inventor finds that there are the following problems at least in the prior art: at MPLS (Multi-Protocol Label Switching, multiprotocol label switching) in the network, the IP address or the first-class field of TCP that need repeatedly deep layer to search in the message can realize image feature, have reduced the forward efficiency of system.
Summary of the invention
The present invention aims to provide a kind of message mirror-image method and device of the MPLS of being used for network, to solve existing techniques in realizing image feature complicated problems.
In an embodiment of the present invention, provide a kind of message mirror-image method of the MPLS of being used for network, having comprised: the destination address of determining monitored object; In transmitting, MPLS finds the local label value of the destination address correspondence of monitored object; With the message mirror that meets the local label value received to designated port.
Wherein, monitored object is the network equipment or the network segment.
Preferably, the message mirror of receiving that meets the local label value is specifically comprised to designated port: the local label value is set to conditions mirror; Judge whether the message that receives meets conditions mirror; If then message mirror is arrived designated port.
Preferably, judge whether the message that receives meets conditions mirror and specifically comprise: the outermost layer label value that reads message; Judge whether the outermost layer label value equals the local label value in the conditions mirror; If determine that then the message that receives meets conditions mirror.
Preferably, if MPLS transmits renewal, the middle local label value of then upgrading of upgrading of transmitting is set to conditions mirror.
Preferably, this method also comprises: if message does not carry label value, judge then whether the purpose IP address in the message meets the destination address of monitored object; If then message mirror is arrived designated port.
Preferably, before the designated port, this method also comprises at the message mirror that meets the local label value that will receive: judge whether the message that receives is the MPLS message; If then carry out the message mirror that meets the local label value that to receive step to designated port.
Preferably, this method also comprises: if not the MPLS message, judge then whether the purpose IP address in the message meets the destination address of monitored object; If then message mirror is arrived designated port.
In an embodiment of the present invention, also provide a kind of message mirror device of the MPLS of being used for network, having comprised: determination module is used for determining the destination address of monitored object; Search module, be used for transmitting the local label value of the destination address correspondence that finds monitored object at MPLS; The mirror image module, the message mirror that meets the local label value that is used for receiving is to designated port.
Preferably, the mirror image module specifically comprises: reading unit is used to read the outermost layer label value of message; Judging unit is used for judging whether the outermost layer label value equals the local label value of conditions mirror; Determining unit is if determine that then the message that receives meets the local label value.
The message mirror-image method that is used for the MPLS network and the device of the above embodiment of the present invention, because adopt and the MPLS message carried out mirror image based on label value, so overcome the problem that mirror image MPLS message needs repeatedly deep layer to search in the prior art, and then improved the forward efficiency of MPLS network.
Description of drawings
Accompanying drawing described herein is used to provide further understanding of the present invention, constitutes the application's a part, and illustrative examples of the present invention and explanation thereof are used to explain the present invention, do not constitute improper qualification of the present invention.In the accompanying drawings:
Fig. 1 shows the message mirror-image method flow chart that is used for the MPLS network according to the embodiment of the invention;
Fig. 2 shows the application network structural representation according to the embodiment of the invention;
Fig. 3 shows and according to the embodiment of the invention conditions mirror flow chart is set;
Fig. 4 shows message mirror-image method flow chart in accordance with a preferred embodiment of the present invention;
Fig. 5 shows and resets the conditions mirror flow chart according to the embodiment of the invention.
Embodiment
Below with reference to the accompanying drawings and in conjunction with the embodiments, describe the present invention in detail.
As shown in Figure 1, the embodiment of the invention has proposed a kind of message mirror-image method of the MPLS of being used for network, may further comprise the steps:
Step S102 determines the destination address of monitored object;
Step S104 finds the local label value of the destination address correspondence of monitored object in MPLS transmits;
Step S106, with the message mirror that meets the local label value received to designated port.
Wherein, monitored object is the network equipment or the network segment.
Preferably, step S106 specifically comprises: the local label value is set to conditions mirror; Judge whether the message that receives meets conditions mirror; If then message mirror is arrived designated port.
Preferably, judge whether the message that receives meets conditions mirror and specifically comprise: the outermost layer label value that reads message; Judge whether the outermost layer label value equals the local label value in the conditions mirror; If determine that then the message that receives meets conditions mirror.
Preferably, if MPLS transmits renewal, the middle local label value of then upgrading of upgrading of transmitting is set to conditions mirror.
Preferably, this method also comprises: if message does not carry label value, judge then whether the purpose IP address in the message meets the destination address of monitored object; If then message mirror is arrived designated port.
Preferably, before step S106, this method also comprises: judge whether the message that receives is the MPLS message; If then carry out the message mirror that meets the local label value that to receive step to designated port.
Preferably, this method also comprises: if not the MPLS message, judge then whether the purpose IP address in the message meets the destination address of monitored object; If then message mirror is arrived designated port.
By this embodiment, after receiving MPLS label bag, can carry out mirror image based on label value, rather than abandon, the deep layer that does not also need to carry out is repeatedly searched.
Fig. 2 shows the application network structural representation according to the embodiment of the invention.The MPLS network traffics are made mirror image processing to the flow of needs monitoring on monitored device in the process that destination equipment sends.Monitored device needs correctly to receive and to handle the label bag that sends over from the MPLS network." flow destination " among the figure can be a network equipment, as server etc., also can be some network segments, as the network of certain enterprise." flow destination " not necessarily directly links to each other with monitored device, as long as there is the route of destination on the monitored device.
Fig. 3 shows the flow chart that conditions mirror is set according to the embodiment of the invention, may further comprise the steps:
Step S302, because monitored object of the present invention is the flow that mails to certain network or certain network equipment (server), so at first want the purpose IP address of specified data bag, i.e. the destination of monitored object, just " the flow destination " shown in Fig. 2.
Step S304 according to the purpose IP address of established data bag, need further search MPLS and transmit, and whether judgment device is that the FEC (Forwarding Equivalence Class, forwarding equivalence class) of this purpose route correspondence has distributed local label.
If corresponding MPLS label exists, illustrate that then packet may carry this label when entering this locality, enter step S306.Why say possibility, be because have the different network equipment through monitored device to this destination address transmitted traffic, to establish a capital be the MPLS neighbours of monitored device and these network equipments differ; If can not find, illustrate that the packet of receiving can not carry label certainly, enters step S308.
Step S306, if local label distributes, the conditions mirror at the MPLS packet just possesses so.
Next local label and the purpose IP address that finds all is recorded in the equipment as conditions mirror, both are relations of logic OR.
Need explanation, why under can satisfying to the condition of MPLS label bag mirror image still with the condition record of purpose IP address as mirror image, be because above already mentioned, have the different network equipment through monitored device to this destination address transmitted traffic, to establish a capital be the MPLS neighbours of monitored device and these network equipments differ.That is to say that the packet that not necessarily mails to this destination all can have tag head.
Step S308, if MPLS does not have local label in transmitting, with purpose IP address as conditions mirror.Because upstream equipment all need be announced label value ability binding tab by upstream device and send to this locality, so the packet of receiving is not a MPLS label bag, can not be with local MPLS label value as conditions mirror.For this class packet with purpose IP address as conditions mirror.
By this embodiment, the data of different types bag is provided with different conditions mirror, being provided with the local label value for the MPLS message is conditions mirror, does not need repeatedly deep layer to search the IP address or the first-class field of TCP of message.
Fig. 4 shows message mirror-image method flow chart in accordance with a preferred embodiment of the present invention, may further comprise the steps:
Step S402, after monitored device was received a packet, the type that at first will judge this packet was MPLS message or IP message.Be for further processing after judging type.
Step S404 if the packet of receiving is a MPLS label bag, then searches its outermost layer label value, judges whether this label value is included in the conditions mirror.
Step S406 if the packet of receiving is the IP bag, then searches its purpose IP address, judges whether this address is included in the conditions mirror.
Step S408 is no matter the type of data packet of receiving how, will judge all whether relevant parameter can satisfy conditions mirror, if can satisfy, then packet is mirrored to specified interface, if can not satisfy conditions mirror then do not do mirror image processing.
By this embodiment, can carry out mirror image to the data of different types bag of judging.Realize efficient forwarding for the MPLS message of receiving that satisfies conditions mirror, and then improved the forward efficiency of MPLS network.
About the setting of conditions mirror with the search procedure when transmitting, can further specify with the form of form.
Table 1
| Index | Purpose IP address | The local label value |
| 1 | a.a.a.a | X |
| 2 | b.b.b.b | |
| … |
With the Index in the table 11 is example, if an equipment, as server, used IP address is a.a.a.a, and the keeper wishes the flow that arrives it is monitored, and will all purpose IP addresses of mirror image be the packet of a.a.a.a so.If finding the corresponding local label value of a.a.a.a (or network segment of living in) in can transmitting at the MPLS of monitored device is X, so, just a.a.a.a and X are recorded in the conditions mirror form, what receive when monitored device is MPLS label bag, then in " local label value " row, search whether corresponding parameters is arranged, if the value that finds is X, then do tag processes; If what monitored device was received is the IP bag, then in " purpose IP address " row, search whether corresponding parameters is arranged, if the value that finds is a.a.a.a, do tag processes too.
For the Index in the table 12, if can not find out the local label value of b.b.b.b correspondence in the MPLS of monitored device transmits, can only write down purpose IP address so in the conditions mirror table is b.b.b.b.What only receive during forwarding accordingly, is not to be with the IP bag of MPLS label just to search whether corresponding parameters is arranged in " purpose IP address " row.
MPLS transmits and is not forever constant, when the MPLS process is restarted, after perhaps local routing table changes, all can redistribute local label.Therefore, former conditions mirror just needs to change.The process that changes is fairly simple, after local label is reallocated, only need issues again and gets final product.
Fig. 5 show according to the embodiment of the invention reset the conditions mirror flow chart, may further comprise the steps:
Step S502, MPLS transmit that to upgrade be to trigger the reason that conditions mirror changes, renewal may occur in that process is restarted or situation such as local routing table variation under.
Step S504 after MPLS transmits renewal, no matter whether newly assigned label value is the same, announces to forwarding plane.
Step S506 after the label value that forwarding plane upgrades, writes conditions mirror with new label value, covers content corresponding in original " local label value ".
In an embodiment of the present invention, also provide a kind of message mirror device of the MPLS of being used for network, having comprised: determination module is used for determining the destination address of monitored object; Search module, be used for transmitting the local label value of the destination address correspondence that finds monitored object at MPLS; The mirror image module, the message mirror that meets the local label value that is used for receiving is to designated port.
Preferably, the mirror image module specifically comprises: reading unit is used to read the outermost layer label value of message; Judging unit is used for judging whether the outermost layer label value equals the local label value of conditions mirror; Determining unit is if determine that then the message that receives meets the local label value.
This embodiment has provided the preferred structure of message mirror device.
The message mirror-image method that is used for the MPLS network and the device of the above embodiment of the present invention, because adopt and the MPLS message carried out mirror image based on label value, so overcome the problem that mirror image MPLS message needs repeatedly deep layer to search in the prior art, and then improved the forward efficiency of MPLS network.
Obviously, those skilled in the art should be understood that, above-mentioned each module of the present invention or each step can realize with the general calculation device, they can concentrate on the single calculation element, perhaps be distributed on the network that a plurality of calculation element forms, alternatively, they can be realized with the executable program code of calculation element, thereby, they can be stored in the storage device and carry out by calculation element, perhaps they are made into each integrated circuit modules respectively, perhaps a plurality of modules in them or step are made into the single integrated circuit module and realize.Like this, the present invention is not restricted to any specific hardware and software combination.
The above is the preferred embodiments of the present invention only, is not limited to the present invention, and for a person skilled in the art, the present invention can have various changes and variation.Within the spirit and principles in the present invention all, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (10)
1. a message mirror-image method that is used for the MPLS network is characterized in that, may further comprise the steps:
Determine the destination address of monitored object;
In transmitting, MPLS finds the local label value of the destination address correspondence of described monitored object;
With the message mirror that meets described local label value received to designated port.
2. message mirror-image method according to claim 1 is characterized in that, described monitored object is the network equipment or the network segment.
3. message mirror-image method according to claim 1 is characterized in that, the message mirror of receiving that meets described local label value is specifically comprised to designated port:
Described local label value is set to conditions mirror;
Judge whether the message that receives meets described conditions mirror;
If then described message mirror is arrived described designated port.
4. message mirror-image method according to claim 3 is characterized in that, judges whether the message that receives meets described conditions mirror and specifically comprise:
Read the outermost layer label value of described message;
Judge whether described outermost layer label value equals the described local label value in the described conditions mirror;
If determine that then the message that receives meets described conditions mirror.
5. message mirror-image method according to claim 3 is characterized in that, if described MPLS transmits renewal, then the middle local label value of upgrading of transmitting of described renewal is set to described conditions mirror.
6. message mirror-image method according to claim 4 is characterized in that, also comprises: if described message does not carry label value, judge then whether the purpose IP address in the described message meets the destination address of described monitored object;
If then described message mirror is arrived described designated port.
7. message mirror-image method according to claim 1 is characterized in that,, also comprises before the designated port at the message mirror that meets described local label value that will receive:
Judge whether the message that receives is the MPLS message;
If then carry out the message mirror that meets described local label value that to receive step to designated port.
8. message mirror-image method according to claim 7 is characterized in that, also comprises:
If not the MPLS message, judge then whether the purpose IP address in the described message meets the destination address of described monitored object;
If then described message mirror is arrived described designated port.
9. a message mirror device that is used for the MPLS network is characterized in that, comprising:
Determination module is used for determining the destination address of monitored object;
Search module, be used for transmitting the local label value of the destination address correspondence that finds described monitored object at MPLS;
The mirror image module, the message mirror that meets described local label value that is used for receiving is to designated port.
10. message mirror device according to claim 9 is characterized in that, described mirror image module specifically comprises:
Reading unit is used to read the outermost layer label value of described message;
Judging unit is used for judging whether described outermost layer label value equals the described local label value of described conditions mirror;
Determining unit is if determine that then the message that receives meets described local label value.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2008100903686A CN101252475A (en) | 2008-03-28 | 2008-03-28 | Message mirror-image method and apparatus |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2008100903686A CN101252475A (en) | 2008-03-28 | 2008-03-28 | Message mirror-image method and apparatus |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101252475A true CN101252475A (en) | 2008-08-27 |
Family
ID=39955671
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2008100903686A Pending CN101252475A (en) | 2008-03-28 | 2008-03-28 | Message mirror-image method and apparatus |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101252475A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102075410A (en) * | 2009-11-20 | 2011-05-25 | 杭州华三通信技术有限公司 | Port mirroring method and device in stacking equipment |
| CN101707550B (en) * | 2009-11-30 | 2012-01-25 | 中兴通讯股份有限公司 | Method and equipment for determining data flow to be mirrored |
| CN105207945A (en) * | 2015-08-24 | 2015-12-30 | 上海斐讯数据通信技术有限公司 | Port mirroring method based on two-tier and three-tier message addresses |
| WO2018024187A1 (en) * | 2016-08-01 | 2018-02-08 | 新华三技术有限公司 | Message monitoring |
-
2008
- 2008-03-28 CN CNA2008100903686A patent/CN101252475A/en active Pending
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102075410A (en) * | 2009-11-20 | 2011-05-25 | 杭州华三通信技术有限公司 | Port mirroring method and device in stacking equipment |
| CN101707550B (en) * | 2009-11-30 | 2012-01-25 | 中兴通讯股份有限公司 | Method and equipment for determining data flow to be mirrored |
| CN105207945A (en) * | 2015-08-24 | 2015-12-30 | 上海斐讯数据通信技术有限公司 | Port mirroring method based on two-tier and three-tier message addresses |
| WO2018024187A1 (en) * | 2016-08-01 | 2018-02-08 | 新华三技术有限公司 | Message monitoring |
| US10938679B2 (en) | 2016-08-01 | 2021-03-02 | New H3C Technologies Co., Ltd. | Packet monitoring |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102859952B (en) | Switch and stream table control method | |
| JP7035227B2 (en) | Data packet detection methods, devices, and systems | |
| CN102959910B (en) | The notice of change controller for being configured the packets forwarding of network element by communication channel | |
| US8270306B2 (en) | Fault management apparatus and method for identifying cause of fault in communication network | |
| US6871235B1 (en) | Fast path forwarding of link state advertisements using reverse path forwarding | |
| CN101707537B (en) | Positioning method of failed link and alarm root cause analyzing method, equipment and system | |
| CN103621027B (en) | Communication route control system and communication route control method | |
| US8782239B2 (en) | Distributed router computing at network nodes | |
| US7710959B2 (en) | Private VLAN edge across multiple switch modules | |
| CN102291455B (en) | Distributed cluster processing system and message processing method thereof | |
| US9185033B2 (en) | Communication path selection | |
| CN100579034C (en) | Method for reporting equipment information, system and device for obtaining equipment information | |
| US7653057B1 (en) | Preventing forwarding of a packet to a control plane | |
| CN102377640B (en) | Message processing apparatus, message processing method and preprocessor | |
| US20060215645A1 (en) | Setting control device for layer 2 device | |
| CN104704772B (en) | Communication system, virtual network managing device, virtual network management method | |
| CN102369703B (en) | Communication flow control system, communication flow control method, and communication flow processing program | |
| CN105745870A (en) | Removing lead filter from serial multiple-stage filter used to detect large flows in order to purge flows for prolonged operation | |
| CN103416010A (en) | Automated transitioning of networks between protocols | |
| CN103001891B (en) | Method for promoting integral service quality of local area network | |
| JP4935210B2 (en) | Network connection type detection method and system, and network device | |
| CN102164078A (en) | Policy routing method, device and system | |
| CN110011941B (en) | Message forwarding method and device | |
| CN103262046A (en) | Server management apparatus, server management method, and program | |
| CN104283780A (en) | Method and device for establishing data transmission route |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20080827 |