CN105207945A - Port mirroring method based on two-tier and three-tier message addresses - Google Patents
Port mirroring method based on two-tier and three-tier message addresses Download PDFInfo
- Publication number
- CN105207945A CN105207945A CN201510522975.5A CN201510522975A CN105207945A CN 105207945 A CN105207945 A CN 105207945A CN 201510522975 A CN201510522975 A CN 201510522975A CN 105207945 A CN105207945 A CN 105207945A
- Authority
- CN
- China
- Prior art keywords
- port
- tier
- monitoring
- monitor
- message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/12—Avoiding congestion; Recovering from congestion
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a port mirroring method based on two-tier and three-tier message addresses. The method comprises the following steps that S1: a first port required to be monitored is determined; S2: the type of flow required to be monitored is determined; S3: the corresponding ACL rules are arranged on the first port and used for filtering the type of flow or messages required to be monitored, and the ACL rules are applied to the first port; and S4: the first port is selected to act as the monitored port, a second port is selected to act as a monitoring port, monitoring direction of the first port is configured on the second port, and the messages of the type required to be monitored flow out of the second port. According to the port mirroring method based on the two-tier and three-tier message addresses, packet loss caused by congestion of the monitoring port can be avoided, and thus port monitoring is enabled to be more flexible and elaborate.
Description
Technical field
The present invention relates to communication technical field, particularly relate to a kind of based on two, the Port Mirroring method of three-tier message address.
Background technology
Because present network environment is day by day complicated, information security seems particularly important.And enterprise is for the needs of protection company secret, also in the urgent need to there being a port that this real-time monitoring flow can be provided to go to carry out the functions such as fault location, flow analysis, flow backup in network.And Port Mirroring function is exactly an effective security means to network flow monitoring, the inspection of fail safe can be carried out to monitoring flow quantitative analysis, also can locate accurately when network failure in time simultaneously.Prior art be by monitor a port enter or outgoing direction or come in and go out twocouese all flows to certain monitor mouth, if a not only port of monitoring mouth monitoring, likely can cause monitoring mouth packet loss, thus very comprehensively can not monitor the data traffic that we want monitoring.
In enterprise, use Port Mirroring function, monitoring management can be carried out to the network data of enterprises better, when network failure, fault location well can be accomplished.Therefore, those skilled in the art be devoted to study always a kind of avoid monitoring mouth congested and produce packet loss, to the monitoring of port more flexibly with meticulous based on two, the Port Mirroring method of three-tier message address.
Summary of the invention
The technical problem to be solved in the present invention be to provide a kind of based on two, the Port Mirroring method of three-tier message address, should based on two, the Port Mirroring method of three-tier message address can avoid monitoring mouth congested and produce packet loss, to the monitoring of port more flexibly with meticulous.
For solving the problems of the technologies described above, provided by the invention a kind of based on two, the Port Mirroring method of three-tier message address:
There is provided data retransmission instrument, described data turn device and comprise at least two data transmission port, described based on two, the Port Mirroring method of three-tier message address comprises the following steps:
S1: determine the first port that will monitor;
S2: the type determining the flow that will monitor;
S3: arrange corresponding acl rule on described first port, for filtering the discharge pattern that will monitor or message, is applied to described acl rule on described first port;
S4: select described first port as monitored mouth, selects the second port as monitoring mouth, configures the monitoring direction of the first port on the second port, and the message of the described type that will monitor flows out from described second port.
Preferably, described acl rule is based on three-tier message IP address or the rule based on two layer message MAC Address.
Preferably, the monitoring direction in described step S4 is for entering or go out or entering out two-way.
Preferably, described data retransmission instrument is switch.
After adopting said method, determine the first port that will monitor, determine the type of the flow that will monitor, described first port arranges corresponding acl rule, for filtering the discharge pattern that will monitor or message, described acl rule is applied on described first port, the flow that you want monitoring is filtered with the acl rule of configuration, select described first port as monitored mouth, select the second port as monitoring mouth, configure the monitoring direction of the first port on the second port, the message of the described type that will monitor flows out from described second port, monitoring mouth is only monitored described acl rule and is filtered the flow of coming, should based on two, the Port Mirroring method of three-tier message address can avoid monitoring mouth congested and produce packet loss, to the monitoring of port more flexibly with meticulous.
Accompanying drawing explanation
Fig. 1 be the present invention a kind of based on two, the workflow diagram of the Port Mirroring method of three-tier message address.
Embodiment
In order to make object of the present invention, technical scheme and advantage clearly understand, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only for explaining the present invention, being not intended to limit the present invention.
Refer to Fig. 1, Fig. 1 be the present invention a kind of based on two, the workflow diagram of the Port Mirroring method of three-tier message address;
In the present embodiment, a kind of method for test examples design based on state machine being applicable to switch protocol, for monitoring network data ports, data retransmission instrument is provided, described data turn device and comprise at least two data transmission port, described based on two, the Port Mirroring method of three-tier message address comprises the following steps:
S1: determine the first port that will monitor;
S2: the type determining the flow that will monitor;
S3: arrange corresponding acl rule on described first port, for filtering the discharge pattern that will monitor or message, is applied to described acl rule on described first port;
S4: select described first port as monitored mouth, selects the second port as monitoring mouth, configures the monitoring direction of the first port on the second port, and the message of the described type that will monitor flows out from described second port.
In the present embodiment, preferred acl rule is based on three-tier message IP address or the rule based on two layer message MAC Address, and in other embodiments, acl rule also can be the rule of other types.
Monitoring direction in described step S4 is for entering or go out or entering out two-way, the address that so just can recognize based on this is carried out monitoring institute and is wanted entering or go out or bi-directional of policing port, doing so avoids and monitors the congested and packet loss of generation of monitoring mouth that unnecessary message and causing will monitor.
In the present embodiment, preferred data retransmission instrument is switch, also can be the data retransmission instrument of other types in other embodiments.
After adopting said method, determine the first port that will monitor, determine the type of the flow that will monitor, described first port arranges corresponding acl rule, for filtering the discharge pattern that will monitor or message, described acl rule is applied on described first port, the flow that you want monitoring is filtered with the acl rule of configuration, select described first port as monitored mouth, select the second port as monitoring mouth, configure the monitoring direction of the first port on the second port, the message of the described type that will monitor flows out from described second port, monitoring mouth is only monitored described acl rule and is filtered the flow of coming, should based on two, the Port Mirroring method of three-tier message address can avoid monitoring mouth congested and produce packet loss, to the monitoring of port more flexibly with meticulous.
Should be understood that; these are only the preferred embodiments of the present invention; can not therefore limit the scope of the claims of the present invention; every utilize specification of the present invention and accompanying drawing content to do equivalent structure or equivalent flow process conversion; or be directly or indirectly used in other relevant technical fields, be all in like manner included in scope of patent protection of the present invention.
Claims (4)
1. one kind based on two, the Port Mirroring method of three-tier message address, for monitoring network data ports, it is characterized in that: data retransmission instrument is provided, described data turn device and comprise at least two data transmission port, described based on two, the Port Mirroring method of three-tier message address comprises the following steps:
S1: determine the first port that will monitor;
S2: the type determining the flow that will monitor;
S3: arrange corresponding acl rule on described first port, for filtering the discharge pattern that will monitor or message, is applied to described acl rule on described first port;
S4: select described first port as monitored mouth, selects the second port as monitoring mouth, configures the monitoring direction of the first port on the second port, and the message of the described type that will monitor flows out from described second port.
2. according to claim 1 based on two, the Port Mirroring method of three-tier message address, it is characterized in that: described acl rule is based on three-tier message IP address or the rule based on two layer message MAC Address.
3. according to claim 1 based on two, the Port Mirroring method of three-tier message address, it is characterized in that: the monitoring direction in described step S4 is for entering or go out or entering out two-way.
4., according to the arbitrary described method for test examples design based on state machine being applicable to switch protocol of Claims 1-4, it is characterized in that: described data retransmission instrument is switch.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510522975.5A CN105207945A (en) | 2015-08-24 | 2015-08-24 | Port mirroring method based on two-tier and three-tier message addresses |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510522975.5A CN105207945A (en) | 2015-08-24 | 2015-08-24 | Port mirroring method based on two-tier and three-tier message addresses |
Publications (1)
Publication Number | Publication Date |
---|---|
CN105207945A true CN105207945A (en) | 2015-12-30 |
Family
ID=54955387
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510522975.5A Pending CN105207945A (en) | 2015-08-24 | 2015-08-24 | Port mirroring method based on two-tier and three-tier message addresses |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105207945A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106453409A (en) * | 2016-11-28 | 2017-02-22 | 迈普通信技术股份有限公司 | Packet processing method and access device |
CN111274121A (en) * | 2018-12-05 | 2020-06-12 | 北京奇虎科技有限公司 | Testing method and device applying monitoring rules |
CN113556345A (en) * | 2021-07-22 | 2021-10-26 | 锐捷网络股份有限公司 | Message processing method, device, equipment and medium |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101247397A (en) * | 2008-03-07 | 2008-08-20 | 中兴通讯股份有限公司 | Optimization method for effective order of mirror and access control list function |
CN101252475A (en) * | 2008-03-28 | 2008-08-27 | 中兴通讯股份有限公司 | Message mirror-image method and apparatus |
CN103200123A (en) * | 2013-03-06 | 2013-07-10 | 深圳市新格林耐特通信技术有限公司 | Safety control method of switchboard port |
-
2015
- 2015-08-24 CN CN201510522975.5A patent/CN105207945A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101247397A (en) * | 2008-03-07 | 2008-08-20 | 中兴通讯股份有限公司 | Optimization method for effective order of mirror and access control list function |
CN101252475A (en) * | 2008-03-28 | 2008-08-27 | 中兴通讯股份有限公司 | Message mirror-image method and apparatus |
CN103200123A (en) * | 2013-03-06 | 2013-07-10 | 深圳市新格林耐特通信技术有限公司 | Safety control method of switchboard port |
Non-Patent Citations (1)
Title |
---|
刘晓辉等: "《网络管理工具完全技术宝典(第3版)》", 28 February 2013 * |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106453409A (en) * | 2016-11-28 | 2017-02-22 | 迈普通信技术股份有限公司 | Packet processing method and access device |
CN106453409B (en) * | 2016-11-28 | 2019-12-10 | 迈普通信技术股份有限公司 | Message processing method and access device |
CN111274121A (en) * | 2018-12-05 | 2020-06-12 | 北京奇虎科技有限公司 | Testing method and device applying monitoring rules |
CN111274121B (en) * | 2018-12-05 | 2024-04-05 | 三六零科技集团有限公司 | Test method and device for applying monitoring rule |
CN113556345A (en) * | 2021-07-22 | 2021-10-26 | 锐捷网络股份有限公司 | Message processing method, device, equipment and medium |
CN113556345B (en) * | 2021-07-22 | 2024-04-19 | 锐捷网络股份有限公司 | Message processing method, device, equipment and medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108965123B (en) | Link switching method and network communication system | |
US10129127B2 (en) | Software defined network controller, service function chaining system and trace tracking method | |
CN103703722B (en) | The method and apparatus of fault detection conversation of booting on P2MP tunnels | |
US8458319B2 (en) | System and method for tracking network resources | |
US11018937B2 (en) | Determining an effect of a network configuration change | |
CN104796298B (en) | A kind of method and device of SDN network accident analysis | |
US10680897B2 (en) | Network modification impact prediction | |
US7898971B2 (en) | Method and apparatus for automating hub and spoke Internet Protocol Virtual Private Network trouble diagnostics | |
US9813448B2 (en) | Secured network arrangement and methods thereof | |
CN104980372A (en) | Relay System And Switching Device | |
CN105191230B (en) | The next-hop ingress protection of label switched path | |
WO2018001326A1 (en) | Method and device for acquiring fault information | |
CN101815006B (en) | aggregation control method of links passing through provider network and system | |
CN104410570B (en) | A kind of data transmission method and device based on VRRP | |
CN111147286B (en) | IPRAN network loop monitoring method and device | |
CN103634166B (en) | Equipment survival detection method and equipment survival detection device | |
CN102195832A (en) | Loopback testing method, device and system | |
CN103023815B (en) | Aggregation link load sharing method and device | |
CN105207945A (en) | Port mirroring method based on two-tier and three-tier message addresses | |
CN112956158A (en) | Structured data plane monitoring | |
Kumar et al. | Open flow switch with intrusion detection system | |
CN115885502A (en) | Diagnosing intermediate network nodes | |
CN109964450B (en) | Method and device for determining shared risk link group | |
CN101631060B (en) | Method and device for managing edge port | |
WO2016091019A1 (en) | Method and corresponding device for counting and analyzing traffic of characteristic data packet |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20151230 |