CN105207945A - Port mirroring method based on two-tier and three-tier message addresses - Google Patents

Port mirroring method based on two-tier and three-tier message addresses Download PDF

Info

Publication number
CN105207945A
CN105207945A CN201510522975.5A CN201510522975A CN105207945A CN 105207945 A CN105207945 A CN 105207945A CN 201510522975 A CN201510522975 A CN 201510522975A CN 105207945 A CN105207945 A CN 105207945A
Authority
CN
China
Prior art keywords
port
tier
monitoring
monitor
message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201510522975.5A
Other languages
Chinese (zh)
Inventor
范春燕
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Feixun Data Communication Technology Co Ltd
Original Assignee
Shanghai Feixun Data Communication Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Feixun Data Communication Technology Co Ltd filed Critical Shanghai Feixun Data Communication Technology Co Ltd
Priority to CN201510522975.5A priority Critical patent/CN105207945A/en
Publication of CN105207945A publication Critical patent/CN105207945A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/12Avoiding congestion; Recovering from congestion

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a port mirroring method based on two-tier and three-tier message addresses. The method comprises the following steps that S1: a first port required to be monitored is determined; S2: the type of flow required to be monitored is determined; S3: the corresponding ACL rules are arranged on the first port and used for filtering the type of flow or messages required to be monitored, and the ACL rules are applied to the first port; and S4: the first port is selected to act as the monitored port, a second port is selected to act as a monitoring port, monitoring direction of the first port is configured on the second port, and the messages of the type required to be monitored flow out of the second port. According to the port mirroring method based on the two-tier and three-tier message addresses, packet loss caused by congestion of the monitoring port can be avoided, and thus port monitoring is enabled to be more flexible and elaborate.

Description

A kind of based on two, the Port Mirroring method of three-tier message address
Technical field
The present invention relates to communication technical field, particularly relate to a kind of based on two, the Port Mirroring method of three-tier message address.
Background technology
Because present network environment is day by day complicated, information security seems particularly important.And enterprise is for the needs of protection company secret, also in the urgent need to there being a port that this real-time monitoring flow can be provided to go to carry out the functions such as fault location, flow analysis, flow backup in network.And Port Mirroring function is exactly an effective security means to network flow monitoring, the inspection of fail safe can be carried out to monitoring flow quantitative analysis, also can locate accurately when network failure in time simultaneously.Prior art be by monitor a port enter or outgoing direction or come in and go out twocouese all flows to certain monitor mouth, if a not only port of monitoring mouth monitoring, likely can cause monitoring mouth packet loss, thus very comprehensively can not monitor the data traffic that we want monitoring.
In enterprise, use Port Mirroring function, monitoring management can be carried out to the network data of enterprises better, when network failure, fault location well can be accomplished.Therefore, those skilled in the art be devoted to study always a kind of avoid monitoring mouth congested and produce packet loss, to the monitoring of port more flexibly with meticulous based on two, the Port Mirroring method of three-tier message address.
Summary of the invention
The technical problem to be solved in the present invention be to provide a kind of based on two, the Port Mirroring method of three-tier message address, should based on two, the Port Mirroring method of three-tier message address can avoid monitoring mouth congested and produce packet loss, to the monitoring of port more flexibly with meticulous.
For solving the problems of the technologies described above, provided by the invention a kind of based on two, the Port Mirroring method of three-tier message address:
There is provided data retransmission instrument, described data turn device and comprise at least two data transmission port, described based on two, the Port Mirroring method of three-tier message address comprises the following steps:
S1: determine the first port that will monitor;
S2: the type determining the flow that will monitor;
S3: arrange corresponding acl rule on described first port, for filtering the discharge pattern that will monitor or message, is applied to described acl rule on described first port;
S4: select described first port as monitored mouth, selects the second port as monitoring mouth, configures the monitoring direction of the first port on the second port, and the message of the described type that will monitor flows out from described second port.
Preferably, described acl rule is based on three-tier message IP address or the rule based on two layer message MAC Address.
Preferably, the monitoring direction in described step S4 is for entering or go out or entering out two-way.
Preferably, described data retransmission instrument is switch.
After adopting said method, determine the first port that will monitor, determine the type of the flow that will monitor, described first port arranges corresponding acl rule, for filtering the discharge pattern that will monitor or message, described acl rule is applied on described first port, the flow that you want monitoring is filtered with the acl rule of configuration, select described first port as monitored mouth, select the second port as monitoring mouth, configure the monitoring direction of the first port on the second port, the message of the described type that will monitor flows out from described second port, monitoring mouth is only monitored described acl rule and is filtered the flow of coming, should based on two, the Port Mirroring method of three-tier message address can avoid monitoring mouth congested and produce packet loss, to the monitoring of port more flexibly with meticulous.
Accompanying drawing explanation
Fig. 1 be the present invention a kind of based on two, the workflow diagram of the Port Mirroring method of three-tier message address.
Embodiment
In order to make object of the present invention, technical scheme and advantage clearly understand, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only for explaining the present invention, being not intended to limit the present invention.
Refer to Fig. 1, Fig. 1 be the present invention a kind of based on two, the workflow diagram of the Port Mirroring method of three-tier message address;
In the present embodiment, a kind of method for test examples design based on state machine being applicable to switch protocol, for monitoring network data ports, data retransmission instrument is provided, described data turn device and comprise at least two data transmission port, described based on two, the Port Mirroring method of three-tier message address comprises the following steps:
S1: determine the first port that will monitor;
S2: the type determining the flow that will monitor;
S3: arrange corresponding acl rule on described first port, for filtering the discharge pattern that will monitor or message, is applied to described acl rule on described first port;
S4: select described first port as monitored mouth, selects the second port as monitoring mouth, configures the monitoring direction of the first port on the second port, and the message of the described type that will monitor flows out from described second port.
In the present embodiment, preferred acl rule is based on three-tier message IP address or the rule based on two layer message MAC Address, and in other embodiments, acl rule also can be the rule of other types.
Monitoring direction in described step S4 is for entering or go out or entering out two-way, the address that so just can recognize based on this is carried out monitoring institute and is wanted entering or go out or bi-directional of policing port, doing so avoids and monitors the congested and packet loss of generation of monitoring mouth that unnecessary message and causing will monitor.
In the present embodiment, preferred data retransmission instrument is switch, also can be the data retransmission instrument of other types in other embodiments.
After adopting said method, determine the first port that will monitor, determine the type of the flow that will monitor, described first port arranges corresponding acl rule, for filtering the discharge pattern that will monitor or message, described acl rule is applied on described first port, the flow that you want monitoring is filtered with the acl rule of configuration, select described first port as monitored mouth, select the second port as monitoring mouth, configure the monitoring direction of the first port on the second port, the message of the described type that will monitor flows out from described second port, monitoring mouth is only monitored described acl rule and is filtered the flow of coming, should based on two, the Port Mirroring method of three-tier message address can avoid monitoring mouth congested and produce packet loss, to the monitoring of port more flexibly with meticulous.
Should be understood that; these are only the preferred embodiments of the present invention; can not therefore limit the scope of the claims of the present invention; every utilize specification of the present invention and accompanying drawing content to do equivalent structure or equivalent flow process conversion; or be directly or indirectly used in other relevant technical fields, be all in like manner included in scope of patent protection of the present invention.

Claims (4)

1. one kind based on two, the Port Mirroring method of three-tier message address, for monitoring network data ports, it is characterized in that: data retransmission instrument is provided, described data turn device and comprise at least two data transmission port, described based on two, the Port Mirroring method of three-tier message address comprises the following steps:
S1: determine the first port that will monitor;
S2: the type determining the flow that will monitor;
S3: arrange corresponding acl rule on described first port, for filtering the discharge pattern that will monitor or message, is applied to described acl rule on described first port;
S4: select described first port as monitored mouth, selects the second port as monitoring mouth, configures the monitoring direction of the first port on the second port, and the message of the described type that will monitor flows out from described second port.
2. according to claim 1 based on two, the Port Mirroring method of three-tier message address, it is characterized in that: described acl rule is based on three-tier message IP address or the rule based on two layer message MAC Address.
3. according to claim 1 based on two, the Port Mirroring method of three-tier message address, it is characterized in that: the monitoring direction in described step S4 is for entering or go out or entering out two-way.
4., according to the arbitrary described method for test examples design based on state machine being applicable to switch protocol of Claims 1-4, it is characterized in that: described data retransmission instrument is switch.
CN201510522975.5A 2015-08-24 2015-08-24 Port mirroring method based on two-tier and three-tier message addresses Pending CN105207945A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510522975.5A CN105207945A (en) 2015-08-24 2015-08-24 Port mirroring method based on two-tier and three-tier message addresses

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510522975.5A CN105207945A (en) 2015-08-24 2015-08-24 Port mirroring method based on two-tier and three-tier message addresses

Publications (1)

Publication Number Publication Date
CN105207945A true CN105207945A (en) 2015-12-30

Family

ID=54955387

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510522975.5A Pending CN105207945A (en) 2015-08-24 2015-08-24 Port mirroring method based on two-tier and three-tier message addresses

Country Status (1)

Country Link
CN (1) CN105207945A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106453409A (en) * 2016-11-28 2017-02-22 迈普通信技术股份有限公司 Packet processing method and access device
CN111274121A (en) * 2018-12-05 2020-06-12 北京奇虎科技有限公司 Testing method and device applying monitoring rules
CN113556345A (en) * 2021-07-22 2021-10-26 锐捷网络股份有限公司 Message processing method, device, equipment and medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101247397A (en) * 2008-03-07 2008-08-20 中兴通讯股份有限公司 Optimization method for effective order of mirror and access control list function
CN101252475A (en) * 2008-03-28 2008-08-27 中兴通讯股份有限公司 Message mirror-image method and apparatus
CN103200123A (en) * 2013-03-06 2013-07-10 深圳市新格林耐特通信技术有限公司 Safety control method of switchboard port

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101247397A (en) * 2008-03-07 2008-08-20 中兴通讯股份有限公司 Optimization method for effective order of mirror and access control list function
CN101252475A (en) * 2008-03-28 2008-08-27 中兴通讯股份有限公司 Message mirror-image method and apparatus
CN103200123A (en) * 2013-03-06 2013-07-10 深圳市新格林耐特通信技术有限公司 Safety control method of switchboard port

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
刘晓辉等: "《网络管理工具完全技术宝典(第3版)》", 28 February 2013 *

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106453409A (en) * 2016-11-28 2017-02-22 迈普通信技术股份有限公司 Packet processing method and access device
CN106453409B (en) * 2016-11-28 2019-12-10 迈普通信技术股份有限公司 Message processing method and access device
CN111274121A (en) * 2018-12-05 2020-06-12 北京奇虎科技有限公司 Testing method and device applying monitoring rules
CN111274121B (en) * 2018-12-05 2024-04-05 三六零科技集团有限公司 Test method and device for applying monitoring rule
CN113556345A (en) * 2021-07-22 2021-10-26 锐捷网络股份有限公司 Message processing method, device, equipment and medium
CN113556345B (en) * 2021-07-22 2024-04-19 锐捷网络股份有限公司 Message processing method, device, equipment and medium

Similar Documents

Publication Publication Date Title
CN108965123B (en) Link switching method and network communication system
US10129127B2 (en) Software defined network controller, service function chaining system and trace tracking method
CN103703722B (en) The method and apparatus of fault detection conversation of booting on P2MP tunnels
US8458319B2 (en) System and method for tracking network resources
US11018937B2 (en) Determining an effect of a network configuration change
CN104796298B (en) A kind of method and device of SDN network accident analysis
US10680897B2 (en) Network modification impact prediction
US7898971B2 (en) Method and apparatus for automating hub and spoke Internet Protocol Virtual Private Network trouble diagnostics
US9813448B2 (en) Secured network arrangement and methods thereof
CN104980372A (en) Relay System And Switching Device
CN105191230B (en) The next-hop ingress protection of label switched path
WO2018001326A1 (en) Method and device for acquiring fault information
CN101815006B (en) aggregation control method of links passing through provider network and system
CN104410570B (en) A kind of data transmission method and device based on VRRP
CN111147286B (en) IPRAN network loop monitoring method and device
CN103634166B (en) Equipment survival detection method and equipment survival detection device
CN102195832A (en) Loopback testing method, device and system
CN103023815B (en) Aggregation link load sharing method and device
CN105207945A (en) Port mirroring method based on two-tier and three-tier message addresses
CN112956158A (en) Structured data plane monitoring
Kumar et al. Open flow switch with intrusion detection system
CN115885502A (en) Diagnosing intermediate network nodes
CN109964450B (en) Method and device for determining shared risk link group
CN101631060B (en) Method and device for managing edge port
WO2016091019A1 (en) Method and corresponding device for counting and analyzing traffic of characteristic data packet

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20151230