CN105490884A - VXLAN tunnel detection method and apparatus - Google Patents
VXLAN tunnel detection method and apparatus Download PDFInfo
- Publication number
- CN105490884A CN105490884A CN201510931765.1A CN201510931765A CN105490884A CN 105490884 A CN105490884 A CN 105490884A CN 201510931765 A CN201510931765 A CN 201510931765A CN 105490884 A CN105490884 A CN 105490884A
- Authority
- CN
- China
- Prior art keywords
- tunnel
- configuration information
- address
- equipment
- virtual network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0805—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4633—Interconnection of networks using encapsulation techniques, e.g. tunneling
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0631—Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Environmental & Geological Engineering (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiments of the invention provide a VXLAN tunnel detection method and apparatus, and relate to the technical field of communication, for feeding back causes of VXLAN tunnel establishment failure and improving VXLAN tunnel establishment efficiency. The method comprises the following steps: a first device receiving second tunnel configuration information sent by a second device; matching the second tunnel configuration information with first tunnel configuration information on the first device; and when the first tunnel configuration information does not match the second tunnel configuration information, the first device sending a fault message to the second device, wherein tunnel configuration information comprises a mapping relation between an IP address of a destination end of a VXLAN tunnel and a virtual network identifier (VNID), and the tunnel configuration information is used for establishing a VXLAN tunnel for the first device and the second device. The method and apparatus provided by embodiments of the invention are applied to detection of the VXLAN tunnel.
Description
Technical field
Embodiments of the invention relate to the communications field, particularly relate to a kind of method and device of VXLAN Tunnel testing.
Background technology
Virtual easily extensible local area network (LAN) (VirtualExtensibleLocalAreaNetwork, VXLAN) technology is virtual for extended network, the technology used to meet user with the virtual network obtaining sufficient amount.VXLAN technology is by setting up VXLAN tunnel, existing network framework creates a large amount of virtual easily extensible local area network (LAN)s, different virtual easily extensible local area network (LAN)s uses VNI (VXLANNetworkIdentifier, virtual easily extensible local net network identifier) to identify.
In prior art, the mode of setting up in VXLAN tunnel has two kinds: one adopts proprietary protocol to set up, and another kind sets up manually.But, when setting up VXLAN tunnel manually, need to rely on user's configuration or third party's proprietary protocol to complete, add the complexity of network, and when adopting proprietary protocol to set up VXLAN tunnel, likely because user's configuration at two ends, VXLAN tunnel is not mated and occurs that failed situation is set up in VXLAN tunnel, and when there is above situation, cannot determine that failed reason is set up in VXLAN tunnel, VXLAN tunnel is caused not set up in time, reduce VXLAN tunnel and set up efficiency, affect Consumer's Experience.
Summary of the invention
Embodiments of the invention provide a kind of method and device of VXLAN Tunnel testing, can set up failed reason and feed back, improve VXLAN tunnel and set up efficiency, improve Consumer's Experience VXLAN tunnel.
First aspect, embodiments provide a kind of VXLAN tunnel detection method, the method comprises: the first equipment receives the second tunnel configuration information that the second equipment sends; Second tunnel configuration information is mated with the first tunnel configuration information on the first equipment; When the first tunnel configuration information is not mated with the second tunnel configuration information, the first equipment sends fault message to the second equipment; First tunnel configuration information comprises the mapping relations of an IP address and virtual network instance identification VNID, and an IP address is the IP address setting up the destination in VXLAN tunnel with the first equipment; Second tunnel configuration information comprises the mapping relations of the 2nd IP address and virtual network instance identification VNID, 2nd IP address is the IP address setting up the destination in VXLAN tunnel with the second equipment, and wherein tunnel configuration information sets up VXLAN tunnel for the first equipment and the second equipment.
In the first possible implementation of first aspect, second tunnel configuration information is mated with the first tunnel configuration information on the first equipment, comprise: from the second tunnel configuration information, take out the first virtual network instance identification, wherein the first virtual network instance identification is arbitrary virtual network instance identification of the second tunnel configuration information; The two IP address corresponding with the first virtual network instance identification is obtained in the second tunnel configuration information, and as the first source IP address, tunnel; An IP address corresponding with the first virtual network instance identification is obtained in the first tunnel configuration information, and as the first destination IP address, tunnel; When the first tunnel configuration information is not mated with the second tunnel configuration information, first equipment sends fault message to the second equipment, comprise: when the first source IP address, tunnel is identical with the first destination IP address, tunnel, the first equipment sends Fisrt fault message to the second equipment.
In conjunction with first aspect or the first possible implementation of first aspect, in the implementation that the second is possible, second tunnel configuration information is mated with the first tunnel configuration information on the first equipment, also comprise: the second tunnel configuration information is mated with the first tunnel configuration information on the first equipment, also comprises: from the second tunnel configuration information, take out a 2nd IP address as the second destination IP address, tunnel; The all virtual network instance identification corresponding with the second destination IP address, tunnel are obtained in the second tunnel configuration information, and as the second virtual network instance identification group; The tunnel destination IP address corresponding with each virtual network instance identification in the second virtual network instance identification group is obtained in the first tunnel configuration information; When the first tunnel configuration information is not mated with the second tunnel configuration information, first equipment sends fault message to the second equipment, comprise: when the destination IP address, tunnel that each virtual network instance identification in the second virtual network instance identification group is corresponding is not unique, the first equipment sends the second fault message to described second equipment.
In conjunction with first aspect, or any one possible implementation of first aspect the first to the second, in the implementation that the third is possible, the first equipment and the second equipment are bgp neighbor.
In conjunction with the third possible implementation of first aspect, in the 4th kind of possible implementation, fault message is that BGP notifies Notification message; After the second equipment receives fault message, the content according to fault message carries out miscue, and maintains bgp neighbor and be in established state.
Second aspect, embodiments provides a kind of VXLAN tunnel detector, is positioned at the first equipment, comprises: receiving element, for receiving the second tunnel configuration information that the second equipment sends; Processing unit, for mating the second tunnel configuration information with the first tunnel configuration information on the first equipment; Transmitting element, for when the first tunnel configuration information is not mated with the second tunnel configuration information, sends fault message to the second equipment; First tunnel configuration information comprises the mapping relations of an IP address and virtual network instance identification VNID, and an IP address is the IP address setting up the destination in VXLAN tunnel with the first equipment; Second tunnel configuration information comprises the mapping relations of the 2nd IP address and virtual network instance identification VNID, 2nd IP address is the IP address setting up the destination in VXLAN tunnel with the second equipment, and wherein tunnel configuration information sets up VXLAN tunnel for the first equipment and the second equipment.
In the first possible implementation of second aspect, processing unit also for: from the second tunnel configuration information, take out the first virtual network instance identification, wherein the first virtual network instance identification is arbitrary virtual network instance identification of the second tunnel configuration information; The two IP address corresponding with the first virtual network instance identification is obtained in the second tunnel configuration information, and as the first source IP address, tunnel; An IP address corresponding with the first virtual network instance identification is obtained in the first tunnel configuration information, and as the first destination IP address, tunnel; Transmitting element also for: when the first source IP address, tunnel is identical with the first destination IP address, tunnel, send Fisrt fault message to the second equipment.
In conjunction with second aspect or the first possible implementation of second aspect, in the implementation that the second is possible, processing unit also for: from the second tunnel configuration information take out a 2nd IP address as the second destination IP address, tunnel; The all virtual network instance identification corresponding with the second destination IP address, tunnel are obtained in the second tunnel configuration information, and as the second virtual network instance identification group; The tunnel destination IP address corresponding with each virtual network instance identification in the second virtual network instance identification group is obtained in the first tunnel configuration information; Transmitting element also for: when destination IP address, tunnel corresponding to each virtual network instance identification in the second virtual network instance identification group is unique, send the second fault message to the second equipment.
In conjunction with second aspect, or any one possible implementation of second aspect the first to the second, in the implementation that the third is possible, the first equipment and the second equipment are bgp neighbor.
In conjunction with the third possible implementation of second aspect, in the 4th kind of possible implementation, fault message is that BGP notifies Notification message; After the second equipment receives fault message, the content according to fault message carries out miscue, and maintains bgp neighbor and be in established state.
A kind of VXLAN tunnel detection method that the embodiment of the present invention provides and device, comprising: first the first equipment receives the second tunnel configuration information that the second equipment sends; Secondly the second tunnel configuration information is mated with the first tunnel configuration information on the first equipment; Finally when the first tunnel configuration information is not mated with the second tunnel configuration information, the first equipment sends fault message to the second equipment; Wherein the first tunnel configuration information comprises the mapping relations of an IP address and virtual network instance identification VNID, one IP address is the IP address setting up the destination in VXLAN tunnel with the first equipment, second tunnel configuration information comprises the mapping relations of the 2nd IP address and virtual network instance identification VNID, 2nd IP address is the IP address setting up the destination in VXLAN tunnel with described second equipment, and tunnel configuration information is used for the first equipment and the second equipment sets up VXLAN tunnel.Therefore the VXLAN tunnel detection method that provides of above-described embodiment, for the VXLAN tunnel information configured in VXLAN network, by the second tunnel configuration information that the second equipment generates according to own configuration information, mate with configuration information i.e. the first tunnel configuration information on the first equipment required for detection second tunnel configuration information legitimacy, and judge that whether the second configuration information is legal according to matching result, as illegal in the second configuration information, fault message is sent to the second equipment, second equipment is learnt, and the configuration information that the second equipment is set up required for VXLAN tunnel is illegal, thus before setting up VXLAN tunnel, legitimacy detection is carried out to the configuration information will setting up VXLAN tunnel, when the configuration information of detected equipment is illegal, this error message is informed to this equipment, thus can feed back in time the failed reason of VXLAN tunnel foundation, improve VXLAN tunnel and set up efficiency, improve Consumer's Experience.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
Fig. 1 is the schematic diagram of VXLAN in prior art;
The schematic flow sheet of a kind of VXLAN tunnel detection method that Fig. 2 provides for embodiments of the invention;
The schematic flow sheet of a kind of VXLAN tunnel detection method that Fig. 3 provides for another embodiment of the present invention;
The schematic diagram of a kind of VXLAN tunnel detector that Fig. 4 provides for embodiments of the invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, be clearly and completely described the technical scheme in the embodiment of the present invention, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.
The term used in this application is only for the object describing specific embodiment, and not intended to be limiting the application.The term of the odd number shape used in the application and appended claims as " one ", " as described in " and " being somebody's turn to do " be also intended to comprise most form, unless context clearly represents other implications.It is also understood that simultaneously the term "and/or" used in the application refer to and comprise one or more project of listing be associated any or all may combine.
Term such as " first ", " second ", " the 3rd " etc. may be adopted although should be appreciated that to describe various information in the application, these information should not be limited to these terms, and above-mentioned term is only used for the information of same type to be distinguished from each other out.Exemplary, when not departing from the application's scope, the first information also can be called as the second information, similarly, second information also can be called as the first information, depend on linguistic context simultaneously, the word that uses in above-mentioned scene " if " can be construed as into " ... time " or " when ... time " or " in response to determining ".
As shown in Figure 1, virtual easily extensible local area network (LAN) VXLAN generally includes:
101, VXLAN endpoint of a tunnel (VXLANTunnelEndPoint, VTEP): VTEP is the edge device of VXLAN, the relevant treatment of VXLAN is all carried out on VTEP, such as identify the VXLAN belonging to ethernet data frame, based on VXLAN, two layers of forwarding, encapsulation/decapsulation message etc. are carried out to Frame, pass through three-layer network carry out data communication by setting up VXLAN tunnel between VTEP, VTEP can be the physical equipment of a platform independent, also can be to run the server having virtual machine.Wherein VXLAN is identified by VXLAN network identifier (VXLANNetworkIdentifier, VNI).
102, VXLAN tunnel: VXLAN tunnel is the logical tunnel of point-to-point between two VTEP.VTEP is after Frame packaging V XLAN head, UDP head, IP head, by VXLAN tunnel by encapsulation after message repeating to far-end VTEP, far-end VTEP carries out decapsulation to it.
When generating VXLAN tunnel when being set up VXLAN tunnel by proprietary protocol, need to carry out VXLAN relevant configuration on VTEP, wherein carry out on VTEP to generate the relevant configuration in VXLAN tunnel and comprise: the source IP address in VXLAN tunnel, the destination address in VXLAN tunnel, and the VNI of VXLAN of VXLAN tunnel-associated.Wherein a VXLAN tunnel can only have a source, and namely VXLAN tunnel can only the source address in a corresponding VXLAN tunnel.Simultaneously a VXLAN can associate many VXLAN tunnels, and a VXLAN tunnel can associate multiple VXLAN, and these VXLAN share this VXLAN tunnel, and namely VNI can corresponding many VXLAN tunnels, and a VXLAN tunnel also can corresponding multiple VNI.
For the above-mentioned VXLAN tunnel information configured in VXLAN network, with reference to shown in Fig. 2, embodiments of the invention provide a kind of VXLAN tunnel detection method, comprise the steps:
201, the first equipment receives the second tunnel configuration information that the second equipment sends.
Wherein the first equipment and the second equipment are VXLAN endpoint of a tunnel (VXLANTunnelEndPoint, VTEP), first equipment and the second equipment room route can reach, namely the first equipment sends data to the second equipment room, second equipment can receive the data that the first equipment sends, and sending feedback data to the first equipment, the first equipment can receive the feedback data that the second equipment sends.First equipment and the second equipment can be independently physical equipment, as router etc., and also can for running the server having virtual machine.
Second tunnel configuration information, be included in the first equipment and the second equipment room and set up configuration information required for VXLAN tunnel, second tunnel configuration information can comprise destination address, VXLAN tunnel i.e. the 2nd IP address ip TA, VNI with the VXLAN of VXLAN tunnel-associated, and the mapping relations of IPTA and VNI, wherein IPTA is with the address of VXLAN tunnel destination under the second equipment prerequisite that is VXLAN tunnel source.One of them IPTA can corresponding one or more VNI, and VNI only can occur in mapping relations wherein.Second tunnel configuration information can be generated according to own configuration information by the second equipment, also can for being stored in the configuration information in the second equipment in advance.
Exemplary, as shown in table 1, be a kind of specific implementation of the second tunnel configuration information.
Table 1
| The destination address in VXLAN tunnel | VXLAN network identifier |
| IPTA1 | VNI1 |
| IPTA2 | VNI2、VNI3 |
| IPTA3 | VNI4、VNI5、VNI6 |
202, judge whether the second tunnel configuration information mates with the first tunnel configuration information on the first equipment
Wherein the first tunnel configuration information is positioned on the first equipment, first tunnel configuration information comprises the configuration information for the first equipment required for detecting in the legitimacy of the first equipment to the second tunnel configuration information, first tunnel configuration information can comprise destination address, a VXLAN tunnel i.e. IP address ip TB, VNI with the VXLAN of VXLAN tunnel-associated, and the mapping relations of IPTB and VNI, wherein IPTB is with the address of VXLAN tunnel destination under the first equipment prerequisite that is VXLAN tunnel source.One of them IPTB can corresponding one or more VNI, and VNI only can occur in mapping relations wherein.First tunnel configuration information can be generated according to own configuration information by the first equipment, also can for being stored in the configuration information in the first equipment in advance.
Exemplary, as shown in table 2, be a kind of specific implementation of the first tunnel configuration information.
Table 2
| The destination address in VXLAN tunnel | VXLAN network identifier |
| IPTB1 | VNI1 |
| IPTB2 | VNI2、VNI3 |
| IPTB3 | VNI4 |
Second tunnel configuration information is mated with the first tunnel configuration information, can be take out a VNI from the second tunnel configuration information, and the IPTA corresponding with this VNI, IPTB corresponding with this VNI according to the first tunnel configuration acquisition of information again, when IPTA and IPTB is identical, the second tunnel configuration information is not mated with the first tunnel configuration information.Second tunnel configuration information is mated with the first tunnel configuration information, also can be take out an IPTA from the second tunnel configuration information, the all VNIs corresponding with this IPTA with the second tunnel configuration acquisition of information according to this IPTA, according to the first tunnel configuration acquisition of information and each self-corresponding IPTB of this all VNI, when obtained IPTB is not unique, the second tunnel configuration information is not mated with the first tunnel configuration information.
Exemplary: based on the first tunnel configuration information shown in the second tunnel configuration information shown in table 1 and table 2, when mating with the first tunnel configuration information the second tunnel configuration information:
VNI1 is taken out from the second configuration information, and the IPTA1 corresponding with VNI1, obtain the IPTB1 corresponding with VNI1 according to the first configuration information, as IPTA1=IPTB1, the second configuration information does not mate with the first configuration information.
203, when the second configuration information does not mate with the first configuration information, the first equipment sends fault message to the second equipment.
The wherein fault message that sends to the second equipment of the first equipment, can be expression second configuration information and the unmatched data of the first configuration information, also can be the data also comprising expression second configuration information and the concrete not match-type of the first configuration information, as long as to the second equipment, the first equipment can inform that the second configuration information is illegal by fault message.
A kind of VXLAN tunnel detection method that the embodiment of the present invention provides, comprising: first the first equipment receives the second tunnel configuration information that the second equipment sends; Secondly the second tunnel configuration information is mated with the first tunnel configuration information on the first equipment; Finally when the first tunnel configuration information is not mated with the second tunnel configuration information, the first equipment sends fault message to the second equipment; Wherein the first tunnel configuration information comprises the mapping relations of an IP address and virtual network instance identification VNID, one IP address is the IP address setting up the destination in VXLAN tunnel with the first equipment, second tunnel configuration information comprises the mapping relations of the 2nd IP address and virtual network instance identification VNID, 2nd IP address is the IP address setting up the destination in VXLAN tunnel with described second equipment, and tunnel configuration information is used for the first equipment and the second equipment sets up VXLAN tunnel.Therefore the VXLAN tunnel detection method that provides of above-described embodiment, for the VXLAN tunnel information configured in VXLAN network, by the second tunnel configuration information that the second equipment generates according to own configuration information, mate with configuration information i.e. the first tunnel configuration information on the first equipment required for detection second tunnel configuration information legitimacy, and judge that whether the second configuration information is legal according to matching result, as illegal in the second configuration information, fault message is sent to the second equipment, second equipment is learnt, and the configuration information that the second equipment is set up required for VXLAN tunnel is illegal, thus before setting up VXLAN tunnel, legitimacy detection is carried out to the configuration information will setting up VXLAN tunnel, when the configuration information of detected equipment is illegal, this error message is informed to this equipment, thus can feed back in time the failed reason of VXLAN tunnel foundation, improve VXLAN tunnel and set up efficiency, improve Consumer's Experience.
For the above-mentioned VXLAN tunnel information configured in VXLAN network, with reference to shown in Fig. 3, embodiments of the invention provide a kind of VXLAN tunnel detection method, comprise the steps:
301, the first equipment receives the second tunnel configuration information that the second equipment sends.
Concrete example, with reference to above-mentioned steps 201, repeats no more here.
It should be noted that, the first equipment and the second equipment can also for establishing the neighborhood (or claiming Correspondent Node/peer-entities) in Border Gateway Protocol (BorderGatewayProtocol is called for short BGP).
302, from the second tunnel configuration information, a virtual network instance identification is taken out as the first virtual network instance identification.
Wherein from the second tunnel configuration information, take out a virtual network instance identification, can for taking out any one virtual network instance identification and as the first virtual network instance identification from the second tunnel configuration information, exemplary, based on the second tunnel configuration information shown in table 1, VNI2 is taken out, as the first virtual network instance identification from the second tunnel configuration information.
303, in the second tunnel configuration information, the two IP address corresponding with the first virtual network instance identification is obtained, and as the first source IP address, tunnel, an IP address corresponding with the first virtual network instance identification is obtained in the first tunnel configuration information, and as the first destination IP address, tunnel.
Wherein in the second tunnel configuration information, obtain the two IP address corresponding with the first virtual network instance identification, and as the first source IP address, tunnel, be included in the second tunnel configuration information, obtain the 2nd IP address that there are mapping relations with the first virtual network instance identification, and as the first source IP address, tunnel.An IP address corresponding with the first virtual network instance identification is obtained in the first tunnel configuration information, and as the first destination IP address, tunnel, be included in the first tunnel configuration information, obtain the IP address that there are mapping relations with the first virtual network instance identification, and do the first destination IP address, tunnel.
Exemplary, based on the second tunnel configuration information shown in table 1, obtain the first source IP address, tunnel and comprise:
According to the VNI1 taken out in the second configuration information, in the second configuration information, obtain the IPTA1 mapped with VNI1, as the first source IP address, tunnel.
Based on the first tunnel configuration information shown in table 2, obtain the first destination IP address, tunnel and comprise:
According to the VNI1 taken out in the second tunnel configuration information, in the first configuration information, obtain the IPTB1 mapped with VNI1, as the first destination IP address, tunnel.
304, judge that whether the first source IP address, tunnel is identical with the first destination IP address, tunnel.
According to the first source IP address, tunnel obtained in step 303 and the first destination IP address, tunnel, judge whether it is same IP address.
According to the judged result of step 304, when the first source IP address, tunnel is identical with the first destination IP address, tunnel, then carry out following steps:
305, the first equipment sends Fisrt fault message to the second equipment.
Wherein Fisrt fault message comprises the illegal and concrete illegal content of the second tunnel configuration information, and namely the second tunnel configuration information is identical with destination IP address, tunnel to source IP address in tunnel in the configuration information in same VXLAN tunnel with the first tunnel configuration information pointer.Fisrt fault message can also comprise in above-mentioned illegal content the 2nd IP address occurring in the second tunnel configuration information overlapping.
First equipment sends Fisrt fault message to the second equipment, can be that illegal content illegal and concrete for the second tunnel configuration information is sent to the second equipment with the form of packet by the first equipment, also can be by BGP, illegal content illegal and concrete for the second tunnel configuration information is notified that the form of Notification message is sent to the second equipment by the first equipment.
According to the judged result of step 304, when the first source IP address, tunnel is different from the first destination IP address, tunnel, then carry out following steps:
306, from the second tunnel configuration information, a 2nd IP address is taken out as the second destination IP address, tunnel.
From the second tunnel configuration information, wherein take out a 2nd IP address as the second destination IP address, tunnel, can for taking out any one the 2nd IP address and as the second destination IP address, tunnel from the second tunnel configuration information, exemplary, based on the second tunnel configuration information shown in table 1, VNI4 is taken out, as the second destination IP address, tunnel from the second tunnel configuration information.
307, in the second tunnel configuration information, all virtual network instance identification corresponding with the second destination IP address, tunnel are obtained, and as the second virtual network instance identification group; The tunnel destination IP address corresponding with each virtual network instance identification in the second virtual network instance identification group is obtained in the first tunnel configuration information.
Wherein, the all virtual network instance identification corresponding with the second destination IP address, tunnel are obtained in the second tunnel configuration information, comprise in acquisition second tunnel configuration information and there are one or more virtual network instance identification of mapping relations with the second destination IP address, tunnel obtained within step 306, and using the set of obtained virtual network instance identification as the second virtual network instance identification group.
The tunnel destination IP address corresponding with each virtual network instance identification in the second virtual network instance identification group is obtained in the first tunnel configuration information, comprise an IP address corresponding respectively with virtual network instance identification all in the second virtual network instance identification group in acquisition first tunnel configuration information, and the IP address obtained is considered as the second source IP address, tunnel, the second source IP address, tunnel can comprise an one or more IP address.
308, judge that whether the destination IP address, tunnel that in the second virtual network instance identification group, each virtual network instance identification is corresponding is unique.
When the destination IP address, tunnel that each virtual network instance identification in the second virtual network instance identification group obtained in step 307 is corresponding is multiple IP addresses, then there is multiple second tunnel source IP address corresponding with the second destination IP address, tunnel in representative; When the second source IP address, tunnel obtained in step 307 is an IP address, then the second source IP address, tunnel that representative is corresponding with the second destination IP address, tunnel is unique.
According to the judged result of step 308, when the destination IP address, tunnel that each virtual network instance identification in the second virtual network instance identification group is corresponding is not unique, then carry out following steps:
309, the first equipment sends the second fault message to the second equipment.
Wherein the second fault message comprises the illegal and concrete illegal content of the second tunnel configuration information, and the second namely corresponding with the second destination IP address, tunnel source IP address, tunnel is not unique.
First equipment sends the second fault message to the second equipment, can be that illegal content illegal and concrete for the second tunnel configuration information is sent to the second equipment with the form of packet by the first equipment, also can be by BGP, illegal content illegal and concrete for the second tunnel configuration information is notified that the form of Notification message is sent to the second equipment by the first equipment.Second fault message can also comprise in above-mentioned illegal content with the first tunnel configuration information in as an IP address of the second destination IP address, tunnel, and as the 2nd IP address of the second source IP address, tunnel in the second tunnel configuration information.
Optionally, after step 305, also comprise:
S01, the second equipment carry out miscue according to the content of Fisrt fault message.
After the Fisrt fault message that second equipment is sent at first equipment that receives, the illegal content of the second tunnel configuration information comprised according to Fisrt fault message carries out miscue, the content of wherein carrying out showing can comprise the illegal concrete reason of the second tunnel configuration information, namely because the second tunnel configuration information overlaps with destination IP address, tunnel to source IP address in tunnel in the configuration information in same VXLAN tunnel with the first tunnel configuration information pointer, the content carrying out showing can also comprise in above-mentioned illegal content the 2nd IP address occurring in the second tunnel configuration information overlapping.Display herein, can be shown by the mode of log recording, also can be shown by the mode of print command.
Optionally, after step 309, also comprise:
S02, the second equipment carry out miscue according to the content of the second fault message.
After the second fault message that second equipment is sent at first equipment that receives, the illegal content of the second tunnel configuration information comprised according to the second fault message carries out miscue, the content of wherein carrying out showing can comprise the illegal concrete reason of the second tunnel configuration information, namely the second corresponding with the second destination IP address, tunnel source IP address, tunnel is not unique, the content carrying out showing can also comprise in above-mentioned illegal content with the first tunnel configuration information in as an IP address of the second destination IP address, tunnel, and second in tunnel configuration information as the 2nd IP address of the second source IP address, tunnel with the second tunnel destination IP address maps.Display herein, can be shown by the mode of log recording, also can be shown by the mode of print command.
A kind of VXLAN tunnel detection method that the embodiment of the present invention provides, comprising: first the first equipment receives the second tunnel configuration information that the second equipment sends; Secondly from the second tunnel configuration information, a virtual network instance identification is taken out as the first virtual network instance identification; The two IP address corresponding with the first virtual network instance identification is obtained in the second tunnel configuration information, and as the first source IP address, tunnel, an IP address corresponding with the first virtual network instance identification is obtained in the first tunnel configuration information, and as the first destination IP address, tunnel; Judge that whether the first source IP address, tunnel is identical with the first destination IP address, tunnel, if identical first equipment sends Fisrt fault message to the second equipment; A the 2nd IP address is taken out as the second destination IP address, tunnel from the second tunnel configuration information; The all virtual network instance identification corresponding with the second destination IP address, tunnel are obtained in the second tunnel configuration information, and as the second virtual network instance identification group; The tunnel destination IP address corresponding with each virtual network instance identification in the second virtual network instance identification group is obtained in the first tunnel configuration information; Judge that whether destination IP address, tunnel i.e. the second source IP address, tunnel that in the second virtual network instance identification group, each virtual network instance identification is corresponding is unique, if not unique first equipment sends the second fault message to the second equipment.Therefore the VXLAN tunnel detection method that provides of above-described embodiment, for the VXLAN tunnel information configured in VXLAN network, by the second tunnel configuration information that the second equipment generates according to own configuration information, mate with configuration information i.e. the first tunnel configuration information on the first equipment required for detection second tunnel configuration information legitimacy, when during the second tunnel configuration information and the first tunnel configuration information pointer are to the configuration information in same VXLAN tunnel, source IP address, tunnel overlaps with destination IP address, tunnel, first equipment sends the Fisrt fault message comprising above-mentioned illegal content to the second equipment, when selecting an IP address as the second destination IP address, tunnel in the first tunnel configuration information, time not unique according to the second tunnel source IP address corresponding with the second destination IP address, tunnel of the second tunnel configuration acquisition of information, the first equipment sends the second fault message comprising above-mentioned illegal content to the second equipment.Thus before setting up VXLAN tunnel, legitimacy detection is carried out to the configuration information will setting up VXLAN tunnel, when the configuration information of detected equipment is illegal, the illegal content of configuration information that this configuration information is illegal and concrete is informed to this equipment, thus can feed back in time the failed reason of VXLAN tunnel foundation, improve VXLAN tunnel and set up efficiency, improve Consumer's Experience.
Embodiments of the invention provide a kind of VXLAN tunnel establishing method, use the VXLAN tunnel detection method in above-mentioned any embodiment to detect before setting up VXLAN tunnel.
Setting up in VXLAN tunneling process, a VNI is taken out from the second tunnel configuration information, the IP address mapped according to the first tunnel configuration acquisition of information and this VNI as tunnel source IP address, the 2nd IP address mapped according to the second tunnel configuration acquisition of information and this VNI is as object IP address, tunnel, and tunnel source IP address and object IP address, tunnel form a tunnel.The VNI that this tunnel carries is sought common ground by the VNI that the VNI that object IP address, tunnel is corresponding in the second tunnel configuration information is corresponding in the first tunnel configuration information with tunnel source IP address and obtains.
A kind of VXLAN tunnel establishing method that the embodiment of the present invention provides, is included in before setting up VXLAN tunnel and detects, comprising: first the first equipment receives the second tunnel configuration information that the second equipment sends; Secondly from the second tunnel configuration information, a virtual network instance identification is taken out as the first virtual network instance identification; The two IP address corresponding with the first virtual network instance identification is obtained in the second tunnel configuration information, and as the first source IP address, tunnel, an IP address corresponding with the first virtual network instance identification is obtained in the first tunnel configuration information, and as the first destination IP address, tunnel; Judge that whether the first source IP address, tunnel is identical with the first destination IP address, tunnel, if identical first equipment sends Fisrt fault message to the second equipment; A the 2nd IP address is taken out as the second destination IP address, tunnel from the second tunnel configuration information; The all virtual network instance identification corresponding with the second destination IP address, tunnel are obtained in the second tunnel configuration information, and as the second virtual network instance identification group; The tunnel destination IP address corresponding with each virtual network instance identification in the second virtual network instance identification group is obtained in the first tunnel configuration information; Judge that whether the tunnel destination IP address corresponding with each virtual network instance identification in the second virtual network instance identification group be unique, if not unique first equipment sends the second fault message to the second equipment.Therefore the VXLAN tunnel detection method that provides of above-described embodiment, for the VXLAN tunnel information configured in VXLAN network, by the second tunnel configuration information that the second equipment generates according to own configuration information, mate with configuration information i.e. the first tunnel configuration information on the first equipment required for detection second tunnel configuration information legitimacy, when during the second tunnel configuration information and the first tunnel configuration information pointer are to the configuration information in same VXLAN tunnel, source IP address, tunnel overlaps with destination IP address, tunnel, first equipment sends the Fisrt fault message comprising above-mentioned illegal content to the second equipment, when selecting an IP address as the second destination IP address, tunnel in the first tunnel configuration information, time not unique according to the second tunnel source IP address corresponding with the second destination IP address, tunnel of the second tunnel configuration acquisition of information, the first equipment sends the second fault message comprising above-mentioned illegal content to the second equipment.Thus before setting up VXLAN tunnel, legitimacy detection is carried out to the configuration information will setting up VXLAN tunnel, when the configuration information of detected equipment is illegal, the illegal content of configuration information that this configuration information is illegal and concrete is informed to this equipment, thus can feed back in time the failed reason of VXLAN tunnel foundation, improve VXLAN tunnel and set up efficiency, improve Consumer's Experience.
With reference to shown in Fig. 4, embodiments of the invention provide a kind of VXLAN tunnel detector, comprising:
Receiving element 401, for the second tunnel configuration information sent when reception second equipment.
Wherein the first equipment and the second equipment are VXLAN endpoint of a tunnel (VXLANTunnelEndPoint, VTEP), first equipment and the second equipment room route can reach, namely the first equipment sends data to the second equipment room, second equipment can receive the data that the first equipment sends, and sending feedback data to the first equipment, the first equipment can receive the feedback data that the second equipment sends.First equipment and the second equipment can be independently physical equipment, as router etc., and also can for running the server having virtual machine.
Second tunnel configuration information, be included in the first equipment and the second equipment room and set up configuration information required for VXLAN tunnel, second tunnel configuration information can comprise destination address, VXLAN tunnel i.e. the 2nd IP address ip TA, VNI with the VXLAN of VXLAN tunnel-associated, and the mapping relations of IPTA and VNI, wherein IPTA is with the address of VXLAN tunnel destination under the second equipment prerequisite that is VXLAN tunnel source.One of them IPTA can corresponding one or more VNI, and VNI only can occur in mapping relations wherein.Second tunnel configuration information can be generated according to own configuration information by the second equipment, also can for being stored in the configuration information in the second equipment in advance.Exemplary, as shown in table 1, be a kind of specific implementation of the second tunnel configuration information.
Processing unit 402, for mating described second tunnel configuration information with the first tunnel configuration information on described first equipment.
Wherein the first tunnel configuration information is positioned on the first equipment, first tunnel configuration information comprises the configuration information for the first equipment required for detecting in the legitimacy of the first equipment to the second tunnel configuration information, first tunnel configuration information can comprise destination address, a VXLAN tunnel i.e. IP address ip TB, VNI with the VXLAN of VXLAN tunnel-associated, and the mapping relations of IPTB and VNI, wherein IPTB is with the address of VXLAN tunnel destination under the first equipment prerequisite that is VXLAN tunnel source.One of them IPTB can corresponding one or more VNI, and VNI only can occur in mapping relations wherein.First tunnel configuration information can be generated according to own configuration information by the first equipment, also can for being stored in the configuration information in the first equipment in advance.Exemplary, as shown in table 2, be a kind of specific implementation of the first tunnel configuration information.
Second tunnel configuration information is mated with the first tunnel configuration information, can be take out a VNI from the second tunnel configuration information, and the IPTA corresponding with this VNI, IPTB corresponding with this VNI according to the first tunnel configuration acquisition of information again, when IPTA and IPTB is identical, the second tunnel configuration information is not mated with the first tunnel configuration information.Second tunnel configuration information is mated with the first tunnel configuration information, also can be take out an IPTA from the second tunnel configuration information, the all VNIs corresponding with this IPTA with the second tunnel configuration acquisition of information according to this IPTA, according to the first tunnel configuration acquisition of information and each self-corresponding IPTB of this all VNI, when obtained IPTB is not unique, the second tunnel configuration information is not mated with the first tunnel configuration information.
Exemplary: based on the first tunnel configuration information shown in the second tunnel configuration information shown in table 1 and table 2, when mating with the first tunnel configuration information the second tunnel configuration information: take out VNI1 from the second configuration information, and the IPTA1 corresponding with VNI1, the IPTB1 corresponding with VNI1 is obtained according to the first configuration information, as IPTA1=IPTB1, the second configuration information does not mate with the first configuration information.
Transmitting element 403, for when described first tunnel configuration information is not mated with described second tunnel configuration information, sends fault message to described second equipment.
Wherein to the fault message that the second equipment sends, can be expression second configuration information and the unmatched data of the first configuration information, also can be the data also comprising expression second configuration information and the concrete not match-type of the first configuration information, as long as to the second equipment, the first equipment can inform that the second configuration information is illegal by fault message.
A kind of VXLAN tunnel detector that the embodiment of the present invention provides, comprising: first receive the second tunnel configuration information that the second equipment sends; Secondly the second tunnel configuration information is mated with the first tunnel configuration information on the first equipment; Finally when the first tunnel configuration information is not mated with the second tunnel configuration information, send fault message to the second equipment; Wherein the first tunnel configuration information comprises the mapping relations of an IP address and virtual network instance identification VNID, one IP address is the IP address setting up the destination in VXLAN tunnel with the first equipment, second tunnel configuration information comprises the mapping relations of the 2nd IP address and virtual network instance identification VNID, 2nd IP address is the IP address setting up the destination in VXLAN tunnel with described second equipment, and tunnel configuration information is used for the first equipment and the second equipment sets up VXLAN tunnel.Therefore the VXLAN tunnel detection method that provides of above-described embodiment, for the VXLAN tunnel information configured in VXLAN network, by the second tunnel configuration information that the second equipment generates according to own configuration information, mate with configuration information i.e. the first tunnel configuration information on the first equipment required for detection second tunnel configuration information legitimacy, and judge that whether the second configuration information is legal according to matching result, as illegal in the second configuration information, fault message is sent to the second equipment, second equipment is learnt, and the configuration information that the second equipment is set up required for VXLAN tunnel is illegal, thus before setting up VXLAN tunnel, legitimacy detection is carried out to the configuration information will setting up VXLAN tunnel, when the configuration information of detected equipment is illegal, this error message is informed to this equipment, thus can feed back in time the failed reason of VXLAN tunnel foundation, improve VXLAN tunnel and set up efficiency, improve Consumer's Experience.
Concrete, with reference to shown in Fig. 4, in the above-described embodiments, the first equipment and the second equipment can also for establishing the neighborhood (or claiming Correspondent Node/peer-entities) in Border Gateway Protocol (BorderGatewayProtocol is called for short BGP).
Processing unit 401 can also be used for:
A virtual network instance identification is taken out as the first virtual network instance identification from the second tunnel configuration information; The two IP address corresponding with the first virtual network instance identification is obtained in the second tunnel configuration information, and as the first source IP address, tunnel, an IP address corresponding with the first virtual network instance identification is obtained in the first tunnel configuration information, and as the first destination IP address, tunnel; Wherein from the second tunnel configuration information, take out a virtual network instance identification, can for taking out any one virtual network instance identification and as the first virtual network instance identification from the second tunnel configuration information, exemplary: based on the second tunnel configuration information shown in table 1, VNI2 is taken out, as the first virtual network instance identification from the second tunnel configuration information.
Wherein in the second tunnel configuration information, obtain the two IP address corresponding with the first virtual network instance identification, and as the first source IP address, tunnel, be included in the second tunnel configuration information, obtain the 2nd IP address that there are mapping relations with the first virtual network instance identification, and as the first source IP address, tunnel.An IP address corresponding with the first virtual network instance identification is obtained in the first tunnel configuration information, and as the first destination IP address, tunnel, be included in the first tunnel configuration information, obtain the IP address that there are mapping relations with the first virtual network instance identification, and as the first destination IP address, tunnel.
Exemplary, based on the second tunnel configuration information shown in table 1, obtain the first source IP address, tunnel and comprise:
According to the VNI1 taken out in the second configuration information, in the second configuration information, obtain the IPTA1 mapped with VNI1, as the first source IP address, tunnel.
Based on the first tunnel configuration information shown in table 2, obtain the first destination IP address, tunnel and comprise:
According to the VNI1 taken out in the second tunnel configuration information, in the first configuration information, obtain the IPTB1 mapped with VNI1, as the first destination IP address, tunnel.
Transmitting element 403 can also be used for:
When the first source IP address, tunnel is identical with the first destination IP address, tunnel, send Fisrt fault message to the second equipment.
Wherein Fisrt fault message comprises the illegal and concrete illegal content of the second tunnel configuration information, and namely the second tunnel configuration information is identical with destination IP address, tunnel to source IP address in tunnel in the configuration information in same VXLAN tunnel with the first tunnel configuration information pointer.Fisrt fault message can also comprise in above-mentioned illegal content the 2nd IP address occurring in the second tunnel configuration information overlapping.
Fisrt fault message is sent to the second equipment, can be that illegal content illegal and concrete for the second tunnel configuration information is sent to the second equipment with the form of packet by the first equipment, also can be by BGP, illegal content illegal and concrete for the second tunnel configuration information is notified that the form of Notification message is sent to the second equipment by the first equipment.
Optionally, the second equipment, after receiving Fisrt fault message, carries out miscue according to described Fisrt fault message.
A kind of VXLAN tunnel detector that the embodiment of the present invention provides, comprising: first the first equipment receives the second tunnel configuration information that the second equipment sends, secondly from the second tunnel configuration information, a virtual network instance identification is taken out as the first virtual network instance identification, the two IP address corresponding with the first virtual network instance identification is obtained in the second tunnel configuration information, and as the first source IP address, tunnel, an IP address corresponding with the first virtual network instance identification is obtained in the first tunnel configuration information, and as the first destination IP address, tunnel, judge that whether the first source IP address, tunnel is identical with the first destination IP address, tunnel, send Fisrt fault message if identical to the second equipment, therefore the VXLAN tunnel detection method that provides of above-described embodiment, for the VXLAN tunnel information configured in VXLAN network, by the second tunnel configuration information that the second equipment generates according to own configuration information, mate with configuration information i.e. the first tunnel configuration information on the first equipment required for detection second tunnel configuration information legitimacy, when during the second tunnel configuration information and the first tunnel configuration information pointer are to the configuration information in same VXLAN tunnel, source IP address, tunnel overlaps with destination IP address, tunnel, the Fisrt fault message comprising above-mentioned illegal content is sent to the second equipment.Thus before setting up VXLAN tunnel, legitimacy detection is carried out to the configuration information will setting up VXLAN tunnel, when the configuration information of detected equipment is illegal, the illegal content of configuration information that this configuration information is illegal and concrete is informed to this equipment, thus can feed back in time the failed reason of VXLAN tunnel foundation, improve VXLAN tunnel and set up efficiency, improve Consumer's Experience.
Concrete, with reference to shown in Fig. 4, in the above-described embodiments, processing unit 401 can also be used for:
A the 2nd IP address is taken out as the second destination IP address, tunnel from the second tunnel configuration information; The all virtual network instance identification corresponding with the second destination IP address, tunnel are obtained in the second tunnel configuration information, and as the second virtual network instance identification group; The tunnel destination IP address corresponding with each virtual network instance identification in the second virtual network instance identification group is obtained in the first tunnel configuration information.
From the second tunnel configuration information, wherein take out a 2nd IP address as the second destination IP address, tunnel, can for taking out any one the 2nd IP address and as the second destination IP address, tunnel from the second tunnel configuration information, exemplary, based on the second tunnel configuration information shown in table 1, VNI4 is taken out, as the second destination IP address, tunnel from the second tunnel configuration information.
The all virtual network instance identification corresponding with the second destination IP address, tunnel are obtained in the second tunnel configuration information, and as the second virtual network instance identification group, comprise in acquisition second tunnel configuration information and there are one or more virtual network instance identification of mapping relations with the second destination IP address, tunnel obtained within step 306, and using the set of obtained virtual network instance identification as the second virtual network instance identification group.
The tunnel destination IP address corresponding with each virtual network instance identification in the second virtual network instance identification group is obtained in the first tunnel configuration information, comprise an IP address corresponding respectively with virtual network instance identification all in the second virtual network instance identification group in acquisition first tunnel configuration information, and the IP address obtained is considered as the second source IP address, tunnel, the second source IP address, tunnel can comprise an one or more IP address.
Transmitting element 403 can also be used for:
When the second source IP address, tunnel is not unique, send the second fault message to the second equipment.
When the IP address corresponding respectively with all virtual network instance identification in the second virtual network instance identification group obtained in step 307 is greater than one, then representative exists and is greater than a second tunnel source IP address corresponding with the second destination IP address, tunnel; When the second source IP address, tunnel obtained in step 307 is an IP address, then the second source IP address, tunnel that representative is corresponding with the second destination IP address, tunnel is unique.
Wherein the second fault message comprises the illegal and concrete illegal content of the second tunnel configuration information, and the second namely corresponding with the second destination IP address, tunnel source IP address, tunnel is not unique.
The second fault message is sent to the second equipment, can for illegal content illegal and concrete for the second tunnel configuration information be sent to the second equipment with the form of packet, also can for illegal content illegal and concrete for the second tunnel configuration information be sent to the second equipment by the form of BGPNotification message.Second fault message can also comprise in above-mentioned illegal content with the first tunnel configuration information in as an IP address of the second destination IP address, tunnel, and as the 2nd IP address of the second source IP address, tunnel in the second tunnel configuration information.
Optionally, the second equipment, after receiving the second fault message, carries out miscue according to described second fault message.
A kind of VXLAN tunnel detector that the embodiment of the present invention provides, comprising: first the first equipment receives the second tunnel configuration information that the second equipment sends; First from the second tunnel configuration information, a 2nd IP address is taken out as the second destination IP address, tunnel; Secondly in the second tunnel configuration information, all virtual network instance identification corresponding with the second destination IP address, tunnel are obtained, and as the second virtual network instance identification group; The tunnel destination IP address corresponding with each virtual network instance identification in the second virtual network instance identification group is obtained in the first tunnel configuration information; Finally judge that whether destination IP address, tunnel i.e. the second source IP address, tunnel that in the second virtual network instance identification group, each virtual network instance identification is corresponding is unique, if not unique first equipment sends the second fault message to the second equipment.Therefore the VXLAN tunnel detection method that provides of above-described embodiment, for the VXLAN tunnel information configured in VXLAN network, by the second tunnel configuration information that the second equipment generates according to own configuration information, mate with configuration information i.e. the first tunnel configuration information on the first equipment required for detection second tunnel configuration information legitimacy, when selecting an IP address as the second destination IP address, tunnel in the first tunnel configuration information, time not unique according to the second tunnel source IP address corresponding with the second destination IP address, tunnel of the second tunnel configuration acquisition of information, the the second fault message comprising above-mentioned illegal content is sent to the second equipment.Thus before setting up VXLAN tunnel, legitimacy detection is carried out to the configuration information will setting up VXLAN tunnel, when the configuration information of detected equipment is illegal, the illegal content of configuration information that this configuration information is illegal and concrete is informed to this equipment, thus can feed back in time the failed reason of VXLAN tunnel foundation, improve VXLAN tunnel and set up efficiency, improve Consumer's Experience.
Wherein, it should be noted that, unit in the present embodiment can be the processor or transducer set up separately, also can be integrated in some processors or transducer and realize, in addition, also can be stored in the memory of touch point recognition device with the form of program code, called by processor and perform the function of above unit.Processor described here can be a central processing unit (English full name: CentralProcessingUnit, English abbreviation: CPU), or be configured to the one or more integrated circuits (English full name: IntegratedCircuit, English abbreviation: IC) implementing the embodiment of the present invention; Transducer can be an electronic component, or the circuit structure of multiple electronic component composition, or is configured to the one or more integrated circuits implementing the embodiment of the present invention.
The above; be only the specific embodiment of the present invention, but protection scope of the present invention is not limited thereto, is anyly familiar with those skilled in the art in the technical scope that the present invention discloses; the change that can expect easily or replacement, all should be encompassed within protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection range of claim.
Claims (10)
1. a VXLAN tunnel detection method, is characterized in that, the method comprises:
First equipment receives the second tunnel configuration information that the second equipment sends;
Described second tunnel configuration information is mated with the first tunnel configuration information on described first equipment;
When described first tunnel configuration information is not mated with described second tunnel configuration information, described first equipment sends fault message to described second equipment;
Described first tunnel configuration information comprises the mapping relations of an IP address and virtual network instance identification VNID, and a described IP address is the IP address setting up the destination in VXLAN tunnel with described first equipment; Described second tunnel configuration information comprises the mapping relations of the 2nd IP address and virtual network instance identification VNID, described 2nd IP address is the IP address setting up the destination in VXLAN tunnel with described second equipment, and wherein tunnel configuration information sets up VXLAN tunnel for the first equipment and the second equipment.
2. VXLAN tunnel detection method according to claim 1, is characterized in that:
Described described second tunnel configuration information to be mated with the first tunnel configuration information on described first equipment, comprising:
From described second tunnel configuration information, take out the first virtual network instance identification, wherein said first virtual network instance identification is arbitrary virtual network instance identification of described second tunnel configuration information;
The two IP address corresponding with described first virtual network instance identification is obtained in described second tunnel configuration information, and as the first source IP address, tunnel;
An IP address corresponding with described first virtual network instance identification is obtained in described first tunnel configuration information, and as the first destination IP address, tunnel; And/or
Described when described first tunnel configuration information is not mated with described second tunnel configuration information, described first equipment sends fault message to described second equipment, comprising:
When described first source IP address, tunnel is identical with described first destination IP address, tunnel, described first equipment sends Fisrt fault message to described second equipment.
3. the VXLAN tunnel detection method according to any one of claim 1-2, is characterized in that:
Described described second tunnel configuration information to be mated with the first tunnel configuration information on described first equipment, also comprises:
A the 2nd IP address is taken out as the second destination IP address, tunnel from described second tunnel configuration information;
The all virtual network instance identification corresponding with described second destination IP address, tunnel are obtained in described second tunnel configuration information, and as the second virtual network instance identification group;
The tunnel destination IP address corresponding with each virtual network instance identification in described second virtual network instance identification group is obtained in described first tunnel configuration information; And/or
Described when described first tunnel configuration information is not mated with described second tunnel configuration information, described first equipment sends fault message to described second equipment, comprising:
When the destination IP address, tunnel that each virtual network instance identification in described second virtual network instance identification group is corresponding is not unique, described first equipment sends the second fault message to described second equipment.
4., according to the arbitrary described VXLAN tunnel detection method of claim 1-3, it is characterized in that, described first equipment and described second equipment are bgp neighbor.
5. VXLAN tunnel detection method according to claim 4, is characterized in that, described fault message is that BGP notifies Notification message;
After described second equipment receives described fault message, the content according to fault message carries out miscue, and maintains described bgp neighbor and be in established state.
6. a VXLAN tunnel detector, is positioned at the first equipment, it is characterized in that, comprising:
Receiving element, for receiving the second tunnel configuration information that the second equipment sends;
Processing unit, for mating described second tunnel configuration information with the first tunnel configuration information on described first equipment;
Transmitting element, for when described first tunnel configuration information is not mated with described second tunnel configuration information, sends fault message to described second equipment;
Described first tunnel configuration information comprises the mapping relations of an IP address and virtual network instance identification VNID, and a described IP address is the IP address setting up the destination in VXLAN tunnel with described first equipment; Described second tunnel configuration information comprises the mapping relations of the 2nd IP address and virtual network instance identification VNID, described 2nd IP address is the IP address setting up the destination in VXLAN tunnel with described second equipment, and wherein said tunnel configuration information is used for the first equipment and the second equipment sets up VXLAN tunnel.
7. VXLAN tunnel detector according to claim 6, is characterized in that, described processing unit also for:
From described second tunnel configuration information, take out the first virtual network instance identification, wherein said first virtual network instance identification is arbitrary virtual network instance identification of described second tunnel configuration information;
The two IP address corresponding with described first virtual network instance identification is obtained in described second tunnel configuration information, and as the first source IP address, tunnel;
An IP address corresponding with described first virtual network instance identification is obtained in described first tunnel configuration information, and as the first destination IP address, tunnel; And/or
Described transmitting element also for:
When described first source IP address, tunnel is identical with described first destination IP address, tunnel, send Fisrt fault message to described second equipment.
8. the VXLAN tunnel detector according to any one of claim 6-7, is characterized in that, described processing unit also for:
A the 2nd IP address is taken out as the second destination IP address, tunnel from described second tunnel configuration information;
The all virtual network instance identification corresponding with described second destination IP address, tunnel are obtained in described second tunnel configuration information, and as the second virtual network instance identification group;
The tunnel destination IP address corresponding with each virtual network instance identification in described second virtual network instance identification group is obtained in described first tunnel configuration information; And/or
Described transmitting element also for:
When the destination IP address, tunnel that each virtual network instance identification in described second virtual network instance identification group is corresponding is not unique, send the second fault message to described second equipment.
9. the VXLAN tunnel detector according to any one of claim 6-8, is characterized in that, described first equipment and described second equipment are bgp neighbor.
10. VXLAN tunnel detector according to claim 9, is characterized in that, described fault message is that BGP notifies Notification message;
After described second equipment receives described fault message, the content according to fault message carries out miscue, and maintains described bgp neighbor and be in established state.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510931765.1A CN105490884B (en) | 2015-12-14 | 2015-12-14 | A kind of VXLAN tunnel detection method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510931765.1A CN105490884B (en) | 2015-12-14 | 2015-12-14 | A kind of VXLAN tunnel detection method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105490884A true CN105490884A (en) | 2016-04-13 |
| CN105490884B CN105490884B (en) | 2019-04-02 |
Family
ID=55677625
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510931765.1A Active CN105490884B (en) | 2015-12-14 | 2015-12-14 | A kind of VXLAN tunnel detection method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105490884B (en) |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107171966A (en) * | 2017-07-27 | 2017-09-15 | 迈普通信技术股份有限公司 | A kind of VXLAN file transmitting methods, VTEP and VXLAN systems |
| CN108123864A (en) * | 2016-11-30 | 2018-06-05 | 新华三技术有限公司 | EVPN tunnel monitoring method and apparatus |
| WO2018103613A1 (en) * | 2016-12-05 | 2018-06-14 | 大唐移动通信设备有限公司 | Service data processing method and apparatus |
| CN111130978A (en) * | 2019-12-03 | 2020-05-08 | 杭州迪普科技股份有限公司 | Network traffic forwarding method and device, electronic equipment and machine-readable storage medium |
| WO2020103718A1 (en) * | 2018-11-23 | 2020-05-28 | 中兴通讯股份有限公司 | Connection establishment method, packet transmission method, device, and storage medium |
| CN112187611A (en) * | 2020-09-30 | 2021-01-05 | 瑞斯康达科技发展股份有限公司 | Method, storage medium and device for establishing service tunnel |
| CN112583690A (en) * | 2019-09-27 | 2021-03-30 | 华为技术有限公司 | Tunnel configuration method, device, system, equipment and storage medium |
| CN112887185A (en) * | 2019-11-29 | 2021-06-01 | 华为技术有限公司 | Communication method and device of overlay network |
| CN113746715A (en) * | 2021-07-16 | 2021-12-03 | 北京华三通信技术有限公司 | Communication method and device |
| CN113923075A (en) * | 2020-07-09 | 2022-01-11 | 华为技术有限公司 | Data transmission method and device |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7373660B1 (en) * | 2003-08-26 | 2008-05-13 | Cisco Technology, Inc. | Methods and apparatus to distribute policy information |
| CN102822835A (en) * | 2010-01-20 | 2012-12-12 | 先行有限公司 | Personal portable secured network access system |
| US20130170490A1 (en) * | 2011-12-30 | 2013-07-04 | Cisco Technology, Inc. | System and method for discovering multipoint endpoints in a network environment |
| CN103580980A (en) * | 2012-07-24 | 2014-02-12 | 中兴通讯股份有限公司 | Automatic searching and automatic configuration method and device of VN |
| CN104243268A (en) * | 2014-09-19 | 2014-12-24 | 杭州华三通信技术有限公司 | Association method and device between virtual extensible local area networks (VXLAN) and tunnel |
| US8954601B1 (en) * | 2007-06-15 | 2015-02-10 | Juniper Networks, Inc. | Authentication and encryption of routing protocol traffic |
| CN104468394A (en) * | 2014-12-04 | 2015-03-25 | 杭州华三通信技术有限公司 | Method and device for forwarding messages in VXLAN network |
| CN104767666A (en) * | 2015-04-15 | 2015-07-08 | 杭州华三通信技术有限公司 | Virtual extensible local area network tunnel terminal tunnel building method and equipment |
-
2015
- 2015-12-14 CN CN201510931765.1A patent/CN105490884B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7373660B1 (en) * | 2003-08-26 | 2008-05-13 | Cisco Technology, Inc. | Methods and apparatus to distribute policy information |
| US8954601B1 (en) * | 2007-06-15 | 2015-02-10 | Juniper Networks, Inc. | Authentication and encryption of routing protocol traffic |
| CN102822835A (en) * | 2010-01-20 | 2012-12-12 | 先行有限公司 | Personal portable secured network access system |
| US20130170490A1 (en) * | 2011-12-30 | 2013-07-04 | Cisco Technology, Inc. | System and method for discovering multipoint endpoints in a network environment |
| CN103580980A (en) * | 2012-07-24 | 2014-02-12 | 中兴通讯股份有限公司 | Automatic searching and automatic configuration method and device of VN |
| CN104243268A (en) * | 2014-09-19 | 2014-12-24 | 杭州华三通信技术有限公司 | Association method and device between virtual extensible local area networks (VXLAN) and tunnel |
| CN104468394A (en) * | 2014-12-04 | 2015-03-25 | 杭州华三通信技术有限公司 | Method and device for forwarding messages in VXLAN network |
| CN104767666A (en) * | 2015-04-15 | 2015-07-08 | 杭州华三通信技术有限公司 | Virtual extensible local area network tunnel terminal tunnel building method and equipment |
Cited By (20)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108123864B (en) * | 2016-11-30 | 2020-09-25 | 新华三技术有限公司 | EVPN tunnel monitoring method and device |
| CN108123864A (en) * | 2016-11-30 | 2018-06-05 | 新华三技术有限公司 | EVPN tunnel monitoring method and apparatus |
| CN108617008B (en) * | 2016-12-05 | 2019-09-17 | 大唐移动通信设备有限公司 | A kind of method and apparatus of business data processing |
| US10819537B2 (en) | 2016-12-05 | 2020-10-27 | Datang Mobile Communications Equipment Co., Ltd. | Method and apparatus for processing service data |
| CN108617008A (en) * | 2016-12-05 | 2018-10-02 | 大唐移动通信设备有限公司 | A kind of method and apparatus of business data processing |
| WO2018103613A1 (en) * | 2016-12-05 | 2018-06-14 | 大唐移动通信设备有限公司 | Service data processing method and apparatus |
| CN107171966B (en) * | 2017-07-27 | 2019-11-26 | 迈普通信技术股份有限公司 | A kind of VXLAN file transmitting method, VTEP and VXLAN system |
| CN107171966A (en) * | 2017-07-27 | 2017-09-15 | 迈普通信技术股份有限公司 | A kind of VXLAN file transmitting methods, VTEP and VXLAN systems |
| WO2020103718A1 (en) * | 2018-11-23 | 2020-05-28 | 中兴通讯股份有限公司 | Connection establishment method, packet transmission method, device, and storage medium |
| WO2021057962A1 (en) * | 2019-09-27 | 2021-04-01 | 华为技术有限公司 | Tunnel configuration method, apparatus and system, and device and storage medium |
| CN112583690A (en) * | 2019-09-27 | 2021-03-30 | 华为技术有限公司 | Tunnel configuration method, device, system, equipment and storage medium |
| CN112887185A (en) * | 2019-11-29 | 2021-06-01 | 华为技术有限公司 | Communication method and device of overlay network |
| CN112887185B (en) * | 2019-11-29 | 2024-03-15 | 华为云计算技术有限公司 | Communication method and device of overlay network |
| CN111130978A (en) * | 2019-12-03 | 2020-05-08 | 杭州迪普科技股份有限公司 | Network traffic forwarding method and device, electronic equipment and machine-readable storage medium |
| CN111130978B (en) * | 2019-12-03 | 2021-11-23 | 杭州迪普科技股份有限公司 | Network traffic forwarding method and device, electronic equipment and machine-readable storage medium |
| WO2022007749A1 (en) * | 2020-07-09 | 2022-01-13 | 华为技术有限公司 | Data transmission method and apparatus |
| CN113923075A (en) * | 2020-07-09 | 2022-01-11 | 华为技术有限公司 | Data transmission method and device |
| CN112187611A (en) * | 2020-09-30 | 2021-01-05 | 瑞斯康达科技发展股份有限公司 | Method, storage medium and device for establishing service tunnel |
| CN112187611B (en) * | 2020-09-30 | 2022-03-25 | 瑞斯康达科技发展股份有限公司 | Method, storage medium and device for establishing service tunnel |
| CN113746715A (en) * | 2021-07-16 | 2021-12-03 | 北京华三通信技术有限公司 | Communication method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105490884B (en) | 2019-04-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105490884A (en) | VXLAN tunnel detection method and apparatus | |
| US10938627B2 (en) | Packet processing method, device, and network system | |
| CN113595897B (en) | Path detection method and device | |
| CN106559292A (en) | A kind of broad band access method and device | |
| CN104660469B (en) | A kind of method for detecting connectivity and relevant device of double layer network | |
| CN108718269B (en) | Message processing method and device | |
| US10574570B2 (en) | Communication processing method and apparatus | |
| CN109379241B (en) | Path information determination method and device | |
| CN105472049B (en) | CGN backup protection method and device for carrier-grade network address conversion | |
| US11711243B2 (en) | Packet processing method and gateway device | |
| CN110011941B (en) | Message forwarding method and device | |
| CN110875855A (en) | Method for detecting network link state and network equipment | |
| JP2017041747A (en) | Information processing device, information processing device control program, control method, and information processing system | |
| CN108075969A (en) | Message forwarding method and device | |
| CN107623757A (en) | Entry updating method and apparatus | |
| CN112152920B (en) | Method and device for realizing table entry backup | |
| CN102739462B (en) | Test message sending method and device | |
| CN102857421A (en) | VLL fault detection method and device | |
| CN109218176B (en) | Message processing method and device | |
| KR20210093787A (en) | Message generation method and apparatus, and message processing method and apparatus | |
| WO2018040940A1 (en) | Two-layer network, and loopback detection method of two-layer network | |
| CN114866470A (en) | Method, device, system and storage medium for sending message | |
| CN109412851B (en) | Link layer path detection method, device and system | |
| CN108282404B (en) | Route generation method, device and system | |
| CN110572326A (en) | Method, device, network equipment and system for establishing forwarding path |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |