CN108353027A - A kind of software defined network system for detecting port failure - Google Patents
A kind of software defined network system for detecting port failure Download PDFInfo
- Publication number
- CN108353027A CN108353027A CN201580084571.0A CN201580084571A CN108353027A CN 108353027 A CN108353027 A CN 108353027A CN 201580084571 A CN201580084571 A CN 201580084571A CN 108353027 A CN108353027 A CN 108353027A
- Authority
- CN
- China
- Prior art keywords
- node
- flow control
- control entity
- virtual
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 claims description 50
- 238000012360 testing method Methods 0.000 claims description 46
- 238000001514 detection method Methods 0.000 claims description 35
- 238000004590 computer program Methods 0.000 claims description 4
- 238000004891 communication Methods 0.000 description 16
- 230000006870 function Effects 0.000 description 12
- 230000007246 mechanism Effects 0.000 description 12
- 238000009434 installation Methods 0.000 description 11
- 230000004044 response Effects 0.000 description 10
- 230000006399 behavior Effects 0.000 description 7
- 230000008859 change Effects 0.000 description 5
- 230000008569 process Effects 0.000 description 5
- 230000008901 benefit Effects 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 4
- 238000007689 inspection Methods 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 238000006243 chemical reaction Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000011160 research Methods 0.000 description 3
- 238000012546 transfer Methods 0.000 description 3
- 230000002159 abnormal effect Effects 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 2
- 230000000903 blocking effect Effects 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 2
- 238000010276 construction Methods 0.000 description 2
- 230000001419 dependent effect Effects 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000006855 networking Effects 0.000 description 2
- 238000013519 translation Methods 0.000 description 2
- 230000001960 triggered effect Effects 0.000 description 2
- 239000011800 void material Substances 0.000 description 2
- 206010000117 Abnormal behaviour Diseases 0.000 description 1
- 108700026140 MAC combination Proteins 0.000 description 1
- FAPWRFPIFSIZLT-UHFFFAOYSA-M Sodium chloride Chemical compound [Na+].[Cl-] FAPWRFPIFSIZLT-UHFFFAOYSA-M 0.000 description 1
- 230000004913 activation Effects 0.000 description 1
- 230000004888 barrier function Effects 0.000 description 1
- 238000012508 change request Methods 0.000 description 1
- 239000012141 concentrate Substances 0.000 description 1
- 230000003111 delayed effect Effects 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 230000036541 health Effects 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 230000037431 insertion Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000037361 pathway Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000000644 propagated effect Effects 0.000 description 1
- 238000012552 review Methods 0.000 description 1
- 238000004088 simulation Methods 0.000 description 1
- 239000000126 substance Substances 0.000 description 1
- 230000007474 system interaction Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/64—Routing or path finding of packets in data switching networks using an overlay routing layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/28—Routing or path finding of packets in data switching networks using route fault recovery
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/42—Centralised routing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/28—Flow control; Congestion control in relation to timing considerations
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The present invention relates to software defined network systems 100, including first network node 101 comprising at least one virtual communication port 102.The system 100 further includes the second network node 103 comprising at least another virtual communication port 104, wherein the first network node 101 and second network node 103 are used to exchange data by its virtual communication port 102 and 104.The system 100 further includes flow control entity 105, is locally placed between the first network node 101 and second network node 103, wherein the flow control entity 105 is used to generate the matching stream 106 for virtual port fault detect.
Description
Technical field
The present invention relates to a kind of software defined network (software defined network, abbreviation SDN) system, one kind
For realizing the method when the method for detection virtual port failure in SDN systems and a kind of execution on the computing device
Computer program product.Particularly, it is proposed that, when the flow rate mode in virtual port changes or flow stops completely
When, it is preferable to use locally realize mechanism detection SDN in virtual port failure.
Background technology
SDN is a kind of construction of computer network method, and network administrator is allowed to manage network industry by low order function abstract
Business.What this was realized in:It will determine flow being sent to the system of where (control plane) and flow be transmitted to selected purpose
The first floor system on ground (data surface) decouples.This network topology simplifies networking.SDN needs certain for control plane and data surface
The method of communication.There is a kind of such mechanism to be called OpenFlow, is often mistakenly thought of as being equal to SDN, and other mechanism may
It is applicable in the concept.
Thus, SDN is such a framework, it is said that it can Direct Programming, quick, dynamic can manage, economical and efficient, can
It adapts to, makes every effort to the high bandwidth for being suitable for applying now, dynamic property.SDN framework Decoupling networks control and forwarding capability, make network
Control can Direct Programming, underlying infrastructure according to application with network service and abstract.
SDN frameworks are especially programmatically to configure, it means that SDN makes network example pass through dynamic auto SDN
Program configures, manages, ensures and optimizes as quick as thought Internet resources.
SDN frameworks are especially managed concentratedly, it means that network intelligence concentrates on the SDN based on software such as forwarding elements
Control element safeguards the global view of network, and single logical switch is rendered as in application and policy engine.
When construction of computer network, in general, when in virtual port flow rate mode change or when flow stops completely, it will be appreciated that
For application and trouble and/or when not responding, the fault detect business for virtual communication port is needed.Whenever suspection process failure
When (S- conversions), fault detect should give notice.Fault detect influences cluster and network management and application deployment and distribution
It calculates.
There are the realization methods of some fault detect business, however these realization method neither ones are widely accepted.It is existing
Have the realization method that local scheme is usually special, do not consider standard interface or with other business and standard in global system
Interaction.Many problems make distributed service fail to be received, without provide standard interface and not with existing business and base
Infrastructure interacts a certainly factor.
Detecting this port failure usually will use the so-called fault detecting software in management program element to act on behalf of.Software generation
The concept of reason provides a kind of describing mode of convenient strong complex software entity, which to a certain extent can be autonomous
Property acted, with represent host complete task.Ageng is attempted to understand how poll is using health or the tool of poll application
Body port status.Therefore, ageng needs each concrete application on the port of poll SDN, and SDN is not general and is difficult to pipe
Reason.Agency needs proprietary protocol and generates a large amount of expenses in SDN.These the global overviews of agency without SDN.Use agency
It is impossible fault detect business to be carried out to the virtual port of SDN.
The well-known framework that another kind provides port failure detection business is based on Simple Network Management Protocol (Simple
Network Management Protocol, abbreviation SNMP).SNMP allows the mutual behaviour with network node and other management business
Make, use the desired existing standard of raising degree of accepting extensively, using the standard for monitoring, allows to use existing tool,
So that fault detect quality of service is high.The fault detect based on SNMP is commonly installed counter, to observe the number in SDN
According to flow.Sometimes it will be considered that SNMP is insecure protocol, therefore usually it is deactivated in SDN, therefore will not be obtained in SDN
To SNMP functions.SNMP is not supported in virtual switch.SNMP use polling mechanism, cause greatly be delayed thus it is not convenient.
And another fault detect business is Flow Exports obtained by OpenFlow and so-called, is please referred to
USENIX Association associations, 2010 internet management meetings enterprise network research the 3-3 pages of minutes in
Tootoonchian, A. and the Ganjali, " HyperFlow of Y.:The distributed control planes of OpenFlow " (Tootoonchian,
A.,&Ganjali,Y.“HyperFlow:A distributed control plane for OpenFlow”,in
Proceedings of the 2010internet network management conference on Research on
Enterprisenetworking pp.3-3, USENIX Association) described in HyperFlow mechanism.The Flow
Exports generates a large amount of accessing cost for data, thus using expensive process resource.These Flow Exports have lower event
Barrier detection granularity, they are difficult to measure and maintain to obtain preferable time delay.
Invention content
In view of above-mentioned the problem of referring to and disadvantage, the present invention is directed to improve the prior art, event especially as described above
Hinder detection business.The object of the present invention is to disperse fault detect and improve the efficiency and speed of fault detect business.It can be with
Fault detect business is set to adapt to specific local flow rate mode and network node, further to improve fault detect business.Therefore originally
Invention is tried hard to avoid generating a large amount of expenses.Need a kind of noninvasive method.Accordingly, it is intended that improving integral systematicness
Can and it reduce system delay.The present invention, which is also intended to, overcomes all above-mentioned the shortcomings that referring to.
The target of the present invention is realized by the scheme that appended independent claims provide.The advantage realization method of the present invention
Further defined in dependent claims part.
Particularly, the present invention utilizes local fault detect preferably on the virtual port of network node, to understand some void
Quasi- port is not respond or be not loaded with.Creative local flow control entity carries out study analysis in the first stage, learns
Traffic characteristic, to determine optimal granularity.Granularity is related with parallel computation herein, means the calculation amount relative to communication, namely
The ratio between calculating and the traffic.Then, arbitrary abnormal behaviour, i.e., the data that do not transmitted to/from network node are triggered in some way
Flow.
First aspect present invention provides a kind of SDN systems, including first network node comprising at least one virtual communication
Port.Present system further includes the second network node comprising at least another virtual communication port, wherein first network
Node and second network node are used to exchange data by its virtual communication port.Present system further includes flow control reality
Body is locally placed between the first network node and second network node, wherein the flow control entity is for generating
Matching stream for virtual port fault detect.
In the system of first aspect, a kind of novel local flow control entity is introduced.The entity is locally placed in the system
Between the first network node and second network node of system.The entity is preferably the pseudo-entity in SDN.The reality
Body can be used as SDN applications to be set on SDN controllers.
The flow control entity is carried out in a manner of local to the first network node and second network node
Control.In this regard, flow control entity of the present invention is manual or automatically configures establishing mode and used depending on SDN
SDN controllers.Therefore, the speed and efficiency of at least one data exchange between the first node and the second node
It will not become negatively affected, particularly, port failure detection business substantially improves.
Network node can be the tie point of terminal device, redistribute a little or communication end point.In data communication, network
Node can be data communications equipment (data communication equipment, abbreviation DCE), for example, modem,
Hub, bridge or interchanger;Or can also be data terminal equipment (data terminal equipment, abbreviation
DTE), for example, digital telephone mobile phone, printer or host computer, for example, router, work station or server.Network node is determined
Justice depends on the network and protocol layer that are related to.Network node can preferably be attached to the activation electronic equipment of the system, energy
Information is enough created, receives or transmitted by physics, logic or virtual communication channel.Therefore, distributing frame or wire jumper disk etc. passively divide
It is not the network node of the present invention with point.
Preferably, the network node is the virtual switches such as the virtual multi-storey network switch, it is intended to be extended by programming
Realize effective network automatically and support standard management interface and NetFlow, sFlow, SPAN, RSPAN, CLI, LACP
The agreements such as 802.1ag and OpenFlow;Or virtual machine, it is the simulation to particular computer system, the computer system base
It is run in true or hypothetical computer computer architecture and function.Their realization method can be related to specialized hardware, software
Or both combination.
The matching stream of the present invention is the data table items that the flow control entity generates, and is input at least one network node
With observation (virtual) communication port behavior.The data table items preferably include virtual communication port number and/or network address.The matching
Stream is for detecting complete flow loss, to detect port failure.Using the matching stream, idle timeout value can be preferably based on
Detect the data flow between the virtual port of the first network node and another virtual port of second network node
Amount loss.
The flow control entity has all standing topological diagram.Therefore, which can see that packet route, and can be along
Data traffic is inquired in the path with local mode.The flow control entity can be used for detecting virtual port failure and load.Virtually
Generally support the entity in interchanger, and the entity be easy to SDN controller collections at.The flow control entity for install without into
The stream of one step action.In order to adapt to flow control substance parameter, scene can be analyzed and learnt.Therefore, it can be easy to
The analysis of flow rate mode and application port is obtained, and obtains the optimal granularity of fault detection mechanism, is most connect because it can be found that
The problem of being bordering on the virtual communication port of network node.
The detection of arbitrary network node failure or crash in the preferably responsible SDN of port failure detection.It is connected whenever suspecting
When failure (S- conversions) or by again trust be non-failure (T- conversions) when, fault detect is given notice.Optionally, it is certain about
Suspect that the information of grade is attached in these notices.In SDN, usually when the flow rate mode in virtual port changes or stops completely
When only, it means that application and trouble in network node does not respond, then detects the failure on virtual port.
Communication port in SDN is preferably as the endpoint in the operating system for a variety of communications.It preferably identifies industry
The virtual concept of business or process.Each network node may include multiple virtual communication ports, with by different application from it is different or
Identical network node communicates.
According in a first aspect, in the first way of realization of the system, the system is virtual in a system
Overlapping system, a system further include physical system topology and the software infrastructure with flogic system topology.
Virtual stacking network is built upon the computer network on another network.It is considered that in virtual stacking network
Network node is by virtual link or logical link connection, for example, by many physical links, each link pair answers bottom
(physically and/or logically) path in network.For example, ad-hoc network and client-server application distributed system
For virtual stacking network.Therefore, the function of system is greatly improved, and connection is ensured by logic and pseudo-entity
Safety.
In SDN, network is segmented into three different layers:Application surface, control plane and data surface.Application surface may include
SDN is applied, by it is explicit, directly and programming in a manner of its network demand and desired network behavior be sent to SDN control planes,
That is SDN controllers.SDN controllers are logical set Chinese style entities, are responsible for:(i) demand is moved down into SDN data surfaces from SDN applications;
(ii) abstract/virtual stacking chart of network, SDN control planes are provided to SDN applications.SDN controllers are decoupled with SDN data surfaces.SDN
Data surface such as data path is logical network topology, is controlled by SDN controllers.The logical expressions may include all physical resources
Or its subset, therefore, SDN data surfaces are the logical network devices for forwarding real data flow in physical system topology.
It can be used between communication in the programmable way and configurable mode of SDN control plane standardised networks nodes
OpenFlow agreements.OpenFlow controls the Business Stream from controller of multiple switch, in a concentrated manner as control
Interface between device and physics or Virtual NE.Therefore, the SDN controllers for flow and networking management, such as forwarding elements,
It is realized in SDN of the present invention.
According to the first of first aspect or first aspect way of realization, in second of way of realization of the system,
The matching stream that the local flow control entity generates is input to the forwarding elements of the system as flow table item.
The SDN controllers, such as forwarding elements, the centralization being preferably compatible in the network system of OpenFlow are real
Body.OpenFlow is the communication protocol by the forwarding surface of the network insertion network switch or router.OpenFlow makes SDN control
Device processed determines the path of network message by the network system of interchanger.
According to first aspect or aforementioned any way of realization of first aspect, in the third way of realization of the system
In, the matching stream that the local flow control entity generates includes the purpose of the first network node or second network node
Address further includes connecting test message.
There is each network node in SDN physics, logic and/or virtual address, the usual network node to possess every
There are one the addresses for a communication port tool.
For example, the address can be media access control address (Media Access Control address, abbreviation
MACaddress), it is allocated to the unique mark that the network port is communicated in physical network section.MAC Address be used as with
The too network address of most of 802 network technologies of IEEE such as net and WiFi.In logic, MAC Address is for OSI Reference Model
In MAC protocol sublayer.
The address may be Internet protocol address (Internet Protocol address, abbreviation IP
Address), it is allocated to the digital label of each network node for the SDN for participating in being communicated using Internet protocol.IP
Address meets two major functions:Host or network interface identification and location addressing.
Flow control entity is used for, may based on destination address detection when determining the virtual communication port of observation without flow
Failure scenario.
Flow control entity can input flow along the road between the first network node and second network node
The various points of diameter, and suitable destination is reached by SDN application control connecting test messages.
According to first aspect or aforementioned any way of realization of first aspect, in the 4th kind of way of realization of the system
In, the flow control entity is locally placed in first node side, to detect the virtual terminal of the first node or the second node
Mouth failure.The realization method contributes in the path between the first node and the second node to detect the first node
The port failure of side.Fault detect come to or whereabouts or both all have.In some cases, for example, working as the first segment
Point is preferred flow generator, and when port failure is likely occurred here, may be conducive to observation and come from the first segment
The flow of point.
Additionally or alternatively, the flow control entity is locally placed in the second node side, to detect the first node
Or the virtual port failure of the second node.The realization method contributes between the first node and the second node
The port failure of the second node side is detected in path.Fault detect come to or whereabouts or both all have.In certain feelings
It, may for example, when the second node is preferred flow acquisition device, and when port failure is likely occurred here under condition
Conducive to flow of the observation from the second node.
Additionally or alternatively, the flow control entity is locally placed in the void between the first node and the second node
In quasi- element, to detect the virtual port failure of the first node or the second node.The realization method helps to detect
The port failure occurred due to routing problem.Fault detect come to or whereabouts or both all have.In some cases, example
Such as, when virtual component is preferred traffic distribution device, and port failure is likely occurred here, may be conducive to described in observation
The flow on path between first node and the second node.
According to first aspect or aforementioned any way of realization of first aspect, in the 5th kind of way of realization of the system
In, the matching stream that the local flow control entity generates includes default idle timeout value, when the idle timeout value expires, inspection
Measure virtual port failure.
The free time time-out is to be designed to tie in the predetermined running time with the relevant network parameter of the event of execution, the event
Occur when beam.Start timing element to carry out the observation of data traffic pattern.If timer value is greater than or equal to default timeout value,
Data traffic described in local flow control ontological assumption between first node and the second node is lost.Therefore, fault detect base
In stringent clocking discipline, when port failure detects, the flow control entity generates notification message.
Can the default timeout value be statically arranged by the user of system.If learning program occurs, the flow control is real
Body poll matching stream, and identify the minimum time for the data traffic propagated from the first node to the second node.Pass through
The peak value for learning common discharge pattern and the idle time-out of study, identifies minimum time-out.When detecting minimum idle time-out, failure
Detection can be applied to the matching stream in the second stage of fault detect business.
According to first aspect or aforementioned any way of realization of first aspect, in the 6th kind of way of realization of the system
In, local flow control entity adjusts the default idle timeout value according to the specific data pattern of the system.
Therefore, when matching flows to the phase, the flow control entity adjusts timeout value, and carries out learning program, including study
The behavior of application port and flow rate mode.The flow control entity, and can be according to particular network node to learn flow rate mode
Between each special scenes detect failure.Therefore, it can detect since load condition or abnormal network node are from its virtual communication
The failure occurred when the transmission data flow of port.Such as because network node close, can detect do not do the application responded or
Detect that no flow flows into.
Therefore, the mode of failure on several detection virtual ports is described, for example, can detect whether that there is no flows to send out
It gives birth to or for example can detect whether certain applications in network node lose its flow based on osi layer.
According to first aspect or aforementioned any way of realization of first aspect, in the 7th kind of way of realization of the system
In, the matching stream that the local flow control entity generates is handed over for measuring the data between the first node and the second node
Change delay time value.Therefore, the flow rate mode between the first node and the second node can be identified.Therefore, the stream
The learning cycle of controlled entity provides before physical fault detection service.In the learning cycle, the flow control entity one
It directly matches and flows in poll, and identify minimum timeout value, it therefore, can be by learning general flow rate mode and the idle time-out of identification
Peak detection failure.
According to first aspect or aforementioned any way of realization of first aspect, in the 8th kind of way of realization of the system
In, the matching stream that the local flow control entity generates loses for detection flows, or in open system interconnection model
The first node and second section are inputted in certain layer in (open system interconnection, abbreviation OSI)
Connecting test message between point.
Connecting test message is by the message of the flow control entity configuration of SDN.The message is configured based on osi layer, should be at this
Layer observing port behavior.
Preferably, connecting test message is address resolution protocol (Address Resolution Protocol, abbreviation
ARP) message.ARP is the telecom agreement for network layer address to be resolved to link layer address, is the key of multi-address access network
Function.ARP messages are used to detect the connectivity on the osi layer -2 between the first node and the second node.If the stream
Controlled entity does not obtain the response to ARP, it can be assumed that, for example, because one of node close it is busy or be in failure
Pattern, without any flow between the first node and the second node.
Preferably, connecting test message is Ping messages.Ping is a computer network management software tool, for surveying
Try the accessibility of network node in SDN, and measure by message be sent to that destination node is sent back to again from source node it is round-trip when
Between.Ping messages are used to detect the connectivity on the osi layer -3 between the first node and the second node.
Preferably, connecting test message is hypertext transfer protocol (Hypertext Transfer Protocol, abbreviation
HTTP) message.HTTP message is the application protocol for distributed, collaboration, Hypermedia Information System.HTTP message is preferably
HTTP request message.Response of the flow control entity based on the inspection of HTTP inspection response message to HTTP request.HTTP message
For detecting the connectivity on the osi layer -4 between the first node and the second node.
Preferably, connecting test message includes several connecting test messages of different osi layers, with detect port behavior and
Its connectivity on different osi layers.To identify whether port failure occurs over just specific osi layer and port failure occurs
On which specific osi layer or whether the application of observation is responded on each osi layer of observation.
The flow control entity is used for the input flow rate in the various points along the path, with another by SDN application controls
The arrival of side message.Therefore, the point that its energy firm discharge has lost, can test various discharge patterns and pattern.
In case of a fault, due to various reasons, it is observed business itself or application will not transmission data flow.This is logical
Cross the fault detect business detection.Since network node still may send management data or other data by other application
Flow, therefore, the state of observation whole network port are critically important.This may be by low layer connecting test message, e.g. logical
What the Ping or ARP crossed in the matching stream of the present invention was realized.
According to first aspect or aforementioned any way of realization of first aspect, in the 9th kind of way of realization of the system
In, the local flow control entity is used to make the physical system topology and the software base with flogic system topology
Infrastructure is associated with.
Therefore, it has investigated and has been detected by above-mentioned failure detection schemes by virtual system, the physical entity of the system
Or failure caused by logic entity.If the failure only can be because physically or logically problem generation, the flow control entity carry out respectively
Notice.
According to first aspect or aforementioned any way of realization of first aspect, in the tenth kind of form of the system, institute
State error configurations of the local flow control entity for detecting the system.
Preferably, the configuration of mistake is to hinder the improper network parameter of some business normal use.For example, configuration identification
Including being arranged and maintaining baseline, which define SDN or subsystem architecture, the component and arbitrary portions carried out on arbitrary point in time
Administration.It is identified, records and the variation of follow-up tracking system arbitrary portion by design, exploitation, test and final deliver
Basis.It further includes to change request, change plan and its follow-up assessment ratified or disapproved.Configuration identification is control
To system design, the process of the modification of hardware, firmware, software and file.It further includes record and report configuration item description
Process.Once there are problems that suspecting, the modification of verification and the approval of baseline configuration can be quickly determined.It further include hardware and
The independent review of software, to assess and the functional product baseline of established performance requirement, suitable standard and distribution
Compliance.
According to first aspect or aforementioned any way of realization of first aspect, in a kind of the tenth way of realization of the system
In, the local flow control entity is used for object accesses method (object access method, abbreviation OAM) relevant stream
Amount is input in matching stream.
OAM is a kind of access method, it is intended to a large amount of big files of storage, such as picture.These big files can lead to following ask
Topic, default idle timeout may expire before these data transfers or may in a manner of unexpected blocking network resources.By this
OAM will be after matching stream input, it now is possible to reach other suitable network nodes by SDN application control messages.
Second aspect of the present invention provides a kind of method for detecting virtual port failure in software defined network system.Institute
The method of stating includes the following steps:Local flow control entity generates matching stream, wherein the flow control entity is placed in the system
First network node and the second network node between;The matching stream of the generation is inputted in the forwarding elements of the system;
The matching stream is established between the first node and the second node, wherein the matching stream includes empty using acquiescence
The connecting test message of not busy timeout value;When the timeout value expires, virtual port failure is detected.
According to second aspect, in the first way of realization of the method, the method further includes following steps:If
It receives when connecting test message that the timeout value is not yet due, the connecting test message is reported to be properly received.
According to the first of second aspect or second aspect way of realization, in second of way of realization of the method,
The system is the virtual overlapping system in a system, a system further include physical system topology and have logic system
The software infrastructure for topology of uniting.
According to second aspect or aforementioned any way of realization of second aspect, in the third way of realization of the method
In, the flow control entity is locally placed in first node side, to detect the virtual terminal of the first node or the second node
Mouth failure;And/or the flow control entity is locally placed in the second node side, to detect the first node or described second
The virtual port failure of node;And/or the flow control entity is locally placed between the first node and the second node
Virtual component in, to detect the virtual port failure of the first node or the second node.
According to second aspect or aforementioned any way of realization of second aspect, in the 4th kind of way of realization of the method
In, when the idle timeout value expires, detect virtual port failure.
According to second aspect or aforementioned any way of realization of second aspect, in the 5th kind of way of realization of the method
In, local flow control entity adjusts the default idle timeout value according to the specific data pattern of the system.
According to aforementioned any way of realization of second aspect, in the 6th kind of way of realization of the method, the local
The matching that flow control entity generates is flowed for measuring the data exchange delay time between the first node and the second node
Value.
According to second aspect or aforementioned any way of realization of second aspect, in the 7th kind of way of realization of the method
In, the matching stream that the local flow control entity generates loses for detection flows, or in open system interconnection model
Certain layer on input the connecting test message between the first node and the second node.
According to second aspect or aforementioned any way of realization of second aspect, in the 8th kind of way of realization of the method
In, the local flow control entity is used to make the physical system topology and the software base with flogic system topology
Infrastructure is associated with.
According to second aspect or aforementioned any way of realization of second aspect, in the 9th kind of way of realization of the method
In, the local flow control entity is used to the relevant flow of object accesses method being input in matching stream.
According to second aspect or aforementioned any way of realization of second aspect, in the tenth kind of way of realization of the method
In, the local flow control entity is used to detect the error configurations of the system.
The method of second aspect realizes all above-mentioned advantages of the system of first aspect.
Third aspect present invention provides a kind of computer program product, when for executing on the computing device, realizes root
According to the method for the detection virtual port failure described in second aspect and its any way of realization.
The method is realized by the computer program product, its all advantage may be implemented.
It should be noted that all devices, element, unit and mode described herein can be in software or hardware members
It is realized in part or their arbitrary combination.Step performed by various entities described in this application and described various realities
The body function to be executed, which is intended to, refers to each entity for executing each step and function.Even if following in specific embodiment retouch
In stating, the concrete function or step that are formed completely by external entity are not executing the specific of the entity of the specific steps or function
Reflect in the description of component details, technical staff should understand can be in each software or hardware element or their arbitrary combination
Realize these methods and function.
Description of the drawings
In conjunction with appended attached drawing, below the description of specific embodiment will illustrate the various aspects of aforementioned present invention and its realize shape
Formula, wherein:
Fig. 1 shows the basic system of the embodiment of the present invention;
Fig. 2 shows the systems of the first specific embodiment of the invention;
The system that Fig. 3 shows the second specific embodiment of the invention;
The system that Fig. 4 shows third specific embodiment of the present invention;
The system that Fig. 5 shows the 4th specific embodiment of the invention;
Fig. 6 shows the method flow diagram of the embodiment of the present invention.
Specific implementation mode
Fig. 1 shows the basic system 100 of the embodiment of the present invention.System 100 is SDN systems 100, including first network section
Point 101 comprising at least one virtual communication port 102.First network node 101 can be DCE, for example, modem,
Hub, bridge or interchanger;Or can also be DTE, for example, digital telephone mobile phone, printer or host computer, such as route
Device, work station or server.
SDN systems 100 further include the second network node 103 comprising at least another virtual communication port 104.Second
Network node 103 can be DCE, for example, modem, hub, bridge or interchanger;Or can also be DTE, example
Such as, digital telephone transmitter, printer or host computer, such as router, work station or server.
First network node 101 and second network node 103 are used to hand over by its virtual communication port 102 and 104
Change data.Virtual communication port 102 and 104 is the dedicated Internet access of each network node in SDN 100.It is network node
101 and 103 and network node 101 and 103 on can it is expected to come from all necessity of physical communication port using providing
Energy, reliability and security, but increase virtual flexibility.Different from physical port, virtual communication port 102 and 104 is root
It is customized respectively according to the requirement of network node 101 and 103.Bandwidth can be with being intended to distribute between network node 101 and 103, safely
With service quality (quality of service, abbreviation QoS) parameter it is also possible that.Network node 101 and 103 is accurate respectively
Obtain its required resource.First network node 101 and the second network node 103 can be the virtual switches in SDN 100
(virtual switch, abbreviation VS).
Virtual communication port 102 and 104 provides one kind for SDN and is controlled in the case of no proprietary network point spread or agency
The powerful way of network node behavior processed.Because the physical access point that the control network nodes 101 and 103 of SDN 100 are connected is simultaneously
Resource is distributed between virtual communication port 102 and 104, therefore it actually needs less network node intelligence.Virtual port
102 and 104 adapt to network node 101 and 103 respectively, rather than expectation network node 101 and 103 adapts to SDN 100.It is each empty
Quasi- communication port 102 and 104 provides additional safety line.Node 101 and 103 is each defined in its respective virtual network
In, and access rights are set so that node capacity and user role are matched.Fire wall based on each user also makes access
Right customization avoids SDN by permission expansion and inside threat.
SDN systems 100 further include flow control entity 105, are locally placed between first node 101 and second node 103.Stream
Controlled entity 105 is used to generate the matching stream 106 for virtual port fault detect.
Local flow control entity 105 is used to that matching stream to be respectively configured for the virtual port 102 and 104 in system 100.This
Flow can be used for or whereabouts communication, obtain highest priority but without any action.Matching stream 106 includes that acquiescence is empty
Not busy timeout value, the value can also be changed in the learning period.When matching stream 106 expires, fault detection message is generated, notifies SDN
100 detect virtual port failure.
Flow control entity 105 learns flow rate mode, and can be based on this detection failure.Therefore, the acquiescence in matching stream 106
Timeout value can be with the data traffic patterns of change that local flow control entity 105 is found in learning program.For example, in study rank
Section, when matching stream 106 expires and data traffic has been transmitted, timeout value is adjusted in flow control entity 105.The adjusting repeats pre-
Determine number, it, should to find the minimum timeout value being arranged required for the data transmission with the typical propagation loss of the communication scenes
Flow rate mode of the propagation loss based on application port and application port.
The detection of flow control entity 105 is due to load or the failure of the flow of abnormal sending port 102 and 104.Flow control is real
The application responded is not done in application port fault detect of the body 105 based on detection.For example, when network node 101 and 103 is closed,
Flow control entity 105 detects no flow and enters.If having used preferable detection module, granularity is still good.
Flow control entity 105 has all standing topological diagram, it is meant that the entity can see that first node 101 and second saves
Packet route between point 103, and can be along the path query message.Flow control entity 105 can be along first node
OAM flows are inputted in the various points in the path between 101 and second node 103, with by SDN the application controls respectively other side
The arrival of message.The point of 105 energy firm discharge loss of flow control entity, can test various discharge patterns and pattern.Flow control is real
Body 105 knows that Content Management System (content management system, abbreviation CMS) configures.Content Management System is meter
Calculation machine application allows content publication, editor and modification, tissue, deletion and the maintenance from central interface.Flow control entity
105 can detect the configuration of mistake, such as fire wall or load equalizer or dynamic host configuration protocol (dynamic host
Configuration protocol, abbreviation DHCP) or network address translation (Network Address Translation,
Abbreviation NAT) and/or domain name system (Domain Name System, abbreviation DNS) business configuration.
Matching stream 106 includes the destination address of network node 101 and 103 to be observed.Destination address for example can be
OpenFlow port numbers.Therefore flow loss is detected.Additionally or alternatively, destination address can be the ends business TCP/UDP
Slogan.It can be configured by cloud/service orchestration.(Deep PacketInspection, abbreviation DPI) is detected using deep message
Study mechanism can be applied to detection network node 101 and 103 after business and can automatically apply matching flow 106.
Fig. 2 shows the systems 100 of the first specific embodiment of the invention.Wherein, system 100 is virtual overlapping system 203.
The virtual overlapping system 203 covers logical topology 202 and physical topology 201.Flow control entity 105 can pass through invention end
Mouth fault detect business makes physical topology 201 be associated with the software infrastructure with logical topology 202.Flow control entity 106
In matching stream 106 for detecting different faults scene.
Matching stream 106 is detected does not obtain flow on particular port 102 and 104.This is by default idle timeout value
It realizes.Installation is complete matching stream 106 when, start timer event.If setting default time not in the port of observation
Flow is obtained on 102 and 104,106 instruction timeout value of matching stream expires.Therefore, the timing more than or equal to timeout value is reached
When device value, port failure is detected.
In addition, matching stream 106 is for investigating port is non-movable on which osi layer.Therefore, matching stream 106 is preferred
Ground configures at least one connecting test message.
First connecting test message may include ARP messages.If not met with a response based on ARP messages are sent, flow control entity
105 osi model data link layer 2 detect port failure.
Another connecting test message may include Ping messages.If not met with a response based on Ping messages are sent, flow control
Entity 105 detects port failure in the network layer 3 of osi model.
Another connecting test message may include HTTP message.If not met with a response based on HTTP request is sent, flow control
Entity 105 detects port failure in the transport layer 4 of osi model.
In a preferred embodiment, merge connecting test message.Therefore, matching stream 106 includes what flow control entity 105 configured
Specific connecting test message, these messages include multiple and different osi model layer message, are to observe one of connecting test message
It is no not responded.Accordingly, it is possible to will appear since flow control entity 105 obtains arp response, port 102 and 104 can be in data
Connectivity is provided on link layer 2.The network node 101 obtained due to flow control entity 105 and 103 right may be there is also
Ping is responded, and port 102 and 104 also can provide connectivity in network layer 3.It may there is also due to network node
101 and 103 do not respond HTTP request, and port 102 and 104 do not provide connectivity in transport layer 4.Therefore, flow control entity 105
Port failure is detected in port 102 or port 104 and the failure is appointed as 4 failure of layer.
Fig. 3 shows the system 100 of the second specific embodiment of the invention.Herein, to physical topology 201 and logical topology
202 component does finer description.
Physical topology 201 may include the first computing device 300 and the second computing device 312.These 300 Hes of computing device
312 by 313 physical interconnections of physical network, can be wired connection or wireless connections.Computing device 300 and 312 can be
Distributed point in any physical network nodes, such as host computer, client, server, mobile phone or network 201, such as physics are handed over
It changes planes or physical router.Computing device 300 and 312 can be network node 101 and 103 as described above.
Logical topology 202 is shown with pipeline.First virtual machine (virtual machine, abbreviation VM) 301 is calculated first
Installation and processing, are connected with the 2nd VM 311 in logic in equipment 300, and the 2nd VM is installed and place on the second computing device 312
Reason.
Multiple logics and virtual instance are placed in the logical path between the first VM 301 and the 2nd VM 311 of topology 202
On.
For example, installation secure group (security group, abbreviation SG) 302 and 310 is to control VM 301 and 311 and spy
Flow between stator net.With the fire wall difference controlled in operating system (operating system, abbreviation OS) rank, SG
It is controlled in network layer, independently of the OS run in VM 301 and 311.In SG 302 and 310, access control rule is defined,
For example, the proprietary action such as source IP address, purpose IP address, port, agreement and/or permission or refusal.
For example, installation virtual switch (virtual switch, abbreviation VS) 303 and 309 with control VM 301 and 311 it
Between flow.VS 303 and 309 is the software program for allowing VM 301 and 311 to communicate and capable of checking different messages.VS
303 and 309 can be understood as virtual port 102 and 104 as described above.
For example, installation virtual router 304 is with the routing data traffic between VM 301 and 311.For example, in 301 Hes of VM
NS software table (network access control list, abbreviation NACL) is provided in the logical path between 311
305.For example, provided in logical path between VM 301 and 311 fire wall service (firewall as aservice,
Abbreviation FWaaS) 306.For example, providing load balancing in logical path between VM 301 and 311 services (load
Balancer as a service, abbreviation LBaaS) 307.For example, being provided in logical path between VM 301 and 311 empty
Quasi- private network (virtual private network, abbreviation VPN) 307.
Example 300 to 312 is merely illustrative.More logics and virtual instance can be in logical topologies 202 and virtual superposition
It is used in system 203.
In virtual overlapping system 203, with reference to some in example 300 to 312.As previously mentioned, having used first segment
Point 101:Refer to the first computing device 300, second node 103:Refer to the second computing device 312, virtual port 102:Refer to the first VS
303, virtual port 104:Refer to the 2nd VS 309, flow control entity 105 and matching stream 106.In addition, router 304 is placed in first
Between node 101 and second node 102.Router 304 is equipped with FWaaS 306.
The first VM 301 of installation and operation on the first computing device 300 of hereinafter referred to as first node 101.Virtual port
102, i.e. the first VS 303, including SG 302 and tunnel bridge (unreferenced).
The 2nd VM 311 of installation and operation on the second computing device 312 of hereinafter referred to as second node 103.Virtual port
104, i.e. the 2nd VS 310, including LBaaS 307 also include tunnel bridge (unreferenced).
The example of port failure detection is described by the specific embodiment of Fig. 3 now.First, local flow control entity 105
Generate matching stream 106 comprising connecting test message, for example, the destination address of Ping messages and the 2nd VM 311.The generation
Matching stream 106 by flow control entity 105 input the first VM 301.
Secondly, VM 311 generates installation success message to flow control entity 105, and instruction is for observing entering from VM 301
It has been installed in the second node 103 of VM 311 to the rule of connecting test message.
Again, connecting test packet itself inputs the first node 101 of VM 301.
Finally, whether the VM 311 that flow control entity 105 detects on second node 103 has responded on first node 101
The connecting test message of VM 301.If using Ping messages as connecting test message, Ping responses should be by local flow control reality
Body 105 detects, and should generate notification message.
Fig. 4 shows the system 100 of third specific embodiment of the present invention.Compared with Fig. 3, Fig. 4 shows logic and virtual
Overlapping system 203 rather than the destination address in respective instance.To avoid unnecessary repetition, only describe between Fig. 3 and Fig. 4 below
Difference.The following addresses IPv4 are only the example of destination address.Additionally or alternatively, can be used meet IPv6 destination address or
MAC Address.
Router 304 be virtually connected with WAN the addresses IPv4 172.16.150.31 access.Router 304 is by VS303
Pass through the 10.0.0.1 virtual access of the addresses IPv4.VM 301 is also accessed by VS 303 by the addresses IPv4 10.0.0.11.
Router 304 be also virtually connected with VS 309 addresses IPv4 10.30.0.1 access.VM 311 is also by VS309
Pass through the 10.30.0.21 virtual access of the addresses IPv4.
The intelligence top of interchanger VS 303 and VS 309 can be managed by flow control entity 105, identical to benefit from
Fault detection mechanism.Delay and detection first can be measured by fault detect and the connecting test message of matching stream 106
All physical pathways between node 101 and second node 102.In addition, pluggable alarm mechanism can be introduced.
In addition, it now is possible to easily detect the configuration of mistake.Particularly, it can be detected by invention fault detection mechanism
The business configuration of FWaaS 306, LBaaS 307, DHCP, NAT and/or DNS.Meanwhile also having detected the mistake of SG and router
Configuration.
Fig. 5 shows the system 100 of the 4th specific embodiment of the invention.Wherein, shown system 100 meets OpenFlow marks
It is accurate.Wherein, the matching stream 106 that local flow control entity 105 generates inputs turning for OpenFlow systems 100 as flow table item 502
It sends out in element 501.Local flow control entity 105 is obtained in the management program example of virtual overlapping system 203.First node
101 and second node 103 respectively include virtual port 102 and 104, fault detect is as follows.
The first VM 301 of installation and operation on first node 101.The installation and operation second on second node 103
VM311.First, local flow control entity 105 generates matching stream 106 comprising connecting test message, such as ARP messages and
The destination address of 2nd VM 311.The matching stream 106 of the generation is input to by flow control entity 105 in the first VM301.The matching
The stream of stream 106 expires and/or stream reconfigures and is supplied to forwarding elements 501 as flow table item 502.
Secondly, VM 311 generates installation success message to flow control entity 105, and instruction is for observing entering from VM 301
It has been installed in the second node 103 of VM 311 to the rule of connecting test message.
Again, connecting test packet itself inputs the first node 101 of VM 301.
Finally, whether the VM 311 that flow control entity 105 detects on second node 103 has responded on first node 101
The connecting test message of VM 301.If using ARP messages as connecting test message, arp response should be by local flow control entity
105 detections, and notification message should be generated.If before obtaining arp response, the phase is flowed to, then forwarding elements 501 generate respective logical
Know.
Fig. 6 shows a kind of for detecting virtual port failure in software defined network system 100 in the embodiment of the present invention
Method 1000.In the first step 1001 of method 1000, local flow control entity 105 generates matching stream 106, which sets
It is placed between the first network node 101 of system 100 and the second network node 103.In second step 1002, the matching of generation
In the forwarding elements 501 for flowing 106 input systems 100.In third step 1003, first node 101 and second node 103 it
Between establish matching stream 106, wherein matching stream 106 includes the connecting test message using default idle timeout value.In four steps
In 1004, when timeout value expires, virtual port failure is detected.
Optionally, in the 5th step 1005 (dotted line in Fig. 6), if the time-out when receiving connecting test message
It is worth not yet due, the connecting test message is reported to be properly received.
In short, by the system 100 and method 1000 of proposition, the present invention is provided detects virtual terminal using idle timeout mechanism
The fault detection mechanism of mouth failure and/or load condition.The fault detect business is generally that VS is supported, is easy to flow with local
Controlled entity 105 is integrated.This method has Noninvasive, because flow control entity 105 is mounted with without the matching further acted
Stream 106, the study of flow control entity 105 adjust time-out to minimum timeout value by different timeout values.For learning program, observation
Flow rate mode and application port.Since problem is all located in closest to the local and non-central of virtual port, can obtain
To best fault detect granularity.
Flow control entity 105 in all described embodiments can all learn between first node 101 and second node 103
Average flow rate pattern.It is the entity configuration optimal granularity timeout value based on average flow rate pattern.
If matching stream 106 expires, flow control entity 105 detects port failure, can come to or whereabouts or both
All it is.A kind of safe measure can be provided to reset timer, and the notice/report detected about port failure in generation
It waits for before reporting to and expiring for the second time.
Then, flow control entity 105 is for notifying user to have detected that port failure.In addition, can be arranged it is automatic remedy and/
Or flow control entity 105 can be with for example, pass through the flow of OpenFlow standardized program heavy-route fault detects.
The result of fault detect can trigger local or remedying automatically from flow control entity 105.As a result can be, if inspection
Application and trouble pattern is measured, then blocks all of the port flow.Additionally or alternatively, upper layer machine may be triggered by blocking all flows
System, for example, LBaaS 307, so that one different network node of traffic steering.
Present inventive concept describes the various modes that failure is detected on virtual port 102 and 104.It may detect sight
Any flow is not obtained on the port 102 of survey and 104, can also, for example, according to the connecting test packet check based on osi layer
It is lost to certain application traffics.
In case of a fault, due to various reasons, it is observed business itself or application will not transmission data flow.This is logical
Cross the fault detect business detection.Due to network node 101 and 103 still may by other application send management data or
Therefore other data traffics it is critically important to detect complete port status.This may be by low layer connecting test message, e.g.
What the Ping matched in stream 106 or ARP through the invention was realized.
In order to identify application of being out of order, user may be it is to be understood that actually have what application and/or industry from multiple applications
It does honest work and is run on particular port 102 and 104.Therefore, setting can be integrated by DPI and wants matched stream.
If detecting flow loss, it can be assumed that the main business stream in network node 101 and 103 is the data flow of application
Amount.When matching stream 106 expires, the input of various connecting test messages can be started, check the spy of network node 101 and 103
Fixed end mouthful 102 and 104, which specific application failure detected.
It should be noted that system 100 is not limited to two network nodes 101 and 103.More network nodes or go-between
Node can be applied in system 100.
The different embodiments and embodiment for having been combined as example describe the present invention.But those skilled in the art
By putting into practice claimed invention, research attached drawing, the disclosure and independent claim, it is to be understood that and obtain other variants.It is wanted in right
In asking and describing, term " comprising " is not excluded for other elements or step, and plural possibility is not precluded in "one".Discrete component
Or other units can meet the function of several entities or project described in claims.Only it is being described with certain measures
This simple fact is not meant to that the combination of these measures cannot be advantageous in mutually different dependent claims
Realization method in use.
Claims (15)
1. a kind of software defined network system (100), which is characterized in that including:
First network node (101), including at least one virtual communication port (102);
Second network node (103), including at least another virtual communication port (104), wherein the first network node
(101) and second network node (103) is used to exchange data by its virtual communication port (102 and 104);
Flow control entity (105) is locally placed between the first network node (101) and second network node (103),
Wherein, the flow control entity (105) is used to generate the matching stream (106) for virtual port fault detect.
2. system according to claim 1 (100), it is characterised in that:
The system (100) is the virtual overlapping system (203) in a system, which further includes physical system topology
(201) and the software infrastructure with flogic system topological (202).
3. system (100) according to claim 1 or 2, it is characterised in that:
The matching stream (106) that the local flow control entity (105) generates inputs the system (100) as flow table item (502)
Forwarding elements (501) in.
4. according to the system (100) described in preceding claims one, it is characterised in that:
The matching stream (106) that the local flow control entity (105) generates includes the first network node (101) or described the
The destination address of two network nodes (102), and further include connecting test message.
5. according to the system (100) described in preceding claims one, it is characterised in that:
The flow control entity (105) is locally placed in the first node (101) side, with detect the first node (101) or
The virtual port failure of the second node (103);And/or
The flow control entity (101) is locally placed in the second node (103) side, with detect the first node (101) or
The virtual port failure of the second node (103);And/or
The flow control entity (105) is locally placed in virtual between the first node (101) and the second node (103)
In element, to detect the virtual port failure of the first node (101) or the second node (103).
6. according to the system (100) described in preceding claims one, it is characterised in that:
The matching stream (106) that the local flow control entity (105) generates includes default idle timeout value;
When the idle timeout value expires, virtual port failure is detected.
7. system (100) according to claim 6, it is characterised in that:
The local flow control entity (105) adjusts the Default Idle according to the specific data pattern of the system (100) and surpasses
Duration.
8. according to the system (100) described in preceding claims one, it is characterised in that:
The matching stream (106) that the local flow control entity (105) generates is for measuring the first node (101) and described the
Data exchange delay time value between two nodes (103).
9. according to the system (100) described in preceding claims one, it is characterised in that:
The matching stream (106) that the local flow control entity (105) generates loses for detection flows or in open system
The connecting test message between the first node (101) and the second node (103) is inputted in certain layer in interconnection model.
10. according to the system (100) described in preceding claims one, it is characterised in that:
The local flow control entity (105) is for making the physical system topological (201) and having flogic system topology
(202) software infrastructure association.
11. according to the system described in claim 2 to 10 one, it is characterised in that:
The local flow control entity (105), which is used to the relevant flow of object accesses method being input to the matching, flows (106)
In.
12. according to the system described in preceding claims one, it is characterised in that:
The local flow control entity (105) is used to detect the error configurations of the system (100).
13. method (1000) of the one kind for detection virtual port failure in software defined network system (100), feature exists
In the method (1000) includes the following steps:
Local flow control entity (105) generates (1001) matching stream (106), wherein the flow control entity (105) is placed in described
Between first network node (101) in system (100) and the second network node (103);
The matching stream (106) of input (1002) described generation in the forwarding elements (501) of the system (100);
(1003) described matching stream (106) is established between the first node (101) and the second node (103), wherein
The matching stream (106) includes the connecting test message using default idle timeout value;
When the timeout value expires, (1004) virtual port failure is detected.
14. according to the method for claim 13 (1000), which is characterized in that further include following steps:
If the timeout value is not yet due when receiving connecting test message, (1005) described connecting test message is reported successfully to connect
It receives.
15. a kind of computer program product, which is characterized in that when for executing on the computing device, realize according to claim
The method (1000) of detection virtual port failure described in 13 or 14.
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| PCT/EP2015/076517 WO2017080611A1 (en) | 2015-11-13 | 2015-11-13 | Software defined network system for port failure detection |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108353027A true CN108353027A (en) | 2018-07-31 |
| CN108353027B CN108353027B (en) | 2020-12-15 |
Family
ID=54707750
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201580084571.0A Active CN108353027B (en) | 2015-11-13 | 2015-11-13 | Software defined network system and method for detecting port fault |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN108353027B (en) |
| WO (1) | WO2017080611A1 (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110891284A (en) * | 2018-09-07 | 2020-03-17 | 维沃移动通信有限公司 | Method for acquiring and sending periodic traffic pattern information, base station and communication network element |
| US11132109B2 (en) | 2019-05-08 | 2021-09-28 | EXFO Solutions SAS | Timeline visualization and investigation systems and methods for time lasting events |
| CN115208759A (en) * | 2022-07-14 | 2022-10-18 | 中国电信股份有限公司 | Fault analysis system and method |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111835682B (en) * | 2019-04-19 | 2021-05-11 | 上海哔哩哔哩科技有限公司 | Connection control method, system, device and computer readable storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6032194A (en) * | 1997-12-24 | 2000-02-29 | Cisco Technology, Inc. | Method and apparatus for rapidly reconfiguring computer networks |
| CN104506408A (en) * | 2014-12-31 | 2015-04-08 | 杭州华三通信技术有限公司 | Data transmission method and device based on SDN |
| US9038151B1 (en) * | 2012-09-20 | 2015-05-19 | Wiretap Ventures, LLC | Authentication for software defined networks |
-
2015
- 2015-11-13 WO PCT/EP2015/076517 patent/WO2017080611A1/en active Application Filing
- 2015-11-13 CN CN201580084571.0A patent/CN108353027B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6032194A (en) * | 1997-12-24 | 2000-02-29 | Cisco Technology, Inc. | Method and apparatus for rapidly reconfiguring computer networks |
| US9038151B1 (en) * | 2012-09-20 | 2015-05-19 | Wiretap Ventures, LLC | Authentication for software defined networks |
| CN104506408A (en) * | 2014-12-31 | 2015-04-08 | 杭州华三通信技术有限公司 | Data transmission method and device based on SDN |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110891284A (en) * | 2018-09-07 | 2020-03-17 | 维沃移动通信有限公司 | Method for acquiring and sending periodic traffic pattern information, base station and communication network element |
| CN110891284B (en) * | 2018-09-07 | 2021-11-23 | 维沃移动通信有限公司 | Method for acquiring and sending periodic traffic pattern information, base station and communication network element |
| US11132109B2 (en) | 2019-05-08 | 2021-09-28 | EXFO Solutions SAS | Timeline visualization and investigation systems and methods for time lasting events |
| CN115208759A (en) * | 2022-07-14 | 2022-10-18 | 中国电信股份有限公司 | Fault analysis system and method |
| CN115208759B (en) * | 2022-07-14 | 2024-02-23 | 中国电信股份有限公司 | Fault analysis system and method |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2017080611A1 (en) | 2017-05-18 |
| CN108353027B (en) | 2020-12-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11159487B2 (en) | Automatic configuration of perimeter firewalls based on security group information of SDN virtual firewalls | |
| US9930018B2 (en) | System and method for providing source ID spoof protection in an infiniband (IB) network | |
| Schlinker et al. | PEERING: Virtualizing BGP at the Edge for Research | |
| CN107409089A (en) | Business function login mechanism and ability authorized index | |
| US10454809B2 (en) | Automatic network topology detection for merging two isolated networks | |
| US11595483B2 (en) | Devices, systems and methods for internet and failover connectivity and monitoring | |
| US20120303790A1 (en) | Host Visibility as a Network Service | |
| WO2021231989A1 (en) | System and methods for transit path security assured network slices | |
| EP2876844A1 (en) | Self-debugging router platform | |
| CN108353027A (en) | A kind of software defined network system for detecting port failure | |
| CN112910704B (en) | Local area network system, method and device supporting dynamic self-adaptive network configuration | |
| Binzenhöfer et al. | A P2P-based framework for distributed network management | |
| Cunha et al. | 5 Growth: Secure and reliable network slicing for verticals | |
| Ruslan et al. | Scalability analysis in mininet on software defined network using onos | |
| Park et al. | A fast recovery scheme based on detour planning for in-band OpenFlow networks | |
| Kirkpatrick | Fixing the internet | |
| EP2698961B1 (en) | Method, system and devices for securing traffic on a traffic path in a computer network | |
| US11765059B2 (en) | Leveraging operation, administration and maintenance protocols (OAM) to add ethernet level intelligence to software-defined wide area network (SD-WAN) functionality | |
| Matties | Distributed responder ARP: Using SDN to re-engineer ARP from within the network | |
| Saini et al. | Implementation of Secured Wired and WLAN Network Using eNSP | |
| KR102092015B1 (en) | Method, apparatus and computer program for recognizing network equipment in a software defined network | |
| Syafei et al. | Centralized Dynamic Host Configuration Protocol and Relay Agent for Smart Wireless Router | |
| Zadkhosh et al. | Toward manageable middleboxes in software‐defined networking | |
| Köstler et al. | Network Federation for Inter-cloud Operations | |
| Ceferin et al. | Service quality assurance in the IP networks for smart grids |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220218 Address after: 550025 Huawei cloud data center, jiaoxinggong Road, Qianzhong Avenue, Gui'an New District, Guiyang City, Guizhou Province Patentee after: Huawei Cloud Computing Technologies Co.,Ltd. Address before: 518129 Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen Patentee before: HUAWEI TECHNOLOGIES Co.,Ltd. |
|
| TR01 | Transfer of patent right |