CN109728931B

CN109728931B - Network fault delimitation method and device and computer storage medium

Info

Publication number: CN109728931B
Application number: CN201711047408.4A
Authority: CN
Inventors: 徐俊杰; 袁舟; 王建
Original assignee: Huawei Technologies Co Ltd
Current assignee: Huawei Technologies Co Ltd
Priority date: 2017-10-31
Filing date: 2017-10-31
Publication date: 2021-06-15
Anticipated expiration: 2037-10-31
Also published as: CN109728931A

Abstract

The application provides a method and a device for delimiting network faults and a computer storage medium, wherein the method comprises the following steps: the control equipment sends a fault detection indication message to a server for fault delimitation, the fault indication message is used for indicating the server to send a tracing message by using a fault IP to be traced, the control equipment receives the number of the tracing messages sent by all switches in a network, the number of the tracing messages is obtained by the switches according to a message matching strategy, the message matching strategies on all the switches are the same, and the control equipment determines the switch with the fault according to the number of the tracing messages sent by all the switches. In the method, because the message matching strategies on all the switches are the same and the message matching strategies of the switches are not influenced by networking, the configuration amount of the switches is greatly reduced, and the method carries out fault delimitation according to the number of the tracking messages, is simple to realize, and is quick and accurate in delimitation.

Description

Network fault delimitation method and device and computer storage medium

Technical Field

The present application relates to communications technologies, and in particular, to a method and an apparatus for delimiting a network fault, and a computer storage medium.

Background

The service interaction between the servers needs to pass through a plurality of switching devices, and the service message is lost when any one switching device in the network has hardware and/or software failure, so that when the network has failure, the network failure delimitation needs to be carried out quickly, namely the failed switching device is found quickly. As the size and complexity of networks increase, the difficulty of delimitation of faults in networks also increases.

Taking a CLOS (claus) network as an example, the CLOS network adopts a Multi-stage switching architecture, and a plurality of Equal Cost Multi-Path (ECMP) routes exist in the CLOS network, so that non-blocking can be achieved. When the switching device forwards the packet, the forwarding path may be selected according to the hash value of the five-tuple of the packet, and generally, the forwarding path of the packet on the same flow is fixed, and the packets on different flows may be routed to different paths. When a Network failure occurs, although a device for fixed delimiting detects an Internet Protocol (IP) pair of the failure, because there are many forwarding paths, the failure delimiting of the Network cannot be completed by using a conventional Internet Packet explorer (Packet Internet Groper) and route tracking (transit) method, so in the prior art, a Network Quality Analysis (NQA) technology is often used to delimit the failure of the Network, and the NQA technology analyzes the Network performance or service Quality by sending a test message, and determines the location of the failure according to the analysis result.

However, the NQA technique requires configuring parameters for each link of each switch in the network, and a switch usually includes multiple links, and the configuration of each link is different, so that the configuration amount of the switch is very large, and the technique is greatly affected by networking change, for example, when an IP address of a certain port of the switch changes, the link where the IP address is located needs to be reconfigured, and the configuration amount of the switch also increases.

Disclosure of Invention

The application provides a network fault delimiting method and device, so that the configuration quantity of a switch is greatly reduced, and the fault delimiting method is quick and accurate.

A first aspect of the present application provides a method for delimiting a network fault, including:

the method comprises the steps that control equipment sends a fault detection indication message to a server for fault delimitation, wherein the fault detection indication message is used for indicating the server to send a tracing message by using a fault Internet Protocol (IP) pair to be traced;

the control equipment receives the number of tracking messages sent by each switch in a network, wherein the number of the tracking messages is obtained by the switches according to matching of message matching strategies, the message matching strategies are used for indicating the switches to match and count the tracking messages sent by the server, and the message matching strategies on each switch are the same;

and the control equipment determines the switch with the fault according to the number of the tracking messages sent by each switch.

Optionally, before the control device receives the number of the trace packets sent by each switch in the network, the method further includes:

and the control equipment sends an enabling indication message to each switch, wherein the enabling indication message is used for indicating the switch to enable the message matching strategy.

Optionally, after determining the failed switch, the method further includes:

and the control equipment sends a disabling indication message to each switch, wherein the disabling indication message is used for indicating the switch to omit enabling the message matching strategy.

Optionally, before the controlling device sends the fault detection indication message to the server for fault definition, the controlling device further includes:

the control equipment receives a fault alarm message sent by at least one server, wherein the fault alarm message comprises a fault IP pair detected by the server;

and the control equipment determines a server for fault detection and the fault IP pair to be tracked from the at least one server according to the received fault IP pair.

and the control equipment configures the message matching strategy for each switch.

A second aspect of the present application provides a delimiting method for a network fault, including:

the server sends detection messages to other servers in the network;

when the server detects a fault Internet Protocol (IP) pair according to the detection message, the server sends a fault alarm message to control equipment, wherein the fault alarm message comprises the fault IP pair detected by the server;

the server receives a fault detection indication message sent by the control equipment, wherein the fault detection indication message is used for indicating the server to use a fault IP pair to be traced to send a tracing message;

and the server sends N tracking messages to the switch, the IP pair of the tracking message is the fault IP pair to be tracked, and N is an integer greater than 1.

A third aspect of the present application provides a delimiting method for a network fault, including:

the switch receives messages sent by a server or other switches;

the switch matches the received messages according to a pre-configured message matching strategy, when the tracking messages are matched, the number of the tracking messages is increased by 1, and the message matching strategy is used for indicating the switch to match and count the tracking messages sent by the server;

and when the reporting condition is met, the switch sends the number of the matched tracking messages to the control equipment.

Optionally, before the switch matches the received message according to the message matching policy, the method further includes:

the switch receives an enabling indication message sent by control equipment, wherein the enabling indication message is used for indicating that the message matching strategy is enabled;

and the switch enables the message matching strategy according to the enabling indication message.

Optionally, after the switch sends the number of the trace packets to the control device, the method further includes:

the switch receives a disabling indication message sent by the control equipment, wherein the disabling indication message is used for indicating that the message matching strategy is omitted to enable;

and the switch omits the enabling of the message matching strategy according to the disabling indicating message.

Optionally, the switch further includes, before matching the received message according to the message matching policy, that:

and the switch receives a configuration message sent by the control equipment, wherein the configuration message is used for configuring the message matching strategy.

A fourth aspect of the present application provides a control apparatus comprising:

the system comprises a sending module, a judging module and a tracking module, wherein the sending module is used for sending a fault detection indication message to a server for fault delimitation, and the fault detection indication message is used for indicating the server to send a tracking message by using a fault Internet Protocol (IP) pair to be tracked;

the receiving module is used for receiving the number of the tracking messages sent by each switch in the network, wherein the number of the tracking messages is obtained by the switches according to the matching of a message matching strategy, the message matching strategy is used for indicating the switches to match and count the tracking messages sent by the server, and the message matching strategies on each switch are the same;

and the first determining module is used for determining the switch with the fault according to the number of the tracking messages sent by each switch.

Optionally, the sending module is further configured to: and sending an enabling indication message to each switch, wherein the enabling indication message is used for indicating the switch to enable the message matching strategy.

Optionally, the sending module is further configured to: and sending a disabling indication message to each switch, wherein the disabling indication message is used for indicating the switch to omit the enabling of the message matching strategy.

Optionally, the receiving module is further configured to receive a fault warning message sent by at least one server, where the fault warning message includes a fault IP pair detected by the server;

the control apparatus further includes:

and a second determining module, configured to determine, according to the faulty IP pair received by the receiving module, a server for performing fault detection and the faulty IP pair to be tracked from the at least one server.

Optionally, the method further includes: and the configuration module is used for configuring the message matching strategy for each switch.

A fifth aspect of the present application provides a server comprising:

the sending module is used for sending the detection message to other servers in the network;

the sending module is further configured to send a failure warning message to the control device when the server detects a failed IP pair according to the detection packet, where the failure warning message includes the failed IP pair detected by the server;

a receiving module, configured to receive a fault detection indication message sent by the control device, where the fault detection indication message is used to indicate the server to send a trace message by using a fault IP pair to be traced;

the sending module is used for sending N tracking messages to the switch, the IP pair of the tracking message is the fault IP pair to be tracked, and N is an integer greater than 1.

A sixth invention of the present application provides a switch, comprising:

the receiving module is used for receiving messages sent by the server or other switches;

the matching module is used for matching the received messages according to a preconfigured message matching strategy, adding 1 to the number of the tracking messages when the tracking messages are matched, and the message matching strategy is used for indicating the switch to match and count the tracking messages sent by the server;

and the sending module is used for sending the number of the tracking messages matched by the matching module to the control equipment when the reporting condition is met.

Optionally, the system further comprises an enabling module;

the receiving module is further configured to receive an enabling indication message sent by the control device, where the enabling indication message is used to indicate that the message matching policy is enabled;

and the enabling module is used for enabling the message matching strategy according to the enabling indication message.

Optionally, the receiving module is further configured to receive a disabling indication message sent by the control device, where the disabling indication message is used to indicate that the matching policy for the packet is omitted from enabling;

the enabling module is further configured to omit enabling the message matching policy according to the disabling indication message.

Optionally, the receiving module is further configured to receive a configuration message sent by the control device, where the configuration message is used to configure the message matching policy.

Optionally, in the first aspect to the sixth aspect of the present application, the packet matching policy is a quality of service QoS policy;

the QoS policy comprises: a high level access control list ACL, flow type and flow action, said flow type and said flow action being associated;

wherein the matching options of the high level ACL include at least one of the following information: tracing a source port, a destination port and a Differential Server Code Point (DSCP) of a message;

the flow type is that the received message is matched with the high-level ACL;

and the flow is used for counting the number of the matched tracking messages.

Optionally, in the first aspect to the sixth aspect of the present application, the matching option of the high-level ACL further includes the number of the trace packets.

Optionally, in the first to sixth aspects of the present application, at least one of the source port, the destination port, and the differencing server code point DSCP of the trace packet is different from other packets in the network.

A seventh aspect of the present application provides a computer-readable storage medium for use in a control apparatus, the computer-readable storage medium storing instructions that, when executed by a computing device, cause the control apparatus to perform the method according to the first aspect of the present application.

An eighth aspect of the present application provides a computer-readable storage medium for use in a server, the computer-readable storage medium storing instructions that, when executed by a computing device, cause the server to perform the method according to the second aspect of the present application.

A ninth aspect of the present application provides a computer-readable storage medium for use in a switch, the computer-readable storage medium storing instructions that, when executed by a computing device, cause the switch to perform the method according to the third aspect of the present application.

A tenth aspect of the present application provides a control device comprising a processor, a memory for storing instructions, and a transceiver for communicating with other devices, the processor being configured to execute the instructions stored in the memory to cause the control device to perform the method according to the first aspect of the present application.

An eleventh aspect of the present application provides a network device comprising a processor, a memory for storing instructions, and a transceiver for communicating with other devices, the processor being configured to execute the instructions stored in the memory to cause the server to perform the method according to the second aspect of the present application.

A twelfth aspect of the present application provides a switch comprising a processor, a memory for storing instructions, and a transceiver for communicating with other devices, the processor being configured to execute the instructions stored in the memory to cause the switch to perform the method according to the third aspect of the present application.

The control equipment sends a fault detection indication message to a server for fault delimitation, the fault indication message is used for indicating the server to send a tracing message by using a fault IP to be traced, the control equipment receives the number of the tracing messages sent by all switches in the network, the number of the tracing messages is obtained by the switches according to a message matching strategy, the message matching strategy is used for matching and counting the tracing messages sent by the server, the message matching strategies on all the switches are the same, and the control equipment determines the switch with the fault according to the number of the tracing messages sent by all the switches. In the method, because the message matching strategies on all the switches are the same and the message matching strategies of the switches are not influenced by networking, the configuration amount of the switches is greatly reduced, and the method carries out fault delimitation according to the number of the tracking messages, is simple to realize, and is quick and accurate in delimitation.

Drawings

FIG. 1 is a schematic diagram of a network architecture suitable for use with the present application;

FIG. 2 is a schematic diagram of a CLOS network;

FIG. 3 is another schematic diagram of a CLOS network;

fig. 4 is a flowchart of a delimiting method of a network fault according to an embodiment of the present application;

FIG. 5 is a diagram illustrating forwarding of trace messages;

fig. 6 is a flowchart of a network failure delimiting method according to a second embodiment of the present application;

fig. 7 is a flowchart of a network failure delimiting method according to a third embodiment of the present application;

fig. 8 is a signaling diagram of a network failure delimiting method according to a fourth embodiment of the present application;

fig. 9 is a schematic structural diagram of a control device according to a fifth embodiment of the present application;

fig. 10 is a schematic structural diagram of a control device according to a sixth embodiment of the present application;

fig. 11 is a schematic structural diagram of a server according to a seventh embodiment of the present application;

fig. 12 is a schematic structural diagram of a switch according to an eighth embodiment of the present application;

fig. 13 is a schematic structural diagram of a control device according to a ninth embodiment of the present application;

fig. 14 is a schematic structural diagram of a server according to a tenth embodiment of the present application;

fig. 15 is a schematic structural diagram of a switch according to an eleventh embodiment of the present application.

Detailed Description

The present application provides a network fault delimiting method, fig. 1 is a schematic diagram of a network architecture to which the present application is applicable, and as shown in fig. 1, the network architecture includes: switching network, control device and server. The switching network is made up of a plurality of switches, which may be CLOS networks. The number of the servers is multiple, and service interaction between the servers needs to pass through the switching network. The control device is a device added in the present application, and the control device may communicate with the server and the switch, where the control device and the switch may communicate with each other through a Simple Network Management Protocol (SNMP).

Fig. 2 is a schematic diagram of a CLOS network, and as shown in fig. 2, the CLOS network is composed of three layers of switches: the access layer, the convergence layer and the core layer, wherein switches located at the access layer (the lowest layer of the network) are called access switches or boundary switches, each boundary switch can be connected with a plurality of servers, and the servers access the network through the boundary switches. The switches of the aggregation layer (network intermediate layer) are called aggregation switches, the switches of the core layer (network highest layer) are called core switches, each aggregation switch is connected with a plurality of boundary switches, and each core switch is connected with all aggregation switches.

Fig. 3 is another schematic diagram of a CLOS network, which, as shown in fig. 3, includes only two layers of switches: core layer and access layer, each core switch is connected with all boundary switches.

In this application, each server in the network shown in fig. 1 needs to generate a detection message in addition to completing the transmission and reception of a service message, and performs pairwise detection with other servers in the network through the detection message, and when a link failure is detected, sends a failure alarm message to the control device to notify the control device that the network fails. And when receiving a fault detection indication message sent by the control equipment, generating a tracking message and sending the tracking message to the connected switch.

The control equipment is used for configuring message matching strategies for all the switches in the network respectively, the message matching strategies of all the switches are the same, and the message matching strategies are used for matching and counting the tracking messages sent by the server. When the control equipment receives the fault alarm message sent by the server, the control equipment instructs the server to generate a tracking message, subsequently receives the number of the tracking messages reported by each switch after the tracking message is sent, and determines the switch with the fault according to the number of the tracking messages.

The switch is used for matching and counting the tracking messages according to the message matching strategy.

Based on the network architectures shown in fig. 1 to fig. 3, the network fault delimiting method provided by the present application aims to solve the problems of large configuration amount and large occupied resource of the switch in the network fault delimiting method in the prior art.

The following describes the technical solutions of the present application and how to solve the above technical problems with specific embodiments. The several exemplary embodiments may be combined, and details of the same or similar concepts or processes may not be repeated in some embodiments. Embodiments of the present application will be described below with reference to the accompanying drawings.

Fig. 4 is a flowchart of a network failure delimiting method according to an embodiment of the present application, and as shown in fig. 4, the method according to the embodiment includes the following steps:

step S101, the control device sends a fault detection indication message to the server for fault delimitation, wherein the fault detection indication message is used for indicating the server to send a tracking message by using a fault IP pair to be tracked.

And after receiving the fault detection indication message, the server generates a tracking message according to the fault IP pair to be tracked, wherein the source IP address and the destination IP address of the tracking message are the source IP address and the destination IP address included in the fault IP pair to be tracked. The trace packet should be different from existing packets (including existing service packets and probe packets), and in the present application, one or more of a source port, a destination port, a Differentiated Services Code Point (DSCP) or a protocol of the trace packet may adopt a special value different from the existing packet, so as to make the trace packet different from the existing packet. The DSCP is to encode 8 identification bytes in the IP header of a packet to classify service types and prioritize services in order to ensure QoS of communication.

Optionally, before step S101, the control device determines a server for performing fault delimitation and a fault IP pair to be tracked. For example, the control device may determine the server used for fault delimitation and the fault IP pair to be traced by: the control equipment receives a fault alarm message sent by at least one server, the fault alarm message comprises a fault IP pair detected by the server, and the control equipment determines the server for fault detection and the fault IP pair to be tracked from the at least one server according to the received fault IP pair.

The fault warning message is sent to the control equipment when the server detects that the network has a fault, and the fault warning message is used for notifying the control equipment that the network has a fault. The network comprises a plurality of servers, wherein every two servers are used for detecting to determine whether the network has faults or not and fault IP pairs with faults, one fault IP pair comprises a source IP address and a target IP address, and the fault IP pair represents the source IP address and the target IP address of a packet to be lost. One server reports one or more fault IP pairs.

When only one server reports the fault alarm message, the control equipment determines that the server is the server for carrying out fault delimitation. When a plurality of servers report fault alarm messages, the control equipment can select part of the servers from the plurality of servers for fault delimitation, and can also determine all the servers for fault delimitation. Fault IP pairs reported by a plurality of servers may overlap, a fault in a network may be caused by a fault of the same switch, and if all the servers perform fault delimitation, the servers may generate a large amount of trace messages and occupy a large amount of network resources, so that the servers may select a part of the servers for fault delimitation, for example, select one of the servers for fault delimitation.

For example, the fault IP pairs reported by the server a and the server B are the same, the fault IP pairs reported by the server a and the server B may be both caused by the same fault switch, and if the two servers both perform fault delimitation, which causes waste of network resources, the control device may select the server a or the server B for fault delimitation.

The control device may also receive a plurality of fault IP pairs, and determine a fault IP pair to be tracked from the plurality of fault IP pairs, where the number of fault IPs to be tracked may be one or more. When the server for performing fault definition is multiple, the fault IPs to be traced of the multiple servers may be the same or different.

In the method, the control equipment triggers the fault delimitation by receiving the fault warning message reported by the server, and the server automatically detects the network fault and reports the network fault to the control equipment, so that the network fault can be delimited and eliminated in time, operation and maintenance personnel are helped to find complex network problems, and the operation and maintenance personnel can recover the fault before the client finds the problem as much as possible, thereby improving the overall competitiveness of the network.

Optionally, before step S101, the control device receives a fault delimiting indication message sent by the network management system, and optionally, the fault delimiting indication message may be sent after the gateway system receives a fault reported by the user. And the control equipment triggers the fault delimitation according to the fault delimitation indication message. Optionally, the fault delimiting indication message may further include an identifier of a server used for fault delimiting, and if the fault delimiting indication does not include the identifier of the server used for fault delimiting, the control device may further select one or more servers from the plurality of servers for fault delimiting at random or according to a preset rule, and the fault IP pair to be tracked is also specified by the control device.

Optionally, the control device may also periodically trigger the fault definition, so that a network fault can be timely discovered. When the detection period of the control device reaches, the control device can select one or more servers from the plurality of servers randomly or according to a preset rule for fault delimitation, the fault IP pair to be tracked is also designated by the control device, and then the control device sends a fault detection indication message to the servers for fault delimitation.

Step S102, the control equipment receives the number of the tracking messages sent by each switch in the network, wherein the number of the tracking messages is obtained by the switches according to the matching of the message matching strategies, and the message matching strategies are used for indicating the switches to match and count the tracking messages sent by the server.

And the message matching strategies configured on all the switches are the same. The message matching strategy can be configured to the switch by the control device in advance, or can be configured to the switch by other devices or management personnel manually. Illustratively, the control device may send a configuration message to each switch through the SNMP, where the configuration message includes the packet matching policy, and the configuration message is used to configure the packet matching policy.

In the method of the embodiment, because the configuration message matching strategies of all the switches are the same, and the control equipment only needs to configure one message matching strategy for each switch, compared with the prior art, the configuration amount of the switches is reduced. In the prior art, one switch has multiple links, and each link of each switch needs to be configured with parameters, and the configuration parameters of different links are different, so that the configuration amount is very large. The method of the embodiment is not affected by networking, for example, when an IP address in a network changes, the method does not affect a message matching policy.

Optionally, the packet matching policy is a QoS policy, and the QoS policy includes: an Access Control List (ACL), a stream type (traffic class) and a stream action (traffic bearer), which are associated. Wherein the matching options of the high level ACL include at least one of the following information: the source port, destination port, and DSCP of the message are tracked.

Taking a port number as an example, the value of the existing port number is 0 to 65535, and the port number can be classified into the following three categories:

(1) recognized Ports (Well Known Ports): from 0 to 1023, they are tightly bound (binding) to some services. Typically, the communication of these ports explicitly indicates the protocol of a certain service. For example: the port number 80 indicates HyperText Transfer Protocol (HTTP) communication, and the port number 21 indicates File Transfer Protocol (FTP) communication.

(2) Registered Ports (Registered Ports): from 1024 to 49151. They are loosely bound to some services, that is, there are many services bound to these ports, which are also used for many other purposes. For example: many systems handle dynamic ports starting at around 1024.

(3) Dynamic and/or Private Ports (Dynamic and/or Private Ports): from 49152 to 65535.

In this embodiment, the source port number and the destination port number of the trace packet may be any one of the port numbers of the third-type ports 49152 to 65535, as long as the port number of the trace packet is different from the port numbers of other packets. The DSCP occupies 8 bits (bit) in total, wherein the first six bits are the values of the DSCP, the last two bits are reserved, the value range of the DSCP is 0-63, some reserved values in 0-63 can be used as the DSCP of the trace message, and a 7-bit or 8-bit DSCP can be newly defined.

Optionally, the matching option of the high-level ACL further includes a Protocol for tracing a packet, where the Protocol for tracing the packet may be a User Datagram Protocol (UDP).

In this embodiment, the flow type is that a high-level ACL is matched to the received packet, and the flow is used to count the number of the matched trace packets. When configuring the QoS policy, the high-level ACL may be configured first, and then the QoS policy may be configured to associate the flow type with the flow.

Optionally, the message matching policy is a global type, and the global type does not need to distinguish interfaces, that is, the switch performs unified matching and counting on the messages received on all the interfaces by using the message matching policy. Optionally, the message matching policy is a local type, the local type needs to distinguish interfaces, that is, the switch performs matching and counting on the messages matched on each interface, correspondingly, the subsequent switch reports the number of the messages matched on each interface to the server, and the server can locate which interface of the switch has a fault according to the number of the messages matched on each interface reported by the switch.

And step S103, the control equipment determines the switch with the fault according to the number of the tracking messages sent by each switch.

The number of the trace messages sent by the server is a fixed value, if no network fault occurs, the number of the trace messages received by each switch on a path through which the trace messages pass is also the fixed value, and if the network fault occurs, the switch with the fault can lose packets, so that the number of the trace messages received by subsequent switches is reduced. After receiving the number of the trace messages sent by each switch, the control device determines the switch on the path through which the trace messages pass, specifically, the control device determines whether the number of the trace messages received by each switch is greater than 0, if the number of the trace messages received by the switch is greater than 0, the switch is the switch on the path through which the trace messages pass, and if the number of the trace messages received by the switch is 0, the switch is not the switch on the path through which the trace messages pass.

After the switches on the path through which the trace message passes are determined, the sequence of the switches on the path through which the trace message passes can be determined according to the networking condition of the switches, then, the number of the switches on the path through which the trace message passes is compared, if the trace messages received by the switches on the path are all reduced from a certain switch, it can be determined that a link from the previous switch of the switch to the switch has a fault, so that the trace message is lost, and the number of the trace messages received by the subsequent switches on the path is reduced.

Fig. 5 is a schematic diagram of forwarding a trace message, and as shown in fig. 5, the CLOS network includes two layers of switches: boundary switch and core switch, the number of boundary switch is 4, and the number of core switch is 2, and the server number is 2, and server 1 is connected with

boundary switch

1 and 2, and server 2 is connected with boundary switch 3 and 4, and

boundary switch

1, 2, 3, 4 all are connected with core switch 1 and core switch 2. Assume that the IP address of the server 1 is IP1, the IP address of the border switch 1 is IP2, the IP address of the border switch 2 is IP3, the IP address of the border switch 3 is IP4, the IP address of the border switch 4 is IP5, the IP address of the core switch 1 is IP6, the IP address of the core switch 2 is IP7, and the IP address of the server 2 is IP 10.

The server 1 is a server for performing fault delimitation, and assuming that the server 1 sends 100 trace messages, a trace message forwarding path is a path through which a thick black solid line passes in fig. 5, a thin black solid line represents a link between devices, and a dotted line represents a link fault, the path through which the trace message passes is: server 1, border switch 2, core switch 2, border switch 3, server 2. The server 1 sends 100 trace messages to the border switch 2, the border switch 2 receives 100 trace messages, and the core switch 2, the border switch 3, and the server 2 all receive 80 trace messages, which indicates that a link from the border switch 2 to the core switch 2 has a fault, thereby causing loss of the trace messages.

According to the method, the control equipment sends a fault detection indication message to the server for fault delimitation, the fault indication message is used for indicating the server to send the tracing message by using the fault IP to be traced, the control equipment receives the number of the tracing messages sent by all switches in the network, the number of the tracing messages is obtained by the switches according to a message matching strategy, the message matching strategy is used for matching and counting the tracing messages sent by the server, the message matching strategies on all the switches are the same, and the control equipment determines the switch with the fault according to the number of the tracing messages sent by all the switches. The message matching strategies on all the switches are the same, and the message matching strategies of the switches are not influenced by networking, so that the configuration quantity of the switches is greatly reduced, and the method carries out fault delimitation according to the number of the tracked messages, is simple to realize, and is quick and accurate in delimitation.

On the basis of the first embodiment, optionally, before the control device receives the number of the trace messages sent by each switch in the network, the control device sends an enable indication message to each switch, where the enable indication message is used to indicate the switch to enable the message matching policy. In the method, the message matching strategy on the switch is generally in a non-enabled state, the switch does not perform matching and counting according to the message matching strategy after receiving the message, and the message matching and counting are performed only after the message matching strategy is enabled after receiving the enabling indication message sent by the control equipment.

After the fault delimitation is finished, the switch can automatically disable the message matching strategy. Illustratively, after reporting the number of the trace messages to the control device for a period of time, the switch automatically disables the message matching policy. Or, the switch starts timing after receiving the enable indication message, and automatically disables the message matching policy when a preset time is reached, for example, 30 minutes after receiving the enable indication message.

Optionally, the control device may also send a disabling indication message to each switch after determining the switch with the fault, where the disabling indication message is used to indicate that the switch ignores the message matching policy.

The message matching strategy is enabled when the fault delimitation starts, and the message matching strategy is disabled after the fault delimitation is finished, so that the condition that the switch also matches the received message when the network is not in fault and occupies resources of the switch is avoided.

Of course, in a possible implementation manner of the present application, the message matching policy on the switch may also be in an enabled state all the time, which is not limited in the present application.

Fig. 6 is a flowchart of a network fault delimiting method provided in an embodiment two of the present application, where the embodiment one describes the network fault delimiting method from the perspective of a control device, and this embodiment describes from the perspective of a server, as shown in fig. 6, the method provided in this embodiment includes the following steps:

step S201, the server sends detection messages to other servers in the network.

The network at least includes two servers, and two servers detect each other to determine whether the network fails, the detection message is different from the trace message in the embodiment, the embodiment does not limit the format and content of the detection message, and the detection message may be the same as the quintuple information and DSCP of the existing service message.

Step S202, when the server detects the fault IP pair according to the detection message, the server sends a fault alarm message to the control equipment, wherein the fault alarm message comprises the fault IP pair detected by the server.

There may be multiple failed IP pairs detected by the server.

Step S203, the server receives a fault detection indication message sent by the control device, where the fault detection indication message is used to indicate the server to use a fault IP pair to be tracked to send a tracking packet.

The fault detection indication message includes a fault IP to be tracked, the fault IP pair to be tracked is determined by the server, and the fault IP pair to be tracked and the fault IP pair detected by the server may be the same or different.

And step S204, the server sends N tracking messages, and the IP pair of the tracking message is a fault IP pair to be tracked.

And after receiving the fault detection indication message, the server generates a tracking message according to the fault IP pair to be tracked and sends N tracking messages to the connected switches, wherein N is an integer greater than 1. Optionally, the five-tuple information of the trace message is the same as that of the detection message, and the DSCP of the detection message is different from that of the trace message. If the destination port numbers of the tracking message and the detection message are different, the server and the switch respectively open two ports, and the tracking message and the detection message can be monitored only by respectively monitoring the two ports. When the destination port numbers of the tracking message and the detection message are the same, the server and the switch can only open one port for the tracking message and the detection message, and the tracking message and the detection message can be monitored through the port, so that the number of the opened ports can be reduced by the switch and the server, and the monitoring overhead of the port is further reduced.

In this embodiment, the server sends a detection message to other servers in the network to detect whether the network fails, when the server detects a failed IP pair according to the detection message, the server sends a failure alarm message to the control device, where the failure alarm message includes the failed IP pair detected by the server, and receives a failure detection indication message sent by the control device, where the failure detection indication message is used to indicate the server to send a trace message using the failed IP pair to be traced, and the server sends N trace messages according to the failure detection indication. According to the method, the server automatically detects the network fault and reports the network fault to the control equipment, so that the control equipment can delimit and eliminate the network fault in time, operation and maintenance personnel can find complex network problems, and the operation and maintenance personnel can recover the fault before a client finds the problem as much as possible, and the overall competitiveness of the network is improved.

Fig. 7 is a flowchart of a network fault delimiting method provided in the third embodiment of the present application, where the present embodiment describes the network fault delimiting method from the perspective of a switch, and as shown in fig. 7, the method provided in the present embodiment includes the following steps:

step S301, the switch receives the message sent by the server or other switches.

Step S302, the switch matches the received messages according to a pre-configured message matching strategy, when the tracking messages are matched, the number of the tracking messages is increased by 1, and the message matching strategy is used for indicating the switch to match and count the tracking messages sent by the server.

The message matching strategy can be configured to the switch by the control device in advance, or can be configured to the switch by other devices or management personnel manually. In the method of the embodiment, because the configuration message matching strategies of all the switches are the same, and the control equipment only needs to configure one message matching strategy for each switch, compared with the prior art, the configuration amount is reduced.

The packet matching policy may be a QoS policy, and the QoS policy includes: a high level ACL, flow type and flow action, the flow type and flow action being associated. Wherein the matching options of the high level ACL include at least one of the following information: the source port, the destination port and the DSCP of the trace message to be matched, wherein the flow type is that the received message is matched with a high-level ACL; and the flow is used for counting the number of the matched tracking messages. Optionally, the matching option of the high-level ACL further includes a protocol for tracing the packet.

The switch matches the quintuple information, DSCP and protocol of the received message with the ACL, if the matching is successful, the received message is determined to be a trace message, the number of the trace message is increased by one, if the matching is failed, that is, the received message is determined not to be the trace message, the received message is forwarded, discarded or otherwise processed.

Optionally, before step S302, the switch receives an enable indication message sent by the control device, where the enable indication message is used to indicate an enable message matching policy, and the switch enables the message matching policy according to the enable indication message. If the message matching strategy is always in the enabling state, the control equipment does not need to send an enabling indication message, or the control equipment periodically triggers the fault delimitation, the control equipment can configure a detection period for the switch in advance, and when the detection period is reached, the switch automatically enables the message matching strategy.

And step S303, when the reporting condition is met, the switch sends the number of the matched tracking messages to the control equipment.

Optionally, the reporting condition may be: the switch does not match the number of the tracking messages within the preset time length. After the server receives the fault detection indication message, a certain number of trace messages are continuously sent within a period of time, and after the server stops sending the trace messages, the switch also cannot match the trace messages correspondingly, so that the switch can set a preset time, for example, 5 minutes, and if the switch does not match the trace messages within 5 minutes, the switch determines that the server stops sending the trace messages, and the switch sends the number of the matched trace messages to the control equipment.

Optionally, the reporting condition may also be: and when the switch arrives at a certain time after receiving the enabling indication message, or the switch sends the number of the matched tracking messages to the control equipment after matching the first tracking message for a certain time.

Optionally, the reporting condition may also be: the method comprises the steps that when a switch receives a request message sent by a control device, the number of tracking messages is sent to the control device, the request message is used for requesting the switch to send the number of the matched tracking messages, and the request message is sent to the switch after the control device determines that the tracking messages are sent to the switch.

The control device determines the switch with the fault according to the number of the received trace messages sent by each switch, and the specific implementation manner refers to the related description of the first embodiment.

If the control device sends the enable indication message to the switch, optionally, after the switch sends the number of the trace messages to the control device, the method further includes: the switch receives a disabling indication message sent by the control equipment, the disabling indication message is used for indicating the omission of the message matching strategy, and the switch omits the omission of the message matching strategy according to the disabling indication message.

In the method of the embodiment, the switch receives the messages sent by the server or other switches, matches the received messages according to a pre-configured message matching strategy, adds 1 to the number of the tracking messages when the tracking messages are matched, and the message matching strategy is used for matching and counting the tracking messages sent by the server; and when the reporting condition is met, the switch sends the number of the matched tracking messages to the control equipment. And by reporting the number of the matched messages, the control equipment determines the switch with the fault according to the number of the tracking messages reported by each switch. In the method, the message matching strategies configured by all the switches are the same, so that the configuration quantity of the switches is reduced, and the fault positioning is quick and accurate.

On the basis of the first to third embodiments, fig. 8 is a signaling diagram of a network failure delimiting method provided in the fourth embodiment of the present application, and as shown in fig. 8, the method provided in this embodiment includes the following steps:

step S401, the control device sends configuration information to each switch.

The configuration message is used for configuring a message matching strategy, wherein the message matching strategies of all the switches are the same, the message matching strategies on all the switches are in a non-enabled state in an initial state, and the message matching strategy is used for indicating the switches to match and count the tracking messages sent by the server.

Step S402, the server detects whether a network failure occurs.

The servers send detection messages in pairs to detect network faults, and fault IP pairs with faults can be detected through the detection messages.

Step S403, when detecting that the network failure occurs, the server sends a failure alarm message to the control equipment.

The fault warning message includes a fault IP pair detected by the server.

Step S404, the control device determines a server for performing fault detection and a fault IP pair to be tracked from at least one server according to the received fault IP pair.

Step S405, the control device sends a failure detection instruction message to the server for performing failure detection.

The fault detection indication message is used for indicating the server to use the fault IP pair to be traced to send the tracing message.

Step S406, the control device sends an enable instruction message to each switch.

The enabling indication message is used to indicate the switch to enable the packet matching policy, and it is clear that step S405 and step S406 are not in sequence during execution, and may also be executed simultaneously.

Step S407, the server sends N tracking messages to the switch according to the fault detection indication message.

And the server generates a tracking message according to the fault detection indication message and sends the tracking message to the connected switch.

Step S408, the switch matches the received message with the message matching strategy, and when the tracking message is matched, the number of the tracking message is added by 1.

And step S409, when the report condition is met, the switch sends the number of the matched tracking messages to the control equipment.

And step S410, the control equipment determines the switch with the fault according to the number of the tracking messages sent by each switch.

Step S411, the control device sends a disabling indication message to each switch.

The disabling indication message is used for indicating the switch to omit enabling the message matching strategy.

Fig. 9 is a schematic structural diagram of a control device provided in a fifth embodiment of the present application, and as shown in fig. 9, the control device provided in this embodiment includes:

a sending module 11, configured to send a fault detection indication message to a server for fault definition, where the fault detection indication message is used to indicate that the server sends a trace message by using a to-be-traced fault internet protocol IP pair;

a receiving module 12, configured to receive the number of trace messages sent by each switch in a network, where the number of trace messages is obtained by matching the switches according to a message matching policy, and the message matching policy is used to instruct the switches to match and count the trace messages sent by the server, where the message matching policies on the switches are the same;

and the first determining module 13 is configured to determine a failed switch according to the number of the trace messages sent by each switch.

Optionally, the sending module 11 is further configured to: and sending an enabling indication message to each switch, wherein the enabling indication message is used for indicating the switch to enable the message matching strategy. And sending a disabling indication message to each switch, wherein the disabling indication message is used for indicating the switch to omit the enabling of the message matching strategy.

Optionally, the packet matching policy is a quality of service QoS policy; the QoS policy comprises: an advanced access control list ACL, flow types and flows, said flow types and said flows being associated. Wherein the matching options of the high level ACL include at least one of the following information: and tracking a source port, a destination port and a Differential Server Code Point (DSCP) of the message, wherein the flow type is that the received message is matched with the high-level ACL, and the flow is used for counting the number of the matched tracking messages.

Optionally, at least one of the source port, the destination port, and the DSCP of the trace packet is different from other packets in the network.

Fig. 10 is a schematic structural diagram of a control device according to a sixth embodiment of the present application, and as shown in fig. 10, the control device according to the present embodiment further includes a second determining module 14 on the basis of the control device shown in fig. 9.

The receiving module 12 is further configured to receive a fault warning message sent by at least one server, where the fault warning message includes a fault IP pair detected by the server;

a second determining module 14, configured to determine, according to the faulty IP pair received by the receiving module, a server for performing fault detection and the faulty IP pair to be tracked from the at least one server.

Optionally, the control device further includes a configuration module 15, configured to configure the packet matching policy for each switch.

The control device provided in the embodiment of the present application may be configured to perform operations performed by the control device in the first to fourth embodiments of the method, and specific implementation manners and technical effects are similar and will not be described herein again.

Fig. 11 is a schematic structural diagram of a server according to a seventh embodiment of the present application, and as shown in fig. 11, the server according to the present embodiment includes:

a sending module 21, configured to send a detection packet to other servers in the network;

the sending module 21 is further configured to send a failure warning message to the control device when the server detects a failed IP pair according to the detection packet, where the failure warning message includes the failed IP pair detected by the server;

a receiving module 22, configured to receive a fault detection indication message sent by the control device, where the fault detection indication message is used to instruct the server to send a trace message by using a to-be-traced fault IP pair;

the sending module 21 is further configured to send N tracking packets to the switch, where an IP pair of the tracking packet is the to-be-tracked fault IP pair, and N is an integer greater than 1.

The server provided in this embodiment may be configured to perform operations performed by the server in the first to fourth embodiments of the method, and specific implementation and technical effects are similar and will not be described herein again.

Fig. 12 is a schematic structural diagram of an exchanger according to an eighth embodiment of the present application, and as shown in fig. 12, the exchanger according to this embodiment includes:

a receiving module 31, configured to receive a message sent by a server or another switch;

the matching module 32 is configured to match the received messages according to a preconfigured message matching policy, and add 1 to the number of the tracking messages when the tracking messages are matched, where the message matching policy is used to instruct the switch to match and count the tracking messages sent by the server;

and the sending module 33 is configured to send the number of the trace packets matched by the matching module to the control device when the reporting condition is met.

Optionally, the switch further includes an enabling module; the receiving module is further configured to receive an enabling indication message sent by the control device, where the enabling indication message is used to indicate that the message matching policy is enabled; and the enabling module is used for enabling the message matching strategy according to the enabling indication message.

Optionally, the receiving module 31 is further configured to receive a disabling indication message sent by the control device, where the disabling indication message is used to indicate that the matching policy is omitted from enabling the packet; the enabling module is further configured to omit enabling the message matching policy according to the disabling indication message.

Optionally, the receiving module 31 is further configured to receive a configuration message sent by the control device, where the configuration message is used to configure the message matching policy.

Fig. 13 is a schematic structural diagram of a control device according to a ninth embodiment of the present application, and as shown in fig. 13, the control device according to the present embodiment includes: the control device comprises a processor 41, a memory 42 and a transceiver 43, wherein the memory 42 and the transceiver 43 are connected with and communicate with the processor 41 through a bus, the memory 42 is used for storing instructions, the transceiver 43 is used for communicating with other devices, and the processor 41 is used for executing the instructions stored in the memory 42, so that the control device executes the steps executed by the control device in the above method embodiments.

Fig. 14 is a schematic structural diagram of a server provided in a tenth embodiment of the present application, and as shown in fig. 14, the server provided in this embodiment includes: the processor 51, the memory 52 and the transceiver 53 are connected to and communicate with the processor 51 through a bus, the memory 52 is used for storing instructions, the transceiver 53 is used for communicating with other devices, the processor 51 is used for executing the instructions stored in the memory 52, so that the server executes the steps executed by the server in the foregoing method embodiments, and specific implementation manners and technical effects are similar, and are not described herein again.

Fig. 15 is a schematic structural diagram of a switch provided in an eleventh embodiment of the present application, and as shown in fig. 15, the switch provided in this embodiment includes: the processor 61, the memory 62 and the transceiver 63 are connected to and communicate with the processor 61 through a bus, the memory 62 is used for storing instructions, the transceiver 63 is used for communicating with other devices, and the processor 61 is used for executing the instructions stored in the memory 62, so that the switch executes the steps executed by the switch in the above method embodiments.

A twelfth embodiment of the present application provides a computer-readable storage medium, which is applied to a control device, where the computer-readable storage medium stores instructions, and when the instructions are executed by a computing apparatus, the control device executes the steps executed by the control device in the foregoing method embodiments, and specific implementation manners and technical effects are similar, and are not described herein again.

A thirteenth embodiment of the present application provides a computer-readable storage medium, which is applied in a server, where the computer-readable storage medium stores instructions, and when the instructions are executed by a computing device, the server executes the steps executed by the server in the foregoing method embodiments, and specific implementation manners and technical effects are similar, and are not described herein again.

A fourteenth embodiment of the present application provides a computer-readable storage medium, which is applied to a switch, where the computer-readable storage medium stores instructions, and when the instructions are executed by a computing device, the switch executes the steps executed by the switch in the foregoing method embodiments, and specific implementation manners and technical effects are similar, and are not described herein again.

It is understood that the processor used in the control device, server, or switch of the present application may be a Central Processing Unit (CPU), general purpose processor, Digital Signal Processor (DSP), Application Specific Integrated Circuit (ASIC), Field Programmable Gate Array (FPGA) or other programmable logic device, transistor logic device, hardware component, or any combination thereof. Which may implement or perform the various illustrative logical blocks, modules, and circuits described in connection with the disclosure. The processor may also be a combination of computing functions, e.g., comprising one or more microprocessors, DSPs, and microprocessors, among others.

The bus described herein may be an Industry Standard Architecture (ISA) bus, a Peripheral Component Interconnect (PCI) bus, an Extended ISA (EISA) bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, the buses in the figures of the present application are not limited to only one bus or one type of bus.

In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.

The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.

In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional unit.

Claims

1. A method for fault definition in a network, comprising:

the method comprises the steps that control equipment sends a fault detection indication message to a server for fault delimitation, wherein the fault detection indication message is used for indicating the server to send a tracing message by using a fault Internet Protocol (IP) pair to be traced, and at least one of a source port, a destination port and a Differential Server Code Point (DSCP) of the tracing message is different from other messages in a network;

2. The method according to claim 1, wherein before the controlling device receives the number of trace packets sent by each switch in the network, the method further comprises:

3. The method of claim 2, after determining the failed switch, further comprising:

4. The method according to any one of claims 1 to 3, wherein before the control device sends the fault detection indication message to the server for fault delimitation, the method further comprises:

5. The method according to any one of claims 1 to 3, wherein before the control device sends the fault detection indication message to the server for fault delimitation, the method further comprises:

6. The method according to any of claims 1-3, wherein the packet matching policy is a quality of service, QoS, policy;

the flow type is that the received message is matched with the high-level ACL;

and the flow is used for counting the number of the matched tracking messages.

7. A method for delimiting a network fault, comprising:

the server sends detection messages to other servers in the network;

the server receives a fault detection indication message sent by the control device, wherein the fault detection indication message is used for indicating the server to send a tracking message by using a fault IP pair to be tracked, and at least one of a source port, a destination port and a differential server code point DSCP of the tracking message is different from other messages in the network;

the method comprises the steps that the server sends N tracking messages to the switch so that the switch matches the received messages according to a preconfigured message matching strategy, when the tracking messages are matched, the number of the tracking messages is increased by 1, the message matching strategy is used for indicating the switch to match and count the tracking messages sent by the server, when a reporting condition is met, the switch sends the number of the matched tracking messages to control equipment, the IP pairs of the tracking messages are the IP pairs of faults to be tracked, and N is an integer greater than 1.

8. The method of claim 7, wherein the packet matching policy is a quality of service (QoS) policy;

the flow type is that the received message is matched with the high-level ACL;

and the flow is used for counting the number of the matched tracking messages.

9. A method for delimiting a network fault, comprising:

the switch receives messages sent by a server or other switches;

the switch matches the received messages according to a pre-configured message matching strategy, when the tracking messages are matched, the number of the tracking messages is increased by 1, the message matching strategy is used for indicating the switch to match and count the tracking messages sent by the server, and at least one of a source port, a destination port and a differential server code point DSCP of the tracking messages is different from other messages in the network;

10. The method of claim 9, wherein before the switch matches the received packets according to the packet matching policy, the method further comprises:

11. The method of claim 10, wherein after the switch sends the number of trace packets to the control device, the method further comprises:

12. The method of claim 9, wherein the switch further comprises, before matching the received packets according to a packet matching policy:

13. The method according to any of claims 9-12, wherein the packet matching policy is a quality of service, QoS, policy;

the flow type is that the received message is matched with the high-level ACL;

and the flow is used for counting the number of the matched tracking messages.

14. A control apparatus, characterized by comprising:

a sending module, configured to send a fault detection indication message to a server for fault delimitation, where the fault detection indication message is used to indicate that the server sends a trace packet using a to-be-traced fault internet protocol IP pair, and at least one of a source port, a destination port, and a differential server code point DSCP of the trace packet is different from other packets in a network;

15. The control device of claim 14, wherein the sending module is further configured to:

and sending an enabling indication message to each switch, wherein the enabling indication message is used for indicating the switch to enable the message matching strategy.

16. The control device of claim 15, wherein the sending module is further configured to:

and sending a disabling indication message to each switch, wherein the disabling indication message is used for indicating the switch to omit the enabling of the message matching strategy.

17. The control apparatus according to any one of claims 14 to 16,

the receiving module is further configured to receive a fault alarm message sent by at least one server, where the fault alarm message includes a fault IP pair detected by the server;

the control apparatus further includes:

18. The control apparatus according to any one of claims 14 to 16, characterized by further comprising:

and the configuration module is used for configuring the message matching strategy for each switch.

19. The control device according to any of claims 14-16, wherein the packet matching policy is a quality of service, QoS, policy;

the flow type is that the received message is matched with the high-level ACL;

and the flow is used for counting the number of the matched tracking messages.

20. A server, comprising:

a receiving module, configured to receive a fault detection indication message sent by the control device, where the fault detection indication message is used to indicate that the server sends a trace packet using a to-be-traced fault IP pair, and at least one of a source port, a destination port, and a differential server code point DSCP of the trace packet is different from other packets in the network;

the sending module is further configured to send N tracking messages to the switch, so that the switch matches the received messages according to a preconfigured message matching policy, when the tracking messages are matched, the number of the tracking messages is increased by 1, the message matching policy is used for instructing the switch to match and count the tracking messages sent by the server, when a reporting condition is met, the switch sends the number of the matched tracking messages to the control device, the IP pair of the tracking messages is the to-be-tracked fault IP pair, and N is an integer greater than 1.

21. The server according to claim 20, wherein the packet matching policy is a quality of service (QoS) policy;

the flow type is that the received message is matched with the high-level ACL;

and the flow is used for counting the number of the matched tracking messages.

22. A switch, comprising:

the matching module is used for matching the received messages according to a preconfigured message matching strategy, adding 1 to the number of the tracking messages when the tracking messages are matched, wherein the message matching strategy is used for indicating the switch to match and count the tracking messages sent by the server, and at least one of a source port, a destination port and a differential server code point DSCP of the tracking messages is different from other messages in the network;

23. The switch of claim 22, further comprising an enabling module;

24. The switch according to claim 23,

the receiving module is further configured to receive a disabling indication message sent by the control device, where the disabling indication message is used to indicate that the matching policy for the packet is disabled;

25. The switch according to claim 22,

the receiving module is further configured to receive a configuration message sent by the control device, where the configuration message is used to configure the packet matching policy.

26. The switch according to any of claims 22-25, wherein the packet matching policy is a quality of service, QoS, policy;

the flow type is that the received message is matched with the high-level ACL;

and the flow is used for counting the number of the matched tracking messages.

27. A computer-readable storage medium, for use in a control device, wherein the computer-readable storage medium stores instructions that, when executed by a computing apparatus, cause the control device to perform the method of any of claims 1-6.

28. A computer-readable storage medium for use in a server, the computer-readable storage medium having stored thereon instructions that, when executed by a computing device, cause the server to perform the method of claim 7.

29. A computer-readable storage medium, for use in a switch, the computer-readable storage medium having stored thereon instructions that, when executed by a computing apparatus, cause the switch to perform the method of any of claims 9-13.