CN111901196B - Software Defined Network (SDN) flow monitoring and visualization system - Google Patents

Software Defined Network (SDN) flow monitoring and visualization system Download PDF

Info

Publication number
CN111901196B
CN111901196B CN202010719267.1A CN202010719267A CN111901196B CN 111901196 B CN111901196 B CN 111901196B CN 202010719267 A CN202010719267 A CN 202010719267A CN 111901196 B CN111901196 B CN 111901196B
Authority
CN
China
Prior art keywords
flow
data
sdn
host
port
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010719267.1A
Other languages
Chinese (zh)
Other versions
CN111901196A (en
Inventor
宋超
罗燕鹏
张�浩
刘宏达
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chengdu Shipi Communication Engineering Co ltd
University of Electronic Science and Technology of China
Original Assignee
Chengdu Shipi Communication Engineering Co ltd
University of Electronic Science and Technology of China
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu Shipi Communication Engineering Co ltd, University of Electronic Science and Technology of China filed Critical Chengdu Shipi Communication Engineering Co ltd
Priority to CN202010719267.1A priority Critical patent/CN111901196B/en
Publication of CN111901196A publication Critical patent/CN111901196A/en
Application granted granted Critical
Publication of CN111901196B publication Critical patent/CN111901196B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0876Network utilisation, e.g. volume of load or congestion level
    • H04L43/0894Packet rate
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/04Processing captured monitoring data, e.g. for logfile generation
    • H04L43/045Processing captured monitoring data, e.g. for logfile generation for graphical visualisation of monitoring data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/16Threshold monitoring
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/12Avoiding congestion; Recovering from congestion
    • H04L47/125Avoiding congestion; Recovering from congestion by balancing the load, e.g. traffic engineering
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/22Traffic shaping
    • H04L47/225Determination of shaping rate, e.g. using a moving window

Abstract

The invention relates to a Software Defined Network (SDN) flow monitoring and visualization system, which comprises a flow acquisition module, a flow distribution module, a visualization module and a server, wherein the flow acquisition module is used for acquiring flow; the flow acquisition module is used for acquiring port flow data, host flow data and application flow data of the SDN switch of each subarea machine room, the flow distribution module limits the speed according to a speed limiting mechanism, and the strategy of the speed limiting mechanism is as follows: defining the total flow data of the VIP host as x, the total flow data of the non-VIP host as y, and when x + y is larger than M, limiting the speed of the non-VIP host, wherein y ^ = M-x; the visualization module is used for acquiring data in the database and visually displaying the data on three layers.

Description

Software Defined Network (SDN) flow monitoring and visualization system
Technical Field
The invention relates to the field of network traffic monitoring, in particular to a Software Defined Network (SDN) traffic monitoring and visualization system.
Background
SDN originated from the Clean Slate research topic at stanford university in 2006. In 2009, professor Mckeown formally proposed the SDN concept. With the idea of layering, SDN separates data from control. The control layer comprises a logic centralized and programmable controller, global network information can be mastered, and operators and scientific research personnel can manage and configure the network and deploy new protocols conveniently. At the data plane, dumb (dumb) switches (which, unlike conventional two-layer switches, refer exclusively to devices for forwarding data) are included. The switch only provides a simple data forwarding function, can quickly process matched data packets, and adapts to the increasing demand of flow. The two layers interact with each other by adopting an open unified interface (such as OpenFlow and the like). The controller sends the uniform standard rules to the switch through the standard interface, and the switch only needs to execute corresponding actions according to the rules. Therefore, the SDN technology can effectively reduce the device load, assist the network operator to better control the infrastructure, and reduce the overall operation cost, and is one of the most promising network technologies. SDN is therefore listed by MIT as one of ten innovative technologies that change the world. In a network in a traditional IT architecture, after the network is deployed and brought online according to service requirements, if the service requirements change, IT is a very tedious matter to modify the configuration on corresponding network devices (routers, switches, firewalls) again. In the service environment of the internet/mobile internet, the high stability and the high performance of the network are not enough to meet the service requirement, and the flexibility and the agility are more critical. What SDN does is to separate the control rights on the network devices, manage them by a centralized controller, and shield the differences from the underlying network devices without relying on the underlying network devices (routers, switches, firewalls). The control right is completely open, and the user can customize any network routing and transmission rule strategy to be realized, so that the method is more flexible and intelligent.
In terms of the present, there still exist some shortages in the SDN, in a conventional SDN system, traffic distribution among different users is generally fixed, and the traffic distribution is performed according to a broadband level opened by the user, in some peak periods of using the network, traffic of some users does not reach their corresponding network speeds, for example, a 200M wide user and a 50M wide user, in the peak periods, the 50M wide user may have exceeded its upper limit of the network speed, but the 200M wide user is far from reaching its corresponding network speed.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provide a Software Defined Network (SDN) flow monitoring and visualization system, which can realize flow monitoring of a switch in an SDN system and flow speed limit control so as to realize maximum utilization of flow.
The purpose of the invention is realized by the following technical scheme:
a Software Defined Network (SDN) flow monitoring and visualization system comprises a flow acquisition module, a flow distribution module, a visualization module and a server;
the flow acquisition module is used for acquiring port flow data, host flow data and flow data of application flows of the SDN switches of each subarea computer room, uploading the port flow data, the host flow data and the flow data to a server, and storing the data in a database; each zone machine room SDN switch is respectively provided with an SDN controller for realizing the centralized control of the SDN switch;
the flow distribution module is used for acquiring average flow data within a port time period T of each SDN switch in the database, comparing the average flow data with a threshold M, and starting a speed limiting mechanism when the average flow is greater than the threshold M, wherein M = kD, k represents that a threshold coefficient value is (0, 1), and D is the total port link bandwidth of the SDN switch;
the speed limit mechanism strategy is as follows:
defining the total flow data of the VIP host as x, the total flow data of the non-VIP host as y, and when x + y is larger than M, limiting the speed of the non-VIP host, wherein y = M-x;
the visualization module is used for acquiring data in the database and performing visualization display on the data on three layers.
Further, the traffic collection module obtains port traffic data, host traffic data, and traffic data of an application flow of the SDN switch of each machine room by executing a Python crawler code on the server.
Further, the visualization module respectively displays port traffic data, host traffic data, and application flow traffic data of the SDN switch.
Further, the visualization module may also query port traffic data, host traffic data, and application traffic data, and display traffic data of a corresponding port, a corresponding host, and a corresponding application traffic.
Further, the SDN controller is connected with an ETH port of the SDN switch through a switch.
Further, the speed limit execution of the flow distribution module is to perform speed limit operation on an openflow flow table and a flow table association meter table issued by the device under the SDN switch according to a speed limit mechanism.
The invention has the beneficial effects that: the invention adopts an intelligent flow distribution strategy to realize real-time monitoring, automatic load balancing and real-time control; when the user demand changes, the method can reasonably distribute the bandwidth flow according to the user demand, and improve the bandwidth utilization rate in time; the intelligent flow distribution function can completely ensure the fairness of distribution; when the network is abnormal, the network can ensure the normal internet access requirement of the user; in general, the method has the advantages of improving the network utilization rate, reducing the operation and maintenance cost and workload, intelligently and actively finding out network faults, monitoring and counting network data in real time, reducing the packet loss rate and jitter delay, finding out and preventing network loops in time and reducing the network construction cost.
Drawings
FIG. 1 is a schematic diagram of the system of the present invention;
FIG. 2 is a diagram of a partitioned computer room architecture;
figure 3 is an SDN system overall architecture diagram.
Detailed Description
The technical solution of the present invention is further described in detail with reference to the following specific examples, but the scope of the present invention is not limited to the following.
Referring to fig. 1, a software defined network SDN traffic monitoring and visualization system includes a traffic collection module, a traffic distribution module, a visualization module, and a server;
the flow acquisition module is used for acquiring port flow data, host flow data and flow data of application flows of the SDN switches of each subarea computer room, uploading the port flow data, the host flow data and the flow data to the server, and storing the data in a database; and each zone machine room SDN switch is respectively provided with an SDN controller for realizing the centralized control of the SDN switch.
In the SDN architecture, an SDN controller performs centralized control on control signaling of network equipment through a control-forwarding communication interface, the flow of the control signaling is generated between the controller and the network equipment and is independent of data flow generated by communication between terminals, the network equipment generates a forwarding table through receiving the control signaling and determines the processing of the data flow according to the forwarding table, and a complex distributed network protocol is not needed to be used for deciding data forwarding.
The flow distribution module is used for acquiring average flow data within a port time period T of each SDN switch in the database, comparing the average flow data with a threshold M, and starting a speed limit mechanism when the average flow is greater than the threshold M, where M = kD, k represents that a threshold coefficient takes a value of (0, 1), and D is a total port link bandwidth of the SDN switch.
The strategy of the speed limiting mechanism is as follows:
defining the total flow data of the VIP host as x, the total flow data of the non-VIP host as y, and when x + y is larger than M, limiting the speed of the non-VIP host, wherein y = M-x;
the visualization module is used for acquiring data in the database and performing visualization display on the data on three layers.
Further, the traffic collection module acquires port traffic data, host traffic data, and traffic data of an application flow of the SDN switch of each machine room by executing a Python crawler code on the server.
Further, the visualization module respectively displays port traffic data, host traffic data, and application flow traffic data of the SDN switch.
Furthermore, the visualization module can also query the port traffic data, the host traffic data, and the application flow traffic data, and display the corresponding port, host, and application flow traffic data.
Referring to fig. 2, the SDN controller is connected to the ETH port of the SDN switch through a switch. An SDN controller is deployed in an edge machine room in a distributed deployment manner, and fig. 2 is an overall deployment structure of the SDN controller and an SDN switch in one zone machine room, which is the same as the deployment structure of the other zone machine rooms. In fig. 2, ETH ports of the SDN controller and the SDN switch are respectively connected to the bodka switch, so that the SDN controller can control the SDN switch, and the central office server (i.e., the monitoring host) can also monitor the SDN switch through the bodka switch. In fig. 2, the router is connected to an upstream port of the SDN switch, and a downstream port of the SDN switch is connected to an optical line terminal olt (optical line termination) for connecting to a terminal device of the optical fiber trunk.
Referring to fig. 3, the overall layout is shown in a system, and the supervisory host is connected to the SDN switches of the rooms through the management router. An SDN controller is used for controlling an SDN switch, and SDN distributed controllers are deployed in each zone machine room, and each zone machine room is provided with an SDN control which controls the whole network system environment under one SDN switch of the machine room. Different SDN controllers may be deployed in each tile room to control one SDN switch in the room.
In another aspect, the speed limiting execution of the traffic distribution module is to perform speed limiting operation on an openflow flow table and a flow table association meter table issued by a device under the SDN switch according to a speed limiting mechanism. Monitoring downlink ports of the machine room SDN switches at regular time, and obtaining an average value of flow data of the downlink ports within a certain period of time, wherein the average value of the flow data refers to an average value of port flow data, an average value of host flow data and an average value of flow data of application flows of the SDN switches of each subarea machine room. For example, the measurement may be performed every 10 minutes, and a device under the SDN switch issues an openflow table (flow table) and a meter table according to a fixed algorithm (that is, a rate limiting mechanism) to perform a rate limiting operation. The flow distribution module comprises a data calculation module, issues a flow table and is associated with a meter table module. The invention has a mechanism for monitoring the flow data of the downlink port of the SDN switch at regular time, and the operation of issuing an openflow table and a flow table association meter table to the device under the SDN switch is carried out according to the acquired flow data. Therefore, the invention can realize the speed-limiting operation of the equipment under the SDN switch, effectively and reasonably utilize the bandwidth and avoid the bandwidth waste or congestion phenomenon.
Basic idea of flow control: the hosts in the network can be divided into VIP hosts and non-VIP hosts, where the VIP hosts need protection from speed limit operation and the non-VIP hosts can perform speed limit operation.
The method comprises the following steps:
a flow acquisition module: acquiring data of a downlink port of the SDN switch at regular time, and calculating an average value;
a flow calculation module: the retrieved value is compared to a threshold (e.g., threshold = link bandwidth 80%), and if the port detects that the traffic data of the link is greater than the threshold, the system initiates a rate limiting mechanism. The algorithm of the speed limit is as follows: acquiring the total traffic data of the VIP host and the total traffic data of the non-VIP host in the last monitoring time window from the network traffic monitoring system, wherein the fact that the total traffic data of the VIP host is x and the total traffic data of the non-VIP host is y exceeds a threshold value means that x + y > port link bandwidth 80%, and then limiting the speed of y: y = port link bandwidth 80% -x.
Issuing a flow table and associating a meter table module: and issuing an openflow flow table according to the calculated result (wherein the VIP host issues a flow table which is matched with the ip mask in the openflow table, and the non-VIP host can directly issue a flow table which is matched with the port and is associated with the calculated meter table of the speed limit condition).
The foregoing is illustrative of the preferred embodiments of this invention, and it is to be understood that the invention is not limited to the precise form disclosed herein and that various other combinations, modifications, and environments may be resorted to, falling within the scope of the concept as disclosed herein, either as described above or as apparent to those skilled in the relevant art. And that modifications and variations may be effected by those skilled in the art without departing from the spirit and scope of the invention as defined by the appended claims.

Claims (5)

1. A Software Defined Network (SDN) flow monitoring and visualization system is characterized by comprising a flow acquisition module, a flow distribution module, a visualization module and a server;
the flow acquisition module is used for acquiring port flow data, host flow data and flow data of application flows of the SDN switches of each subarea computer room, uploading the port flow data, the host flow data and the flow data to a server, and storing the data in a database; each zone machine room SDN switch is respectively provided with an SDN controller for realizing the centralized control of the SDN switch;
the flow distribution module is used for acquiring average flow data within a port time period T of each SDN switch in the database, comparing the average flow data with a threshold M, and starting a speed limiting mechanism when the average flow is greater than the threshold M, wherein M = kD, k represents that a threshold coefficient value is (0, 1), and D is the total port link bandwidth of the SDN switch;
the speed limit mechanism strategy is as follows:
defining the total flow data of the VIP host as x, the total flow data of the non-VIP host as y, and when x + y is larger than M, limiting the speed of the non-VIP host, wherein y = M-x;
the visualization module is used for acquiring data in the database and performing visualization display on the data on three layers;
the flow acquisition module acquires port flow data, host flow data and flow data of application flows of the SDN switches of all the machine rooms through Python crawler codes on the execution server.
2. The system of claim 1, wherein the visualization module respectively displays port traffic data, host traffic data, and application flow traffic data of the SDN switch.
3. The SDN traffic monitoring and visualization system according to claim 2, wherein the visualization module is further configured to query port traffic data, host traffic data, and application flow traffic data, and display corresponding port, host, and application flow traffic data.
4. The SDN traffic monitoring and visualization system of claim 3, wherein the SDN controller is connected to an ETH port of an SDN switch through a switch.
5. The system of claim 1, wherein the speed-limiting execution of the traffic distribution module is to issue an openflow flow table and a flow table association meter table to a device under the SDN switch for speed-limiting according to a speed-limiting mechanism.
CN202010719267.1A 2020-07-23 2020-07-23 Software Defined Network (SDN) flow monitoring and visualization system Active CN111901196B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010719267.1A CN111901196B (en) 2020-07-23 2020-07-23 Software Defined Network (SDN) flow monitoring and visualization system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010719267.1A CN111901196B (en) 2020-07-23 2020-07-23 Software Defined Network (SDN) flow monitoring and visualization system

Publications (2)

Publication Number Publication Date
CN111901196A CN111901196A (en) 2020-11-06
CN111901196B true CN111901196B (en) 2022-02-15

Family

ID=73189295

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010719267.1A Active CN111901196B (en) 2020-07-23 2020-07-23 Software Defined Network (SDN) flow monitoring and visualization system

Country Status (1)

Country Link
CN (1) CN111901196B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104580018A (en) * 2015-01-27 2015-04-29 杭州华三通信技术有限公司 Bandwidth adjustment method and device in software-defined network
CN105429886A (en) * 2015-10-30 2016-03-23 南京优速网络科技有限公司 Comprehensive unified flow scheduling system and scheduling method based on SDN
CN105791152A (en) * 2014-12-19 2016-07-20 杭州华三通信技术有限公司 Traffic control method, SDN (Soft Define Network) controller and SDN device
CN106130928A (en) * 2016-06-29 2016-11-16 浪潮集团有限公司 Flow control methods under a kind of SDN and system
CN110213175A (en) * 2019-06-08 2019-09-06 西安电子科技大学 A kind of intelligent managing and control system and management-control method towards knowledge definition network

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9917780B2 (en) * 2013-03-15 2018-03-13 Hewlett Packard Enterprise Development Lp Traffic control across a layer 2 layer 3 boundary in a software defined network

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105791152A (en) * 2014-12-19 2016-07-20 杭州华三通信技术有限公司 Traffic control method, SDN (Soft Define Network) controller and SDN device
CN104580018A (en) * 2015-01-27 2015-04-29 杭州华三通信技术有限公司 Bandwidth adjustment method and device in software-defined network
CN105429886A (en) * 2015-10-30 2016-03-23 南京优速网络科技有限公司 Comprehensive unified flow scheduling system and scheduling method based on SDN
CN106130928A (en) * 2016-06-29 2016-11-16 浪潮集团有限公司 Flow control methods under a kind of SDN and system
CN110213175A (en) * 2019-06-08 2019-09-06 西安电子科技大学 A kind of intelligent managing and control system and management-control method towards knowledge definition network

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
OpenFlow交换机动态共享限速机制的研究;杨骥等;《计算机学报》;20150723(第06期);全文 *

Also Published As

Publication number Publication date
CN111901196A (en) 2020-11-06

Similar Documents

Publication Publication Date Title
US11115273B2 (en) Analytics-driven dynamic network design and configuration
CN106130796B (en) SDN network topology traffic visualization monitoring method and control terminal
CN104363159B (en) A kind of opening virtual network constructing system and method based on software defined network
US10439886B2 (en) Analytics-driven dynamic network design and configuration
EP2992647B1 (en) A method and system to dynamically detect traffic anomalies in a network
CN104753828B (en) A kind of SDN controller, data center systems and routing connection method
EP2774048B1 (en) Affinity modeling in a data center network
CN103873379B (en) A kind of distributed route based on overlay network is anti-to ruin tactics configuring method and system
CN102984057B (en) A kind of Multi-service integration dual-redundancy network system
CN103618677A (en) Network flow regulation method and system
CN104320358A (en) QoS (Quality of Service) business control method in power telecommunication net
EP3217597B1 (en) Method and apparatus for performing an automatic bandwidth management in a communication network
CN106059942A (en) Traffic control method based on load prediction in SDN network
CN105703960A (en) Network function management system based on SDN and method thereof
CN105790990A (en) Method and system for monitoring and managing power distribution and utilization communication business
CN112491702A (en) Multilink intelligent scheduling method and device based on VPP router
CN105119911A (en) Safety authentication method and system based on SDN flow
CN109194590B (en) Network switching system supporting intelligence in network
CN111901196B (en) Software Defined Network (SDN) flow monitoring and visualization system
CN101964736B (en) Exit network framework system of local area network
CN111901195B (en) SDN flow dynamic distribution method and system
CN109302323A (en) A kind of interchanger dynamic monitoring system
CN114039929A (en) Method and device for scheduling service traffic
CN107911313A (en) A kind of method that virtual machine port flow moves outside in private clound
KR101741357B1 (en) Detecting method for anomalous traffic in software defined network and detecting apparatus for anomalous traffic

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant