CN112073989A - SDN drainage-based flow auditing method - Google Patents
SDN drainage-based flow auditing method Download PDFInfo
- Publication number
- CN112073989A CN112073989A CN202010851036.6A CN202010851036A CN112073989A CN 112073989 A CN112073989 A CN 112073989A CN 202010851036 A CN202010851036 A CN 202010851036A CN 112073989 A CN112073989 A CN 112073989A
- Authority
- CN
- China
- Prior art keywords
- flow
- drainage
- auditing
- network
- sdn
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W24/00—Supervisory, monitoring or testing arrangements
- H04W24/08—Testing, supervising or monitoring using real traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W24/00—Supervisory, monitoring or testing arrangements
- H04W24/10—Scheduling measurement reports ; Arrangements for measurement reports
Abstract
The invention provides a flow auditing method based on SDN drainage, which controls a network by a software defined network technology SDN, draws the flow to be audited to an auditing UPF channel according to the drainage standard of an operator and the actual demand according to the drainage quantity of the operator, and then adopts a bypass light splitting mode to send only one backup of the flow concerned by a service to a flow auditing platform for auditing, thereby reducing the influence on an original link, not influencing the existing network structure, solving the problem that the existing flow auditing method can not realize the on-demand auditing, having better flexibility and higher auditing efficiency.
Description
Technical Field
The invention belongs to the technical field of computer networks, and particularly relates to a flow auditing method based on SDN drainage.
Background
The 5G is used as the development direction of a new generation of mobile communication technology, and further meets the massive requirements of future Internet of things application on the basis of improving the service experience of mobile Internet users, and is deeply integrated with industries such as industry, medical treatment and traffic. The 5G provides a peak speed at least ten times of 4G, a transmission delay of millisecond level and a connecting capability of billion level with a brand-new mobile communication system architecture, and realizes new jump of network performance. The 5G brand-new network architecture has thousands of times of data flow increase and richer service application scenes, greatly improves the networking flexibility of operators and reduces the cost. Meanwhile, the difficulty of 5G core network flow audit is increased.
In a traditional flow auditing architecture, all network flow data are acquired in a hard-wired direct light splitting mode, and then all the network flow data are audited through a series of technologies. However, the traffic data of the 5G network is huge, and although the conventional traffic auditing technology can be applied to traffic auditing of the 5G network, the conventional hard-wired method is still adopted, all network traffic needs to be collected and audited, and on-demand auditing of the traffic cannot be realized, so that the defect of low auditing efficiency is caused.
Disclosure of Invention
In order to solve the problems, the invention provides a flow auditing method based on SDN drainage, which realizes the flow drainage as required, and has better flexibility and higher auditing efficiency.
A flow auditing method based on SDN drainage comprises the following steps:
after receiving an audit requirement initiated by a service management application, an operator interface draws the flow to be audited in the wireless access network to an audit UPF channel according to an operator drainage standard issued by the service management application, and draws the conventional flow without audit to the conventional UPF channel; wherein the operator interface is a switch or an orchestrator supporting software defined network technology, SDN;
after the optical splitter backs up the flow to be checked in a bypass light splitting mode, the flow to be checked enters the switch through an audit UPF channel, and the flow obtained through backup enters a flow audit platform for auditing;
and the conventional flow enters the switch through a conventional UPF channel, merges with the to-be-audited flow and then enters the operator data network.
Further, the operator drainage standard includes a mobile phone number, a source IP address, and a destination IP address.
Further, when the radio access network is a 5G network, the operator drainage standard further includes a network slice ID.
Has the advantages that:
1. the invention provides a flow auditing method based on SDN drainage, which controls a network by a software defined network technology SDN, draws the flow to be audited to an auditing UPF channel according to the drainage standard of an operator and the actual demand according to the drainage quantity of the operator, and then adopts a bypass light splitting mode to send only one backup of the flow concerned by a service to a flow auditing platform for auditing, thereby reducing the influence on an original link, not influencing the existing network structure, solving the problem that the existing flow auditing method can not realize the on-demand auditing, having better flexibility and higher auditing efficiency.
2. The flexible flow auditing method based on SDN drainage provided by the invention fully considers the flexibility and the openness of a 5G network architecture, and aims at the problem that the existing flow auditing method can not realize on-demand auditing, the on-demand flow traction is realized by using SDN and 5G network open interfaces and taking a network slice ID as a standard, and compared with other flow auditing technologies, the method is more suitable for a 5G network.
Drawings
Fig. 1 is a flow chart of a flow auditing method based on SDN drainage provided by the present invention;
fig. 2 is a flow of a flow auditing platform provided by the present invention.
Detailed Description
In order to make the technical solutions better understood by those skilled in the art, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application.
An SDN (Software Defined Network) is a novel Network architecture, and a design concept thereof is to separate a control plane of a Network from a data forwarding plane, so that programmable control of underlying hardware is realized through a Software platform in an integrated controller, and flexible Network resource allocation as required is realized. In the SDN network, the network device is only responsible for pure data forwarding, and may adopt general hardware, while the operating system originally responsible for control is abstracted to an independent network operating system, and is responsible for adapting to different service characteristics, and the communication between the network operating system, the service characteristics, and the hardware device may be implemented through programming.
The flexible flow auditing framework based on SDN drainage changes the mode that the traditional hard-wired shunt equipment audits flow, utilizes the 5G network openness and SDN technology to control the network by software, draws the drainage quantity as required, achieves the aim of auditing the flow concerned by business, is well suitable for the 5G network, and greatly improves the auditing capacity and efficiency.
Fig. 1 is a schematic flow chart of a flexible traffic auditing method based on SDN drainage according to the present invention. The drainage process in the invention is mainly the drainage stage of an operator, drainage standards are issued through service management application, and the method comprises the following steps:
after receiving an audit requirement initiated by a service management application, an operator interface draws the flow to be audited in the radio access network RAN to an audit UPF channel and draws the conventional flow without audit to the conventional UPF channel according to an operator drainage standard issued by the service management application; wherein the operator interface is a switch CE or an orchestrator supporting software defined network technology SDN;
after the optical splitter backs up the flow to be checked in a bypass light splitting mode, the flow to be checked enters the exchanger CE through the auditing UPF channel, and the flow obtained by backup enters a flow auditing platform for auditing;
and the conventional flow enters the exchanger CE through a conventional UPF channel, merges with the flow to be checked and then enters the operator data network DN.
It should be noted that the invention mainly utilizes 5G network open interface and software defined capability SDN to realize the on-demand traffic pulling; in an SDN environment, a service management application is used as a centralized controller to manage various network devices by a standardized interface, an OpenFlow protocol followed by an operator drainage standard is a standard followed by communication between an operator interface and the service management application, and the standard comprises a standard of information interaction and an interface standard of the service management application and a switch CE; the service management application controls a flow table in a switch CE supporting the SDN through OpenFlow, so that the purpose of controlling data forwarding is achieved; the UPF channel is a 5G core network user plane function and is mainly responsible for routing forwarding and Qos flow mapping of data traffic, and the traffic needing auditing in the invention is user actual service data on a user plane.
Furthermore, in the drainage scheme of the invention, firstly, an UPF channel used for auditing needs to be preset for an operator, and under the control of service management application based on an SDN, when traffic needs to be audited, the traffic is introduced into the preset audit UPF channel, and if no audit task exists, the audit UPF channel is idle; meanwhile, in order to reduce the influence on the original link, the invention adopts a bypass light splitting mode to obtain a copy of the original flow needing auditing in the wireless access network, and the existing network structure cannot be influenced.
It should be noted that, the operator interface divides the traffic of the radio access network into the traffic to be audited and the regular traffic that does not need to be audited according to the operator drainage standard issued by the service management application, where the operator drainage standard can be obtained according to several arrangement modes predetermined with the operator, such as a mobile phone number (specific person), a source IP address set (specific area), a destination IP address set (specific application) or other traffic-related traffic; in addition, if the wireless access network is a 5G network, when the traffic needing to be audited in a 5G network bearer network needs to be introduced into an audit UPF channel, the traffic can be divided into the to-be-audited metering traffic and the conventional traffic according to the network slice ID; the flow is directed as required, and then returned to the switch CE, which forwards all the flow to the operator data network DN.
It should be noted that the network slices are different functional networks cut out according to actual requirements under the existing 5G network conditions, are applied to different scenes, and are independent of each other, and each network slice has a relative default slice ID for distinguishing, so that if the invention is applied to a 5G network, the invention can also perform on-demand drainage through the specific network slice ID of the 5G network.
Further, as shown in fig. 2, the flow auditing platform mainly includes several functions of flow collection, protocol reduction, rule matching, metadata extraction, monitoring log output, and the like; the flow auditing platform acquires the flow in the auditing UPF channel through the optical splitter, and can audit the flow in the auditing UPF channel on the basis of not influencing the original flow on the wireless access network; a monitoring log is generated by analyzing a large amount of communication metadata in the traffic, and then the monitoring log is stored in a database or forwarded to a back end, and the back end system performs mining, association, deep analysis and other work so as to discover security incidents, criminal behaviors and the like.
Therefore, the invention provides a flexible flow auditing method based on SDN drainage, which audits flow by combining open interfaces of SDN and 5G network and adopting a bypass light splitting mode through a drainage strategy based on SDN; the method comprises the steps that a switch CE supporting the SDN pulls flow to be audited to an audit UPF channel according to a standard issued by service management application, and flexible flow guiding is achieved; the flow auditing platform obtains a copy of the flow in the auditing UPF channel by using the optical splitter, collects, analyzes, classifies and analyzes the copy, generates a monitoring log and realizes a complete flow auditing system.
That is to say, the invention fully considers the flexibility of the 5G network architecture, and aims at the problem that the existing flow auditing method can not realize the on-demand auditing, the SDN and 5G network open interfaces are utilized to realize the on-demand traction of the flow, and compared with other flow auditing technologies, the invention is more suitable for the 5G network.
The present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof, and it will be understood by those skilled in the art that various changes and modifications may be made herein without departing from the spirit and scope of the invention as defined in the appended claims.
Claims (3)
1. A flow auditing method based on SDN drainage is characterized by comprising the following steps:
after receiving an audit requirement initiated by a service management application, an operator interface draws the flow to be audited in the wireless access network to an audit UPF channel according to an operator drainage standard issued by the service management application, and draws the conventional flow without audit to the conventional UPF channel; wherein the operator interface is a switch or an orchestrator supporting software defined network technology, SDN;
after the optical splitter backs up the flow to be checked in a bypass light splitting mode, the flow to be checked enters the switch through an audit UPF channel, and the flow obtained through backup enters a flow audit platform for auditing;
and the conventional flow enters the switch through a conventional UPF channel, merges with the to-be-audited flow and then enters the operator data network.
2. The SDN drainage based traffic auditing method of claim 1 where the operator drainage criteria include a mobile phone number, a source IP address, and a destination IP address.
3. The SDN drainage based traffic auditing method of claim 2 where the operator drainage criteria further comprises a network slice ID when the radio access network is a 5G network.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010851036.6A CN112073989A (en) | 2020-08-21 | 2020-08-21 | SDN drainage-based flow auditing method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010851036.6A CN112073989A (en) | 2020-08-21 | 2020-08-21 | SDN drainage-based flow auditing method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112073989A true CN112073989A (en) | 2020-12-11 |
Family
ID=73659673
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010851036.6A Pending CN112073989A (en) | 2020-08-21 | 2020-08-21 | SDN drainage-based flow auditing method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112073989A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112615763A (en) * | 2020-12-28 | 2021-04-06 | 广州西麦科技股份有限公司 | Network time delay arrangement system and method based on SPFA algorithm |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105337958A (en) * | 2015-09-24 | 2016-02-17 | 陈鸣 | Network security audit and access system based on Openflow, network security audit method based on Openflow, and network security access method based on Openflow |
| US20170093487A1 (en) * | 2015-09-30 | 2017-03-30 | Juniper Networks, Inc. | Packet routing using optical supervisory channel data for an optical transport system |
| CN107968785A (en) * | 2017-12-03 | 2018-04-27 | 浙江工商大学 | A kind of method of defending DDoS (Distributed Denial of Service) attacks in SDN data centers |
| CN109617865A (en) * | 2018-11-29 | 2019-04-12 | 中国电子科技集团公司第三十研究所 | A kind of network security monitoring and defence method based on mobile edge calculations |
| US20190313479A1 (en) * | 2017-03-31 | 2019-10-10 | Telefonaktiebolaget Lm Ericsson (Publ) | Application topology aware user plane selection in nr and 5gc |
| CN110417759A (en) * | 2019-07-16 | 2019-11-05 | 广东申立信息工程股份有限公司 | A kind of method of IDC information security management |
| CN111181799A (en) * | 2019-10-14 | 2020-05-19 | 腾讯科技(深圳)有限公司 | Network traffic monitoring method and equipment |
-
2020
- 2020-08-21 CN CN202010851036.6A patent/CN112073989A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105337958A (en) * | 2015-09-24 | 2016-02-17 | 陈鸣 | Network security audit and access system based on Openflow, network security audit method based on Openflow, and network security access method based on Openflow |
| US20170093487A1 (en) * | 2015-09-30 | 2017-03-30 | Juniper Networks, Inc. | Packet routing using optical supervisory channel data for an optical transport system |
| US20190313479A1 (en) * | 2017-03-31 | 2019-10-10 | Telefonaktiebolaget Lm Ericsson (Publ) | Application topology aware user plane selection in nr and 5gc |
| CN107968785A (en) * | 2017-12-03 | 2018-04-27 | 浙江工商大学 | A kind of method of defending DDoS (Distributed Denial of Service) attacks in SDN data centers |
| CN109617865A (en) * | 2018-11-29 | 2019-04-12 | 中国电子科技集团公司第三十研究所 | A kind of network security monitoring and defence method based on mobile edge calculations |
| CN110417759A (en) * | 2019-07-16 | 2019-11-05 | 广东申立信息工程股份有限公司 | A kind of method of IDC information security management |
| CN111181799A (en) * | 2019-10-14 | 2020-05-19 | 腾讯科技(深圳)有限公司 | Network traffic monitoring method and equipment |
Non-Patent Citations (1)
| Title |
|---|
| 李青: ""5G组网方案研究"", 《电信科学》, pages 2 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112615763A (en) * | 2020-12-28 | 2021-04-06 | 广州西麦科技股份有限公司 | Network time delay arrangement system and method based on SPFA algorithm |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109600262B (en) | Resource self-configuration and self-optimization method and device in URLLC transmission network slice | |
| CN101176305B (en) | Distributed communication service system and method for analyzing communication service flow | |
| Li et al. | Link capacity allocation and network control by filtered input rate in high-speed networks | |
| EP2629554A1 (en) | Service control method and system, evolved nodeb and packet data network gateway | |
| CN106972985B (en) | Method for accelerating data processing and forwarding of DPI (deep packet inspection) equipment and DPI equipment | |
| US20080056144A1 (en) | System and method for analyzing and tracking communications network operations | |
| US20070115916A1 (en) | Method and system for optimizing a network based on a performance knowledge base | |
| CN103546343B (en) | The network traffics methods of exhibiting of network traffic analysis system and system | |
| CN1642335A (en) | Mixed wireless resource management method for mobile communication system | |
| CN108900374A (en) | A kind of data processing method and device applied to DPI equipment | |
| CN104780469A (en) | Link switching and resource allocation method of audio/video data in multi-network transmission | |
| CN112073989A (en) | SDN drainage-based flow auditing method | |
| CN108280018A (en) | A kind of node workflow communication overhead efficiency analysis optimization method and system | |
| CN110868323B (en) | Bandwidth control method, device, equipment and medium | |
| CN101309220A (en) | Flow control method and apparatus | |
| CN109348486B (en) | Heterogeneous wireless network resource allocation method | |
| CN103812688A (en) | Alarm determining method and device | |
| CN111127250A (en) | Electric power data monitoring event analysis system and method | |
| US11153214B2 (en) | In service flow capability update in guaranteed bandwidth multicast network | |
| CN111756642A (en) | Network traffic scheduling system and method based on DPI and machine learning | |
| CN102045131A (en) | Service linkage control system and method | |
| CN114630391B (en) | Communication method, device and system under network co-establishment sharing scene and sharing base station | |
| CN110753007B (en) | QoS-based flow strategy configuration method and device | |
| CN113395169B (en) | 5g network slicing method of smart power grid | |
| CN114554496A (en) | 5G network slice resource allocation method based on machine learning |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |