CN112468353A

CN112468353A - Network accessibility detection method and device

Info

Publication number: CN112468353A
Application number: CN201910848304.6A
Authority: CN
Inventors: 李其玮
Original assignee: Huawei Digital Technologies Suzhou Co Ltd
Current assignee: Huawei Digital Technologies Suzhou Co Ltd
Priority date: 2019-09-09
Filing date: 2019-09-09
Publication date: 2021-03-09
Anticipated expiration: 2039-09-09
Also published as: CN112468353B

Abstract

The embodiment of the application discloses a method and a device for detecting network accessibility, which are used for quickly and accurately detecting the accessibility of a network and judging whether data communication among different network devices in the network can be realized. The method comprises the following steps: when detecting the network accessibility, firstly, network topology information and a routing table of network equipment in a target network are obtained, then a message forwarding state chain comprising message forwarding states and constraint conditions corresponding to each message forwarding state is generated by utilizing the network topology information and the routing table of the network equipment, then, after the source address information of the message and the target address information of the message are obtained, the last message forwarding state of the simulated message forwarded in the network equipment can be obtained according to the source address information of the message, the target address information of the message and the message forwarding state chain, and finally, the last message forwarding state of the obtained message is processed to obtain a detection result whether the message can be reached or not.

Description

Network accessibility detection method and device

Technical Field

The present application relates to the field of communications, and in particular, to a method and an apparatus for detecting network reachability.

Background

At present, the internet is rapidly developed, the application scale of the internet is gradually enlarged, the importance of the internet is higher and higher, people can utilize various different network devices to perform data communication in various aspects in the network, for example, people can chat with friends through the network, students can learn in a way of surfing a lesson, and people can purchase living goods and the like through the network, and in a word, the rapid development of the network brings great convenience to the life, the learning and the work of people.

However, before data communication between different network devices in a network is implemented, it is usually detected whether the network is reachable by manual positioning, and data communication between different network devices in the network can be performed only when the network is reachable. However, the manual detection method is generally low in efficiency and low in detection accuracy. For example, in the case of a virtual extensible local area network (VXLAN), VXLAN is one of the standard technologies of three-layer network virtualization (NVO 3) defined by the Internet Engineering Task Force (IETF), and is essentially a tunneling technology. The original data frame is encapsulated in a User Datagram Protocol (UDP) message after a VXLAN header is added, and the UDP message is forwarded in a transmission mode of a traditional Internet Protocol (IP) network. After the message reaches the destination end point, the outer layer encapsulation part is removed, and the original data frame is delivered to the destination terminal, so that data communication among different terminal devices is realized. At present, before data communication between different Virtual Machines (VMs) in a VXLAN network is implemented, a "ping" command is manually entered to detect whether a corresponding VXLAN network is reachable, and then determine whether data communication between different VMs can be performed. However, due to the rapid development of VXLAN network technology, a data center usually has a large number of VMs, and the deployment of the VMs may also change frequently, and if the detection is performed only by such a manual method, the efficiency is often low, and a situation of typing in an error command is easy to occur, so that the accuracy of the detection result is low.

Disclosure of Invention

The embodiment of the application provides a network reachability detection method and device, which are used for rapidly and accurately detecting the reachability of a network so as to judge whether data communication among different network devices in the network can be realized according to a detection result.

In a first aspect, the present application provides a network reachability detection method, including: when detecting network reachability, network topology information and a routing table of network devices in a target network may be first obtained, where the network topology information refers to physical layout information of various devices interconnected by a transmission medium in the target network, such as a connection relationship between nodes in the network, a bridging domain of each node, a routing forwarding unit, and the like. And then, generating a message forwarding state chain comprising message forwarding states and constraint conditions corresponding to each message forwarding state by using the acquired network topology information and routing table of the network equipment. Then, after the source address information of the message and the destination address information of the message are obtained, the last message forwarding state of the simulated message for forwarding in the network device can be obtained according to the source address information of the message, the destination address information of the message and the message forwarding state chain. And then, the last message forwarding state of the obtained message can be processed by utilizing a manual judgment or machine detection mode so as to obtain a detection result whether the message can reach or not.

Compared with the prior art, the method and the device have the advantages that the forwarding conditions of the message at different stages in the forwarding process are simulated according to the message forwarding state chain, whether at least one effective data transmission path can be generated between the source address and the destination address of the message or not is detected according to the processing result of the last forwarding state, the detection speed is higher, and the accuracy is higher.

In a possible implementation manner, obtaining a last packet forwarding state of an analog packet forwarded in the network device according to source address information of the packet, destination address information of the packet, and a packet forwarding state chain includes: acquiring a node identifier of a message, wherein the node identifier of the message comprises a source node identifier of the message and/or a destination node identifier of the message; and obtaining the last message forwarding state of the simulation message for forwarding in the network equipment according to the source address information of the message, the destination address information of the message, the node identification of the message and the message forwarding state chain. Therefore, by using the node identification of the message, whether the simulation message can be sent or received by the specific node corresponding to the identification can be effectively verified.

In a possible implementation manner, the target network is a virtual extensible local area network VXLAN, the virtual extensible local area network includes a first node, a second node, a first virtual machine and a second virtual machine, the first node is connected with the first virtual machine, and the second node is connected with the second virtual machine; the first virtual machine is a virtual machine for simulating and sending a message, and the second virtual machine is a virtual machine for simulating and receiving the message; the message forwarding state chain comprises one or more of the following message forwarding states:

a first message forwarding state; the first message forwarding state is that the message is received by the first node, and the constraint condition of the first message forwarding state is that the source address information of the message has a corresponding routing table entry in a routing table of the first node;

a second message forwarding state; the second message forwarding state is that the message enters a bridge domain of the first node, and the constraint condition of the second message forwarding state is that the first node has a bridge domain identifier corresponding to the source address information;

a third message forwarding state; the third message forwarding state is that the message is forwarded through a virtual bridge domain interface of the first node, the constraint condition of the third message forwarding state is that a network segment corresponding to the source address information of the message and a network segment corresponding to the destination address information of the message do not belong to the same network segment, and an outlet interface corresponding to the source address information in the routing table entry of the first node is the virtual bridge domain interface of the first node;

a fourth message forwarding state; the fourth message forwarding state is that the message is in a virtual route forwarding unit corresponding to the first node, and the constraint condition of the fourth message forwarding state is that a virtual route forwarding unit identifier corresponding to a virtual bridge domain interface of the first node is arranged in the first node;

a fifth message forwarding state; the fifth message forwarding state is that the message is forwarded through a network virtual edge NVE interface of the first node, and the constraint condition of the fifth message forwarding state is that a VXLAN network identifier of the message is a three-layer VXLAN network identifier, or the VXLAN network identifier of the message is an identifier of a two-layer VXLAN network of a bridging domain of the first node, a network segment corresponding to source address information of the message and a network segment corresponding to destination address information of the message belong to the same network segment, and the previous message forwarding state is a second message forwarding state;

a sixth message forwarding state; the sixth message forwarding state is that the message is in a VXLAN tunnel from the first node to the second node, and the constraint condition of the sixth message forwarding state is that the first node and the second node are different leaf nodes;

a seventh message forwarding state; the seventh message forwarding state is that the message reaches the NVE interface of the second node, and the constraint condition of the seventh message forwarding state is that the message reaches the second node through the VXLAN tunnel, or the first node and the second node are the same leaf node, and the previous message forwarding state is the fifth message forwarding state;

an eighth message forwarding state; the eighth message forwarding state is that the message enters a virtual routing forwarding unit of the second node, and the constraint condition of the eighth message forwarding state is that the VXLAN network identifier of the message is a three-layer VXLAN network identifier;

a ninth message forwarding state; the ninth message forwarding state is that the message is forwarded through a virtual bridge domain interface of the second node, and the constraint condition of the ninth message forwarding state is that the destination address information of the message has a corresponding virtual bridge domain interface in a routing forwarding table of the second node;

a tenth message forwarding state; the tenth message forwarding state is that the message enters a bridging domain of the second node, and the constraint condition of the tenth message forwarding state is that a virtual bridging domain interface of the second node has a corresponding bridging domain identifier, or the VXLAN network identifier of the message is the identifier of a second-layer VXLAN network of the bridging domain of the second node, and the previous message forwarding state is a seventh message forwarding state;

an eleventh message forwarding state; the eleventh message forwarding state is that the message is received by a second virtual machine connected with the second node, and the constraint condition of the eleventh message forwarding state is that the address of the second virtual machine matched with the destination address information exists in a routing table of the second node; or, the eleventh message forwarding state is that the message is received by the network segment to which the second node belongs, and the constraint condition of the eleventh message forwarding state is that the address of the second virtual machine matching the destination address information does not exist in the routing table of the second node, but the network segment corresponding to the bridging domain of the second node matches the destination address information.

In the embodiment of the application, the corresponding forwarding state can be accurately determined according to each constraint condition of the message in the forwarding process by the above method, and then whether at least one effective data transmission path can be generated between the source address and the destination address of the message can be detected according to the processing result of the last forwarding state.

In a possible implementation manner, the source address information of the packet includes: a source Internet Protocol (IP) address of the message or source network segment address information of the message; and/or the destination address information of the message comprises: the destination IP address of the message or the destination network segment address information of the message. Therefore, the verification mode can be diversified, and the accuracy of the target network reachability detection can be improved.

In a possible implementation manner, if the node identifier of the packet includes the source node identifier, the constraint condition of the first packet forwarding state further includes: the identity of the source node matches the first node identity. Therefore, the effective sending of the message can be ensured, and the sending efficiency and the sending accuracy of the simulation message are improved.

In a possible implementation manner, if the node identifier of the packet includes the destination node identifier, the constraint condition of the seventh packet forwarding state further includes: the identification of the destination node matches the identification of the second node. Therefore, effective receiving of the message can be ensured, and the efficiency and accuracy of forwarding the analog message are improved.

In a second aspect, the present application further provides a network reachability detection apparatus, including: a first obtaining unit, configured to obtain network topology information and a routing table of a network device in a target network; the generating unit is used for generating a message forwarding state chain according to the network topology information and the routing table of the network equipment, wherein the message forwarding state chain comprises message forwarding states and constraint conditions corresponding to each message forwarding state; a second obtaining unit, configured to obtain source address information of the message and destination address information of the message; a first obtaining unit, configured to obtain a last packet forwarding state in which the analog packet is forwarded in the network device according to source address information of the packet, destination address information of the packet, and a packet forwarding state chain; and the second obtaining unit is used for obtaining the detection result whether the message can reach according to the last message forwarding state of the message.

In one possible implementation manner, the first obtaining unit includes: a node identifier obtaining subunit, configured to obtain a node identifier of the packet, where the node identifier of the packet includes a source node identifier of the packet and/or a destination node identifier of the packet; the first obtaining subunit is configured to obtain a last packet forwarding state in which the analog packet is forwarded in the network device according to the source address information of the packet, the destination address information of the packet, the node identifier of the packet, and the packet forwarding state chain.

In a possible implementation manner, the target network is a virtual extensible local area network VXLAN, the virtual extensible local area network includes a first node, a second node, a first virtual machine and a second virtual machine, the first node is connected with the first virtual machine, and the second node is connected with the second virtual machine; the first virtual machine is a virtual machine for simulating to send a message, and the second virtual machine is a virtual machine for simulating to receive the message; the message forwarding state chain comprises one or more of the following message forwarding states:

In a possible implementation manner, the source address information of the packet includes: a source Internet Protocol (IP) address of the message or source network segment address information of the message; and/or the destination address information of the message comprises: the destination IP address of the message or the destination network segment address information of the message.

In a possible implementation manner, if the node identifier of the packet includes the source node identifier, the constraint condition of the first packet forwarding state further includes: the identity of the source node matches the first node identity.

In a possible implementation manner, if the node identifier of the packet includes the destination node identifier, the constraint condition of the seventh packet forwarding state further includes: the identification of the destination node matches the identification of the second node.

In a third aspect, the present application further provides a network reachability detection apparatus, where the lane line determination apparatus includes: a memory, a processor and a control unit,

a memory to store instructions; and the processor is used for executing the instructions in the memory and executing the method.

In a fourth aspect, the present application also provides a computer-readable storage medium comprising instructions which, when run on a computer, cause the computer to perform the above-described method.

According to the technical scheme, the embodiment of the application has the following advantages:

when the network accessibility is detected, the network topology information and the routing table of the network device in the target network are firstly obtained, then the network topology information and the routing table of the network device are utilized to generate the message forwarding state chain comprising the message forwarding states and the constraint conditions corresponding to each message forwarding state, then, after the source address information of the message and the target address information of the message are obtained, the last message forwarding state of the simulated message forwarded in the network device can be obtained according to the source address information of the message, the destination address information of the message and the message forwarding state chain, and finally, the last message forwarding state of the obtained message is processed to obtain the detection result whether the message can reach or not. It can be seen that, when performing network reachability detection, the embodiments of the present application simulate forwarding conditions of a message at different stages in a forwarding process according to a message forwarding state chain, and detect whether at least one effective data transmission path can be generated between a source address and a destination address of the message according to a processing result of a last forwarding state.

Drawings

Fig. 1 is a flowchart of a network reachability detection method provided in an embodiment of the present application;

fig. 2 is a schematic structural diagram of a current VXLAN network model;

fig. 3 is a schematic diagram of a packet forwarding state chain according to an embodiment of the present application;

fig. 4 is a schematic diagram for detecting reachability between VMs in different network segments according to an embodiment of the present application;

fig. 5 is a block diagram illustrating a structure of a network reachability detection apparatus according to an embodiment of the present disclosure;

fig. 6 is a schematic structural diagram of a network reachability detection device according to an embodiment of the present application.

Detailed Description

The embodiment of the application provides a network reachability detection method and device, which are used for rapidly and accurately detecting the reachability of a network so as to realize data communication among different VMs in the network according to a detection result.

Embodiments of the present application are described below with reference to the accompanying drawings.

In some network reachability detection methods, detection is usually performed by manually positioning, that is, by manually entering a code command, for example, by manually entering a "ping" command, whether any two network devices in a network are connected, that is, whether the network between the two network devices has reachability is detected. However, this method of detecting network accessibility by manually entering a code command has limited processing capability and strong subjectivity, and is inefficient for a network with a large number of network devices, and a situation may occur where an error detection instruction is manually entered, for example, a "ping" is mistakenly pieced into "pong" or the like, resulting in an error detection result.

In order to solve the above problems, the present application provides a network reachability detection method, which can quickly and accurately detect the reachability of a network. Specifically, the network topology information and the routing table of the network device in the target network are analyzed, so as to generate a message forwarding state chain including message forwarding states and constraint conditions corresponding to each message forwarding state according to an analysis result, then after the source address information of the message and the target address information of the message are obtained, a last message forwarding state simulating the forwarding of the message in the network device is obtained according to the source address information of the message, the destination address information of the message and the message forwarding state chain, and finally, whether the message is reachable or not is detected according to a processing result by processing the last message forwarding state of the obtained message, so that when the network reachability is detected, the forwarding conditions of the message at different stages in the forwarding process are simulated according to the message forwarding state chain, and according to the processing result of the last forwarding state, whether at least one effective data transmission path can be generated between the source address and the destination address of the message is detected.

Referring to fig. 1, a schematic flow chart of a network reachability detection method provided in this embodiment is shown, where the method includes the following steps:

s101: network topology information and a routing table of a network device in a target network are obtained.

In this embodiment, any network that performs network reachability detection by using this embodiment is defined as a target network, and it should be noted that this embodiment does not limit the type of the network, for example, the target network may be a VXLAN network or the like.

Specifically, in order to realize reachability detection on the target network, network topology information and a routing table of a network device in the target network need to be acquired first. The network device refers to a data processing device such as a terminal or a server connected to a target network. The network topology information refers to physical layout information of various devices interconnected by a transmission medium in a target network, such as connection relationships between various nodes in the network, bridging domains and routing forwarding units of the various nodes, and the like.

S102: and generating a message forwarding state chain according to the network topology information and the routing table of the network equipment, wherein the message forwarding state chain comprises message forwarding states and constraint conditions corresponding to each message forwarding state.

In this embodiment, after the network topology information and the routing table of the network device in the target network are obtained in step S101, a packet forwarding state chain may be further generated according to an analysis result by analyzing a connection relationship of each node in the network topology information and data of each routing table entry in the routing table, where the packet may be a data packet that exists in reality and needs to be forwarded, or may also be a simulated virtual data packet used for performing network reachability detection. The chain of message forwarding states includes the different forwarding states that the message reaches in the target network, as well as the forwarding rules between these states that need to be satisfied (which are defined herein as constraints). It should be noted that, for the specific generation process of each packet forwarding state and the corresponding constraint condition, reference may be made to the detailed description of the subsequent embodiments.

S103: and obtaining source address information of the message and destination address information of the message.

In this embodiment, in order to detect the reachability of the target network, source address information of the message and destination address information of the message also need to be acquired. The source address information of the message refers to address information (e.g., IP address information) of a network device (e.g., VM) that sent the message. The destination address information of the message refers to address information (e.g., IP address information) of a network device (e.g., VM) that receives the message.

In an optional implementation manner, the source address information of the packet may include: a source Internet Protocol (IP) address of the message or source network segment address information of the message; and/or the destination address information of the message comprises: the destination IP address of the message or the destination network segment address information of the message.

In this implementation manner, the source address information of the packet refers to an IP address of a network device in the target network that sends the packet or address information of a network segment to which the IP belongs. The destination address information of the message refers to the IP address of the network device receiving the message in the target network or the address information of the network segment to which the IP belongs.

Therefore, the verification mode can be diversified, and the accuracy of the target network reachability detection can be improved.

S104: and obtaining the last message forwarding state of the simulation message for forwarding in the network equipment according to the source address information of the message, the destination address information of the message and the message forwarding state chain.

In this embodiment, each forwarding state of the simulated packet for forwarding in the network device may be obtained according to the obtained source address information of the packet, the destination address information of the packet, and the constraint condition corresponding to each forwarding state of the generated packet. It should be noted that, the specific implementation process of the last packet forwarding state and the corresponding constraint condition may refer to the detailed description of the subsequent embodiments.

It should be noted that, in an alternative implementation manner, the specific implementation process of this step S104 may include the following steps a-B:

step A: and acquiring a node identifier of the message, wherein the node identifier of the message comprises a source node identifier of the message and/or a destination node identifier of the message.

In this implementation manner, in order to accurately obtain the last packet forwarding state, the node identifier of the packet may be first obtained, where the node identifier of the packet includes a node identifier (defined as a source node identifier) connected to the network device that sends the packet and/or includes a node identifier (defined as a destination node identifier) connected to the network device that receives the packet, so as to perform the subsequent step B.

It should be noted that, because the packet may be forwarded between different VMs in the same node, or between different VMs under different nodes, the node identifiers of the packet may be the same or different.

Step B: and obtaining the last message forwarding state of the simulation message for forwarding in the network equipment according to the source address information of the message, the destination address information of the message, the node identification of the message and the message forwarding state chain.

After the node identifier of the packet is obtained in step a, a last packet forwarding state of the simulated packet for forwarding in the network device may be further obtained according to the source address information of the packet, the destination address information of the packet, the node identifier of the packet, and the packet forwarding state chain, and the specific implementation process and the corresponding constraint conditions may be referred to in detail in the following embodiments.

Therefore, by using the node identification of the message, whether the simulation message can be sent or received by the specific node corresponding to the identification can be effectively verified.

S105: and obtaining a detection result whether the message can reach according to the last message forwarding state of the message.

In this embodiment, after the last packet forwarding state of the analog packet forwarded in the network device is obtained in step S104, the last packet forwarding state may be analyzed in the following two determination manners, so as to determine whether the packet is reachable according to the analysis result.

The first judgment method is a manual judgment method, and specifically, the last message forwarding state is analyzed manually to judge whether the message can be received by the network segment to which the target address belongs and/or can be received by the network node connected to the target address, so as to judge whether the message can be reached in the target network.

The first judgment method is to perform judgment by machine detection, specifically, the obtained last packet forwarding state may be used as target data, and source address information, destination address information, each packet forwarding state, corresponding constraint conditions, and node identifiers of the packet may be used together as input data, which is input to the Z3 model, a transmission path capable of forwarding the packet is generated by the model, and the last forwarding state of the corresponding packet in the path is consistent with the last packet forwarding state generated in the above step, so as to obtain a reachable detection result of the packet.

Or, if it is detected in step S105 that the packet is not successfully received by the network segment to which the destination address belongs or the network node to which the destination address is connected, for example, by manual detection or Z3 model detection, a transmission path capable of forwarding the packet is not generated, which indicates that a network is unreachable, that is, a network isolation situation occurs, such as a "network firewall" in actual application, that is, the network isolation function can be implemented.

In summary, in the network reachability detection method provided in this embodiment, when detecting the network reachability, first, network topology information and a routing table of a network device in a target network are obtained, then, a packet forwarding state chain including a packet forwarding state and a constraint condition corresponding to each packet forwarding state is generated by using the network topology information and the routing table of the network device, then, after obtaining source address information of a packet and target address information of the packet, a last packet forwarding state simulating packet forwarding in the network device may be obtained according to the source address information of the packet, destination address information of the packet, and the packet forwarding state chain, and finally, a detection result whether the packet can reach is obtained by processing the last packet forwarding state of the obtained packet. It can be seen that, in the network reachability detection, forwarding conditions of a message at different stages in a forwarding process are simulated according to a message forwarding state chain, and whether at least one effective data transmission path can be generated between a source address and a destination address of the message is detected according to a processing result of a last forwarding state.

It should be noted that, in a possible implementation manner of the present application, the target network may be a virtual extensible local area network VXLAN, and the VXLAN includes a first node, a second node, a first virtual machine, and a second virtual machine, where the first node is connected to the first virtual machine, and the second node is connected to the second virtual machine; the first virtual machine is a virtual machine for simulating sending of a message, the second virtual machine is a virtual machine for simulating receiving of the message, that is, in the VXLAN, the routing table of the first node includes address information of the first virtual machine, the routing table of the second node includes address information of the second virtual machine, and the first node and the second node have a connection relationship or are the same node.

Specifically, referring to fig. 2, the structure of a VXLAN network is shown, wherein a Border Gateway Protocol (BGP) based neighbor pair is established between a first node 201 and a second node 202. A two-layer tunnel is established between nodes with the same two-layer VXLAN Network Identifier (VNI) so as to realize message forwarding in the same two-layer domain; three-layer tunnels are established among nodes with different three-layer VNIs to realize message forwarding between different two-layer domains. The VM accesses a Bridge Domain (BD) through a two-layer subinterface, the BD having a corresponding two-layer VNI; BD is bound to Virtual Routing and Forwarding (VRF) through a corresponding bridge domain interface (BD interface, bdif), and the VRF uses a bound three-layer VNI to distinguish different tenants.

(1) The communication process between the VMs across the node and the network segment (for example, when the first virtual machine is VM1203, and the second virtual machine is VM3205, the message forwarding process is performed between the first virtual machine VM1203 and the second virtual machine VM 3205) is as follows:

the first node 201 and the second node 202 serve as Virtual Tunnel End Points (VTEPs) of a VXLAN network, a VXLAN Tunnel is established between the two nodes, and VXLAN two-layer gateways are deployed on the first node 201 and the second node 202, so that mutual communication between different Virtual machines (such as a first Virtual machine VM1 and a second Virtual machine VM3) in the same network segment can be realized. In this case, the backbone node 207 serves only as a forwarding node for the VXLAN packet, does not sense the presence of the VXLAN tunnel, and may be any three-layer network device.

(2) The communication process between VMs in different network segments of the same node (for example, when the first virtual machine is VM1203, and the second virtual machine is VM2204, the message forwarding process is performed between the first virtual machine VM1203 and the second virtual machine VM2204) is as follows:

the first node 201 serves as a VTEP of the VXLAN network, and a VXLAN three-layer gateway is deployed on the first node 201, so that mutual communication between different network segments VM (such as the first virtual machine VM1203 and the second virtual machine VM2204) under the first node 201 can be realized. At this time, when VM1203 and VM2204 access each other, traffic only needs to be forwarded at first node 201, and does not need to pass through backbone node 207 any more, thereby saving a large amount of bandwidth resources.

(3) Communication processes between VMs in different network segments across nodes (for example, when the first virtual machine is VM1203, and the second virtual machine is VM4206, a packet forwarding process is performed between VM1203 and VM4206) are as follows:

first node 201 and second node 202 act as VTEPs for the VXLAN network, with a VXLAN three-layer gateway deployed on first node 201 and second node 202. A VXLAN tunnel is dynamically established between the two VXLAN three-layer gateways through BGP, and host routing information suspended by the gateway is issued to other BGP neighbors through a remote-nexthop attribute of BGP, thereby implementing mutual communication between VMs (e.g., first virtual machine VM1203 and second virtual machine VM4206) in different network segments across nodes.

In the VXLAN network, the routing table of each node (e.g., the first node 201 and the second node 202) may include a destination IP, an egress interface, and the like, and specific examples thereof are shown in table 1 below:

destination IP	Outlet interface	Next hop	Type (B)
				a.1.1.1.1/32	vxlan	null	local
b.2.2.2.2/32	vxlan	null	connected
				c.192.168.10.0/24	vbdif10	null	connected
d.192.168.10.1/32	vbdif10	null	local
				e.192.168.10.10/32	vbdif10	null	connected
f.192.168.20.0/24	vxlan	2.2.2.2	evpn

TABLE 1

The IP address in the destination IP refers to an IP address of a VM having a connection relationship with a corresponding node. And when the output interface vxlan in a indicates that the destination IP address is 1.1.1.1/32, the message needs to be sent to the interface of the two-layer gateway nve for forwarding, and local indicates a local interface, namely a local nve interface. b, when the output interface vxlan indicates that the destination address is 2.2.2.2/32, the message needs to be sent to an nve interface for forwarding, and connected indicates a direct connection interface, namely a remote nve interface. c indicates that the 192.168.10.0/24IP address is directly connected locally, and message forwarding needs to be carried out through an outgoing interface vbdif 10. d denotes an interface with a local presence IP address of 192.168.10.1/32. e represents that the VM host locally exists at 192.168.10.10/32, and the message is forwarded through the vbdif 10. f indicates that packets (packets) arriving at IP address 192.168.20.0/24 need to be forwarded to the next node over nve interface.

Based on this, in the process of simulating sending a message by using the first virtual machine and receiving the message by using the second virtual machine, a forwarding state chain of the message may be generated, where the forwarding state chain includes one or more message forwarding states, and next, this embodiment will describe the message forwarding states one by one with reference to fig. 3:

1. a first message forwarding state; the first message forwarding state is that the message is received by the first node, and the constraint condition of the first message forwarding state is that the source address information of the message has a corresponding routing table entry in a routing table of the first node.

Specifically, referring to fig. 3, the first node is a left host node, and when the address information of the first virtual machine simulating the sending of the message is included in the routing table of the host node, it indicates that the message can be received by the first node, and at this time, the message forwarding state is defined as a first message forwarding state srchost (host).

In an optional implementation manner, if the node identifier of the packet includes a source node identifier, the constraint condition of the first packet forwarding state further includes: the identity of the source node matches the first node identity.

In this implementation manner, if the node identifier of the packet includes a source node identifier connected to the VM that sends the packet, if it is desired to receive the packet by the first node, it is further required to satisfy a condition that the source node identifier is consistent with the first node identifier, that is, it is ensured that the VM that sends the packet can be connected to the first node, so that the packet data can be routed and forwarded through the first node.

Therefore, the effective sending of the message can be ensured, and the sending efficiency and the sending accuracy of the simulation message are improved.

2. A second message forwarding state; and the second message forwarding state is that the message enters a bridging domain of the first node, and the constraint condition of the second message forwarding state is that the first node has a bridging domain identifier corresponding to the source address information.

Specifically, referring to fig. 3, when the first node host has a BD id corresponding to address information of the VM which simulates sending out a message, it indicates that the message can enter the BD of the host node. At this time, the packet forwarding state is defined as a second packet forwarding state SrcBd (host, bd). It should be noted that, in the actual forwarding process of the VXLAN network, the message of the VM enters the BD of the corresponding host node through the two-layer subinterface.

3. A third message forwarding state; the third message forwarding state is that the message is forwarded through a virtual bridge domain interface of the first node, the constraint condition of the third message forwarding state is that a network segment corresponding to the source address information of the message and a network segment corresponding to the destination address information of the message do not belong to the same network segment, and an outlet interface corresponding to the source address information in the routing table entry of the first node is the virtual bridge domain interface of the first node.

Specifically, referring to fig. 3, when the network segment to which the address information of the VM that simulates sending the message belongs and the network segment to which the address information of the VM that receives the message belongs are the same network segment, it indicates that the message can be forwarded through the virtual bridge domain interface vbdif of the first node host, and at this time, the message forwarding state is defined as a third message forwarding state SrcVbdif (host, vbdif).

4. A fourth message forwarding state; and the fourth message forwarding state is that the message is in a virtual routing forwarding unit corresponding to the first node, and the constraint condition of the fourth message forwarding state is that a virtual routing forwarding unit identifier corresponding to a virtual bridge domain interface of the first node is arranged in the first node.

Specifically, referring to fig. 3, when the identifier of the virtual routing forwarding unit vrf corresponding to the virtual bridging domain interface vbdif of the first node host exists in the first node host, it indicates that the packet is in the virtual routing forwarding unit vrf corresponding to the first node host, at this time, the packet forwarding state is defined as a fourth packet forwarding state SrcVrf (host, vrf), and further, three-layer forwarding may be performed by querying a routing table of the network (see the detailed description of steps (2) and (3)).

5. A fifth message forwarding state; wherein, the fifth message forwarding state is that the message is forwarded through the network virtual edge NVE interface of the first node, the constraint condition of the fifth message forwarding state is that the VXLAN network identifier of the message is a three-layer VXLAN network identifier, or the VXLAN network identifier of the message is an identifier of a two-layer VXLAN network of the bridging domain of the first node, and the network segment corresponding to the source address information of the message and the network segment corresponding to the destination address information of the message belong to the same network segment, and the previous message forwarding state is the second message forwarding state

Specifically, referring to fig. 3, when the VXLAN network identifier of the message is a three-layer VXLAN network identifier, or when the VXLAN network identifier of the message is an identifier of a two-layer VXLAN network of the bridge domain BD of the first node host, and a network segment to which address information of a VM that sends the message belongs and a network segment to which address information of a VM that receives the message belongs belong, and the previous message forwarding state is a second message forwarding state, it indicates that the message is forwarded through the network virtual edge NVE interface of the first node host, that is, the message may be sent to a VXLAN tunnel for two-layer or three-layer forwarding, and at this time, the message forwarding state is defined as a fifth message forwarding state SrcNve (host, NVE), and the specific forwarding process may be described in the above step (1).

6. A sixth message forwarding state; the sixth message forwarding state is that the message is in a VXLAN tunnel from the first node to the second node, and the constraint condition of the sixth message forwarding state is that the first node and the second node are different leaf nodes.

Specifically, when the first node host and the second node host are different leaf nodes, as shown in fig. 3, a VXLAN tunnel may be established between the two nodes by using an existing or future related protocol, and a packet may be in the VXLAN tunnel from the first node to the second node, and a forwarding state of the packet at this time is defined as a sixth packet forwarding state InTunnel (h1, n1, h2, n 2).

7. A seventh message forwarding state; the seventh message forwarding state is that the message reaches the NVE interface of the second node, and the constraint condition of the seventh message forwarding state is that the message reaches the second node through the VXLAN tunnel, or the first node and the second node are the same leaf node, and the previous message forwarding state is the fifth message forwarding state.

Specifically, as shown in fig. 3, when the first node host and the second node host are different leaf nodes and the packet arrives at the second node through the VXLAN tunnel therebetween (i.e. the packet is not in the VXLAN tunnel from the first node to the second node), or when the first node host and the second node host are the same leaf node and the previous packet forwarding state is the fifth packet forwarding state, it indicates that the packet has arrived at the NVE interface of the second node, and at this time, the forwarding state of the packet may be defined as a seventh packet forwarding state dstnv (host, NVE).

In an optional implementation manner, if the node identifier of the packet includes the destination node identifier, the constraint condition of the seventh packet forwarding state further includes: the identification of the destination node matches the identification of the second node.

In this implementation manner, if the node identifier of the packet includes the destination node identifier connected to the VM that receives the packet, if it is desired to receive the packet by the second node, it is further required to satisfy the condition that the destination node identifier is consistent with the second node identifier, that is, it is ensured that the VM that receives the packet can be connected to the second node, so that the packet data can be routed and forwarded by the second node.

Therefore, effective receiving of the message can be ensured, and the efficiency and accuracy of forwarding the analog message are improved.

8. An eighth message forwarding state; the eighth message forwarding state is that the message enters a virtual routing forwarding unit of the second node, and the constraint condition of the eighth message forwarding state is that the VXLAN network identifier of the message is a three-layer VXLAN network identifier.

Specifically, as shown in fig. 3, when the VXLAN network identifier of the packet is a three-layer VXLAN network identifier, it indicates that the packet enters the virtual routing forwarding unit vrf of the second node host, which indicates that the packet is forwarded through three layers, and the routing forwarding table of the lookup network is sent to the virtual bridging domain interface vbdif corresponding to the second node, and at this time, the forwarding state of the packet may be defined as an eighth packet forwarding state DstVrf (host, vrf).

9. A ninth message forwarding state; the ninth message forwarding state is that the message is forwarded through a virtual bridge domain interface of the second node, and the constraint condition of the ninth message forwarding state is that destination address information of the message has a corresponding virtual bridge domain interface in a routing forwarding table of the second node.

Specifically, as shown in fig. 3, when the destination address information of the packet has a corresponding virtual bridging domain interface vbdif in the routing forwarding table of the second node host, it indicates that the packet can be forwarded through the virtual bridging domain interface of the second node. At this time, the forwarding state of the packet may be defined as a ninth packet forwarding state DstVbdif (host, vbdif).

10. A tenth message forwarding state; the tenth message forwarding state is that the message enters a bridging domain of the second node, and the constraint condition of the tenth message forwarding state is that a virtual bridging domain interface of the second node has a corresponding bridging domain identifier, or the VXLAN network identifier of the message is an identifier of a second-layer VXLAN network of the bridging domain of the second node, and the previous message forwarding state is the seventh message forwarding state.

Specifically, as shown in fig. 3, when the virtual bridging domain interface vbdif of the second node host has the corresponding identifier of the bridging domain BD, or the identifier of the VXLAN network of the packet is the identifier of the two-layer VXLAN network of the bridging domain BD of the second node, and the previous packet forwarding state is the seventh packet forwarding state, it indicates that the packet enters the bridging domain BD of the second node host, and at this time, the forwarding state of the packet may be defined as the tenth packet forwarding state DstBd (host, BD), that is, it indicates that the packet is sent to the VM which can receive the packet.

11. An eleventh message forwarding state; the eleventh message forwarding state is that the message is received by a second virtual machine connected with the second node, and the constraint condition of the eleventh message forwarding state is that the address of the second virtual machine matched with the destination address information exists in a routing table of the second node; or, the eleventh message forwarding state is that the message is received by the network segment to which the second node belongs, and the constraint condition of the eleventh message forwarding state is that the address of the second virtual machine matching the destination address information does not exist in the routing table of the second node, but the network segment corresponding to the bridging domain of the second node matches the destination address information.

Specifically, when the address of the second virtual machine matching the destination address information exists in the routing table of the second node host, that is, when a VM exists on the second node host and can receive the current message, it indicates that the message can be received by the second virtual machine connected to the second node, at this time, the forwarding state of the message may be defined as dsthost, which further indicates that a host node exists in the current Overlay network and can receive the current message, and the current state may be defined as eleventh message forwarding state, which is (host).

Or, when the address of the second virtual machine matching with the destination address information does not exist in the routing table of the second node host, but the network segment corresponding to the bridge domain BD of the second node host matches with the destination address information, it indicates that the packet can be received by the network segment to which the second node host belongs, at this time, the forwarding state of the packet may be defined as dstnetworkaccep (host), and further indicates that a host node does not exist in the current Overlay network, and does not exist a VM capable of receiving the current packet, but the corresponding network segment can receive the current packet, and the current state may be defined as an eleventh packet forwarding state networkaccep (host).

Therefore, the corresponding forwarding state can be accurately determined according to each constraint condition of the message in the forwarding process through the 11 steps, and whether at least one effective data transmission path can be generated between the source address and the destination address of the message or not can be detected according to the processing result of the last forwarding state.

Next, to facilitate understanding of specific implementation processes of the above steps of the present application, referring to fig. 4, for example, to detect whether the VM1403 and VM2404 of different network segments under different Leaf nodes Leaf _1401 and Leaf _2402 are reachable, the following detailed description is made:

the routing table of Leaf node Leaf _1401 is shown in table 2 below:

TABLE 2

The routing table of the Leaf node Leaf2402 is shown in table 3 below:

destination IP	Outlet interface	Next hop	Type (B)
				1.1.1.1/32	vxlan	null	connected
2.2.2.2/32	vxlan	null	local
				192.168.10.0/24	vxlan	1.1.1.1	evpn
192.168.20.0/24	Vbdif20	null	connected
				192.168.20.1/32	Vbdif20	null	local
192.168.20.20/32	Vbdif20	null	connected

TABLE 3

At present, 192.168.10.10, 192.168.20.20, leaf _1401, leaf _2402, and hostcapt are used as input parameters to verify whether VM1403 to VM2404 are reachable, and then by executing the above steps 1 to 11, the forwarding states of the message can be obtained as follows:

1. the first message forwarding state is SrcHost (leaf)₁)。

2. The second message forwarding state is SrcBd (leaf)₁,bd₁)。

3. The third message forwarding state is SrcVbdif (leaf)₁,vbdif₁₀)。

4. The fourth message forwarding state is SrcVrf (leaf)₁,v rf₁)。

5. The fifth message forwarding state is SrcNve (leaf)₁,nve₁)。

6. The sixth message forwarding state is InTunnel (leaf)₁,nve₁,leaf₂,nve₂) At this time, a VXLAN Tunnel exists between the Leaf node Leaf _1401 and the Leaf node Leaf _ 2402.

7. Seventh message Forwarding statusIs DstNve (leaf)₂,nve₂)。

8. The eighth message forwarding state is DstVrf (leaf)₂,vrf₂)。

9. The ninth message forwarding state is DstVbdif (leaf)₂,vbdif₂)。

10. The tenth message forwarding state is DstBd (leaf)₂,bd₂)。

11. And the eleventh message forwarding state is HostAccept.

For a specific implementation process, reference may be made to the detailed descriptions of the foregoing step 1 to step 11, which are not described herein again.

Based on this, the query target is the hostiaccept, and the Leaf node Leaf _2402 is set as the destination node, further, the source address information, the destination address information, the above 11 message forwarding states and the corresponding constraint conditions, and the node identifier of the obtained message may be converted into the data conforming to the input data format of the Z3 model, for example, the first message forwarding state SrcHost (Leaf)₁) And converting into SrcHost _ leaf _1 and the like, inputting all converted data serving as input data into a Z3 model, and obtaining an output value Query representing a detection result through a Z3 model, wherein the representation form of the output value is not limited in the application. For example, the number "1" or the chinese character "true" may be used as an output value Query to represent that a slave first packet forwarding state SrcHost (Leaf) may be generated between the VM1403 and VM2404 of different network segments under Leaf nodes Leaf _1401 and Leaf _2402₁) A path to the last packet forwarding state, that is, a transmission path capable of implementing packet forwarding under the condition of satisfying the input condition is generated, and the specific path is as follows:

meanwhile, the number "0" or the Chinese character "false" may be used as an output value Query to represent that a path from the first message forwarding state SrcHost (Leaf1) to the last message forwarding state hostcacept cannot be generated between the VM1403 and VM2404 of different network segments under the Leaf nodes Leaf _1401 and Leaf _ 2402.

To facilitate better implementation of the above-described aspects of the embodiments of the present application, the following also provides relevant means for implementing the above-described aspects. Referring to fig. 5, a network reachability detection apparatus 500 according to an embodiment of the present application is provided. The apparatus 500 may comprise: a first acquisition unit 501, a generation unit 502, a second acquisition unit 503, a first acquisition unit 504, and a second acquisition unit 505. The first obtaining unit 501 is configured to execute S101 in the embodiment shown in fig. 1. The generating unit 502 is used to execute S102 in the embodiment shown in fig. 1. The second obtaining unit 503 is configured to execute S103 in the embodiment shown in fig. 1. The first obtaining unit 504 is configured to execute S104 in the embodiment shown in fig. 1. The second obtaining unit 505 is configured to execute S105 in the embodiment shown in fig. 1. In particular, the method comprises the following steps of,

a first obtaining unit 501, configured to obtain network topology information and a routing table of a network device in a target network;

a generating unit 502, configured to generate a message forwarding state chain according to network topology information of the network device and a routing table, where the message forwarding state chain includes message forwarding states and constraint conditions corresponding to each message forwarding state;

a second obtaining unit 503, configured to obtain source address information of a packet and destination address information of the packet;

a first obtaining unit 504, configured to obtain a last packet forwarding state simulating forwarding of the packet in the network device according to the source address information of the packet, the destination address information of the packet, and the packet forwarding state chain;

a second obtaining unit 505, configured to obtain, according to a last packet forwarding state of the packet, a detection result whether the packet is reachable.

In one implementation manner of this embodiment, the first obtaining unit 504 includes:

a node identifier obtaining subunit, configured to obtain a node identifier of the packet, where the node identifier of the packet includes a source node identifier of the packet and/or a destination node identifier of the packet;

the first obtaining subunit is configured to obtain a last packet forwarding state in which the analog packet is forwarded in the network device according to the source address information of the packet, the destination address information of the packet, the node identifier of the packet, and the packet forwarding state chain.

In an implementation manner of this embodiment, the target network is a virtual extensible local area network VXLAN, where the virtual extensible local area network includes a first node, a second node, a first virtual machine, and a second virtual machine, the first node is connected to the first virtual machine, and the second node is connected to the second virtual machine; the first virtual machine is a virtual machine for simulating to send a message, and the second virtual machine is a virtual machine for simulating to receive the message; the message forwarding state chain comprises one or more of the following message forwarding states:

In an implementation manner of this embodiment, the source address information of the packet includes: a source Internet Protocol (IP) address of the message or source network segment address information of the message; and/or the destination address information of the message comprises: the destination IP address of the message or the destination network segment address information of the message.

In an implementation manner of this embodiment, if the node identifier of the packet includes a source node identifier, the constraint condition of the first packet forwarding state further includes: the identity of the source node matches the first node identity.

In an implementation manner of this embodiment, if the node identifier of the packet includes the destination node identifier, the constraint condition of the seventh packet forwarding state further includes: the identification of the destination node matches the identification of the second node.

To sum up, in the network reachability detection apparatus provided in this embodiment of the application, when detecting network reachability, first network topology information and a routing table of a network device in a target network are obtained, then a packet forwarding state chain including packet forwarding states and constraint conditions corresponding to each packet forwarding state is generated by using the network topology information and the routing table of the network device, then, after obtaining source address information of a packet and target address information of the packet, a last packet forwarding state of an analog packet forwarded in the network device may be obtained according to the source address information of the packet, destination address information of the packet, and the packet forwarding state chain, and finally, a detection result of whether the packet is reachable is obtained by processing the last packet forwarding state of the obtained packet. It can be seen that, in the network reachability detection, forwarding conditions of a message at different stages in a forwarding process are simulated according to a message forwarding state chain, and whether at least one effective data transmission path can be generated between a source address and a destination address of the message is detected according to a processing result of a last forwarding state.

Referring to fig. 6, an embodiment of the present application provides a network reachability detection device 600 that includes a memory 601, a processor 602, and a communication interface 603,

a memory 601 for storing instructions;

a processor 602 for executing instructions in the memory 601 to perform the network reachability detection method described above as applied to the embodiment shown in fig. 1;

a communication interface 603 for performing communication.

The memory 601, the processor 602, and the communication interface 603 are connected to each other by a bus 604; the bus 604 may be a Peripheral Component Interconnect (PCI) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown in FIG. 6, but this is not intended to represent only one bus or type of bus.

In a specific embodiment, the processor 602 is configured to, when detecting network reachability, first obtain network topology information and a routing table of a network device in a target network, then generate a packet forwarding state chain including packet forwarding states and constraint conditions corresponding to each packet forwarding state by using the network topology information and the routing table of the network device, then, after obtaining source address information of a packet and target address information of the packet, obtain a last packet forwarding state simulating packet forwarding in the network device according to the source address information of the packet, destination address information of the packet, and the packet forwarding state chain, and further, process the last packet forwarding state of the obtained packet to obtain a detection result whether the packet is reachable. For a detailed processing procedure of the processor 602, please refer to the detailed description of S101, S102, S103, S104, and S105 in the embodiment shown in fig. 1, which is not repeated herein.

The memory 601 may be a random-access memory (RAM), a flash memory (flash), a read-only memory (ROM), an erasable programmable read-only memory (EPROM), an electrically erasable programmable read-only memory (EEPROM), a register (register), a hard disk, a removable hard disk, a CD-ROM, or any other form of storage medium known to those skilled in the art.

The processor 602 may be, for example, a Central Processing Unit (CPU), a general purpose processor, a Digital Signal Processor (DSP), an application-specific integrated circuit (ASIC), a Field Programmable Gate Array (FPGA), other programmable logic devices (FPGAs), a transistor logic device, a hardware component, or any combination thereof. Which may implement or perform the various illustrative logical blocks, modules, and circuits described in connection with the disclosure. A processor may also be a combination of computing functions, e.g., comprising one or more microprocessors, a DSP and a microprocessor, or the like.

The communication interface 603 may be, for example, an interface card or the like, and may be an ethernet (ethernet) interface or an Asynchronous Transfer Mode (ATM) interface.

Embodiments of the present application also provide a computer-readable storage medium, which includes instructions that, when executed on a computer, cause the computer to execute the network reachability detection method.

The terms "first," "second," "third," "fourth," and the like in the description and in the claims of the present application and in the drawings described above, if any, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It will be appreciated that the data so used may be interchanged under appropriate circumstances such that the embodiments described herein may be practiced otherwise than as specifically illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.

It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.

In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other manners. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one type of logical module division, and other division manners may be available in actual implementation, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.

The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be obtained according to actual needs to achieve the purpose of the solution of the present embodiment.

In addition, each module unit in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a hardware form, and can also be realized in a software module unit form.

The integrated unit, if implemented as a software module unit and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on such understanding, the technical solution of the present application may be substantially implemented or contributed to by the prior art, or all or part of the technical solution may be embodied in a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.

Those skilled in the art will recognize that, in one or more of the examples described above, the functions described in this invention may be implemented in hardware, software, firmware, or any combination thereof. When implemented in software, the functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium. Computer-readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one place to another. A storage media may be any available media that can be accessed by a general purpose or special purpose computer.

The above-described embodiments are intended to explain the objects, aspects and advantages of the present invention in further detail, and it should be understood that the above-described embodiments are merely exemplary embodiments of the present invention.

The above embodiments are only used for illustrating the technical solutions of the present application, and not for limiting the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present application.

Claims

1. A method for network reachability detection, the method comprising:

acquiring network topology information and a routing table of network equipment in a target network;

generating a message forwarding state chain according to the network topology information of the network equipment and a routing table, wherein the message forwarding state chain comprises message forwarding states and constraint conditions corresponding to each message forwarding state;

acquiring source address information of a message and destination address information of the message;

obtaining a last message forwarding state simulating the forwarding of the message in the network equipment according to the source address information of the message, the destination address information of the message and the message forwarding state chain;

and obtaining a detection result whether the message can reach according to the last message forwarding state of the message.

2. The method of claim 1, wherein obtaining a last forwarding state of the packet that simulates forwarding the packet in the network device according to the source address information of the packet, the destination address information of the packet, and the packet forwarding state chain comprises:

acquiring a node identifier of the message, wherein the node identifier of the message comprises a source node identifier of the message and/or a destination node identifier of the message;

and obtaining the last message forwarding state simulating the forwarding of the message in the network equipment according to the source address information of the message, the destination address information of the message, the node identification of the message and the message forwarding state chain.

3. The method according to claim 1, wherein the target network is a virtual extensible local area network (VXLAN) comprising a first node, a second node, a first virtual machine, and a second virtual machine, the first node being connected to the first virtual machine, the second node being connected to the second virtual machine; the first virtual machine is a virtual machine for simulating to send the message, and the second virtual machine is a virtual machine for simulating to receive the message;

the message forwarding state chain comprises one or more of the following message forwarding states:

a first message forwarding state; the first message forwarding state is that the message is received by a first node, and the constraint condition of the first message forwarding state is that the source address information of the message has a corresponding routing table entry in a routing table of the first node;

a third message forwarding state; the third message forwarding state is that the message is forwarded through a virtual bridge domain interface of the first node, and the constraint condition of the third message forwarding state is that a network segment corresponding to source address information of the message and a network segment corresponding to destination address information of the message do not belong to the same network segment, and an outlet interface corresponding to the source address information in the routing table entry of the first node is the virtual bridge domain interface of the first node;

a fourth message forwarding state; the fourth message forwarding state is that the message is in a virtual routing forwarding unit corresponding to the first node, and the constraint condition of the fourth message forwarding state is that the first node has a virtual routing forwarding unit identifier corresponding to the virtual bridge domain interface of the first node;

a fifth message forwarding state; the fifth message forwarding state is that the message is forwarded through a network virtual edge NVE interface of the first node, and the constraint condition of the fifth message forwarding state is that a VXLAN network identifier of the message is a three-layer VXLAN network identifier, or that the VXLAN network identifier of the message is an identifier of a two-layer VXLAN network of the bridging domain of the first node, and a network segment corresponding to source address information of the message and a network segment corresponding to destination address information of the message belong to the same network segment, and the previous message forwarding state is a second message forwarding state;

a sixth message forwarding state; the sixth message forwarding state is that the message is in a VXLAN tunnel from the first node to a second node, and the constraint condition of the sixth message forwarding state is that the first node and the second node are different leaf nodes;

a seventh message forwarding state; the seventh message forwarding state is that the message reaches an NVE interface of a second node, and the constraint condition of the seventh message forwarding state is that the message reaches the second node through the VXLAN tunnel, or the first node and the second node are the same leaf node, and the previous message forwarding state is a fifth message forwarding state;

an eighth message forwarding state; the eighth message forwarding state is that the message enters a virtual routing forwarding unit of the second node, and the constraint condition of the eighth message forwarding state is that a VXLAN network identifier of the message is a three-layer VXLAN network identifier;

a ninth message forwarding state; the ninth packet forwarding state is that the packet is forwarded through a virtual bridge domain interface of a second node, and a constraint condition of the ninth packet forwarding state is that destination address information of the packet has a corresponding virtual bridge domain interface in a routing forwarding table of the second node;

a tenth message forwarding state; the tenth packet forwarding state is that the packet enters a bridging domain of the second node, and the constraint condition of the tenth packet forwarding state is that a virtual bridging domain interface of the second node has a corresponding bridging domain identifier, or a VXLAN network identifier of the packet is an identifier of a layer two VXLAN network of the bridging domain of the second node, and a previous packet forwarding state is a seventh packet forwarding state;

an eleventh message forwarding state; the eleventh message forwarding state is that the message is received by a second virtual machine connected to the second node, and a constraint condition of the eleventh message forwarding state is that an address of the second virtual machine matching the destination address information exists in a routing table of the second node; or, the eleventh packet forwarding state is that the packet is received by the network segment to which the second node belongs, and a constraint condition of the eleventh packet forwarding state is that an address of a second virtual machine matching the destination address information does not exist in a routing table of the second node, but a network segment corresponding to the bridge domain of the second node matches the destination address information.

4. The method according to claim 1 or 2,

the source address information of the message includes:

the source Internet Protocol (IP) address of the message or the source network segment address information of the message; and/or the presence of a gas in the gas,

the destination address information of the message includes:

and the destination IP address of the message or the destination network segment address information of the message.

5. The method of claim 2, wherein if the node identifier of the packet comprises the source node identifier, the constraints of the first packet forwarding state further comprise:

the identity of the source node matches the first node identity.

6. The method according to claim 2, wherein if the node identifier of the packet includes the destination node identifier, the constraint condition of the seventh packet forwarding state further includes:

the identification of the destination node matches the identification of the second node.

7. A network reachability detection apparatus, comprising:

a first obtaining unit, configured to obtain network topology information and a routing table of a network device in a target network;

a generating unit, configured to generate a message forwarding state chain according to network topology information of the network device and a routing table, where the message forwarding state chain includes message forwarding states and constraint conditions corresponding to each message forwarding state;

a second obtaining unit, configured to obtain source address information of a message and destination address information of the message;

a first obtaining unit, configured to obtain a last packet forwarding state simulating forwarding of the packet in the network device according to source address information of the packet, destination address information of the packet, and the packet forwarding state chain;

and the second obtaining unit is used for obtaining a detection result whether the message can reach according to the last message forwarding state of the message.

8. The apparatus of claim 7, wherein the first obtaining unit comprises:

and the first obtaining subunit is configured to obtain a last packet forwarding state simulating forwarding of the packet in the network device according to the source address information of the packet, the destination address information of the packet, the node identifier of the packet, and the packet forwarding state chain.

9. The apparatus of claim 7, wherein the target network is a virtual extensible local area network (VXLAN) comprising a first node, a second node, a first virtual machine, and a second virtual machine, wherein the first node is connected to the first virtual machine, and wherein the second node is connected to the second virtual machine; the first virtual machine is a virtual machine for simulating to send the message, and the second virtual machine is a virtual machine for simulating to receive the message;

10. The apparatus according to claim 7 or 8,

the source address information of the message includes:

the destination address information of the message includes:

11. The apparatus of claim 8, wherein if the node identifier of the packet comprises the source node identifier, the constraints of the first packet forwarding state further comprise:

the identity of the source node matches the first node identity.

12. The apparatus of claim 8, wherein if the node identifier of the packet comprises the destination node identifier, the constraint of the seventh packet forwarding state further comprises:

13. A network reachability detection apparatus, comprising a memory, a processor;

the memory to store instructions;

the processor, configured to execute the instructions in the memory, to perform the method of any of claims 1-6.

14. A computer-readable storage medium comprising instructions that, when executed on a computer, cause the computer to perform the method of any of claims 1-6 above.