CN112468353B

CN112468353B - Network reachability detection method and device

Info

Publication number: CN112468353B
Application number: CN201910848304.6A
Authority: CN
Inventors: 李其玮
Original assignee: Huawei Digital Technologies Suzhou Co Ltd
Current assignee: Huawei Digital Technologies Suzhou Co Ltd
Priority date: 2019-09-09
Filing date: 2019-09-09
Publication date: 2023-11-21
Anticipated expiration: 2039-09-09
Also published as: CN112468353A

Abstract

The embodiment of the application discloses a network reachability detection method and device, which are used for rapidly and accurately detecting the reachability of a network and judging whether data communication among different network devices in the network can be realized or not. The method comprises the following steps: when detecting the network reachability, firstly acquiring network topology information and a routing table of network equipment in a target network, then generating a message forwarding state chain comprising message forwarding states and constraint conditions corresponding to each message forwarding state by utilizing the network topology information and the routing table of the network equipment, then acquiring source address information of the message and target address information of the message, obtaining a last message forwarding state of a simulated message for forwarding in the network equipment according to the source address information of the message, the target address information of the message and the message forwarding state chain, and finally processing the last message forwarding state of the obtained message to obtain a detection result of whether the message is reachable or not.

Description

Network reachability detection method and device

Technical Field

The present application relates to the field of communications, and in particular, to a method and apparatus for detecting network reachability.

Background

At present, the development of the internet is rapid, the application scale of the internet is gradually enlarged, the importance of the internet is higher, people can utilize various different network devices to conduct data communication in various aspects in the network, for example, people can chat with friends through the network, students can learn through the internet lessons, and people can purchase articles for daily use through the network, so that in a word, the rapid development of the network brings great convenience to the life, study and work of people.

However, before implementing data communication between different network devices in a network, it is generally detected whether the network is reachable by using a manual positioning method, and only if the network is ensured to be reachable, the data communication between the different network devices in the network can be performed. However, this manual detection method is generally low in efficiency and low in detection accuracy. For example, taking a virtual extensible local area network (virtual extensible local area network, VXLAN) as an example, VXLAN is one of the three-layer network virtualization (network virtualization over layer, nvo 3) standard technologies defined by the internet engineering task force (the internet engineering task force, IETF), essentially a tunneling technology. The original data frame is encapsulated in a user datagram protocol (user datagram protoco, UDP) message after being added with a VXLAN header, and the UDP message is forwarded in a transmission mode of a traditional Internet protocol (internet protocol, IP) network. After the message reaches the destination end point, removing the part of the outer layer encapsulation, and delivering the original data frame to the target terminal so as to realize data communication among different terminal devices. At present, before data communication between different Virtual Machines (VMs) in a VXLAN network is implemented, a mode of manually typing a "ping" command is generally utilized to detect whether a corresponding VXLAN network is reachable, so as to determine whether data communication between different VMs is possible. However, due to the rapid development of VXLAN network technology, there are a large number of VMs in the data center, and deployment of the VMs also varies frequently, and if the detection is performed only by this manual method, the efficiency is low, and the situation of typing in an incorrect command easily occurs, so that the accuracy of the detection result is low.

Disclosure of Invention

The embodiment of the application provides a network reachability detection method and device, which are used for rapidly and accurately detecting the reachability of a network so as to judge whether data communication between different network devices in the network can be realized according to a detection result.

In a first aspect, the present application provides a network reachability detection method, including: when detecting the network reachability, firstly, network topology information and a routing table of network devices in a target network can be obtained, wherein the network topology information refers to physical layout information of various devices interconnected by transmission media in the target network, such as connection relations among nodes in the network, bridge domains of the nodes, a routing forwarding unit and the like. And then, generating a message forwarding state chain comprising message forwarding states and constraint conditions corresponding to each message forwarding state by using the acquired network topology information and routing table of the network equipment. Then, after the source address information of the message and the destination address information of the message are obtained, the last message forwarding state of the simulated message for forwarding in the network device can be obtained according to the source address information of the message, the destination address information of the message and the message forwarding state chain. And further, the last message forwarding state of the obtained message can be processed by utilizing a manual judgment or machine detection mode so as to obtain a detection result of whether the message is reachable or not.

Compared with the prior art, the embodiment of the application simulates the forwarding conditions of the message at different stages in the forwarding process according to the message forwarding state chain, and detects whether at least one effective data transmission path can be generated between the source address and the destination address of the message according to the processing result of the last forwarding state, thereby having faster detection speed and higher accuracy.

In one possible implementation manner, obtaining a last message forwarding state of the analog message for forwarding in the network device according to the source address information of the message, the destination address information of the message and the message forwarding state chain includes: acquiring a node identifier of a message, wherein the node identifier of the message comprises a source node identifier of the message and/or a destination node identifier of the message; and obtaining the last message forwarding state of the simulated message for forwarding in the network equipment according to the source address information of the message, the destination address information of the message, the node identification of the message and the message forwarding state chain. Therefore, by using the node identification of the message, whether the analog message can be sent or received by the specific node corresponding to the identification can be effectively verified.

In a possible implementation manner, the target network is a virtual extensible local area network VXLAN, and the virtual extensible local area network includes a first node, a second node, a first virtual machine and a second virtual machine, where the first node is connected with the first virtual machine, and the second node is connected with the second virtual machine; the first virtual machine is a virtual machine simulating sending out the message, and the second virtual machine is a virtual machine simulating receiving the message; the message forwarding state chain includes one or more of the following message forwarding states:

A first message forwarding state; the first message forwarding state is that the message is received by the first node, and the constraint condition of the first message forwarding state is that the source address information of the message has a corresponding routing table entry in a routing table of the first node;

a second message forwarding state; the second message forwarding state is that the message enters the bridging domain of the first node, and the constraint condition of the second message forwarding state is that the first node has a bridging domain identifier corresponding to the source address information;

a third message forwarding state; the third message forwarding state is that the message is forwarded through the virtual bridge domain interface of the first node, the constraint condition of the third message forwarding state is that the network segment corresponding to the source address information of the message and the network segment corresponding to the destination address information of the message do not belong to the same network segment, and the output interface corresponding to the source address information in the routing table entry of the first node is the virtual bridge domain interface of the first node;

a fourth message forwarding state; the fourth message forwarding state is that the message is in a virtual route forwarding unit corresponding to the first node, and the constraint condition of the fourth message forwarding state is that the first node is provided with a virtual route forwarding unit identifier corresponding to a virtual bridging domain interface of the first node;

A fifth message forwarding state; the fifth message forwarding state is that the message is forwarded through the network virtual edge NVE interface of the first node, the constraint condition of the fifth message forwarding state is that the VXLAN network identifier of the message is three-layer VXLAN network identifier, or the VXLAN network identifier of the message is the identifier of two-layer VXLAN network of the bridge domain of the first node, the network segment corresponding to the source address information of the message and the network segment corresponding to the destination address information of the message belong to the same network segment, and the previous message forwarding state is the second message forwarding state;

a sixth message forwarding state; the sixth message forwarding state is that the message is in a VXLAN tunnel from the first node to the second node, and the constraint condition of the sixth message forwarding state is that the first node and the second node are different leaf nodes;

a seventh message forwarding state; the seventh message forwarding state is an NVE interface when the message reaches the second node, the constraint condition of the seventh message forwarding state is that the message reaches the second node through the VXLAN tunnel, or the first node and the second node are the same leaf node, and the previous message forwarding state is a fifth message forwarding state;

eighth message forwarding state; the eighth message forwarding state is that the message enters the virtual route forwarding unit of the second node, and the constraint condition of the eighth message forwarding state is that the VXLAN network identifier of the message is a three-layer VXLAN network identifier;

A ninth message forwarding state; the ninth message forwarding state is that the message is forwarded through the virtual bridging domain interface of the second node, and the constraint condition of the ninth message forwarding state is that the destination address information of the message has a corresponding virtual bridging domain interface in the routing forwarding table of the second node;

a tenth message forwarding state; the tenth message forwarding state is that the message enters the bridge domain of the second node, the constraint condition of the tenth message forwarding state is that the virtual bridge domain interface of the second node has a corresponding bridge domain identifier, or the VXLAN network identifier of the message is an identifier of a two-layer VXLAN network of the bridge domain of the second node, and the previous message forwarding state is a seventh message forwarding state;

an eleventh message forwarding state; the eleventh message forwarding state is that the message is received by a second virtual machine connected with the second node, and the constraint condition of the eleventh message forwarding state is that an address of the second virtual machine matched with the destination address information exists in a routing table of the second node; or, the eleventh message forwarding state is that the message is received by the network segment to which the second node belongs, and the constraint condition of the eleventh message forwarding state is that the address of the second virtual machine matched with the destination address information does not exist in the routing table of the second node, but the network segment corresponding to the bridge domain of the second node is matched with the destination address information.

In the embodiment of the application, the corresponding forwarding state can be accurately determined according to each constraint condition of the message in the forwarding process in the above manner, and then whether at least one effective data transmission path can be generated between the source address and the destination address of the message can be detected according to the processing result of the last forwarding state.

In one possible implementation, the source address information of the message includes: the source internet protocol IP address of the message or the source network segment address information of the message; and/or, the destination address information of the message includes: the destination IP address of the message or the destination network segment address information of the message. Therefore, the verification mode can be diversified, and the accuracy of the target network accessibility detection can be improved.

In a possible implementation manner, if the node identifier of the message includes the source node identifier, the constraint condition of the first message forwarding state further includes: the identity of the source node matches the first node identity. Therefore, the effective sending of the message can be ensured, and the efficiency and accuracy of sending the simulation message are improved.

In a possible implementation manner, if the node identifier of the packet includes the destination node identifier, the constraint condition of the seventh packet forwarding state further includes: the identity of the destination node matches the identity of the second node. Therefore, effective receiving of the message can be ensured, and efficiency and accuracy of message forwarding simulation are improved.

In a second aspect, the present application also provides a network reachability detection device, including: a first obtaining unit, configured to obtain network topology information and a routing table of a network device in a target network; the generating unit is used for generating a message forwarding state chain according to the network topology information of the network equipment and the routing table, wherein the message forwarding state chain comprises message forwarding states and constraint conditions corresponding to each message forwarding state; the second acquisition unit is used for acquiring the source address information of the message and the destination address information of the message; the first obtaining unit is used for obtaining the last message forwarding state of the simulated message for forwarding in the network equipment according to the source address information of the message, the destination address information of the message and the message forwarding state chain; the second obtaining unit is used for obtaining a detection result of whether the message is reachable or not according to the last message forwarding state of the message.

In a possible implementation manner, the first obtaining unit includes: the node identification acquisition subunit is used for acquiring the node identification of the message, wherein the node identification of the message comprises the source node identification of the message and/or the destination node identification of the message; the first obtaining subunit is configured to obtain a last message forwarding state of the simulated message forwarding in the network device according to the source address information of the message, the destination address information of the message, the node identifier of the message, and the message forwarding state chain.

In a possible implementation manner, the target network is a virtual extensible local area network VXLAN, and the virtual extensible local area network includes a first node, a second node, a first virtual machine and a second virtual machine, where the first node is connected with the first virtual machine, and the second node is connected with the second virtual machine; the first virtual machine is a virtual machine simulating sending out messages, and the second virtual machine is a virtual machine simulating receiving messages; the message forwarding state chain includes one or more of the following message forwarding states:

A second message forwarding state; the second message forwarding state is that the message enters the bridging domain of the first node, and the constraint condition of the second message forwarding state is that the first node has the bridging domain identification corresponding to the source address information;

a seventh message forwarding state; the seventh message forwarding state is an NVE interface when the message reaches the second node, the constraint condition of the seventh message forwarding state is that the message reaches the second node through a VXLAN tunnel, or the first node and the second node are the same leaf node, and the previous message forwarding state is a fifth message forwarding state;

In one possible implementation, the source address information of the message includes: the source internet protocol IP address of the message or the source network segment address information of the message; and/or, the destination address information of the message includes: the destination IP address of the message or the destination network segment address information of the message.

In a possible implementation manner, if the node identifier of the message includes the source node identifier, the constraint condition of the first message forwarding state further includes: the identity of the source node matches the first node identity.

In a possible implementation manner, if the node identifier of the packet includes the destination node identifier, the constraint condition of the seventh packet forwarding state further includes: the identity of the destination node matches the identity of the second node.

In a third aspect, the present application also provides a network reachability detection apparatus, the lane line determination apparatus including: a memory, a processor, and a memory controller,

a memory for storing instructions; and the processor is used for executing the instructions in the memory and executing the method.

In a fourth aspect, the application also provides a computer readable storage medium comprising instructions which, when run on a computer, cause the computer to perform the above method.

From the above technical solutions, the embodiment of the present application has the following advantages:

when the network reachability is detected, firstly network topology information and a routing table of network equipment in a target network are obtained, then a message forwarding state chain comprising message forwarding states and constraint conditions corresponding to each message forwarding state is generated by utilizing the network topology information and the routing table of the network equipment, then after source address information of the message and target address information of the message are obtained, a last message forwarding state of a simulated message for forwarding in the network equipment can be obtained according to the source address information of the message, the target address information of the message and the message forwarding state chain, and finally, a detection result of whether the message is reachable or not can be obtained by processing the last message forwarding state of the obtained message. It can be seen that, when the network reachability detection is performed, the forwarding conditions of the message at different stages in the forwarding process are simulated according to the message forwarding state chain, and according to the processing result of the last forwarding state, whether at least one effective data transmission path can be generated between the source address and the destination address of the message is detected.

Drawings

Fig. 1 is a flowchart of a network reachability detection method provided in an embodiment of the present application;

fig. 2 is a schematic structural diagram of a current VXLAN network model;

fig. 3 is a schematic diagram of a packet forwarding state chain according to an embodiment of the present application;

fig. 4 is a schematic diagram of detecting reachability between VMs of different network segments according to an embodiment of the present application;

fig. 5 is a block diagram of a network reachability detection apparatus according to an embodiment of the present application;

fig. 6 is a schematic structural diagram of a network reachability detection device according to an embodiment of the present application.

Detailed Description

The embodiment of the application provides a network reachability detection method and device, which are used for rapidly and accurately detecting the reachability of a network so as to realize data communication among different VMs in the network according to detection results.

Embodiments of the present application are described below with reference to the accompanying drawings.

In some network reachability detection methods, network reachability detection is generally performed by using a manual positioning method, that is, by manually typing a code command, for example, by manually typing a "ping" command, to detect whether any two network devices in a network are connected, that is, whether the network between the two network devices has reachability. However, the method of detecting the network accessibility by manually typing the code command has limited processing capacity and high subjectivity, is low in detection efficiency for networks with a large number of network devices, and can cause the situation of manually typing wrong detection instructions, such as misspelling "ping" into "pong", and the like, so that detection results are wrong.

In order to solve the problems, the application provides a network reachability detection method which can rapidly and accurately detect the reachability of a network. Specifically, the network topology information and the routing table of the network device in the obtained target network can be analyzed firstly to generate a message forwarding state chain comprising message forwarding states and constraint conditions corresponding to each message forwarding state according to analysis results, then after obtaining source address information of the message and target address information of the message, according to the source address information of the message, the target address information of the message and the message forwarding state chain, the last message forwarding state of the simulated message for forwarding in the network device is obtained, and finally, the last message forwarding state of the obtained message is processed to detect whether the message is reachable according to processing results.

Referring to fig. 1, a flow chart of a network reachability detection method provided in this embodiment includes the following steps:

s101: network topology information and a routing table of network equipment in a target network are obtained.

In this embodiment, any network that performs network reachability detection in this embodiment is defined as a target network, and it should be noted that, in this embodiment, the type of network is not limited, for example, the target network may be a VXLAN network or the like.

Specifically, in order to implement reachability detection on the target network, network topology information and a routing table of network devices in the target network need to be acquired first. The network device refers to a data processing device such as a terminal or a server connected to the target network. The network topology information refers to physical layout information of various devices interconnected by a transmission medium in a target network, for example, connection relations among nodes in the network, bridge domains of the nodes, a route forwarding unit and the like.

S102: and generating a message forwarding state chain according to the network topology information of the network equipment and the routing table, wherein the message forwarding state chain comprises message forwarding states and constraint conditions corresponding to each message forwarding state.

In this embodiment, after the network topology information and the routing table of the network device in the target network are obtained in step S101, the connection relationship of each node in the network topology information and the data of each routing table item in the routing table may be further analyzed to generate a packet forwarding state chain according to the analysis result, where the packet may be a data packet that exists in reality and needs to be forwarded, or may be a virtual data packet that is simulated and is used for detecting network reachability. The chain of message forwarding states includes the different forwarding states that the message reaches in the target network, and the forwarding rules between these states that need to be satisfied (defined herein as constraints). It should be noted that, the specific generation process of each packet forwarding state and the corresponding constraint conditions can be referred to the detailed description of the subsequent embodiments.

S103: and acquiring the source address information of the message and the destination address information of the message.

In this embodiment, in order to detect the reachability of the target network, the source address information of the packet and the destination address information of the packet need to be acquired. The source address information of the message refers to address information (such as IP address information) of a network device (such as VM) that sends the message. The destination address information of a message refers to address information (e.g., IP address information) of a network device (e.g., VM) that receives the message.

In an alternative implementation manner, the source address information of the message may include: the source internet protocol IP address of the message or the source network segment address information of the message; and/or, the destination address information of the message includes: the destination IP address of the message or the destination network segment address information of the message.

In this implementation manner, the source address information of the message refers to the IP address of the network device sending the message in the target network or the address information of the network segment to which the IP belongs. The destination address information of the message refers to the IP address of the network device receiving the message in the target network or the address information of the network segment to which the IP belongs.

Therefore, the verification mode can be diversified, and the accuracy of the target network accessibility detection can be improved.

S104: and obtaining the last message forwarding state of the simulated message for forwarding in the network equipment according to the source address information of the message, the destination address information of the message and the message forwarding state chain.

In this embodiment, each forwarding state of the analog packet for forwarding in the network device may be obtained according to the acquired source address information of the packet, the destination address information of the packet, and constraint conditions corresponding to each forwarding state of the generated packet. The method includes a last message forwarding state of forwarding the analog message in the network device, and further, the reachability of the target network may be detected by executing the subsequent step S105, and it should be noted that a specific implementation process and a corresponding constraint condition of the last message forwarding state may refer to detailed description of the subsequent embodiments.

It should be noted that, in an alternative implementation manner, the specific implementation process of the present step S104 may include the following steps a-B:

step A: and obtaining the node identification of the message, wherein the node identification of the message comprises the source node identification of the message and/or the destination node identification of the message.

In this implementation manner, in order to accurately obtain the last forwarding state of the message, the node identifier of the message may be obtained first, where the node identifier of the message includes a node identifier (defined herein as a source node identifier) connected to a network device that sends the message, and/or includes a node identifier (defined herein as a destination node identifier) connected to a network device that receives the message, so as to execute the subsequent step B.

It should be noted that, since the message may be forwarded between different VMs in the same node, or may be forwarded between different VMs under different nodes, the node identifiers of the message may be the same or different.

And step B, namely: and obtaining the last message forwarding state of the simulated message for forwarding in the network equipment according to the source address information of the message, the destination address information of the message, the node identification of the message and the message forwarding state chain.

After the node identifier of the message is obtained through the step a, the last message forwarding state of the simulated message for forwarding in the network device can be further obtained according to the source address information of the message, the destination address information of the message, the node identifier of the message and the message forwarding state chain, and the specific implementation process and the corresponding constraint conditions can be described in detail in the following embodiments.

Therefore, by using the node identification of the message, whether the analog message can be sent or received by the specific node corresponding to the identification can be effectively verified.

S105: and obtaining a detection result of whether the message is reachable or not according to the last message forwarding state of the message.

In this embodiment, after the last message forwarding state of the analog message for forwarding in the network device is obtained in step S104, the last message forwarding state may be analyzed by the following two judging methods, so as to determine whether the message is reachable according to the analysis result.

The first judgment mode is a manual judgment mode, specifically, the last message forwarding state is manually analyzed to judge whether the message can be received by the network segment to which the target address belongs and/or whether the message can be received by the network node to which the target address is connected, so that whether the message is reachable in the target network can be judged.

The first judgment mode is to judge through a machine detection mode, specifically, the last message forwarding state obtained can be used as target data, the source address information, the destination address information, the message forwarding states, the corresponding constraint conditions and the node identification of the messages are used as input data together, the input data are input into a Z3 model, a transmission path capable of realizing message forwarding is generated through the model, the last forwarding state of the corresponding message in the path is consistent with the last message forwarding state generated in the steps, and then the reachable detection result of the message can be obtained.

Or if it is detected in step S105 that the message is not successfully received by the network segment to which the destination address belongs or the network node to which the destination address is connected, for example, by manual detection or Z3 model detection, a transmission path capable of forwarding the message is not generated, which indicates that the network is unreachable, that is, that the network isolation occurs, and thus, the network isolation effect can be achieved by using a "network firewall" in practical application.

In summary, in the network reachability detection method provided in this embodiment, when detecting network reachability, network topology information and a routing table of a network device in a target network are first obtained, then a message forwarding state chain including a message forwarding state and constraint conditions corresponding to each message forwarding state is generated by using the network topology information and the routing table of the network device, then after source address information of a message and destination address information of a message are obtained, a final message forwarding state simulating forwarding of the message in the network device is obtained according to the source address information of the message, the destination address information of the message and the message forwarding state chain, and finally, a detection result of whether the message is reachable is obtained by processing the final message forwarding state of the obtained message. It can be seen that, when the network reachability detection is performed in this embodiment, forwarding conditions of a packet at different stages in a forwarding process are simulated according to a packet forwarding state chain, and according to a processing result of a last forwarding state, it is detected whether at least one effective data transmission path can be generated between a source address and a destination address of the packet.

It should be noted that, in one possible implementation manner of the present application, the target network may be a virtual extensible local area network VXLAN, where the VXLAN includes a first node, a second node, a first virtual machine, and a second virtual machine, where the first node is connected to the first virtual machine, and the second node is connected to the second virtual machine; the first virtual machine is a virtual machine simulating sending out messages, the second virtual machine is a virtual machine simulating receiving messages, namely, in VXLAN, the routing table of the first node comprises address information of the first virtual machine, the routing table of the second node comprises address information of the second virtual machine, and the first node and the second node have a connection relation or are the same node.

In particular, referring to fig. 2, a structure of a VXLAN network is shown in which a pair of neighbors based on a border gateway protocol (Border Gateway Protocol, BGP) is established between a first node 201 and a second node 202. Two-layer tunnels are established between nodes with the same two-layer VXLAN network identifiers (VXLAN Network Identifier, VNI) so as to realize message forwarding in the same two-layer domain; three layers of tunnels are established between nodes with different three layers of VNIs so as to realize message forwarding between different two layers of domains. The VM is accessed to a Bridge Domain (BD) through a two-layer sub-interface, and the BD is provided with a corresponding two-layer VNI; BD is bound to virtual route forwarding (Virtual Routing and Forwarding, VRF) through a corresponding bridge domain interface (bdinterface, bdif), and VRF uses the bound three-tier VNI to distinguish different tenants.

(1) The communication process between the VMs of the cross-node and the network segment (e.g. when the first virtual machine is VM1203 and the second virtual machine is VM3205, the message forwarding process is performed between the first virtual machine VM1203 and the second virtual machine VM 3205) is as follows:

the first node 201 and the second node 202 serve as virtual tunnel endpoints (Virtual Tunnel End Point, VTEP) of the VXLAN network, a VXLAN tunnel is set up between the two nodes, and VXLAN two-layer gateways are deployed on the first node 201 and the second node 202, so that mutual communication between different virtual machines (such as the first virtual machine VM1 and the second virtual machine VM 3) in the same network segment can be achieved. At this time, the backbone node 207 only serves as a forwarding node of the VXLAN packet, does not sense the existence of the VXLAN tunnel, and may be any three-layer network device.

(2) The communication process between VMs of different network segments of the same node (e.g. when the first virtual machine is VM1203 and the second virtual machine is VM2204, the process of forwarding a message between the first virtual machine VM1203 and the second virtual machine VM 2204) is as follows:

the first node 201 is used as a VTEP of the VXLAN network, and a VXLAN three-layer gateway is deployed on the first node 201, so that mutual communication between VMs (such as the first virtual machine VM1203 and the second virtual machine VM 2204) in different network segments under the first node 201 can be realized. At this time, when VM1203 and VM2204 mutually visit, traffic only needs to be forwarded at first node 201, and no longer needs to pass through backbone node 207, thereby saving a lot of bandwidth resources.

(3) The communication process between VMs of different network segments across nodes (e.g. when the first virtual machine is VM1203 and the second virtual machine is VM4206, the process of forwarding a message between the first virtual machine VM1203 and the second virtual machine VM 4206) is as follows:

the first node 201 and the second node 202 serve as VTEPs of the VXLAN network, and VXLAN tri-layer gateways are deployed on the first node 201 and the second node 202. And a VXLAN tunnel is dynamically established between two VXLAN three-layer gateways through BGP, and host routing information hung under the gateway is released to other BGP neighbors through the remote-next hop attribute of the BGP, so that the mutual communication between VMs (such as the first virtual machine VM1203 and the second virtual machine VM 4206) of different network segments of the cross-node is realized.

In VXLAN networks, the routing tables of the nodes (e.g., the first node 201 and the second node 202) may include destination IP and outgoing interfaces, and the following table 1 is a specific example:

destination IP	Outlet interface	Next hop	Type(s)
				a.1.1.1.1/32	vxlan	null	local
b.2.2.2.2/32	vxlan	null	connected
				c.192.168.10.0/24	vbdif10	null	connected
d.192.168.10.1/32	vbdif10	null	local
				e.192.168.10.10/32	vbdif10	null	connected
f.192.168.20.0/24	vxlan	2.2.2.2	evpn

TABLE 1

Wherein, the IP address in the destination IP refers to the IP address of the VM having a connection relation with the corresponding node. And the outgoing interface vxlan in a represents that when the destination IP address is 1.1.1.1/32, the message needs to be sent to the two-layer gateway nve interface for forwarding, and the local interface is the local interface, namely the local nve interface. In b, the outgoing interface vxlan indicates that when the destination address is 2.2.2.2/32, the message needs to be sent to the nve interface for forwarding, and connected indicates a direct connection port, namely a remote nve interface. c indicates that the local direct connection 192.168.10.0/24IP address is needed to forward the message through the output interface vbdif 10. d represents an interface with a local IP address 192.168.10.1/32. e represents a VM host with 192.168.10.10/32 locally, and forwards the message through vbdif 10. f indicates that a packet (message) arriving at IP address 192.168.20.0/24 needs to be forwarded to the next node via the nve interface.

Based on this, in the process of using the first virtual machine to simulate sending out a message and using the second virtual machine to receive the message, a forwarding state chain of the message may be generated, where the forwarding state chain includes one or more message forwarding states, and then, in this embodiment, referring to fig. 3, the message forwarding states will be described one by one:

1. a first message forwarding state; the first message forwarding state is that the message is received by the first node, and the constraint condition of the first message forwarding state is that the source address information of the message has a corresponding routing table entry in the routing table of the first node.

Specifically, referring to fig. 3, the first node is a left host node, when address information of a first virtual machine simulating to send a message is included in a routing table of the host node, it indicates that the message can be received by the first node, and at this time, the message forwarding state is defined as a first message forwarding state srchst (host).

If the node identifier of the message includes the source node identifier, the constraint condition of the first message forwarding state further includes: the identity of the source node matches the first node identity.

In this implementation manner, if the node identifier of the message includes the source node identifier connected to the VM that sends the message, if the message is to be received by the first node, it is further required to satisfy a condition that the source node identifier is consistent with the first node identifier, that is, ensure that the VM that sends the message can be connected to the first node, so that the message data can be forwarded by the first node through routing.

Therefore, the effective sending of the message can be ensured, and the efficiency and accuracy of sending the simulation message are improved.

2. A second message forwarding state; the second message forwarding state is that the message enters the bridge domain of the first node, and the constraint condition of the second message forwarding state is that the first node has the bridge domain identifier corresponding to the source address information.

Specifically, referring to fig. 3, when the first node host has a BD identification corresponding to address information of the VM that emulates the outgoing message, it is indicated that the message can enter the BD of the host node. At this time, the packet forwarding state is defined as a second packet forwarding state SrcBd (host, bd). It should be noted that, in the actual forwarding process of the VXLAN network, the message of the VM enters the BD of the corresponding host node through the two-layer subinterface.

3. A third message forwarding state; the third message forwarding state is that the message is forwarded through the virtual bridge domain interface of the first node, the constraint condition of the third message forwarding state is that the network segment corresponding to the source address information of the message and the network segment corresponding to the destination address information of the message do not belong to the same network segment, and the output interface corresponding to the source address information in the routing table entry of the first node is the virtual bridge domain interface of the first node.

Specifically, referring to fig. 3, when the network segment to which the address information of the VM sending the message belongs and the network segment to which the address information of the VM receiving the message belongs are simulated to be the same network segment, it is indicated that the message may be forwarded through the virtual bridge domain interface vbdif of the first node host, and at this time, the message forwarding state is defined as a third message forwarding state srcbbdif (host, vbdif).

4. A fourth message forwarding state; the fourth message forwarding state is that the message is in a virtual route forwarding unit corresponding to the first node, and the constraint condition of the fourth message forwarding state is that the first node has a virtual route forwarding unit identifier corresponding to a virtual bridge domain interface of the first node.

Specifically, referring to fig. 3, when the virtual route forwarding unit vrf corresponding to the virtual bridge domain interface vbdif of the first node host exists in the first node host, it indicates that the packet is in the virtual route forwarding unit vrf corresponding to the first node host, and at this time, the packet forwarding state is defined as the fourth packet forwarding state SrcVrf (host, vrf), so that three-layer forwarding can be performed by querying the routing table of the network (see the specific description of steps (2) and (3) above).

5. A fifth message forwarding state; the fifth message forwarding state is that the message is forwarded through the network virtual edge NVE interface of the first node, the constraint condition of the fifth message forwarding state is that the VXLAN network identifier of the message is three-layer VXLAN network identifier, or that the VXLAN network identifier of the message is the identifier of the two-layer VXLAN network of the bridge domain of the first node, the network segment corresponding to the source address information of the message and the network segment corresponding to the destination address information of the message belong to the same network segment, and the previous message forwarding state is the second message forwarding state

Specifically, referring to fig. 3, when the VXLAN network identifier of the message is a three-layer VXLAN network identifier, or when the VXLAN network identifier of the message is an identifier of a two-layer VXLAN network of the bridge domain BD of the first node host and the network segment to which the address information of the VM sending the message belongs and the network segment to which the address information of the VM receiving the message belongs belong, and the previous message forwarding state is the second message forwarding state, it indicates that the message is forwarded through the network virtual edge NVE interface of the first node host, that is, the message may be sent to the VXLAN tunnel for two-layer or three-layer forwarding, where the message forwarding state is defined as a fifth message forwarding state SrcNve (host, NVE), and the specific forwarding process may be described in the foregoing step (1).

6. A sixth message forwarding state; the sixth message forwarding state is that the message is in a VXLAN tunnel from the first node to the second node, and the constraint condition of the sixth message forwarding state is that the first node and the second node are different leaf nodes.

Specifically, when the first node host and the second node host are different leaf nodes, as shown in fig. 3, a VXLAN tunnel may be established between the two nodes using existing or future related protocols, and the message may be in the VXLAN tunnel from the first node to the second node, and the forwarding state of the message at this time is defined as a sixth message forwarding state InTunnel (h 1, n1, h2, n 2).

7. A seventh message forwarding state; the seventh message forwarding state is that the message reaches the NVE interface of the second node, the constraint condition of the seventh message forwarding state is that the message reaches the second node through the VXLAN tunnel, or the first node and the second node are the same leaf node, and the previous message forwarding state is the fifth message forwarding state.

Specifically, as shown in fig. 3, when the first node host and the second node host are different leaf nodes and the message arrives at the second node through the VXLAN tunnel therebetween (i.e., the message is not already in the VXLAN tunnel from the first node to the second node), or when the first node host and the second node host are the same leaf node and the previous message forwarding state is the fifth message forwarding state, it is indicated that the message has arrived at the NVE interface of the second node, and at this time, the forwarding state of the message may be defined as a seventh message forwarding state DstNve (host, NVE).

If the node identifier of the message includes the destination node identifier, the constraint condition of the seventh message forwarding state further includes: the identity of the destination node matches the identity of the second node.

In this implementation manner, if the node identifier of the message includes the destination node identifier connected to the VM that receives the message, if the message is to be received by the second node, a condition that the destination node identifier is consistent with the second node identifier needs to be satisfied, that is, it is ensured that the VM that receives the message can be connected to the second node, so that the message data can be routed and forwarded through the second node.

Therefore, effective receiving of the message can be ensured, and efficiency and accuracy of message forwarding simulation are improved.

8. Eighth message forwarding state; the eighth message forwarding state is that the message enters the virtual route forwarding unit of the second node, and the constraint condition of the eighth message forwarding state is that the VXLAN network identifier of the message is a three-layer VXLAN network identifier.

Specifically, as shown in fig. 3, when the VXLAN network identifier of the packet is a three-layer VXLAN network identifier, it indicates that the packet enters the virtual route forwarding unit vrf of the second node host, which indicates that the packet is forwarded by three layers, the route forwarding table of the lookup network is sent to the virtual bridge domain interface vbdif corresponding to the second node, and at this time, the forwarding state of the packet may be defined as an eighth packet forwarding state DstVrf (host, vrf).

9. A ninth message forwarding state; the ninth message forwarding state is that the message is forwarded through the virtual bridge domain interface of the second node, and the constraint condition of the ninth message forwarding state is that the destination address information of the message has a corresponding virtual bridge domain interface in the routing forwarding table of the second node.

Specifically, as shown in fig. 3, when the destination address information of the packet has a corresponding virtual bridge domain interface vbdif in the routing forwarding table of the second node host, it indicates that the packet may be forwarded through the virtual bridge domain interface of the second node. At this time, the forwarding state of the packet may be defined as a ninth packet forwarding state DstVbdif (host, vbdif).

10. A tenth message forwarding state; the tenth message forwarding state is that the message enters the bridge domain of the second node, the constraint condition of the tenth message forwarding state is that the virtual bridge domain interface of the second node has a corresponding bridge domain identifier, or the VXLAN network identifier of the message is an identifier of a two-layer VXLAN network of the bridge domain of the second node, and the previous message forwarding state is a seventh message forwarding state.

Specifically, as shown in fig. 3, when the virtual bridge domain interface vbdif of the second node host has a corresponding bridge domain BD identifier, or the VXLAN network identifier of the message is an identifier of a two-layer VXLAN network of the bridge domain BD of the second node, and the previous message forwarding state is a seventh message forwarding state, it indicates that the message enters into the bridge domain BD of the second node host, where the forwarding state of the message may be defined as a tenth message forwarding state DstBd (host, BD), that is, it indicates that the message and the message is sent to the VM that may be received by the second node host.

11. An eleventh message forwarding state; the eleventh message forwarding state is that the message is received by a second virtual machine connected with the second node, and the constraint condition of the eleventh message forwarding state is that an address of the second virtual machine matched with the destination address information exists in a routing table of the second node; or, the eleventh message forwarding state is that the message is received by the network segment to which the second node belongs, and the constraint condition of the eleventh message forwarding state is that the address of the second virtual machine matched with the destination address information does not exist in the routing table of the second node, but the network segment corresponding to the bridge domain of the second node is matched with the destination address information.

Specifically, when there is an address of the second virtual machine that matches the destination address information in the routing table of the second node host, that is, when there is a VM on the second node host that can accept the current message, it indicates that the message may be received by the second virtual machine connected to the second node, where the forwarding state of the message may be defined as DstHostAccept (host), further it indicates that there is a host node in the current Overlay network that can accept the current message, and the current state may be defined as an eleventh message forwarding state HostAccept (host).

Or when there is no address of the second virtual machine that matches the destination address information in the routing table of the second node host, but the network segment corresponding to the bridge domain BD of the second node host matches the destination address information, it indicates that the message may be received by the network segment to which the second node host belongs, where the forwarding state of the message may be defined as DstNetworkAccept (host), further it indicates that there is a host node in the current Overlay network, where there is no VM that can accept the current message, but there is a corresponding network segment that can receive the current message, and the current state may be defined as an eleventh message forwarding state NetworkAccept (host).

Therefore, through the 11 steps, the corresponding forwarding state can be accurately determined according to each constraint condition of the message in the forwarding process, and whether at least one effective data transmission path can be generated between the source address and the destination address of the message or not can be detected according to the processing result of the last forwarding state.

Next, in order to facilitate understanding of the specific implementation process of the above steps of the present application, with reference to fig. 4, the following detailed description will be made to detect whether the VM1403 and VM2404 of different network segments under different Leaf nodes leaf_1401 and leaf_2402 are reachable or not by way of example.

The routing table of Leaf node leaf_1401 is shown in table 2 below:

TABLE 2

The routing table for Leaf node Leaf2402 is shown in table 3 below:

destination IP	Outlet interface	Next hop	Type(s)
				1.1.1.1/32	vxlan	null	connected
2.2.2.2/32	vxlan	null	local
				192.168.10.0/24	vxlan	1.1.1.1	evpn
192.168.20.0/24	Vbdif20	null	connected
				192.168.20.1/32	Vbdif20	null	local
192.168.20.20/32	Vbdif20	null	connected

TABLE 3 Table 3

192.168.10.10, 192.168.20.20, leaf_1401, leaf_2402 and HostAccept are taken as input parameters to verify whether the message from VM1403 to VM2404 is reachable, and then by executing the steps 1 to 11, the forwarding states of the message can be obtained as follows:

1. the first message forwarding state is SrcHost (leaf) ₁ )。

2. The second message forwarding state is SrcBd (leaf) ₁ ,bd ₁ )。

3. The third message forwarding state is SrcVbdif (leaf) ₁ ,vbdif ₁₀ )。

4. The fourth message forwarding state is SrcVrf (leaf) ₁ ,v rf ₁ )。

5. The fifth message forwarding state is SrcNve (leaf) ₁ ,nve ₁ )。

6. The sixth message forwarding state is InTunnel (leaf) ₁ ,nve ₁ ,leaf ₂ ,nve ₂ ) At this point there is a VXLAN Tunnel between Leaf node Leaf 1401 and Leaf node Leaf 2402.

7. The seventh message forwarding state is DstNve (leaf) ₂ ,nve ₂ )。

8. The eighth message forwarding state is dstVrf (leaf) ₂ ,vrf ₂ )。

9. The ninth message forwarding state is DstVbdif (leaf) ₂ ,vbdif ₂ )。

10. The tenth message forwarding state is DstBd (leaf) ₂ ,bd ₂ )。

11. The eleventh message forwarding state is HostAccept.

The specific implementation process can be referred to the detailed description of the steps 1 to 11, and will not be repeated here.

Based on this, the query target may be HostAccept, and the Leaf node leaf_2402 is set as the destination node, further, the source address information, the destination address information, the 11 packet forwarding states and corresponding constraint conditions, and the node identifier of the obtained packet may be converted into data conforming to the input data format of the Z3 model, for example, the first packet forwarding state srchest (Leaf ₁ ) Converting to SrcHost_leaf_1, etc., and inputting all the converted data as input data into a Z3 model to obtain an output value Query representing the detection result through the Z3 model, wherein the representation form of the output value is not limited by the application. For example, the number "1" or Chinese "true" may be utilized as an output value Query to characterize that a slave first message forwarding state Srchost (Leaf) may be generated between VM1403 and VM2404 of different segments under Leaf nodes leaf_1401 and leaf_2402 ₁ ) The path to the last message forwarding state HostAccept, namely, a transmission path capable of realizing message forwarding under the condition that input conditions are met is generated, and the specific path is as follows:

/>

meanwhile, a number "0" or a Chinese character "false" may be used as an output value Query to characterize that a path from the first packet forwarding state srchst (Leaf 1) to the last packet forwarding state HostAccept cannot be generated between the VM1403 and the VM2404 of different network segments under the Leaf nodes leaf_1401 and leaf_2402.

In order to facilitate better implementation of the above-described aspects of embodiments of the present application, the following provides related devices for implementing the above-described aspects. Referring to fig. 5, a network reachability detection apparatus 500 according to an embodiment of the present application is shown. The apparatus 500 may include: a first acquisition unit 501, a generation unit 502, a second acquisition unit 503, a first acquisition unit 504, and a second acquisition unit 505. The first obtaining unit 501 is configured to execute S101 in the embodiment shown in fig. 1. The generating unit 502 is configured to execute S102 in the embodiment shown in fig. 1. The second acquisition unit 503 is used to execute S103 in the embodiment shown in fig. 1. The first obtaining unit 504 is configured to perform S104 in the embodiment shown in fig. 1. The second obtaining unit 505 is configured to perform S105 in the embodiment shown in fig. 1. In particular, the method comprises the steps of,

a first obtaining unit 501, configured to obtain network topology information and a routing table of a network device in a target network;

a generating unit 502, configured to generate a packet forwarding state chain according to network topology information and a routing table of the network device, where the packet forwarding state chain includes a packet forwarding state and a constraint condition corresponding to each packet forwarding state;

a second obtaining unit 503, configured to obtain source address information of a message and destination address information of the message;

A first obtaining unit 504, configured to obtain a last packet forwarding state simulating forwarding of the packet in the network device according to the source address information of the packet, the destination address information of the packet, and the packet forwarding state chain;

the second obtaining unit 505 is configured to obtain a detection result of whether the message is reachable according to the last message forwarding state of the message.

In one implementation of the present embodiment, the first obtaining unit 504 includes:

the node identification acquisition subunit is used for acquiring the node identification of the message, wherein the node identification of the message comprises the source node identification of the message and/or the destination node identification of the message;

the first obtaining subunit is configured to obtain a last message forwarding state of the simulated message forwarding in the network device according to the source address information of the message, the destination address information of the message, the node identifier of the message, and the message forwarding state chain.

In one implementation manner of this embodiment, the target network is a virtual extensible local area network VXLAN, where the virtual extensible local area network includes a first node, a second node, a first virtual machine, and a second virtual machine, the first node is connected to the first virtual machine, and the second node is connected to the second virtual machine; the first virtual machine is a virtual machine simulating sending out messages, and the second virtual machine is a virtual machine simulating receiving messages; the message forwarding state chain includes one or more of the following message forwarding states:

In one implementation manner of this embodiment, the source address information of the packet includes: the source internet protocol IP address of the message or the source network segment address information of the message; and/or, the destination address information of the message includes: the destination IP address of the message or the destination network segment address information of the message.

In one implementation manner of this embodiment, if the node identifier of the packet includes the source node identifier, the constraint condition of the first packet forwarding state further includes: the identity of the source node matches the first node identity.

In an implementation manner of this embodiment, if the node identifier of the packet includes the destination node identifier, the constraint condition of the seventh packet forwarding state further includes: the identity of the destination node matches the identity of the second node.

In summary, in the network reachability detection apparatus provided in the embodiments of the present application, when detecting network reachability, network topology information and a routing table of a network device in a target network are first obtained, then a message forwarding state chain including a message forwarding state and constraint conditions corresponding to each message forwarding state is generated by using the network topology information and the routing table of the network device, then after obtaining source address information of a message and destination address information of a message, a final message forwarding state simulating forwarding of the message in the network device can be obtained according to the source address information of the message, the destination address information of the message and the message forwarding state chain, and finally, a detection result of whether the message is reachable is obtained by processing the final message forwarding state of the obtained message. It can be seen that, when the network reachability detection is performed in this embodiment, forwarding conditions of a packet at different stages in a forwarding process are simulated according to a packet forwarding state chain, and according to a processing result of a last forwarding state, it is detected whether at least one effective data transmission path can be generated between a source address and a destination address of the packet.

Referring to fig. 6, an embodiment of the present application provides a network reachability detection device 600, comprising a memory 601, a processor 602 and a communication interface 603,

a memory 601 for storing instructions;

a processor 602, configured to execute the instructions in the memory 601, and perform the network reachability detection method described above as applied to the embodiment shown in fig. 1;

a communication interface 603 for performing communication.

The memory 601, the processor 602, and the communication interface 603 are connected to each other through a bus 604; bus 604 may be a peripheral component interconnect standard (peripheral component interconnect, PCI) bus, or an extended industry standard architecture (extended industry standard architecture, EISA) bus, among others. The buses may be divided into address buses, data buses, control buses, etc. For ease of illustration, only one thick line is shown in fig. 6, but not only one bus or one type of bus.

In a specific embodiment, when detecting the network reachability, the processor 602 is configured to first obtain network topology information and a routing table of a network device in a target network, then generate a message forwarding state chain including a message forwarding state and constraint conditions corresponding to each message forwarding state by using the network topology information and the routing table of the network device, and then, after obtaining source address information of a message and destination address information of the message, obtain a last message forwarding state of a simulated message for forwarding in the network device according to the source address information of the message, the destination address information of the message and the message forwarding state chain, and further, process the last message forwarding state of the obtained message to obtain a detection result of whether the message is reachable. For a detailed process of the processor 602, please refer to the detailed descriptions of S101, S102, S103, S104 and S105 in the embodiment shown in fig. 1, which are not repeated here.

The memory 601 may be random-access memory (RAM), flash memory (flash), read-only memory (ROM), erasable programmable read-only memory (erasable programmable read only memory, EPROM), electrically erasable programmable read-only memory (electrically erasable programmable read only memory, EEPROM), registers (registers), hard disk, a removable disk, a CD-ROM, or any other form of storage medium known to those skilled in the art.

The processor 602 may be, for example, a central processing unit (central processing unit, CPU), a general purpose processor, a digital signal processor (digital signal processor, DSP), an application-specific integrated circuit (ASIC), a field programmable gate array (field programmable gate array, FPGA), or other programmable logic device, transistor logic device, hardware components, or any combination thereof. Which may implement or perform the various exemplary logic blocks, modules and circuits described in connection with this disclosure. A processor may also be a combination that performs computing functions, e.g., including one or more microprocessors, a combination of a DSP and a microprocessor, and so forth.

The communication interface 603 may be, for example, an interface card, an ethernet interface, or an asynchronous transfer mode (asynchronous transfer mode, ATM) interface.

The embodiment of the application also provides a computer readable storage medium, which comprises instructions, when the computer readable storage medium runs on a computer, causes the computer to execute the network reachability detection method.

The terms "first," "second," "third," "fourth" and the like in the description and in the claims and in the above drawings, if any, are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments described herein may be implemented in other sequences than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.

It will be clear to those skilled in the art that, for convenience and brevity of description, specific working procedures of the above-described systems, apparatuses and units may refer to corresponding procedures in the foregoing method embodiments, which are not repeated herein.

In the several embodiments provided in the present application, it should be understood that the disclosed systems, devices, and methods may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, and the division of the units, for example, is merely a logic module division, and there may be additional divisions when actually implemented, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.

The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be acquired according to actual needs to achieve the purpose of the solution of this embodiment.

In addition, each module unit in the embodiments of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units described above may be implemented either in hardware or in software module units.

The integrated units, if implemented in the form of software module units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be embodied essentially or in part or all of the technical solution or in part in the form of a software product stored in a storage medium, including instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.

Those skilled in the art will appreciate that in one or more of the examples described above, the functions described in the present application may be implemented in hardware, software, firmware, or any combination thereof. When implemented in software, these functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium. Computer-readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one place to another. A storage media may be any available media that can be accessed by a general purpose or special purpose computer.

The above embodiments are further described in detail for the purpose, technical solution and advantageous effects of the present application, and it should be understood that the above description is only an embodiment of the present application.

The above embodiments are only for illustrating the technical solution of the present application, and not for limiting the same; although the application has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit of the application.

Claims

1. A method for detecting network reachability, the method comprising:

acquiring network topology information and a routing table of network equipment in a target network;

generating a message forwarding state chain according to the network topology information of the network equipment and a routing table, wherein the message forwarding state chain comprises message forwarding states and constraint conditions corresponding to each message forwarding state;

acquiring source address information of a message and destination address information of the message;

obtaining a last message forwarding state simulating the forwarding of the message in the network equipment according to the source address information of the message, the destination address information of the message and the message forwarding state chain;

and obtaining a detection result of whether the message is reachable or not according to the last message forwarding state of the message.

2. The method according to claim 1, wherein the obtaining a last message forwarding state simulating forwarding of the message in the network device according to the source address information of the message, the destination address information of the message, and the message forwarding state chain includes:

acquiring a node identifier of the message, wherein the node identifier of the message comprises a source node identifier of the message and/or a destination node identifier of the message;

And obtaining a last message forwarding state simulating the forwarding of the message in the network equipment according to the source address information of the message, the destination address information of the message, the node identification of the message and the message forwarding state chain.

3. The method of claim 2, wherein the target network is a virtual extensible local area network VXLAN, the virtual extensible local area network comprising a first node, a second node, a first virtual machine, and a second virtual machine, the first node being coupled to the first virtual machine, the second node being coupled to the second virtual machine; the first virtual machine is a virtual machine for simulating and sending the message, and the second virtual machine is a virtual machine for simulating and receiving the message;

the message forwarding state chain includes one or more of the following message forwarding states:

a first message forwarding state; the first message forwarding state is that the message is received by a first node, and the constraint condition of the first message forwarding state is that source address information of the message has a corresponding routing table entry in a routing table of the first node;

a second message forwarding state; the second message forwarding state is that the message enters a bridging domain of the first node, and the constraint condition of the second message forwarding state is that the first node has a bridging domain identifier corresponding to the source address information;

A third message forwarding state; the third message forwarding state is that the message is forwarded through a virtual bridge domain interface of the first node, the constraint condition of the third message forwarding state is that a network segment corresponding to source address information of the message and a network segment corresponding to destination address information of the message do not belong to the same network segment, and an outgoing interface corresponding to the source address information in the routing table entry of the first node is a virtual bridge domain interface of the first node;

a fourth message forwarding state; the fourth message forwarding state is that the message is in a virtual route forwarding unit corresponding to the first node, and the constraint condition of the fourth message forwarding state is that the first node has the virtual route forwarding unit identifier corresponding to the virtual bridge domain interface of the first node;

a fifth message forwarding state; the fifth message forwarding state is that the message is forwarded through a Network Virtual Edge (NVE) interface of the first node, the constraint condition of the fifth message forwarding state is that a VXLAN network identifier of the message is a three-layer VXLAN network identifier, or the VXLAN network identifier of the message is an identifier of a two-layer VXLAN network of the bridge domain of the first node, a network segment corresponding to source address information of the message and a network segment corresponding to destination address information of the message belong to the same network segment, and the previous message forwarding state is a second message forwarding state;

A sixth message forwarding state; the sixth message forwarding state is that the message is in a VXLAN tunnel from the first node to a second node, and the constraint condition of the sixth message forwarding state is that the first node and the second node are different leaf nodes;

a seventh message forwarding state; the seventh message forwarding state is an NVE interface of the message reaching the second node, and the constraint condition of the seventh message forwarding state is that the message reaches the second node through the VXLAN tunnel, or the first node and the second node are the same leaf node, and the previous message forwarding state is a fifth message forwarding state;

eighth message forwarding state; the eighth message forwarding state is that the message enters a virtual route forwarding unit of the second node, and the constraint condition of the eighth message forwarding state is that the VXLAN network identifier of the message is a three-layer VXLAN network identifier;

a ninth message forwarding state; the ninth message forwarding state is that the message is forwarded through a virtual bridging domain interface of a second node, and the constraint condition of the ninth message forwarding state is that destination address information of the message has a corresponding virtual bridging domain interface in a routing forwarding table of the second node;

A tenth message forwarding state; the tenth message forwarding state is that the message enters the bridge domain of the second node, the constraint condition of the tenth message forwarding state is that a virtual bridge domain interface of the second node has a corresponding bridge domain identifier, or the VXLAN network identifier of the message is an identifier of a two-layer VXLAN network of the bridge domain of the second node, and the previous message forwarding state is a seventh message forwarding state;

an eleventh message forwarding state; the eleventh message forwarding state is that the message is received by a second virtual machine connected with the second node, and the constraint condition of the eleventh message forwarding state is that an address of the second virtual machine matched with the destination address information exists in a routing table of the second node; or, the eleventh packet forwarding state is that the packet is received by the network segment to which the second node belongs, and the constraint condition of the eleventh packet forwarding state is that the address of the second virtual machine matched with the destination address information does not exist in the routing table of the second node, but the network segment corresponding to the bridge domain of the second node is matched with the destination address information.

4. A method according to claim 1 or 2, characterized in that,

the source address information of the message comprises:

the source internet protocol IP address of the message or the source network segment address information of the message; and/or the number of the groups of groups,

the destination address information of the message includes:

the destination IP address of the message or the destination network segment address information of the message.

5. The method of claim 3, wherein if the node identification of the message includes the source node identification, the constraint on the first message forwarding state further comprises:

the identity of the source node matches the first node identity.

6. A method according to claim 3, wherein if the node identifier of the message includes the destination node identifier, the constraint on the seventh message forwarding state further comprises:

the identity of the destination node matches the second node identity.

7. A network reachability detection apparatus, the apparatus comprising:

a first obtaining unit, configured to obtain network topology information and a routing table of a network device in a target network;

the generating unit is used for generating a message forwarding state chain according to the network topology information of the network equipment and the routing table, wherein the message forwarding state chain comprises message forwarding states and constraint conditions corresponding to each message forwarding state;

The second acquisition unit is used for acquiring the source address information of the message and the destination address information of the message;

the first obtaining unit is used for obtaining a last message forwarding state simulating the forwarding of the message in the network equipment according to the source address information of the message, the destination address information of the message and the message forwarding state chain;

and the second obtaining unit is used for obtaining a detection result of whether the message is reachable or not according to the last message forwarding state of the message.

8. The apparatus of claim 7, wherein the first obtaining unit comprises:

a node identifier obtaining subunit, configured to obtain a node identifier of the message, where the node identifier of the message includes a source node identifier of the message and/or a destination node identifier of the message;

the first obtaining subunit is configured to obtain a last message forwarding state that simulates forwarding of the message in the network device according to the source address information of the message, the destination address information of the message, the node identifier of the message, and the message forwarding state chain.

9. The apparatus of claim 8, wherein the target network is a virtual extensible local area network VXLAN, the virtual extensible local area network comprising a first node, a second node, a first virtual machine, and a second virtual machine, the first node being coupled to the first virtual machine, the second node being coupled to the second virtual machine; the first virtual machine is a virtual machine for simulating and sending the message, and the second virtual machine is a virtual machine for simulating and receiving the message;

10. The apparatus according to claim 7 or 8, wherein,

the source address information of the message comprises:

the destination address information of the message includes:

11. The apparatus of claim 9, wherein if the node identification of the message includes the source node identification, the constraint on the first message forwarding state further comprises:

the identity of the source node matches the first node identity.

12. The apparatus of claim 9, wherein if the node identifier of the message includes the destination node identifier, the constraint on the seventh message forwarding state further comprises:

the identity of the destination node matches the second node identity.

13. A network reachability detection device, wherein said device comprises a memory, a processor;

the memory is used for storing instructions;

the processor being configured to execute the instructions in the memory and to perform the method of any of claims 1-6.

14. A computer readable storage medium comprising instructions which, when run on a computer, cause the computer to perform the method of any of the preceding claims 1-6.