CN113301003B

CN113301003B - Information and data link detection method, device and storage medium

Info

Publication number: CN113301003B
Application number: CN202010526841.1A
Authority: CN
Inventors: 李家康
Original assignee: Alibaba Group Holding Ltd
Current assignee: Alibaba Group Holding Ltd
Priority date: 2020-06-09
Filing date: 2020-06-09
Publication date: 2022-06-21
Anticipated expiration: 2040-06-09
Also published as: CN113301003A

Abstract

The embodiment of the application provides an information and data link detection method, equipment and a storage medium. In some embodiments of the present application, the server sends the detection request packets to the network device to be detected for reverse detection respectively under the condition that the specified data link is not accessed and the specified data link is accessed; judging whether the detection response packet passes through a specified data link or not according to the received information of the detection response packet, and judging whether the network equipment to be detected is abnormal or not according to the judgment; to predict the operational condition of the designated data link and the network device under test.

Description

Information and data link detection method, device and storage medium

Technical Field

The present application relates to the field of network technologies, and in particular, to a method, a device, and a storage medium for detecting an information link and a data link.

Background

Distributed Denial of Service (DDoS) attacks are a form of network attacks that prevent users from accessing a target Service normally by consuming target resources, and are the main threats in current network attacks. DDoS attacks launch DDoS attacks on one or more targets by combining a plurality of computers as an attack platform by means of a client/server technology, thereby exponentially improving the power of denial of service attacks, causing normal users to not obtain network responses, and posing great threat to internet and internet services.

In order to reduce DDos attacks, in the prior art, a cleaning device is generally deployed in a network, and network traffic sent to a server is cleaned by using the cleaning device to filter abnormal traffic to ensure the security of the server. However, when a DDOS attack event occurs, hosts around the world may launch the attack, the internet is huge in size, network operators are numerous, and how to verify that traffic from all over the world passes through cleaning equipment becomes a difficult problem.

Disclosure of Invention

Various aspects of the present application provide a method, device and storage medium for detecting information and data links, which detect whether traffic from a target edge node passes through a cleaned link, thereby improving detection efficiency and network security performance.

An embodiment of the present application provides a test network system, including: network equipment to be tested, gateway equipment, cleaning equipment and a server, wherein the method comprises the following steps:

the server is used for respectively sending detection request packets to the network equipment to be detected and receiving detection response packets returned by the network equipment to be detected under the condition that the data cleaning link is not accessed and the data cleaning link is accessed; detecting whether the probe response packet passes through the data cleaning link under the condition of accessing the data cleaning link or not according to the information of the probe response packet received under the condition of not accessing the data cleaning link and accessing the data cleaning link; and determining whether the network equipment to be detected is normal or not according to the detection result.

The network equipment to be tested receives the detection request packet and returns a detection response packet to the server;

the gateway equipment receives the configuration request of the cleaning equipment, configures the path of the detection request packet to control the detection request to pass through the data cleaning link, and sends a detection response packet returned by the cleaning equipment to the test server;

and the washing equipment sends a configuration request to the gateway equipment, receives the detection response packet and returns the detection response packet to the gateway equipment.

The embodiment of the application provides an information detection method, which is suitable for a server, and comprises the following steps:

under the condition that a designated data link is not accessed and the designated data link is accessed, respectively sending a detection request packet to the network equipment to be detected and receiving a detection response packet returned by the network equipment to be detected, wherein under the condition that the designated data link is accessed, the detection response packet should pass through the designated data link;

detecting whether the probe response packet passes through the specified data link under the condition of accessing the specified data link according to the information of the probe response packet received under the condition of not accessing the specified data link and accessing the specified data link;

and if the detection response packet passes through the specified data link, determining that the network equipment to be detected is the specified network equipment.

The embodiment of the application provides a data link detection method, which is suitable for a server, and comprises the following steps:

under the condition that a data cleaning link is not accessed and a data cleaning link is accessed, respectively sending a detection request packet to network equipment to be detected and receiving a detection response packet returned by the network equipment to be detected, wherein under the condition that the data cleaning link is accessed, the detection response packet should pass through the data cleaning link;

detecting whether the probe response packet passes through the data cleaning link under the condition of accessing the data cleaning link or not according to the information of the probe response packet received under the condition of not accessing the data cleaning link and accessing the data cleaning link;

and if the detection response packet passes through the data cleaning link, determining that the network equipment to be detected is normal network equipment.

The embodiment of the present application further provides a data link detection method, which is applicable to a server, and the method includes:

under the condition that a load balancing link and a load balancing link are not accessed, respectively sending a detection request packet to network equipment to be detected and receiving a detection response packet returned by the network equipment to be detected, wherein under the condition that the load balancing link is accessed, the detection response packet should pass through the load balancing link;

detecting whether the probe response packet passes through the load balancing link under the condition of accessing the load balancing link according to the information of the probe response packet received under the condition of not accessing the load balancing link and accessing the load balancing link;

and if the detection response packet passes through the load balancing link, determining that the network equipment to be detected is normal network equipment.

An embodiment of the present application further provides a server, and the method includes: a memory and a processor;

the memory to store one or more computer instructions;

the processor to execute the one or more computer instructions to:

Embodiments of the present application also provide a computer-readable storage medium storing a computer program that, when executed by one or more processors, causes the one or more processors to perform actions comprising:

under the condition that a specified data link is not accessed and the specified data link is accessed, respectively sending a detection request packet to network equipment to be detected and receiving a detection response packet returned by the network equipment to be detected, wherein under the condition that the specified data link is accessed, the detection response packet should pass through the specified data link;

the memory to store one or more computer instructions;

the processor to execute the one or more computer instructions to:

under the condition that a data cleaning link and a data cleaning link are not accessed, respectively sending a detection request packet to network equipment to be detected and receiving a detection response packet returned by the network equipment to be detected, wherein under the condition that the data cleaning link is accessed, the detection response packet should pass through the data cleaning link;

detecting whether the probe response packet passes through the data cleansing link under the condition of accessing the data cleansing link according to the information of the probe response packet received under the condition of not accessing the data cleansing link and accessing the data cleansing link;

the memory to store one or more computer instructions;

the processor to execute the one or more computer instructions to:

under the condition that a load balancing link is not accessed and a load balancing link is accessed, respectively sending a detection request packet to network equipment to be detected and receiving a detection response packet returned by the network equipment to be detected, wherein under the condition that the load balancing link is accessed, the detection response packet should pass through the load balancing link;

In some embodiments of the present application, the server sends the detection request packets to the network device to be detected for reverse detection respectively under the condition that the specified data link is not accessed and the specified data link is accessed; judging whether the detection response packet passes through a specified data link or not according to the received information of the detection response packet, and judging whether the network equipment to be detected is abnormal or not according to the judgment; to predict the operational condition of the designated data link and the network device under test.

Drawings

The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:

fig. 1a is a schematic structural diagram of a DDoS detection system 10 provided in an exemplary embodiment of the present application;

fig. 1b is a schematic structural diagram of a test network system according to an exemplary embodiment of the present application;

FIG. 1c is a schematic structural diagram of another test network system provided in an exemplary embodiment of the present application;

fig. 2 is a schematic flowchart of an information detection method according to an exemplary embodiment of the present application;

fig. 3 is a schematic flowchart of a data link detection method according to an exemplary embodiment of the present application;

fig. 4 is a schematic flow chart of another data link detection method provided in an exemplary embodiment of the present application;

fig. 5 is a schematic flow chart of another data link detection method provided in an exemplary embodiment of the present application;

fig. 6 is a schematic structural diagram of a server according to an embodiment of the present application;

fig. 7 is a schematic structural diagram of another server provided in the embodiment of the present application;

fig. 8 is a schematic structural diagram of a server according to an embodiment of the present application.

Detailed Description

In order to make the objects, technical solutions and advantages of the present application more apparent, the technical solutions of the present application will be described in detail and completely with reference to the following specific embodiments of the present application and the accompanying drawings. It should be apparent that the described embodiments are only some of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.

With the development of mobile internet and the gradual maturity of technologies such as 5G/IPv6, DDoS attacks become more serious. When a DDoS attack event occurs, it is possible that hosts around the world are initiating the attack. However, the internet is huge in scale and network operators are numerous, and how to verify that the flow from all parts of the world passes through the cleaning equipment becomes a difficult problem.

For the technical problems, in some embodiments of the present application, a server sends a detection request packet to a network device to be detected for reverse detection respectively without accessing a specific data link and without accessing the specific data link; judging whether the detection response packet passes through a specified data link or not according to the received information of the detection response packet, and judging whether the network equipment to be detected is abnormal or not according to the judgment; to predict the operational condition of the designated data link and the network device under test.

The technical solutions provided by the embodiments of the present application are described in detail below with reference to the accompanying drawings.

Fig. 1a is a schematic structural diagram of a DDoS detection system 10 according to an exemplary embodiment of the present application. As shown in fig. 1a, the DDoS detection system includes a border router 10a, a cleaning switch 11a, a cleaning device 12a, a DDoS detection device 13a, a core router 14a, and an origin server 15 a. The working principle of the DDoS detection system 10 is explained with reference to the accompanying drawings as follows:

traffic normally enters from border router 10a through the internet service provider, passes through core router 14a and to origin server 15 a. DDoS detection device 13a receives a copy of image traffic for detection of DDoS attacks; when DDoS detection device 13a detects that there is a DDoS attack in the current traffic, DDoS detection device 13a notifies cleaning device 12a to clean the abnormal traffic. The cleaning device 12a may automatically start cleaning or may be a device for human intervention by a manager to start protection. After the cleaning device 12a is started, the cleaning device 12a sends a broadcast carrying address information of the cleaning device 12a to the border router 10a, and the border router 10a modifies the next hop address of the traffic into the address of the cleaning device 12 a. Traffic is pulled from the border router 10a to the cleaning switch 11a and then to the cleaning device 12 a; the flow cleaned by the cleaning device 12a is injected back to the cleaning switch 11a, then to the border router 10a, then to the core router 14a, and finally to the source server 15 a. Due to the large number of network operators, it is difficult to prove that traffic from network devices around the world will pass through the cleaning apparatus 12a when a DDoS attack occurs. The following provides a method by which it is possible to detect whether network devices in various locations have passed through the cleaning apparatus 12 a.

Fig. 1b is a schematic structural diagram of a test network system 20 according to an exemplary embodiment of the present disclosure. As shown in fig. 1b, the test network system 20 includes a network device under test, a border router 20b, a cleaning device 21b and a test server 22 b.

In this embodiment, network devices to be tested in different geographic locations are collected in advance, and the test server 22b sends a detection request packet to the network devices to be tested for reverse detection respectively without accessing the data cleaning link and the data cleaning link; judging whether the detection response packet passes through a data cleaning link or not according to the received information of the detection response packet, and judging whether the network equipment to be detected is abnormal or not according to the judgment; to predict the operational condition of the designated data link and the network device under test.

In this embodiment, the implementation form of the test server 22b is not limited, and the test server 22b may be a server device such as a regular server, a cloud host, or a virtual center. The server device mainly comprises a processor, a hard disk, a memory, a system bus and the like, and a general computer architecture type. The server may include one web server or a plurality of web servers.

In the above embodiment, the network devices to be tested in different geographic locations are collected in advance. Including but not limited to the following:

first, a client having a representative geographic location is purchased.

And selecting the network equipment to be tested from the candidate network equipment according to the geographic positions of the candidate network equipment.

In the first method, it is costly to purchase a client with a representative geographic location and then to perform operation and maintenance on the client.

In the first method, the candidate Network device is selected from a Content Delivery Network (CDN), an edge computing node, and a DNS node in the internet. And selecting the network equipment to be tested from the candidate network equipment according to the geographic positions of the candidate network equipment. For example, three network devices are selected from network devices in different countries as the network device to be tested. In an alternative embodiment, the plurality of candidate network devices are edge devices.

In the above embodiment, the test server 22b sends the probe request packet to the network device to be tested and receives the probe response packet returned by the network device to be tested, respectively, without accessing the data cleansing link and the data cleansing link.

In this embodiment, the test server 22b accesses the data cleansing link, and one way to implement this is that the cleansing device 21b sends the routing address information of the next hop of the network device to be tested to the boundary router 20b, and after receiving the information, the boundary router 20b modifies the routing address of the next hop of the network device to be tested into the routing address of the cleansing device 21 b.

Under the condition that the data washing link is not accessed, the test server 22b sends the detection request packet to the network equipment to be tested in a mode that the test server 22b sends one or more detection request packets to the network equipment to be tested under the condition that the data washing link is not accessed, and records the sending time and the life cycle value of the one or more detection request packets; one or more probe request packets are sent to the network device to be tested via the border router 20 b; after receiving the one or more probe request packets, the network device under test returns one or more probe response packets to the test server 22b, where the one or more probe response packets are returned to the test server 22b through the border router 20b, and the test server 22b records the reception time and the life cycle value of the one or more probe response packets. For example, 10 probe request packets are sent by the test server 22b to the network device under test, and the sending time and the life cycle value of the 10 probe request packets are recorded, the network device under test receives the 10 probe request packets, returns 10 probe response packets respectively corresponding to the 10 probe request packets to the test server 22b, and the test server 22b records the receiving time and the life cycle value of the 10 probe response packets.

Under the condition of accessing the data cleaning link, the test server 22b sends the detection request packet to the network device to be tested in a manner that, under the condition of accessing the data cleaning link, the test server 22b sends one or more detection request packets to the network device to be tested, and records the sending time and the life cycle value of the one or more detection request packets; one or more probe request packets are sent to the network device to be tested via the border router 20 b; after receiving the one or more probe request packets, the network device under test returns one or more probe response packets to the test server 22b, the one or more probe response packets are sent to the cleaning device 21b through the border router 20b, the cleaning device 21b sends the one or more probe response packets to the test server 22b through the border router 20b, and the test server 22b records the receiving time and the life cycle of the one or more probe response packets. For example, 10 probe request packets are sent by the test server 22b to the network device under test, and the sending time and the lifetime value of the 10 probe request packets are recorded, the network device under test receives the 10 probe request packets, returns 10 probe response packets respectively corresponding to the 10 probe request packets to the test server 22b, the 10 probe response packets are sent to the cleaning device 21b through the border router 20b, the cleaning device 21b sends one or more probe response packets to the test server 22b through the border router 20b, and the test server 22b records the receiving time and the lifetime value of the 10 probe response packets.

As can be seen from the above, the test server 22b is used to send the probe request packet to the network device to be tested without accessing the data cleansing link or accessing the data cleansing link, and if the lower probe response packet passes through the cleansing device 21b, both the time delay and the life cycle of the probe response packet will change. Therefore, whether the probe response packet passes through the data cleansing link can be judged according to the information of the probe response packet received under the condition that the data cleansing link is not accessed and the data cleansing link is accessed.

In the above embodiment, it is detected whether the probe response packet passes through the data cleansing link in the case of accessing the data cleansing link, according to information received from the probe response packet in the case of not accessing the data cleansing link and accessing the data cleansing link; and determining whether the network equipment to be tested and the data washing link are normal or not according to whether the detection response packet passes through the data washing link or not. If the detection response packet passes through the data cleaning link, determining that the network equipment to be detected is normal network equipment; if the detection response packet does not pass through the data cleaning link, and the network device to be detected is determined to be abnormal network device, faults may exist in the network device to be detected and the data cleaning link, so that a user is further reminded to determine a fault source from the network device to be detected and the data cleaning link.

And detecting whether the detection response packet passes through the data cleaning link under the condition of accessing the data cleaning link according to the information of the detection response packet received under the condition of not accessing the data cleaning link and accessing the data cleaning link. Including but not limited to the following detection modes:

the detection method comprises the following steps: judging whether the life cycle value of the received probe response packet under the condition of not accessing the data cleaning link is larger than the life cycle value of the received probe response packet under the condition of accessing the data cleaning link; if so, determining that the detection response packet passes through the data cleaning link under the condition of accessing the data cleaning link; if not, determining that the detection response packet does not pass through the data washing link under the condition of accessing the data washing link.

Judging whether the life cycle value of the received probe response packet under the condition of not accessing the data cleaning link is larger than the life cycle value of the received probe response packet under the condition of accessing the data cleaning link or not; calculating a first time delay according to the sending time of the detection request packet and the receiving time of the detection response packet under the condition that the data washing link is not accessed; calculating a second time delay according to the sending time of the detection request packet and the receiving time of the detection response packet under the condition of accessing the data cleaning link; and judging whether the first time delay is smaller than the second time delay. If the life cycle value of the probe response packet received under the condition that the data washing link is not accessed is larger than the life cycle value of the probe response packet received under the condition that the data washing link is accessed, and the first time delay is smaller than the second time delay, determining that the probe response packet passes through the data washing link under the condition that the data washing link is accessed; otherwise, determining that the probe response packet does not pass through the data washing link under the condition of accessing the data washing link.

For example, in the first detection mode, the value of the lifetime of the probe response packet is decremented by 1 every time the probe response packet passes through one device. Therefore, if the probe response packet passes through the data cleansing link in the case of accessing the data cleansing link, whether the lifecycle value of the probe response packet received without accessing the data cleansing link is greater than the lifecycle value of the probe response packet received with accessing the data cleansing link.

In the second detection mode, whether the life cycle value of the probe response packet received under the condition of not accessing the data cleaning link is greater than the life cycle value of the probe response packet received under the condition of accessing the data cleaning link is judged; the test server 22b sends 10 probe request packets to the network device to be tested, calculates the sending time of the probe request packet and the receiving time of the probe response packet respectively under the condition that the data cleaning link is not accessed, and calculates the average time delay of the 10 probe request packets as a first time delay; respectively calculating the sending time of the detection request packet and the receiving time of the detection response packet under the condition of accessing the data cleaning link, calculating the average time delay of 10 detection request packets as a second time delay, and judging whether the first time delay is smaller than the second time delay. If the life cycle value of the probe response packet received under the condition that the data washing link is not accessed is larger than the life cycle value of the probe response packet received under the condition that the data washing link is accessed, and the first time delay is smaller than the second time delay, determining that the probe response packet passes through the data washing link under the condition that the data washing link is accessed; otherwise, determining that the probe response packet does not pass through the data washing link under the condition of accessing the data washing link.

In the above embodiment, if the probe response packet passes through the data cleaning link, it is determined that the network device to be tested is a normal network device, and if the probe response packet does not pass through the data cleaning link, it is determined that the network device to be tested is an abnormal network device. After the test is finished, if the number of the normal network devices is far larger than that of the abnormal networks, determining that the current data cleaning link is normal; and if the number of the normal network devices is far smaller than that of the abnormal networks, determining that the current data cleaning link fails. For the network equipment in the target area, if most of the network equipment in the target area is normal, determining that the flow of the network equipment in the target area passes through the cleaning equipment 21 b; if most of the network devices in the target area are abnormal, it is determined that the traffic of the network devices in the target area does not pass through the cleaning device 21 b.

In the above embodiment, if it is determined that the network device to be tested is an abnormal network device, and the fault may originate from the cleaning device 21b or the network device to be tested, a prompt instruction may be sent to the user to prompt the user to determine the fault source from the network device to be tested and the data cleaning link. Wherein, including but not limited to following several warning modes:

the reminding method comprises the following steps: the test server 22b plays the abnormal information of the network equipment to be tested in a voice mode;

and a reminding mode II: the test server 22b sends a prompt to the terminal device to prompt the user to determine the source of the fault from the network device under test and the data cleansing link.

Fig. 1c is a schematic structural diagram of another test network system 30 according to an exemplary embodiment of the present application. As shown in fig. 1c, the test network system 30 includes a network device to be tested, a border router 30c, a cleaning switch 31c, a cleaning device 32c, a core router 33c and a test server 34 c.

Under the condition that the data cleaning link is not accessed, the test server 34c sends a detection request packet to the network equipment to be tested in a manner that the test server 34c sends the detection request packet to the network equipment to be tested under the condition that the data cleaning link is not accessed, and the detection request packet is sent to the network equipment to be tested through the core router 33c and then through the boundary router 30 c; after receiving the probe request packet, the network device to be tested returns a probe response packet to the test server 34c, and the probe response packet returns to the test server 34c through the border router 20b and the core router 33 c.

Under the condition of accessing the data cleaning link, the test server 34c sends a detection request packet to the network device to be tested in a manner that the test server 34c sends the detection request packet to the network device to be tested under the condition of accessing the data cleaning link; the detection request packet is sent to the network device to be tested through the core router 33c and the boundary router 30 c; after receiving the detection request packet, the network device to be tested returns a detection response packet to the test server 34c, the detection response packet is sent to the cleaning device 32c through the border router 30c and the cleaning switch 31c, and the cleaning device 32c sends the detection response packet to the test server 34c through the cleaning switch 31c and the border router 30 c.

In the system embodiment of the application, the server respectively sends the detection request packets to the network equipment to be detected for reverse detection under the condition that the specified data link is not accessed and the specified data link is accessed; judging whether the detection response packet passes through a specified data link or not according to the received information of the detection response packet, and judging whether the network equipment to be detected is abnormal or not according to the judgment; to predict the operational condition of the designated data link and the network device under test.

For the method for detecting the data flushing link, reference may be made to the description of the foregoing embodiments, and details are not repeated here.

With reference to the description of the foregoing embodiments, fig. 2 is a schematic flowchart of an information detection method provided in an exemplary embodiment of the present application, and as shown in fig. 2, the information detection method includes:

s201: under the condition that the specified data link is not accessed and the specified data link is accessed, respectively sending a detection request packet to the network equipment to be detected and receiving a detection response packet returned by the network equipment to be detected, wherein under the condition that the specified data link is accessed, the detection response packet should pass through the specified data link;

s202: detecting whether the detection response packet passes through the specified data link under the condition of accessing the specified data link according to the information of the detection response packet received under the condition of not accessing the specified data link and accessing the specified data link; if yes, go to step S203; if not, executing step S204;

s203: determining the network equipment to be tested as appointed network equipment;

s204: and determining that the network equipment to be tested is the non-specified network equipment.

In this embodiment, the execution subject information detection device of the method may be a server, and the embodiment of the present application does not limit an implementation form of the server, and the server may be a server device such as a conventional server, a cloud host, a virtual center, and the like. The server device mainly comprises a processor, a hard disk, a memory, a system bus and the like, and a general computer architecture type. The server may include one web server or a plurality of web servers.

In this embodiment, the designated data link is a data link to be detected, and the implementation form of the designated data link is not limited in the embodiment of the present application, for example, the designated data link is a data cleaning link and a load balancing link.

In this embodiment, network devices to be tested at different geographic locations are collected in advance, and a test server sends probe request packets to the network devices to be tested respectively for reverse probing under the condition that an appointed data link is not accessed and an appointed data link is accessed; judging whether the detection response packet passes through a specified data link or not according to the received information of the detection response packet, and judging whether the network equipment to be detected is abnormal or not according to the judgment; to predict the operational condition of the designated data link and the network device under test.

first, a client having a representative geographic location is purchased.

In the above embodiment, the test server sends the probe request packet to the network device to be tested and receives the probe response packet returned by the network device to be tested, respectively, under the condition that the specified data link is not accessed and the specified data link is accessed.

Under the condition that the specified data link is not accessed, the test server sends the detection request packet to the network equipment to be tested in a mode that the test server sends one or more detection request packets to the network equipment to be tested under the condition that the specified data link is not accessed, and the sending time and the life cycle value of the one or more detection request packets are recorded; one or more detection request packets are sent to the network equipment to be detected through the gateway equipment; after receiving the one or more probe request packets, the network device to be tested returns one or more probe response packets to the test server, the one or more probe response packets return to the test server through the gateway device, and the test server records the receiving time and the life cycle value of the one or more probe response packets. For example, 10 probe request packets are sent by the test server to the network device to be tested, and the sending time and the lifetime value of the 10 probe request packets are recorded, the network device to be tested receives the 10 probe request packets, returns 10 probe response packets respectively corresponding to the 10 probe request packets to the test server, and records the receiving time and the lifetime value of the 10 probe response packets.

It should be noted that the gateway device described above and below may be a border router of a network in which a specified data link is located, or a router located at an edge or an end point of a current test network, so that a data flow enters a test network area from an area lacking network control.

Under the condition of accessing the specified data link, the test server sends the detection request packet to the network equipment to be detected in a mode that the test server sends one or more detection request packets to the network equipment to be detected under the condition of accessing the specified data link, and records the sending time and the life cycle value of the one or more detection request packets; one or more detection request packets are sent to the network equipment to be detected through the gateway equipment; after receiving the one or more probe request packets, the network device to be tested returns one or more probe response packets to the test server, the one or more probe response packets are sent to the test server through the gateway device through the specified data link, and the test server records the receiving time and the life cycle value of the one or more probe response packets. For example, 10 probe request packets are sent by the test server to the network device to be tested, and the sending time and the life cycle value of the 10 probe request packets are recorded, the network device to be tested receives the 10 probe request packets, returns 10 probe response packets respectively corresponding to the 10 probe request packets to the test server, the 10 probe response packets return to the test server through the gateway device and the specified data link, and the test server records the receiving time and the life cycle value of the 10 probe response packets.

As can be seen from the above, the test server is used to send the probe request packet to the network device to be tested without accessing the specified data link or accessing the specified data link, and if the lower probe response packet passes through the specified data link, both the time delay and the life cycle of the probe response packet will change. Therefore, it is possible to determine whether or not the probe response packet passes through the designated data link, based on information that the probe response packet is received without accessing the designated data link and without accessing the designated data link.

In the above embodiment, it is detected whether the probe response packet passes through the specified data link in the case of accessing the specified data link, based on the information that the probe response packet is received in the case of not accessing the specified data link and accessing the specified data link; and determining whether the network equipment to be tested and the designated data link are normal according to whether the probe response packet passes through the designated data link. If the detection response packet passes through the specified data link, determining that the network equipment to be detected is normal network equipment; if the detection response packet does not pass through the specified data link, the network device to be detected is determined to be abnormal network device, and faults may exist in the network device to be detected and the specified data link, so that a user is further reminded to determine a fault source from the network device to be detected and the specified data link.

And detecting whether the detection response packet passes through the specified data link under the condition of accessing the specified data link according to the information of the detection response packet received under the condition of not accessing the specified data link and accessing the specified data link. Including but not limited to the following detection modes:

the detection method comprises the following steps: judging whether the life cycle value of the received detection response packet under the condition of not accessing the specified data link is larger than the life cycle value of the received detection response packet under the condition of accessing the specified data link; if so, determining that the detection response packet passes through the specified data link under the condition of accessing the specified data link; if not, determining that the detection response packet does not pass through the specified data link under the condition of accessing the specified data link.

Judging whether the life cycle value of the received detection response packet under the condition of not accessing the specified data link is larger than the life cycle value of the received detection response packet under the condition of accessing the specified data link or not; calculating a first time delay according to the sending time of the detection request packet and the receiving time of the detection response packet under the condition that the appointed data link is not accessed; calculating a second time delay according to the sending time of the detection request packet and the receiving time of the detection response packet under the condition of accessing the specified data link; and judging whether the first time delay is smaller than the second time delay. If the life cycle value of the probe response packet received under the condition that the specified data link is not accessed is larger than the life cycle value of the probe response packet received under the condition that the specified data link is accessed, and the first time delay is smaller than the second time delay, determining that the probe response packet passes through the specified data link under the condition that the specified data link is accessed; otherwise, it is determined that the probe response packet does not pass through the specified data link with the specified data link being accessed.

For example, in the first detection mode, the value of the lifetime of the probe response packet is decremented by 1 every time the probe response packet passes through one device. Therefore, if the probe response packet passes through the designated data link in the case of accessing the designated data link, whether the lifetime value of the probe response packet received in the case of not accessing the designated data link is greater than the lifetime value of the probe response packet received in the case of accessing the designated data link.

In the second detection mode, whether the life cycle value of the received detection response packet under the condition of not accessing the specified data link is larger than the life cycle value of the received detection response packet under the condition of accessing the specified data link is judged; the method comprises the steps that a test server sends 10 detection request packets to network equipment to be tested, the sending time of the detection request packets and the receiving time of detection response packets under the condition that a specified data link is not accessed are respectively calculated, and the average time delay of the 10 detection request packets is calculated to serve as a first time delay; respectively calculating the sending time of the detection request packet and the receiving time of the detection response packet under the condition of accessing the specified data link, calculating the average time delay of 10 detection request packets as a second time delay, and judging whether the first time delay is smaller than the second time delay. If the life cycle value of the probe response packet received under the condition that the specified data link is not accessed is larger than the life cycle value of the probe response packet received under the condition that the specified data link is accessed, and the first time delay is smaller than the second time delay, determining that the probe response packet passes through the specified data link under the condition that the specified data link is accessed; otherwise, it is determined that the probe response packet does not traverse the specified data link if the specified data link is accessed.

In the above embodiment, if the probe response packet passes through the designated data link, it is determined that the network device to be tested is a normal network device, and if the probe response packet does not pass through the designated data link, it is determined that the network device to be tested is an abnormal network device. After the test is finished, if the number of the normal network devices is far larger than that of the abnormal networks, determining that the current specified data link is normal; and if the number of the normal network devices is far smaller than that of the abnormal networks, determining that the current specified data link fails. For the network equipment in the target area, if most of the network equipment in the target area is normal, determining that the flow of the network equipment in the target area passes through a specified data link; and if most of the network equipment of the target area is abnormal, determining that the flow of the network equipment of the target area does not pass through the specified data link.

In the above embodiment, if it is determined that the network device to be tested is an abnormal network device, and the fault may originate from the specified data link or the network device to be tested, a prompt instruction may be sent to the user to prompt the user to determine the fault source from the network device to be tested and the specified data link. The method comprises the following reminding modes:

the reminding method comprises the following steps: the test server plays the abnormal information of the network equipment to be tested in a voice mode;

and a reminding mode II: and the test server sends a reminding instruction to the terminal equipment to remind a user of determining a fault source from the network equipment to be tested and the specified data link.

Taking a data link cleaning as an example, fig. 3 is a schematic flow chart of a data link detection method according to an exemplary embodiment of the present application. As shown in fig. 3, the data link detection method includes:

s301: under the condition that the data cleaning link and the data cleaning link are not accessed, respectively sending a detection request packet to the network equipment to be detected and receiving a detection response packet returned by the network equipment to be detected, wherein under the condition that the data cleaning link is accessed, the detection response packet should pass through the data cleaning link;

s302: detecting whether the detection response packet passes through the data cleaning link under the condition of accessing the data cleaning link or not according to the information of the detection response packet received under the condition of not accessing the data cleaning link and accessing the data cleaning link; if yes, go to step S303; if not, go to step S304;

s303: determining the network equipment to be tested as normal network equipment;

s304: and determining the network equipment to be tested as abnormal network equipment.

In this embodiment, network devices to be tested at different geographic locations are collected in advance, and a test server sends probe request packets to the network devices to be tested respectively for reverse probing without accessing a data cleaning link and without accessing the data cleaning link; judging whether the detection response packet passes through a data cleaning link or not according to the received information of the detection response packet, and judging whether the network equipment to be detected is abnormal or not according to the judgment; to predict the operational condition of the designated data link and the network device under test.

In this embodiment, the implementation form of the test server is not limited, and the test server may be a server device such as a conventional server, a cloud host, or a virtual center. The server device mainly comprises a processor, a hard disk, a memory, a system bus and the like, and a general computer architecture type. The server may include one web server or a plurality of web servers.

first, a client having a representative geographic location is purchased.

In the first method, the cost is high for purchasing a client with a representative geographic location and subsequently operating and maintaining the client.

In the first method, a candidate Network device is selected from a Content Delivery Network (CDN), an edge computing node, and a DNS node in the internet. And selecting the network equipment to be tested from the candidate network equipment according to the geographic positions of the candidate network equipment. For example, three network devices are selected from network devices in different countries as the network device to be tested. In an alternative embodiment, the plurality of candidate network devices are edge devices.

In the above embodiment, the test server sends the probe request packet to the network device to be tested and receives the probe response packet returned by the network device to be tested, respectively, without accessing the data cleansing link and the data cleansing link.

In this embodiment, the test server accesses the data cleaning link, and an implementation manner is that the cleaning device sends the routing address information of the next hop of the network device to be tested to the gateway device, and after receiving the information, the gateway device modifies the routing address of the next hop of the network device to be tested into the routing address of the cleaning device.

Under the condition that the data cleaning link is not accessed, the test server sends the detection request packet to the network equipment to be tested in a mode that the test server sends one or more detection request packets to the network equipment to be tested under the condition that the data cleaning link is not accessed, and the sending time and the life cycle value of the one or more detection request packets are recorded; one or more detection request packets are sent to the network equipment to be detected through the gateway equipment; after receiving the one or more probe request packets, the network device to be tested returns one or more probe response packets to the test server, the one or more probe response packets return to the test server through the gateway device, and the test server records the receiving time and the life cycle value of the one or more probe response packets. For example, 10 probe request packets are sent by the test server to the network device to be tested, and the sending time and the lifetime value of the 10 probe request packets are recorded, the network device to be tested receives the 10 probe request packets, returns 10 probe response packets respectively corresponding to the 10 probe request packets to the test server, and records the receiving time and the lifetime value of the 10 probe response packets.

Under the condition of accessing the data cleaning link, the test server sends the detection request packet to the network equipment to be tested in a mode that the test server sends one or more detection request packets to the network equipment to be tested under the condition of accessing the data cleaning link, and records the sending time and the life cycle value of the one or more detection request packets; one or more detection request packets are sent to the network equipment to be tested through the gateway equipment; the method comprises the steps that after receiving one or more detection request packets, the network device to be tested returns one or more detection response packets to a test server, the one or more detection response packets are sent to a cleaning device through gateway equipment, the cleaning device sends the one or more detection response packets to the test server through the gateway equipment, and the test server records the receiving time and the life cycle value of the one or more detection response packets. For example, 10 probe request packets are sent by the test server to the network device to be tested, and the sending time and the life cycle value of the 10 probe request packets are recorded, the network device to be tested receives the 10 probe request packets and returns 10 probe response packets respectively corresponding to the 10 probe request packets to the test server, the 10 probe response packets are sent to the cleaning device through the gateway device, the cleaning device sends one or more probe response packets to the test server through the gateway device, and the test server records the receiving time and the life cycle value of the 10 probe response packets.

As can be seen from the above, the test server is used to send the probe request packet to the network device to be tested under the condition that the data cleansing link is not accessed and the data cleansing link is accessed, and if the probe response packet passes through the cleansing device, both the time delay and the life cycle of the probe response packet will change. Therefore, whether the probe response packet passes through the data cleansing link can be judged according to the information of the probe response packet received under the condition that the data cleansing link is not accessed and the data cleansing link is accessed.

In the second detection mode, whether the life cycle value of the probe response packet received under the condition of not accessing the data washing link is larger than the life cycle value of the probe response packet received under the condition of accessing the data washing link is judged; the method comprises the steps that a test server sends 10 detection request packets to network equipment to be tested, the sending time of the detection request packets and the receiving time of detection response packets under the condition that a data cleaning link is not accessed are respectively calculated, and the average time delay of the 10 detection request packets is calculated to serve as a first time delay; respectively calculating the sending time of the detection request packet and the receiving time of the detection response packet under the condition of accessing the data cleaning link, calculating the average time delay of 10 detection request packets as a second time delay, and judging whether the first time delay is smaller than the second time delay. If the life cycle value of the probe response packet received under the condition that the data washing link is not accessed is larger than the life cycle value of the probe response packet received under the condition that the data washing link is accessed, and the first time delay is smaller than the second time delay, determining that the probe response packet passes through the data washing link under the condition that the data washing link is accessed; otherwise, determining that the probe response packet does not pass through the data washing link under the condition of accessing the data washing link.

In the above embodiment, if the probe response packet passes through the data cleaning link, it is determined that the network device to be tested is a normal network device, and if the probe response packet does not pass through the data cleaning link, it is determined that the network device to be tested is an abnormal network device. After the test is finished, if the number of the normal network devices is far larger than that of the abnormal networks, determining that the current data cleaning link is normal; and if the number of the normal network devices is far smaller than that of the abnormal networks, determining that the current data cleaning link fails. For the network equipment in the target area, if most of the network equipment in the target area is normal, determining that the flow of the network equipment in the target area passes through the cleaning equipment; and if most of the network equipment in the target area is abnormal, determining that the flow of the network equipment in the target area does not pass through the cleaning equipment.

In the above embodiment, if it is determined that the network device to be tested is an abnormal network device, and the fault may originate from the cleaning device or the network device to be tested, a prompt instruction may be sent to the user to prompt the user to determine the fault source from the network device to be tested and the data cleaning link. The method comprises the following reminding modes:

and a reminding mode II: and the test server sends a reminding instruction to the terminal equipment to remind a user of determining a fault source from the network equipment to be tested and the data cleaning link.

With reference to the description of the foregoing embodiments, fig. 4 is a flowchart illustrating another data link detection method provided in an exemplary embodiment of the present application. As shown in fig. 4, the data link detection method includes:

s401: under the condition that the data cleaning link and the data cleaning link are not accessed, respectively sending a detection request packet to the network equipment to be detected and receiving a detection response packet returned by the network equipment to be detected, wherein under the condition that the data cleaning link is accessed, the detection response packet should pass through the data cleaning link;

s402: determining whether a lifetime value of the probe response packet received in a case where a designated data link is not accessed is greater than a lifetime value of the probe response packet received in a case where a designated data link is accessed; if yes, go to step S403; if not, executing step S405;

s403: calculating a first time delay according to the sending time of the detection request packet and the receiving time of the detection response packet under the condition that a specified data link is not accessed; calculating a second time delay according to the sending time of the detection request packet and the receiving time of the detection response packet under the condition of accessing the specified data link; judging whether the first time delay is smaller than the second time delay or not; if yes, go to step S404; if not, go to step S405;

s404: determining the network equipment to be tested as normal network equipment;

s405: determining the network equipment to be tested as abnormal network equipment;

s406: and determining the operation condition of the data cleaning link according to the detection result of the network equipment to be detected.

Taking a load balancing link as an example, fig. 5 is a schematic flow chart of another data link detection method provided in the exemplary embodiment of the present application. As shown in fig. 5, the data link detection method includes:

s501: under the condition that the load balancing link and the load balancing link are not accessed, respectively sending a detection request packet to the network equipment to be detected and receiving a detection response packet returned by the network equipment to be detected, wherein under the condition that the load balancing link is accessed, the detection response packet should pass through the load balancing link;

s502: detecting whether the detection response packet passes through the load balancing link under the condition of accessing the load balancing link according to the information of the detection response packet received under the condition of not accessing the load balancing link and accessing the load balancing link; if yes, go to S503; if not, executing S504;

s503: determining the network equipment to be tested as normal network equipment;

s504: and determining the network equipment to be tested as abnormal network equipment.

In this embodiment, for the detection step of the load balancing link, reference may be made to the description of the foregoing embodiments, and details are not described again in this embodiment.

In the system embodiment of the application, the server sends the detection request packets to the network device to be detected respectively for reverse detection under the condition that the specified data link is not accessed and the specified data link is accessed; judging whether the detection response packet passes through a specified data link or not according to the received information of the detection response packet, and judging whether the network equipment to be detected is abnormal or not according to the judgment; to predict the operational condition of the designated data link and the network device under test.

It should be noted that the execution subjects of the steps of the methods provided in the above embodiments may be the same device, or different devices may be used as the execution subjects of the methods. For example, the execution subjects of steps 401 to 403 may be device a; for another example, the execution subject of steps 401 and 402 may be device a, and the execution subject of step 403 may be device B; and so on.

In addition, in some of the flows described in the above embodiments and the drawings, a plurality of operations are included in a specific order, but it should be clearly understood that the operations may be executed out of the order presented herein or in parallel, and the sequence numbers of the operations, such as 401, 402, etc., are merely used to distinguish various operations, and the sequence numbers themselves do not represent any execution order. Additionally, the flows may include more or fewer operations, and the operations may be performed sequentially or in parallel. It should be noted that, the descriptions of "first", "second", etc. in this document are used for distinguishing different messages, devices, modules, etc., and do not represent a sequential order, nor limit the types of "first" and "second" to be different.

Fig. 6 is a schematic structural diagram of a server according to an embodiment of the present application. As shown in fig. 6, the server includes: a memory 601 and a processor 602. In addition, the server comprises necessary components like a power component 603 and a communication component 604.

The memory 601 is used for storing computer programs and may be configured to store other various data to support operations on the server. Examples of such data include instructions for any application or method operating on the server.

The memory 601, which may be implemented by any type of volatile or non-volatile memory device or combination thereof, may include, for example, Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disk.

A communication component 604 for data transmission with other devices.

Processor 602, which may execute computer instructions stored in memory 601, to: under the condition that the specified data link is not accessed and the specified data link is accessed, respectively sending a detection request packet to the network equipment to be detected and receiving a detection response packet returned by the network equipment to be detected, wherein under the condition that the specified data link is accessed, the detection response packet should pass through the specified data link; detecting whether the detection response packet passes through the specified data link under the condition of accessing the specified data link according to the information of the detection response packet received under the condition of not accessing the specified data link and accessing the specified data link; and if the detection response packet passes through the specified data link, determining the network equipment to be detected as the specified network equipment.

Optionally, the processor 602 may be further configured to: and if the detection response packet does not pass through the specified data link, determining that the network equipment to be detected is non-specified network equipment.

Optionally, when detecting whether the probe response packet passes through the specified data link when the specified data link is accessed according to the information that the probe response packet is received when the specified data link is not accessed and when the specified data link is accessed, the processor 602 is specifically configured to: judging whether the life cycle value of the received detection response packet under the condition of not accessing the specified data link is larger than the life cycle value of the received detection response packet under the condition of accessing the specified data link; if yes, determining that the detection response packet passes through the specified data link under the condition of accessing the specified data link.

Optionally, the processor 602, before determining that the probe response packet traverses the specified data link with access to the specified data link, may be further configured to: calculating a first time delay according to the sending time of the detection request packet and the receiving time of the detection response packet under the condition that the appointed data link is not accessed; calculating a second time delay according to the sending time of the detection request packet and the receiving time of the detection response packet under the condition of accessing the specified data link; judging whether the first time delay is smaller than the second time delay or not; if the life cycle value of the probe response packet received under the condition that the specified data link is not accessed is larger than the life cycle value of the probe response packet received under the condition that the specified data link is accessed, and the first time delay is smaller than the second time delay, the probe response packet is determined to pass through the specified data link under the condition that the specified data link is accessed.

Optionally, before sending the probe request packet to the network device under test, the processor 602 may further be configured to: and selecting the network equipment to be tested from the candidate network equipment according to the geographic positions of the candidate network equipment.

Optionally, the plurality of candidate network devices are edge devices.

Correspondingly, the embodiment of the application also provides a computer readable storage medium storing the computer program. The computer-readable storage medium stores a computer program that, when executed by one or more processors, causes the one or more processors to perform the steps in the method embodiment of fig. 2.

Fig. 7 is a schematic structural diagram of another server according to an embodiment of the present application. As shown in fig. 7, the server includes: a memory 701 and a processor 702. In addition, the server includes necessary components such as a power component 703 and a communication component 704.

A memory 701 for storing a computer program and may be configured to store other various data to support operations on the server. Examples of such data include instructions for any application or method operating on the server.

The memory 701 may be implemented by any type or combination of volatile or non-volatile memory devices such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disks.

A communication component 704 for data transmission with other devices.

Processor 702, which may execute computer instructions stored in memory 701 for: under the condition that the data cleaning link and the data cleaning link are not accessed, respectively sending a detection request packet to the network equipment to be detected and receiving a detection response packet returned by the network equipment to be detected, wherein under the condition that the data cleaning link is accessed, the detection response packet should pass through the data cleaning link; detecting whether the detection response packet passes through the data cleaning link under the condition of accessing the data cleaning link or not according to the information of the detection response packet received under the condition of not accessing the data cleaning link and accessing the data cleaning link; and if the detection response packet passes through the data cleaning link, determining that the network equipment to be detected is normal network equipment.

Optionally, the processor 702 may be further configured to: and if the detection response packet does not pass through the data cleaning link, determining that the network equipment to be detected is abnormal network equipment.

Optionally, after determining that the network device under test is an abnormal network device, the processor 702 may further be configured to: and sending a reminding instruction to the terminal equipment to remind a user of determining a fault source from the network equipment to be tested and the data cleaning link.

Correspondingly, the embodiment of the application also provides a computer readable storage medium storing the computer program. The computer-readable storage medium stores a computer program, and the computer program, when executed by one or more processors, causes the one or more processors to perform the steps in the method embodiment of fig. 3.

Fig. 8 is a schematic structural diagram of another server according to an embodiment of the present application. As shown in fig. 8, the server includes: a memory 801 and a processor 802. In addition, the server also includes necessary components such as a power component 803 and a communication component 804.

A memory 801 for storing computer programs and may be configured to store other various data to support operations on the server. Examples of such data include instructions for any application or method operating on the server.

The memory 801 may be implemented by any type or combination of volatile or non-volatile memory devices such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disks.

A communication component 804 configured to perform data transmission with other devices.

The processor 802, may execute computer instructions stored in the memory 801 for: under the condition that the load balancing link and the load balancing link are not accessed, respectively sending a detection request packet to the network equipment to be detected and receiving a detection response packet returned by the network equipment to be detected, wherein under the condition that the load balancing link is accessed, the detection response packet should pass through the load balancing link; detecting whether the detection response packet passes through the load balancing link under the condition of accessing the load balancing link according to the information of the detection response packet received under the condition of not accessing the load balancing link and accessing the load balancing link; and if the detection response packet passes through the load balancing link, determining that the network equipment to be detected is normal network equipment.

Optionally, the processor 802 may be further configured to: and if the detection response packet does not pass through the load balancing link, determining that the network equipment to be detected is abnormal network equipment.

Optionally, after determining that the network device under test is an abnormal network device, the processor 802 may further be configured to: and sending a reminding instruction to the terminal equipment to remind a user of determining a fault source from the network equipment to be tested and the load balancing link.

Correspondingly, the embodiment of the application also provides a computer readable storage medium storing the computer program. The computer-readable storage medium stores a computer program, and the computer program, when executed by one or more processors, causes the one or more processors to perform the steps in the method embodiment of fig. 5.

The communication components of fig. 6-8 described above are configured to facilitate communication between the device in which the communication component is located and other devices in a wired or wireless manner. The device where the communication component is located can access a wireless network based on a communication standard, such as a WiFi, a 2G, 3G, 4G/LTE, 5G and other mobile communication networks, or a combination thereof. In an exemplary embodiment, the communication component receives a broadcast signal or broadcast related information from an external broadcast management system via a broadcast channel. In one exemplary embodiment, the communication component further includes a Near Field Communication (NFC) module to facilitate short-range communications. For example, the NFC module may be implemented based on Radio Frequency Identification (RFID) technology, infrared data association (IrDA) technology, Ultra Wideband (UWB) technology, Bluetooth (BT) technology, and other technologies.

The power supply components of fig. 6-8 described above provide power to the various components of the device in which the power supply component is located. The power components may include a power management system, one or more power supplies, and other components associated with generating, managing, and distributing power for the device in which the power component is located.

In the device embodiment of the present application, the server sends the detection request packets to the network device to be detected for reverse detection respectively under the condition that the specified data link is not accessed and the specified data link is accessed; judging whether the detection response packet passes through a specified data link or not according to the received information of the detection response packet, and judging whether the network equipment to be detected is abnormal or not according to the judgment; to predict the operational condition of the designated data link and the network device under test.

As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.

The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.

Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.

It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

The above description is only an example of the present application and is not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.

Claims

1. A test network system, comprising: the system comprises network equipment to be tested, gateway equipment, cleaning equipment and a server;

the server is used for respectively sending detection request packets to the network equipment to be detected and receiving detection response packets returned by the network equipment to be detected under the condition that the data cleaning link is not accessed and the data cleaning link is accessed; detecting whether the probe response packet passes through the data cleaning link under the condition of accessing the data cleaning link or not according to the information of the probe response packet received under the condition of not accessing the data cleaning link and accessing the data cleaning link; determining whether the network equipment to be detected is normal or not according to the detection result;

2. An information detection method applicable to a server is characterized by comprising the following steps:

3. The method of claim 2, further comprising:

and if the detection response packet does not pass through the specified data link, determining that the network equipment to be detected is non-specified network equipment.

4. The method of claim 2, wherein detecting whether the probe response packet traverses the designated data link if the designated data link is accessed based on information of the probe response packet received without accessing the designated data link and without accessing the designated data link comprises:

determining whether a lifetime value of the probe response packet received in a case where a designated data link is not accessed is greater than a lifetime value of the probe response packet received in a case where a designated data link is accessed;

if yes, determining that the detection response packet passes through the specified data link under the condition of accessing the specified data link.

5. The method of claim 4, prior to determining that the probe response packet traverses the specified data link with access to the specified data link, the method further comprising:

calculating a first time delay according to the sending time of the detection request packet and the receiving time of the detection response packet under the condition that a specified data link is not accessed;

calculating a second time delay according to the sending time of the detection request packet and the receiving time of the detection response packet under the condition of accessing the specified data link;

judging whether the first time delay is smaller than the second time delay or not;

if the life cycle value of the probe response packet received under the condition that the specified data link is not accessed is larger than the life cycle value of the probe response packet received under the condition that the specified data link is accessed, and the first time delay is smaller than the second time delay, determining that the probe response packet passes through the specified data link under the condition that the specified data link is accessed.

6. The method of claim 2, wherein before sending the probe request packet to the network device under test, the method further comprises:

7. The method of claim 6, wherein the plurality of candidate network devices are edge devices.

8. A data link detection method applicable to a server is characterized by comprising the following steps:

9. The method of claim 8, further comprising:

and if the detection response packet does not pass through the data cleaning link, determining that the network equipment to be detected is abnormal network equipment.

10. The method of claim 9, after determining that the network device under test is an abnormal network device, further comprising:

and sending a reminding instruction to the terminal equipment to remind a user of determining a fault source from the network equipment to be tested and the data cleaning link.

11. A data link detection method applicable to a server is characterized by comprising the following steps:

12. The method of claim 11, further comprising:

and if the detection response packet does not pass through the load balancing link, determining that the network equipment to be detected is abnormal network equipment.

13. The method of claim 12, after determining that the network device under test is an abnormal network device, further comprising:

and sending a reminding instruction to the terminal equipment to remind a user of determining a fault source from the network equipment to be tested and the load balancing link.

14. A server, characterized in that the server comprises: a memory and a processor;

the memory to store one or more computer instructions;

the processor to execute the one or more computer instructions to:

15. A computer-readable storage medium storing a computer program, wherein the computer program, when executed by one or more processors, causes the one or more processors to perform acts comprising:

16. A server, characterized in that the server comprises: a memory and a processor;

the memory to store one or more computer instructions;

the processor to execute the one or more computer instructions to:

17. A computer-readable storage medium storing a computer program, wherein the computer program, when executed by one or more processors, causes the one or more processors to perform acts comprising:

18. A server, characterized in that the server comprises: a memory and a processor;

the memory to store one or more computer instructions;

the processor to execute the one or more computer instructions to:

19. A computer-readable storage medium storing a computer program, wherein the computer program, when executed by one or more processors, causes the one or more processors to perform acts comprising: