CN115174439B - Verification method, device and storage medium of multi-protocol label switching channel - Google Patents
Verification method, device and storage medium of multi-protocol label switching channel Download PDFInfo
- Publication number
- CN115174439B CN115174439B CN202210799901.6A CN202210799901A CN115174439B CN 115174439 B CN115174439 B CN 115174439B CN 202210799901 A CN202210799901 A CN 202210799901A CN 115174439 B CN115174439 B CN 115174439B
- Authority
- CN
- China
- Prior art keywords
- mpls
- message
- parameter
- forwarding data
- echo
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 56
- 238000012795 verification Methods 0.000 title abstract description 13
- 238000012545 processing Methods 0.000 claims abstract description 32
- 238000001514 detection method Methods 0.000 claims abstract description 25
- 230000004044 response Effects 0.000 claims description 14
- 230000009471 action Effects 0.000 claims description 11
- 238000004590 computer program Methods 0.000 claims description 10
- 230000002452 interceptive effect Effects 0.000 claims description 4
- 238000012216 screening Methods 0.000 claims description 2
- 238000004806 packaging method and process Methods 0.000 claims 1
- 230000008569 process Effects 0.000 abstract description 14
- 238000005516 engineering process Methods 0.000 abstract description 3
- 238000010586 diagram Methods 0.000 description 14
- 238000001914 filtration Methods 0.000 description 5
- 230000006870 function Effects 0.000 description 4
- 238000004458 analytical method Methods 0.000 description 3
- 230000008901 benefit Effects 0.000 description 3
- 235000008694 Humulus lupulus Nutrition 0.000 description 1
- 230000006978 adaptation Effects 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0805—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
- H04L43/0811—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking connectivity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/10—Active monitoring, e.g. heartbeat, ping or trace-route
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- Computational Linguistics (AREA)
- Health & Medical Sciences (AREA)
- Cardiology (AREA)
- General Health & Medical Sciences (AREA)
- Computer Security & Cryptography (AREA)
- Data Mining & Analysis (AREA)
- Databases & Information Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Environmental & Geological Engineering (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a method, a device and a storage medium for verifying a multi-protocol label switching channel, and relates to the fields of network technology and network security. The verification method of the multi-protocol label switching channel comprises the following steps: receiving a multiprotocol label switching (MPLS) connectivity detection command; searching MPLS forwarding data corresponding to a first parameter in an MPLS connectivity detection command in a database; under the condition that MPLS forwarding data corresponding to the first parameter is found, a first MPLSECHO request message is packaged; and sending a first MPLS ECHO request message. The embodiment of the invention utilizes the database to replace the kernel to complete the query process of forwarding data, thereby omitting the processes of data issuing, format matching, kernel debugging and the like related to the kernel, simplifying the processing flow and reducing the risk and processing difficulty caused by modifying the kernel. Therefore, the embodiment of the invention is easier to deploy and realize, and the safety of the system is improved.
Description
Technical Field
The present invention relates to the field of network technologies and network security, and in particular, to a method, an apparatus, and a storage medium for verifying a multiprotocol label switching channel.
Background
In the existing network service, multiprotocol label switching (Multi-Protocol Label Switching, abbreviated as MPLS) is an important component. Private line traffic for many government offices is established based on MPLS. Verification of the data forwarding path of the MPLS domain is therefore more important.
In the related art, MPLS forwarding data is typically issued to a core, and the core completes the inspection and forwarding of the packet receiving and transmitting.
Disclosure of Invention
The inventor finds out after analyzing the related technology that the mode of completing verification by the kernel requires the adaptation of the data format of the control plane and the kernel data format, and the library file (LIBNL) may need to be modified, so that the difficulty is high; on the other hand, when debugging a kernel, a significant error such as a kernel crash is likely to occur.
One technical problem to be solved by the embodiment of the invention is as follows: how to provide an easy-to-deploy and easy-to-implement method for verifying MPLS channels.
According to a first aspect of some embodiments of the present invention, there is provided a method for verifying a multiprotocol label switching channel, including: receiving a multiprotocol label switching (MPLS) connectivity detection command; searching MPLS forwarding data corresponding to a first parameter in an MPLS connectivity detection command in a database; under the condition that MPLS forwarding data corresponding to the first parameter is found, a first MPLS ECHO request message is encapsulated; and sending a first MPLS ECHO request message.
In some embodiments, MPLS forwarding data corresponding to the destination address in the MPLS connectivity detection command is looked up in a database.
In some embodiments, the verification method further comprises: and storing MPLS forwarding data generated by the MPLS control surface after protocol interactive learning into a database.
In some embodiments, the verification method further comprises: receiving MPLS ECHO message; analyzing the MPLS ECHO message to obtain a second parameter; searching MPLS forwarding data corresponding to the second parameter in a database; and executing the response action corresponding to the MPLS ECHO message under the condition that the MPLS forwarding data corresponding to the second parameter is searched.
In some embodiments, receiving, by the chip, an MPLS ECHO message; and sending the MPLS ECHO message to a socket of the link layer for analysis to obtain a second parameter.
In some embodiments, receiving, by the chip, the MPLS ECHO packet includes: and screening the received message according to at least one of the length offset of the MPLS packet header, the length offset of the VLAN packet header or the IP address 127.0.0.1 of the destination network protocol preset in the chip to obtain an MPLS ECHO message.
In some embodiments, the MPLS ECHO message is a second MPLS ECHO request message, and performing a corresponding response action for the MPLS ECHO message includes: encapsulating the first MPLS ECHO reply message; and sending the first MPLS ECHO reply message.
In some embodiments, the MPLS ECHO message is a second MPLS ECHO reply message, and performing a corresponding response action for the MPLS ECHO message includes: and judging that the second MPLS ECHO reply message is valid, and returning a judging result to the control surface.
In some embodiments, MPLS forwarding data corresponding to the destination address in the MPLS ECHO packet is looked up in a database.
In some embodiments, the MPLS connectivity detection command is an internet packet explorer ping command or a tracert trace command.
According to a second aspect of some embodiments of the present invention, there is provided an authentication apparatus for a multiprotocol label switching channel, comprising: a receiving module configured to receive an MPLS connectivity detection command; the message processing module is configured to search MPLS forwarding data corresponding to the first parameter in the MPLS connectivity detection command in the database, and encapsulate the first MPLS ECHO request message under the condition that the MPLS forwarding data corresponding to the first parameter is searched; and the sending module is configured to send the first MPLS ECHO request message.
In some embodiments, the receiving module is further configured to receive MPLS ECHO messages; the message processing module is further configured to parse the MPLS ECHO message to obtain a second parameter; and searching the MPLS forwarding data corresponding to the second parameter in the database so as to execute the response action corresponding to the MPLS ECHO message under the condition that the MPLS forwarding data corresponding to the second parameter is searched.
In some embodiments, the authentication apparatus further comprises: and the storage module is configured to store MPLS forwarding data generated by the MPLS control surface after protocol interactive learning into a database.
According to a third aspect of some embodiments of the present invention, there is provided an authentication apparatus for a multiprotocol label switching channel, including: a memory; and a processor coupled to the memory, the processor configured to perform any one of the aforementioned methods of verifying the multiprotocol label switching channel based on instructions stored in the memory.
According to a fourth aspect of some embodiments of the present invention there is provided a computer readable storage medium having stored thereon a computer program, wherein the program when executed by a processor implements a method of authentication of any of the aforementioned multiprotocol label switching channels.
Some of the embodiments of the above invention have the following advantages or benefits. The embodiment of the invention utilizes the database to replace the kernel to complete the query process of forwarding data, thereby omitting the processes of data issuing, format matching, kernel debugging and the like related to the kernel, simplifying the processing flow and reducing the risk and processing difficulty caused by modifying the kernel. Therefore, the embodiment of the invention is easier to deploy and realize, and the safety of the system is improved.
Other features of the present invention and its advantages will become apparent from the following detailed description of exemplary embodiments of the invention, which proceeds with reference to the accompanying drawings.
Drawings
In order to more clearly illustrate the embodiments of the invention or the technical solutions of the prior art, the drawings which are used in the description of the embodiments or the prior art will be briefly described, it being obvious that the drawings in the description below are only some embodiments of the invention, and that other drawings can be obtained according to these drawings without inventive faculty for a person skilled in the art.
Fig. 1 illustrates a flow diagram of a method of validating an MPLS channel according to some embodiments of the present invention.
Fig. 2 is a flow chart illustrating a method of verifying an MPLS channel according to other embodiments of the present invention.
Fig. 3 illustrates a flow diagram of a method of receiving packets according to some embodiments of the invention.
Fig. 4 shows a flow chart of a packet receiving method according to other embodiments of the present invention.
Fig. 5 illustrates a schematic structure of an MPLS path verification device according to some embodiments of the present invention.
Fig. 6 is a schematic structural diagram of an apparatus for verifying MPLS channels according to other embodiments of the present invention.
Fig. 7 is a schematic structural diagram of an apparatus for verifying MPLS channels according to still other embodiments of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. The following description of at least one exemplary embodiment is merely exemplary in nature and is in no way intended to limit the invention, its application, or uses. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
The relative arrangement of the components and steps, numerical expressions and numerical values set forth in these embodiments do not limit the scope of the present invention unless it is specifically stated otherwise.
Meanwhile, it should be understood that the sizes of the respective parts shown in the drawings are not drawn in actual scale for convenience of description.
Techniques, methods, and apparatus known to one of ordinary skill in the relevant art may not be discussed in detail, but should be considered part of the specification where appropriate.
In all examples shown and discussed herein, any specific values should be construed as merely illustrative, and not a limitation. Thus, other examples of the exemplary embodiments may have different values.
It should be noted that: like reference numerals and letters denote like items in the following figures, and thus once an item is defined in one figure, no further discussion thereof is necessary in subsequent figures.
Fig. 1 illustrates a flow diagram of a method of validating an MPLS channel according to some embodiments of the present invention. As shown in fig. 1, the verification method of this embodiment includes steps S102 to S108.
In step S102, an MPLS connectivity detection command is received.
The connectivity detection command is used to determine whether a data forwarding path of the MPLS domain is available through the sent and received messages. The command is issued, for example, by a command line terminal.
In some embodiments, the MPLS connectivity detection command is a ping (Packet Internet Groper, internet packet explorer) command or a tracert (traceroute) command.
The connectivity detection command may be accompanied by a first parameter, which includes, for example, a destination address of the channel under test, a timeout time, a maximum number of hops specifying the search target, and so on.
In step S104, MPLS forwarding data corresponding to the first parameter in the MPLS connectivity detection command is searched in the database.
The database stores therein data reflecting a connection relationship between routes, including, for example, route data and label data. For example, the database stores MPLS forwarding data generated by the MPLS control plane after protocol interworking learning, and these forwarding data can reflect the connectivity relationship between the routes.
The first parameter may be a destination address. In some embodiments, MPLS forwarding data corresponding to the destination address in the MPLS connectivity detection command is looked up in a database. If the data corresponding to the destination address can be found, the existence of the equipment corresponding to the destination address is indicated, and a message can be sent to the equipment.
In step S106, if MPLS forwarding data corresponding to the first parameter is found, the first MPLS ECHO request packet is encapsulated.
In step S108, a first MPLS ECHO request message is sent. The sent first MPLS ECHO request message is used for performing authentication of the MPLS tunnel.
In some embodiments, the encapsulated first MPLS ECHO request message is sent over a link layer socket (socket).
The embodiment utilizes the database to replace the kernel to complete the query of forwarding data and the processing process of the message, thereby omitting the processes of data issuing, format matching, kernel debugging and the like related to the kernel, simplifying the processing flow and reducing the risk and processing difficulty caused by modifying the kernel. Therefore, the embodiment of the invention is easier to deploy and realize, and the safety of the system is improved.
Some embodiments of the present invention may also process the receiving flow of the message outside the kernel. Another embodiment of the method of verifying an MPLS path of the present invention is described below with reference to fig. 2.
Fig. 2 is a flow chart illustrating a method of verifying an MPLS channel according to other embodiments of the present invention. As shown in fig. 2, the verification method of this embodiment includes steps S202 to S208.
In step S202, an MPLS ECHO packet is received. The MPLS ECHO message may be an MPLS ECHO request message or an MPLS ECHO reply message.
In some embodiments, MPLS ECHO messages are received by the chip.
Further, a packet receiving policy may be set on the chip to screen out the second MPLS ECHO packet from the received plurality of packets. In some embodiments, the received packet is screened according to at least one of a MPLS packet header length offset, a VLAN (Virtual Local Area Network ) packet header length offset, or a destination IP (Internet Protocol, network protocol) address 127.0.0.1 preset in the chip, to obtain an MPLS ECHO packet. In addition, filtering can be performed according to information such as a port, and the details are not repeated here.
In step S204, the MPLS ECHO packet is parsed to obtain a second parameter.
In some embodiments, the MPLS ECHO packet is sent to a link layer socket for parsing to obtain the second parameter.
In some embodiments, the second parameter is a destination address. Thus, the device receiving the MPLS ECHO message may determine whether the message is addressed to itself. If so, the response may continue.
In step S206, the MPLS forwarding data corresponding to the second parameter is searched in the database.
For example, when the second parameter is the destination address, it is determined whether the second parameter is the receiver of the MPLS ECHO packet by the MPLS forwarding data in the database.
In step S208, when the MPLS forwarding data corresponding to the second parameter is found, a response action corresponding to the MPLS ECHO packet is executed. The response action is, for example, the reply of a message or the report of a verification result.
When receiving MPLS ECHO messages, the embodiment utilizes the database to replace the kernel to complete the inquiry of forwarding data and the processing process of messages, thereby omitting the processes of data issuing, format matching, kernel debugging and the like related to the kernel, simplifying the processing flow and reducing the risk and processing difficulty caused by modifying the kernel. Therefore, the embodiment of the invention is easier to deploy and realize, and the safety of the system is improved.
Specific response operations are further described below with reference to fig. 3 and 4 in conjunction with specific types of MPLS ECHO messages. In fig. 3 and 4, a reception manner of setting a package receiving policy at a chip is exemplarily shown. Other receiving modes can be adopted as required, and are not described in detail.
Fig. 3 illustrates a flow diagram of a method of receiving packets according to some embodiments of the invention. As shown in fig. 3, the packet receiving method of this embodiment includes steps S302 to S310.
In step S302, a second MPLS ECHO request message is received through a filtering policy set by the chip.
In step S304, the second MPLS ECHO request message is sent to the link layer socket for parsing, so as to obtain a second parameter.
In step S306, the MPLS forwarding data corresponding to the second parameter is searched in the database.
In step S308, if the MPLS forwarding data corresponding to the second parameter is found, the first MPLS ECHO reply message is encapsulated.
In step S310, a first MPLS ECHO reply message is sent.
According to the embodiment, the received MPLS ECHO request message is sent to the corresponding socket for analysis processing in a chip filtering mode, and the reply message is packaged by combining the search result of the database, so that risks and processing difficulty caused by modifying the kernel are reduced, and meanwhile, the safety of the system is improved.
Fig. 4 shows a flow chart of a packet receiving method according to other embodiments of the present invention. As shown in fig. 4, the packet receiving method of this embodiment includes steps S402 to S408.
In step S402, a second MPLS ECHO reply message is received through a filtering policy set by the chip.
In step S404, the second MPLS ECHO reply message is sent to the link layer socket for parsing, so as to obtain a second parameter.
In step S406, MPLS forwarding data corresponding to the second parameter is searched in the database.
In step S408, if the MPLS forwarding data corresponding to the second parameter is found, the second MPLS ECHO reply message is determined to be valid, and the determination result is returned to the control plane.
According to the embodiment, the received MPLS ECHO reply message is sent to the corresponding socket for analysis and processing in a chip filtering mode, and the reply message is packaged by combining the search result of the database, so that risks and processing difficulty caused by modifying the kernel are reduced, and meanwhile, the safety of the system is improved.
An embodiment of the authentication apparatus of the MPLS path of the present invention is described below with reference to fig. 5.
Fig. 5 illustrates a schematic structure of an MPLS path verification device according to some embodiments of the present invention. As shown in fig. 5, the authentication apparatus 50 of this embodiment includes: a receiving module 510 configured to receive MPLS connectivity detection commands; a message processing module 520 configured to search the database for MPLS forwarding data corresponding to the first parameter in the MPLS connectivity detection command, and encapsulate the first MPLS ECHO request message if MPLS forwarding data corresponding to the first parameter is found; a sending module 530 is configured to send a first MPLS ECHO request message.
The message processing module is independent of the kernel, so that the embodiment of the invention can autonomously process connectivity detection processes such as ping, tracert and the like, and the kernel is prevented from being modified. In addition, the embodiment of the invention utilizes the database to replace the kernel to complete the query process of forwarding data, thereby omitting the processes of data issuing, format matching, kernel debugging and the like related to the kernel, simplifying the processing flow and reducing the risk and processing difficulty caused by modifying the kernel. Therefore, the embodiment of the invention is easier to deploy and realize, and the safety of the system is improved.
In some embodiments, the message processing module 520 is further configured to look up MPLS forwarding data corresponding to the destination address in the MPLS connectivity detection command in the database.
In some embodiments, the verification device 50 further comprises: the storage module 540 is configured to store MPLS forwarding data generated by the MPLS control plane after protocol interworking learning into a database.
In some embodiments, the receiving module 510 is further configured to receive MPLS ECHO messages; the message processing module 520 is further configured to parse the MPLS ECHO message to obtain a second parameter; and searching the MPLS forwarding data corresponding to the second parameter in the database so as to execute the response action corresponding to the MPLS ECHO message under the condition that the MPLS forwarding data corresponding to the second parameter is searched.
In some embodiments, the receiving module 510 is further configured to receive MPLS ECHO messages through the chip; the message processing module 520 is further configured to send the MPLS ECHO message to the link layer socket for parsing to obtain the second parameter.
In some embodiments, the receiving module 510 is further configured to screen the received packet according to at least one of the MPLS packet header length offset, the VLAN packet header length offset, or the destination network protocol IP address 127.0.0.1 preset in the chip, to obtain an MPLS ECHO packet.
In some embodiments, the MPLS ECHO message is a second MPLS ECHO request message, and the message processing module 520 is further configured to encapsulate the first MPLS ECHO reply message if MPLS forwarding data corresponding to the second parameter is found; the sending module 530 is further configured to send the first MPLS ECHO reply message.
In some embodiments, the MPLS ECHO packet is a second MPLS ECHO reply packet, and the packet processing module 520 is further configured to determine that the second MPLS ECHO reply packet is valid if MPLS forwarding data corresponding to the second parameter is found; the sending module 530 is further configured to return the determination result to the control plane.
In some embodiments, the message processing module 520 is further configured to look up MPLS forwarding data corresponding to the destination address in the MPLS ECHO message in the database.
In some embodiments, the MPLS connectivity detection command is an internet packet explorer ping command or a tracert trace command.
Fig. 6 is a schematic structural diagram of an apparatus for verifying MPLS channels according to other embodiments of the present invention. As shown in fig. 6, the authentication apparatus 60 of the MPLS path of this embodiment includes: a memory 610 and a processor 620 coupled to the memory 610, the processor 620 being configured to perform the method of verifying MPLS channels in any one of the embodiments described above based on instructions stored in the memory 610.
The memory 610 may include, for example, system memory, fixed nonvolatile storage media, and the like. The system memory stores, for example, an operating system, application programs, boot Loader (Boot Loader), and other programs.
Fig. 7 is a schematic structural diagram of an apparatus for verifying MPLS channels according to still other embodiments of the present invention. As shown in fig. 7, the authentication apparatus 70 of the MPLS path of this embodiment includes: memory 710 and processor 720 may also include input-output interfaces 730, network interfaces 740, storage interfaces 750, and the like. These interfaces 730, 740, 750, as well as the memory 710 and the processor 720, may be connected by a bus 760, for example. The input/output interface 730 provides a connection interface for input/output devices such as a display, a mouse, a keyboard, a touch screen, etc. Network interface 740 provides a connection interface for various networking devices. Storage interface 750 provides a connection interface for external storage devices such as SD cards, U-discs, and the like.
An embodiment of the present invention further provides a computer readable storage medium having stored thereon a computer program, wherein the program when executed by a processor implements any one of the aforementioned methods for verifying MPLS channels.
It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable non-transitory storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flowchart and/or block of the flowchart illustrations and/or block diagrams, and combinations of flowcharts and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The foregoing description of the preferred embodiments of the invention is not intended to limit the invention to the precise form disclosed, and any such modifications, equivalents, and alternatives falling within the spirit and scope of the invention are intended to be included within the scope of the invention.
Claims (15)
1. A method of validating a multiprotocol label switching channel, comprising:
receiving a multiprotocol label switching (MPLS) connectivity detection command;
searching MPLS forwarding data corresponding to a first parameter in the MPLS connectivity detection command in a database;
under the condition of finding the MPLS forwarding data corresponding to the first parameter, packaging a first multiprotocol label switching response MPLS ECHO request message;
and sending the first MPLS ECHO request message.
2. The authentication method according to claim 1, wherein MPLS forwarding data corresponding to the destination address in the MPLS connectivity detection command is looked up in a database.
3. The authentication method of claim 1, further comprising:
and storing MPLS forwarding data generated by the MPLS control surface after protocol interactive learning into a database.
4. The authentication method of claim 1, further comprising:
receiving MPLS ECHO message;
analyzing the MPLS ECHO message to obtain a second parameter;
searching MPLS forwarding data corresponding to the second parameter in the database;
and executing the response action corresponding to the MPLS ECHO message under the condition that the MPLS forwarding data corresponding to the second parameter is searched.
5. The authentication method of claim 4, wherein:
receiving the MPLS ECHO message through a chip;
and sending the MPLS ECHO message to a socket of a link layer to analyze, and obtaining a second parameter.
6. The authentication method of claim 5, wherein the receiving, by the chip, the MPLS ECHO packet comprises:
and screening the received message according to at least one of the length offset of the MPLS packet header, the length offset of the VLAN packet header of the virtual local area network or the IP address 127.0.0.1 of the destination network protocol preset in the chip to obtain the MPLS ECHO message.
7. The authentication method of claim 4, wherein the MPLS ECHO message is a second MPLS ECHO request message, and the performing the corresponding response action of the MPLS ECHO message comprises:
encapsulating the first MPLS ECHO reply message;
and sending the first MPLS ECHO reply message.
8. The authentication method of claim 4, wherein the MPLS ECHO message is a second MPLS ECHO reply message, and the performing a response action corresponding to the MPLS ECHO message comprises:
and judging that the second MPLS ECHO reply message is effective, and returning a judging result to a control surface.
9. The authentication method of claim 4, wherein MPLS forwarding data corresponding to a destination address in the MPLS ECHO packet is looked up in the database.
10. The authentication method according to any one of claims 1 to 8, wherein the MPLS connectivity detection command is an internet packet explorer ping command or a tracert trace command.
11. An authentication apparatus for a multiprotocol label switching channel, comprising:
a receiving module configured to receive an MPLS connectivity detection command;
the message processing module is configured to search MPLS forwarding data corresponding to a first parameter in the MPLS connectivity detection command in a database, and encapsulate a first MPLS ECHO request message under the condition that the MPLS forwarding data corresponding to the first parameter is searched;
and the sending module is configured to send the first MPLS ECHO request message.
12. The authentication device of claim 11, wherein:
the receiving module is further configured to receive MPLS ECHO messages;
the message processing module is further configured to parse the MPLS ECHO message to obtain a second parameter; and searching the MPLS forwarding data corresponding to the second parameter in the database so as to execute the response action corresponding to the MPLS ECHO message under the condition that the MPLS forwarding data corresponding to the second parameter is searched.
13. The authentication device of claim 11, further comprising:
and the storage module is configured to store MPLS forwarding data generated by the MPLS control surface after protocol interactive learning into a database.
14. An authentication apparatus for a multiprotocol label switching channel, comprising:
a memory; and
a processor coupled to the memory, the processor configured to perform the method of authentication of a multiprotocol label switching channel as recited in any one of claims 1-10, based on instructions stored in the memory.
15. A computer readable storage medium having stored thereon a computer program which when executed by a processor implements the method of authentication of a multiprotocol label switching channel as claimed in any one of claims 1 to 10.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210799901.6A CN115174439B (en) | 2022-07-08 | 2022-07-08 | Verification method, device and storage medium of multi-protocol label switching channel |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210799901.6A CN115174439B (en) | 2022-07-08 | 2022-07-08 | Verification method, device and storage medium of multi-protocol label switching channel |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115174439A CN115174439A (en) | 2022-10-11 |
| CN115174439B true CN115174439B (en) | 2024-03-29 |
Family
ID=83492812
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210799901.6A Active CN115174439B (en) | 2022-07-08 | 2022-07-08 | Verification method, device and storage medium of multi-protocol label switching channel |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115174439B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114301806A (en) * | 2021-12-31 | 2022-04-08 | 网络通信与安全紫金山实验室 | Virtual network connectivity detection method, device, equipment and storage medium |
| CN114661762A (en) * | 2022-03-16 | 2022-06-24 | 亚信科技(成都)有限公司 | Query method and device for embedded database, storage medium and equipment |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9258238B2 (en) * | 2013-08-30 | 2016-02-09 | Juniper Networks, Inc. | Dynamic end-to-end network path setup across multiple network layers |
-
2022
- 2022-07-08 CN CN202210799901.6A patent/CN115174439B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114301806A (en) * | 2021-12-31 | 2022-04-08 | 网络通信与安全紫金山实验室 | Virtual network connectivity detection method, device, equipment and storage medium |
| CN114661762A (en) * | 2022-03-16 | 2022-06-24 | 亚信科技(成都)有限公司 | Query method and device for embedded database, storage medium and equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115174439A (en) | 2022-10-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| WO2018054397A1 (en) | Service function chain detection path method and device | |
| CN112751733B (en) | Link detection method, device, equipment, system and switch | |
| CN102571492B (en) | Method and device for detecting failure of routing equipment | |
| CN114584582B (en) | In-vehicle message processing method and device, vehicle-mounted terminal and storage medium | |
| CN111245776A (en) | Vehicle-mounted data transmission method, device, equipment and storage medium | |
| CN111614505B (en) | Message processing method and gateway equipment | |
| CN105515816B (en) | Processing method and device for detecting hierarchical information | |
| CN109246189B (en) | Network data distribution method and device, storage medium and server | |
| CN114679350B (en) | SD-WAN-based link selection method, device and storage medium | |
| CN113709043A (en) | Path tracking method and device | |
| CN105763463B (en) | Method and device for transmitting link detection message | |
| CN108989248B (en) | Method for transmitting message, network edge device and message transmission system | |
| CN106453204B (en) | Method and device for processing data message | |
| CN115174439B (en) | Verification method, device and storage medium of multi-protocol label switching channel | |
| CN110581792B (en) | Message transmission method and device | |
| CN109412851B (en) | Link layer path detection method, device and system | |
| CN103516631A (en) | Communication device | |
| CN114301993B (en) | Data transmission method, device, terminal equipment and storage medium | |
| CN104980352A (en) | Routing method and device for multiline computer room | |
| CN105763347A (en) | Method for obtaining parameter, network equipment and system | |
| CN113890858A (en) | PMTU detection method and device | |
| CN114765589A (en) | Network testing method, device and storage medium | |
| CN107707492B (en) | Method and device for reporting and issuing message | |
| CN105577427A (en) | Detection method and device for communication connection between household appliance and mobile terminal | |
| CN105634839A (en) | Method and device for acquiring accessible address space of network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |