CN116389296A - SDN-based flow path visualization method and device for virtual switch - Google Patents
SDN-based flow path visualization method and device for virtual switch Download PDFInfo
- Publication number
- CN116389296A CN116389296A CN202310255707.6A CN202310255707A CN116389296A CN 116389296 A CN116389296 A CN 116389296A CN 202310255707 A CN202310255707 A CN 202310255707A CN 116389296 A CN116389296 A CN 116389296A
- Authority
- CN
- China
- Prior art keywords
- virtual
- source
- information
- destination
- host
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000007794 visualization technique Methods 0.000 title claims abstract description 10
- 238000001514 detection method Methods 0.000 claims abstract description 29
- 238000000034 method Methods 0.000 claims abstract description 27
- 238000004590 computer program Methods 0.000 claims description 18
- 238000012800 visualization Methods 0.000 claims description 10
- 238000004364 calculation method Methods 0.000 claims description 4
- 238000010586 diagram Methods 0.000 description 7
- 230000006870 function Effects 0.000 description 5
- 230000008569 process Effects 0.000 description 5
- 238000012545 processing Methods 0.000 description 4
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 239000002071 nanotube Substances 0.000 description 2
- 230000006399 behavior Effects 0.000 description 1
- 238000004422 calculation algorithm Methods 0.000 description 1
- 230000003247 decreasing effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000011835 investigation Methods 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/04—Processing captured monitoring data, e.g. for logfile generation
- H04L43/045—Processing captured monitoring data, e.g. for logfile generation for graphical visualisation of monitoring data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/12—Discovery or management of network topologies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/06—Generation of reports
- H04L43/062—Generation of reports related to network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/02—Topology update or discovery
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/38—Flow based routing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/70—Routing based on monitoring results
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Abstract
According to the traffic path visualization method of the virtual switch based on the SDN, the virtual switch is added to a controller in an SDN network; inputting source virtual host information and destination virtual host information hung under a virtual switch by using a web module, and counting flow path tracks between the source virtual host and the destination virtual host; reading information of a virtual switch, virtual machine information and gateway information stored in a storage module; calculating detection configuration of issuing flow path tracks to the virtual switch according to information of the virtual switch, virtual machine information, gateway information, source virtual host information and destination virtual host information; and analyzing a detection configuration result of the flow path track issued by the virtual switch by using the OVSDB protocol module, and returning the detection configuration result to the web module for displaying the flow path track result. The method and the device can solve the problem that the track of the traffic path in the virtual switch OVS cannot be intuitively observed in the current SDN network.
Description
Technical Field
The invention belongs to the technical field of flow path visualization in OVS, and particularly relates to a flow path visualization method and device of a virtual switch based on SDN.
Background
SDN (software defined networking) technology separates the control plane and the data plane of the network, and provides a new solution for developing new applications of the network and future Internet technologies.
The OVS (Open VSwitch) is a high-quality virtual switch supporting multi-layer data forwarding, and is mainly deployed on a server, so that the OVS has better programming expansibility compared with a traditional switch, has network isolation and data forwarding functions realized by the traditional switch, operates on each physical machine realizing virtualization, and provides remote management. OVS provides two protocols for remote management in virtualized environments: one is the OpenFlow control protocol, which controls the behavior of the switch through a flow table; one is the OVSDB management protocol, SDN management protocol for implementing programmable access and configuration management of virtual switches.
In the current SDN network, it is not possible to intuitively observe the track condition of the traffic path in the OVS, and a method for directly observing the track condition of the traffic path in the OVS is needed.
Disclosure of Invention
The invention overcomes the defects of the prior art, provides a flow path visualization method of a virtual switch based on SDN and related equipment, can solve the problem that the track of the flow path in the OVS cannot be visually observed in the current SDN network, and remarkably improves the maintainability and the flow intuitiveness of the flow path in the OVS.
According to an aspect of the present disclosure, a method for visualizing a traffic path of a virtual switch based on SDN is provided, the method comprising:
adding a virtual switch to a controller in the SDN network;
inputting source virtual host information and destination virtual host information hung under the virtual switch by utilizing a web module, and counting flow path tracks between the source virtual host and the destination virtual host;
reading information of a virtual switch, virtual machine information and gateway information stored in a storage module;
calculating detection configuration of issuing a flow path track to the virtual switch according to the information of the virtual switch, the virtual machine information, the gateway information, the source virtual host information and the destination virtual host information;
and analyzing a detection configuration result of the flow path track issued by the virtual switch by using an OVSDB protocol module, and returning the detection configuration result to the web module for displaying the flow path track result.
In one possible implementation manner, the inputting, by using a web module, a source virtual host and a destination virtual host that are suspended under the virtual switch, and counting traffic path trajectories between the source virtual host and the destination virtual host includes:
and when the web module is used for inputting the source virtual host and the target virtual host hung under the virtual switch, and the protocol types, the protocol versions, the protocol source ports and the protocol target ports of the source virtual host and the target virtual host, counting the flow path track of east-west flow between the source virtual host and the target virtual host.
In one possible implementation manner, the inputting, by using a web module, a source virtual host and a destination virtual host that are suspended under the virtual switch, and counting traffic path trajectories between the source virtual host and the destination virtual host, further includes:
when a web module is used for inputting a virtual source host bound with a public network and a protocol type, a protocol version, a protocol source port and a protocol destination port of the virtual source host, traffic path tracks of north-south traffic between the source virtual host and the destination virtual host are counted.
In one possible implementation manner, the inputting, by using a web module, a source virtual host and a destination virtual host that are suspended under the virtual switch, and counting traffic path trajectories between the source virtual host and the destination virtual host, further includes:
when a web module is used for inputting the management IP, the message source IP, the message destination IP, the message source MAC, the message destination MAC, the protocol type, the protocol version, the directions of a source virtual host and a destination virtual host, a protocol source port and a protocol destination port of a virtual switch, the flow path track of message matching in a few switches between the source virtual host and the destination virtual host is counted.
According to an aspect of the present disclosure, there is provided a traffic path visualization apparatus of a SDN-based storage virtual switch, the apparatus comprising: the system comprises a web module, a storage module, a calculation module and an OVSDB protocol module;
the web module is used for inputting source information and destination information for displaying the flow path track of the virtual switch and a flow path track result returned by the OVSDB module;
the storage module is used for storing information of the virtual switch, virtual machine information and gateway information;
the computing module is used for computing according to the information of the virtual switch, the virtual machine information, the gateway information and the source information and the destination information of the flow path track of the virtual switch to obtain detection configuration of issuing the flow path track to the virtual switch;
the OVSDB protocol module is used for analyzing the detection configuration result of the flow path track issued by the virtual switch and returning the detection configuration result to the web module for displaying the flow path track result.
In one possible implementation manner, the detecting is configured to count a traffic path track of the north-south traffic between the intranet host and the destination extranet user network device;
or, the traffic path track is used for counting east-west traffic between the intranet hosts.
In one possible implementation, the source information includes a source virtual host and a source virtual switch; the destination information includes a destination virtual host and a destination virtual switch.
In one possible implementation, the traffic path trajectories are input and output directions of the virtual host.
According to an aspect of the disclosure, an electronic device is proposed, the device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the method as described above when executing the program.
According to an aspect of the present disclosure, a computer-readable storage medium is presented, which stores a computer program, which when executed by a processor, implements a method as described above.
The flow path visualization method of the virtual switch based on the SDN adds the virtual switch to a controller in the SDN network; inputting source virtual host information and destination virtual host information hung under the virtual switch by utilizing a web module, and counting flow path tracks between the source virtual host and the destination virtual host; reading information of a virtual switch, virtual machine information and gateway information stored in a storage module; calculating detection configuration of issuing a flow path track to the virtual switch according to the information of the virtual switch, the virtual machine information, the gateway information, the source virtual host information and the destination virtual host information; and analyzing a detection configuration result of the flow path track issued by the virtual switch by using an OVSDB protocol module, and returning the detection configuration result to the web module for displaying the flow path track result. The method and the device can solve the problem that the track of the flow path in the virtual switch OVS cannot be visually observed in the current SDN network, and remarkably improve the maintainability and the flow intuitiveness of the flow path in the OVS.
Drawings
The accompanying drawings are included to provide a further understanding of the technical aspects or prior art of the present application and constitute a part of this specification. The drawings, which are used to illustrate the technical solution of the present application, together with the embodiments of the present application, but do not limit the technical solution of the present application.
Fig. 1 illustrates a flow diagram of a method of traffic path visualization for an SDN-based virtual switch in accordance with an embodiment of the present disclosure;
fig. 2 shows a schematic structural diagram of an SDN network according to an embodiment of the disclosure;
fig. 3 illustrates a traffic path visualization system architecture diagram of an SDN based virtual switch in accordance with an embodiment of the present disclosure;
fig. 4 shows a schematic structural diagram of an electronic device according to an embodiment of the present disclosure.
Detailed Description
The following will describe embodiments of the present invention in detail with reference to the drawings and examples, thereby solving the technical problems by applying technical means to the present invention, and realizing the corresponding technical effects can be fully understood and implemented accordingly. The embodiments and the features in the embodiments can be combined with each other under the condition of no conflict, and the formed technical schemes are all within the protection scope of the invention.
Additionally, the steps illustrated in the flowcharts of the figures may be performed in a computer, such as a set of computer executable instructions. Also, while a logical order is depicted in the flowchart, in some cases, the steps depicted or described may be performed in a different order than presented herein.
Fig. 1 shows a flow chart of a method for visualizing traffic paths of an SDN based virtual switch according to an embodiment of the present disclosure. As shown in fig. 1, the method may include:
step S1: virtual switches are added to controllers in the SDN network.
Fig. 2 shows a schematic structural diagram of an SDN network according to an embodiment of the disclosure.
As shown in fig. 2, the SDN network includes a Controller, virtual switches OVSs (nanotubes), and one or more virtual host VMs (virtual machines for short) suspended under each virtual switch OVS. A VXLAN (Virtual Extensible Local Area Network, virtual extended local area network) tunnel is established between each virtual switch OVS and gateway GW, through which each virtual host VM accesses the ISP network (Internet Service Provider, network service provider).
The network switching devices of the Controller nanotubes may generally include routers, switches, and the like.
By adding a virtual switch OVS to a Controller in the SDN, connection with the virtual switch OVS can be established through an OVSDB protocol (Open VSwitch Database Management Protocol, open virtual switch database management protocol), the track condition of a flow path is matched in the virtual switch OVS by simulating the packet through programmable access to the virtual switch OVS, and data are collected and analyzed to know the path condition of the flow in the virtual switch OVS in the flow path and visually display.
Step S2: and inputting source virtual host information and destination virtual host information hung under the virtual switch by utilizing the web module, and counting the flow path track between the source virtual host and the destination virtual host.
According to the difference of the source virtual host information and the destination virtual host information, different traffic path tracks between the source virtual host and the destination virtual host can be counted.
In an example, inputting, with a web module, a source virtual host and a destination virtual host that are down-hung from the virtual switch, and counting traffic path trajectories between the source virtual host and the destination virtual host, comprising:
and when the web module is used for inputting the source virtual host and the target virtual host hung under the virtual switch, and the protocol types, the protocol versions, the protocol source ports and the protocol target ports of the source virtual host and the target virtual host, counting the flow path track of east-west flow between the source virtual host and the target virtual host.
In an example, inputting, by the web module, a source virtual host and a destination virtual host that are under the virtual switch, and counting traffic path trajectories between the source virtual host and the destination virtual host, may further include:
when a web module is used for inputting a virtual source host bound with a public network and a protocol type, a protocol version, a protocol source port and a protocol destination port of the virtual source host, traffic path tracks of north-south traffic between the source virtual host and the destination virtual host are counted.
In an example, inputting, by the web module, a source virtual host and a destination virtual host that are under the virtual switch, and counting traffic path trajectories between the source virtual host and the destination virtual host, may further include:
when a web module is used for inputting the management IP, the message source IP, the message destination IP, the message source MAC, the message destination MAC, the protocol type, the protocol version, the directions of a source virtual host and a destination virtual host, a protocol source port and a protocol destination port of a virtual switch, the flow path track of message matching in a few switches between the source virtual host and the destination virtual host is counted.
The east-west traffic generally refers to traffic between network devices inside a data center, i.e., traffic between intranet hosts. The north-south traffic generally refers to traffic that the network devices inside the data center communicate with ISP networks outside the data center, i.e., traffic between the intranet hosts and the destination extranet user network devices.
By counting the different traffic path trajectories between the source and destination virtual hosts, the traffic output and input directions between the source and destination virtual hosts can be counted.
Step S3: and reading the information of the virtual switch, the virtual machine information and the gateway information stored by the storage module.
Step S4: and calculating detection configuration of issuing the flow path track to the virtual switch according to the information of the virtual switch, the virtual machine information, the gateway information and the source virtual host information and the destination virtual host information. The detection configuration can be used for counting the flow path track of east-west flow between intranet hosts; or counting the traffic path track of the north-south traffic between the intranet host and the user network edge equipment reaching the extranet.
Step S5: and analyzing the detection configuration result of the flow path track issued by the virtual switch by using an OVSDB protocol module, and returning the detection configuration result to the web module for displaying the flow path track result.
The following are device embodiments of the present application, which may be used to perform method embodiments of the present application. For details not disclosed in the device embodiments of the present application, please refer to the method embodiments of the present application.
Fig. 3 illustrates a traffic path visualization system architecture diagram of an SDN based virtual switch in accordance with an embodiment of the present disclosure.
As shown in fig. 3, the system may include: web module 301, storage module 302, calculation module 303, OVSDB protocol module 304.
The web module 301 is configured to input source information and destination information that show a traffic path track of the virtual switch, and a traffic path track result returned by the OVSDB module. Wherein the source information includes a source virtual host and a source virtual switch; the destination information comprises a destination virtual host and a destination virtual switch; the traffic path trajectories are the input and output directions of the virtual hosts.
The storage module 302 is configured to store information of the virtual switch, virtual machine information, and gateway information.
A calculation module 303, configured to calculate, according to the information of the virtual switch, the virtual machine information, the gateway information, and the source information and the destination information of the traffic path track of the virtual switch, obtain a detection configuration for issuing the traffic path track to the virtual switch;
the OVSDB protocol module 304 is configured to analyze a detection configuration result of the traffic path trace issued by the virtual switch, and return the detection configuration result to the web module 301 for displaying the traffic path trace result.
The flow path visualization method and the flow path visualization system of the virtual switch based on the SDN add the virtual switch to a controller in the SDN network; inputting source virtual host information and destination virtual host information hung under a virtual switch by using a web module, and counting flow path tracks between the source virtual host and the destination virtual host; reading information of a virtual switch, virtual machine information and gateway information stored in a storage module; calculating detection configuration of issuing flow path tracks to the virtual switch according to information of the virtual switch, virtual machine information, gateway information, source virtual host information and destination virtual host information; and analyzing a detection configuration result of the flow path track issued by the virtual switch by using the OVSDB protocol module, and returning the detection configuration result to the web module for displaying the flow path track result. The visual observation of the track condition of the flow path in the virtual switch OVS can be realized, a convenient flow problem investigation method is provided, and the maintainability and the flow intuitiveness of the flow path in the virtual switch OVS are obviously improved.
It should be understood that the sequence number of each step in the foregoing embodiment does not mean that the execution sequence of each process should be determined by the function and the internal logic of each process, and should not limit the implementation process of the embodiment of the present application in any way.
Fig. 4 is a schematic structural diagram of the electronic device 3 provided in the embodiment of the present application. As shown in fig. 4, the electronic apparatus 3 of this embodiment includes: a processor 301, a memory 302 and a computer program 303 stored in the memory 302 and executable on the processor 301. The steps of the various method embodiments described above are implemented when the processor 301 executes the computer program 303. Alternatively, the processor 301, when executing the computer program 303, performs the functions of the modules/units in the above-described apparatus embodiments.
Illustratively, the computer program 303 may be partitioned into one or more modules/units, which are stored in the memory 302 and executed by the processor 301 to complete the present application. One or more of the modules/units may be a series of computer program instruction segments capable of performing a specific function for describing the execution of the computer program 303 in the electronic device 3.
The electronic device 3 may be an electronic device such as a desktop computer, a notebook computer, a palm computer, or a cloud server. The electronic device 3 may include, but is not limited to, a processor 301 and a memory 302. It will be appreciated by those skilled in the art that fig. 3 is merely an example of the electronic device 3 and does not constitute a limitation of the electronic device 3, and may include more or fewer components than shown, or may combine certain components, or different components, e.g., the electronic device may also include an input-output device, a network access device, a bus, etc.
The processor 301 may be a central processing unit (Central Processing Unit, CPU) or other general purpose processor, digital signal processor (Digital Signal Processor, DSP), application specific integrated circuit (Application Specific Integrated Circuit, ASIC), field programmable gate array (Field-Programmable Gate Array, FPGA) or other programmable logic device, discrete gate or transistor logic device, discrete hardware components, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory 302 may be an internal storage unit of the electronic device 3, for example, a hard disk or a memory of the electronic device 3. The memory 302 may also be an external storage device of the electronic device 3, for example, a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card) or the like, which are provided on the electronic device 3. Further, the memory 302 may also include both an internal storage unit and an external storage device of the electronic device 3. The memory 302 is used to store computer programs and other programs and data required by the electronic device. The memory 302 may also be used to temporarily store data that has been output or is to be output.
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-described division of the functional units and modules is illustrated, and in practical application, the above-described functional distribution may be performed by different functional units and modules according to needs, i.e. the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-described functions. The functional units and modules in the embodiment may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit, where the integrated units may be implemented in a form of hardware or a form of a software functional unit. In addition, specific names of the functional units and modules are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present application. The specific working process of the units and modules in the above system may refer to the corresponding process in the foregoing method embodiment, which is not described herein again.
In the foregoing embodiments, the descriptions of the embodiments are emphasized, and in part, not described or illustrated in any particular embodiment, reference is made to the related descriptions of other embodiments.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In the embodiments provided in this application, it should be understood that the disclosed apparatus/computer device and method may be implemented in other ways. For example, the apparatus/computer device embodiments described above are merely illustrative, e.g., the division of modules or elements is merely a logical functional division, and there may be additional divisions of actual implementations, multiple elements or components may be combined or integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection via interfaces, devices or units, which may be in electrical, mechanical or other forms.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed over a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in each embodiment of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The integrated modules/units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the present application implements all or part of the flow in the methods of the above embodiments, or may be implemented by a computer program to instruct related hardware, and the computer program may be stored in a computer readable storage medium, where the computer program may implement the steps of the respective method embodiments described above when executed by a processor. The computer program may comprise computer program code, which may be in source code form, object code form, executable file or in some intermediate form, etc. The computer readable medium may include: any entity or device capable of carrying computer program code, a recording medium, a U disk, a removable hard disk, a magnetic disk, an optical disk, a computer Memory, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), an electrical carrier signal, a telecommunications signal, a software distribution medium, and so forth. It should be noted that the content of the computer readable medium can be appropriately increased or decreased according to the requirements of the jurisdiction's jurisdiction and the patent practice, for example, in some jurisdictions, the computer readable medium does not include electrical carrier signals and telecommunication signals according to the jurisdiction and the patent practice.
The above embodiments are only for illustrating the technical solution of the present application, and are not limiting thereof; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present application, and are intended to be included in the scope of the present application.
Claims (10)
1. A method for visualizing a traffic path of a virtual switch based on an SDN, the method comprising:
adding a virtual switch to a controller in the SDN network;
inputting source virtual host information and destination virtual host information hung under the virtual switch by utilizing a web module, and counting flow path tracks between the source virtual host and the destination virtual host;
reading information of a virtual switch, virtual machine information and gateway information stored in a storage module;
calculating detection configuration of issuing a flow path track to the virtual switch according to the information of the virtual switch, the virtual machine information, the gateway information, the source virtual host information and the destination virtual host information;
and analyzing a detection configuration result of the flow path track issued by the virtual switch by using an OVSDB protocol module, and returning the detection configuration result to the web module for displaying the flow path track result.
2. The traffic path visualization method according to claim 1, wherein the inputting the source virtual host and the destination virtual host under the virtual switch using the web module and counting traffic path trajectories between the source virtual host and the destination virtual host comprises:
and when the web module is used for inputting the source virtual host and the target virtual host hung under the virtual switch, and the protocol types, the protocol versions, the protocol source ports and the protocol target ports of the source virtual host and the target virtual host, counting the flow path track of east-west flow between the source virtual host and the target virtual host.
3. The traffic path visualization method according to claim 1, wherein the inputting the source virtual host and the destination virtual host under the virtual switch using the web module and counting traffic path trajectories between the source virtual host and the destination virtual host further comprises:
when a web module is used for inputting a virtual source host bound with a public network and a protocol type, a protocol version, a protocol source port and a protocol destination port of the virtual source host, traffic path tracks of north-south traffic between the source virtual host and the destination virtual host are counted.
4. The traffic path visualization method according to claim 1, wherein the inputting the source virtual host and the destination virtual host under the virtual switch using the web module and counting traffic path trajectories between the source virtual host and the destination virtual host further comprises:
when a web module is used for inputting the management IP, the message source IP, the message destination IP, the message source MAC, the message destination MAC, the protocol type, the protocol version, the directions of a source virtual host and a destination virtual host, a protocol source port and a protocol destination port of a virtual switch, the flow path track of message matching in a few switches between the source virtual host and the destination virtual host is counted.
5. An SDN-based traffic path visualization device of a storage virtual switch, the device comprising: the system comprises a web module, a storage module, a calculation module and an OVSDB protocol module;
the web module is used for inputting source information and destination information for displaying the flow path track of the virtual switch and a flow path track result returned by the OVSDB module;
the storage module is used for storing information of the virtual switch, virtual machine information and gateway information;
the computing module is used for computing according to the information of the virtual switch, the virtual machine information, the gateway information and the source information and the destination information of the flow path track of the virtual switch to obtain detection configuration of issuing the flow path track to the virtual switch;
the OVSDB protocol module is used for analyzing the detection configuration result of the flow path track issued by the virtual switch and returning the detection configuration result to the web module for displaying the flow path track result.
6. The traffic path visualization device of claim 5, wherein the detection arrangement is configured to count traffic path trajectories for north-south traffic between an intranet host and a destination extranet user network device;
or, the traffic path track is used for counting east-west traffic between the intranet hosts.
7. The traffic path visualization device according to claim 5, wherein the source information comprises a source virtual host and a source virtual switch; the destination information includes a destination virtual host and a destination virtual switch.
8. The traffic path visualization device of claim 6, wherein the traffic path trajectories are input and output directions of a virtual host.
9. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the method of any one of claims 1 to 4 when the program is executed.
10. A computer readable storage medium storing a computer program, characterized in that the computer program, when executed by a processor, implements the method according to any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310255707.6A CN116389296A (en) | 2023-03-10 | 2023-03-10 | SDN-based flow path visualization method and device for virtual switch |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310255707.6A CN116389296A (en) | 2023-03-10 | 2023-03-10 | SDN-based flow path visualization method and device for virtual switch |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116389296A true CN116389296A (en) | 2023-07-04 |
Family
ID=86972312
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310255707.6A Pending CN116389296A (en) | 2023-03-10 | 2023-03-10 | SDN-based flow path visualization method and device for virtual switch |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116389296A (en) |
-
2023
- 2023-03-10 CN CN202310255707.6A patent/CN116389296A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11128550B2 (en) | Logical network traffic analysis | |
| US11894996B2 (en) | Technologies for annotating process and user information for network flows | |
| US10797970B2 (en) | Interactive hierarchical network chord diagram for application dependency mapping | |
| US8260588B2 (en) | Virtualizing complex network topologies | |
| EP2609531A1 (en) | Infrastructure model generation system and method | |
| US10616072B1 (en) | Epoch data interface | |
| CN108139965A (en) | Management server and the management method using the management server | |
| US11706109B2 (en) | Performance of traffic monitoring actions | |
| US20190215246A1 (en) | Predictive analysis in a software defined network | |
| CN108737163B (en) | SDN controller application performance analysis method based on OpenFlow protocol | |
| US9032063B2 (en) | Dynamic port naming in a chassis | |
| CN113542092A (en) | Openstack-based automatic drainage method | |
| US20180196928A1 (en) | Network visualization for access controls | |
| CN116389296A (en) | SDN-based flow path visualization method and device for virtual switch | |
| CN114785718B (en) | Network target range flow acquisition and analysis system and method | |
| CN110166379A (en) | Processing method, device, electronic equipment and the storage medium of flow table | |
| US11579913B2 (en) | System and method for optimizing network topology in a virtual computing environment | |
| KR20180057282A (en) | Method, apparatus and computer program for service fuction chainnig | |
| CN115225545B (en) | Message transmission method and device | |
| CN116566732A (en) | Method and device for determining effectiveness of firewall policy |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |