CN118101670A - Message mirroring method, device and system - Google Patents

Message mirroring method, device and system Download PDF

Info

Publication number
CN118101670A
CN118101670A CN202310158555.8A CN202310158555A CN118101670A CN 118101670 A CN118101670 A CN 118101670A CN 202310158555 A CN202310158555 A CN 202310158555A CN 118101670 A CN118101670 A CN 118101670A
Authority
CN
China
Prior art keywords
message
ipv6
network
header
network device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310158555.8A
Other languages
Chinese (zh)
Inventor
崔国杰
张永平
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to EP23212414.9A priority Critical patent/EP4376375A1/en
Priority to US18/521,141 priority patent/US20240179226A1/en
Publication of CN118101670A publication Critical patent/CN118101670A/en
Pending legal-status Critical Current

Links

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

A message mirroring method, device and system belong to the technical field of networks. The method comprises the following steps: the method comprises the steps that first network equipment receives an internet protocol 6 th edition (internet protocol version, IPv 6) message, wherein the IPv6 message comprises a service message and a message header, the message header comprises a first mirror index, and the first mirror index corresponds to characteristic information in the service message; the first network equipment determines message observation port information according to the first mirror index and the first mapping relation, wherein the message observation port information is used for indicating a message observation port, and the first network equipment comprises the message observation port; the first network device mirrors the IPv6 message to the message observation port. The application can mirror the IPv6 message and ensure the forwarding efficiency of the IPv6 message.

Description

Message mirroring method, device and system
The present application claims priority from chinese patent application with application number 202211501238.3, entitled "method, apparatus, and System for message mirroring", whose application number is 2022, 11, 28, and whose entire contents are incorporated herein by reference.
Technical Field
The present application relates to the field of network technologies, and in particular, to a method, an apparatus, and a system for mirroring a message.
Background
The network device typically has a report Wen Jingxiang (mirror) function. The message mirroring means that the network device copies the message to a designated port of the network device to analyze and monitor the network traffic through a monitoring platform connected with the designated port.
In an actual network, a network device often performs a packet mirroring based on a five-tuple of a service packet. However, with the development of network technology, internet protocol 6 th edition (internet protocol version, IPv 6) is increasingly used as a bearing protocol of the public network, the messages borne by the IPv6 network are IPv6 messages, the IPv6 messages include service messages and message headers encapsulated outside the service messages, and five tuples are included in the service messages. In an IPv6 network, if a message mirror image is required based on a five-tuple, network devices need to parse a header of the IPv6 message and a service message included in the IPv6 message layer by layer. That is, the network device needs to perform deep parsing on the IPv6 message, but such deep parsing easily affects forwarding efficiency of the IPv6 message.
Disclosure of Invention
The application provides a message mirroring method, a message mirroring device and a message mirroring system, which can mirror an IPv6 message and ensure the forwarding efficiency of the IPv6 message. The technical scheme of the application is as follows.
In a first aspect, a method for mirroring a message is provided, where the method includes: the method comprises the steps that a first network device receives an IPv6 message, wherein the IPv6 message comprises a service message and a message header, the message header comprises a first mirror index, and the first mirror index corresponds to characteristic information in the service message; the first network equipment determines message observation port information according to the first mirror index and the first mapping relation, wherein the message observation port information is used for indicating a message observation port, and the first network equipment comprises the message observation port; the first network device mirrors the IPv6 message to the message observation port. The first mapping relationship is used for indicating that the first mirror index corresponds to the message observation port information.
According to the technical scheme provided by the application, since the IPv6 message comprises the service message and the message header, the first mirror image index in the message header corresponds to the characteristic information in the service message, the first network equipment determines the message observation port information according to the first mapping relation and the first mirror image index in the message header, and mirrors the IPv6 message to the message observation port indicated by the message observation port information, the first network equipment can realize mirror image of the IPv6 message based on the characteristic information in the service message included in the IPv6 message without deeply analyzing the IPv6 message, and the forwarding efficiency of the IPv6 message is ensured.
Optionally, the message header includes an IPv6 basic header (basic header) and an IPv6 extension header (extension header), where the IPv6 extension header includes a first mirror index.
Optionally, the IPv6 extension header includes a segment routing header (segment routing header, SRH). For example, a type-lenghth-value (TLV) field is included in the SRH, and the first mirror index is located in the TLV field.
Optionally, the IPv6 extension header includes a bit index explicit copy (bit index explicit replication, BIER) header.
Optionally, the BIER header is a bit index explicit copy internet protocol version 6 (bit index explicit replication internet protocol version, bierv6) header or a bit index explicit copy (bit index explicit replication IN INTERNET protocol version 6, bierin6) header in internet protocol version 6.
Optionally, the BIER header includes a reserved field and an extended field, and the first mirror index is located in the reserved field or the extended field.
Optionally, the method further comprises: the first network equipment receives a first mapping relation sent by the network management equipment.
According to the technical scheme provided by the application, the first network equipment receives the first mapping relation sent by the network management equipment, so that when the first network equipment receives the IPv6 message, the message observation port information is determined according to the first mapping relation and the first mirror index in the message header of the IPv6 message, and the IPv6 message is mirrored to the message observation port indicated by the message observation port information.
Optionally, the characteristic information includes at least one of: n tuples, source Media Access Control (MAC) address, priority information, n being a positive integer. For example, the priority information is class of service (COS) priority information, type of service (TOS) priority information, or Differential Service Code Point (DSCP) information. Among them, the COS priority is also called 802.1p priority, "802.1p" is an abbreviation of Institute of Electrical and Electronics Engineers (IEEE) of ELECTRICAL AND Electronics Engineers, 802.1 p.
Optionally, the first network device is an intermediate device or an egress device on a first IPv6 forwarding path, and the first IPv6 forwarding path is a forwarding path of the IPv6 packet. The first IPv6 forwarding path may be a tunnel.
In a second aspect, a method for mirroring a message is provided, where the method includes: the second network equipment receives the service message; the second network equipment determines a first mirror index according to a second mapping relation and characteristic information in the service message, wherein the second mapping relation is used for indicating that the first mirror index corresponds to the characteristic information in the service message; the second network equipment obtains an IPv6 message according to the service message and the first mirror index, wherein the IPv6 message comprises the service message and a message header, and the message header comprises the first mirror index; the second network device forwards the IPv6 message.
According to the technical scheme provided by the application, the second network equipment determines the first mirror index according to the second mapping relation and the characteristic information in the service message, the second network equipment comprises the service message and the message header according to the service message and the characteristic information in the first mirror index, and the message header comprises the first mirror index, so that the mirror equipment (such as the first network equipment) can determine the message observation port according to the first mirror index in the message header and mirror the IPv6 message to the message observation port, and the mirror equipment can mirror the IPv6 message based on the characteristic information in the service message contained in the IPv6 message without deeply analyzing the IPv6 message, thereby ensuring the forwarding efficiency of the IPv6 message.
Optionally, the message header includes an IPv6 basic header and an IPv6 extension header, where the IPv6 extension header includes a first mirror index.
Optionally, the IPv6 extension header includes an SRH.
Optionally, the IPv6 extension header includes a BIER header.
Optionally, the BIER head is BIERv heads or BIERin heads.
Optionally, the method further comprises: the second network equipment receives a second mapping relation sent by the network management equipment.
According to the technical scheme provided by the application, the second network equipment receives the second mapping relation sent by the network management equipment, so that when the second network equipment receives the service message, the second network equipment determines the first mirror index according to the second mapping relation and the characteristic information in the service message, and obtains the IPv6 message according to the service message and the first mirror index.
Optionally, the characteristic information includes at least one of: n-tuple, source MAC address, priority information, n is a positive integer.
Optionally, the second network device is an ingress device on a first IPv6 forwarding path, and the first IPv6 forwarding path is a forwarding path for the IPv6 packet. The first IPv6 forwarding path may be a tunnel.
In a third aspect, a method for mirroring a message is provided, where the method includes: the network management equipment generates a first mapping relation and a second mapping relation, wherein the first mapping relation is used for indicating that the first mirror index corresponds to message observation port information, the message observation port information is used for indicating a message observation port in the first network equipment, and the second mapping relation is used for indicating that the first mirror index corresponds to characteristic information in the service message; the network management equipment sends a first mapping relation to the first network equipment; the network management equipment sends a second mapping relation to the second network equipment.
According to the technical scheme provided by the application, the network management equipment sends the second mapping relation to the second network equipment, so that when the second network equipment receives the service message, the second network equipment determines the first mirror index according to the second mapping relation and the characteristic information in the service message; the network management equipment sends a first mapping relation to the first network equipment, so that when the first network equipment receives the IPv6 message comprising the service message and the message header, the first network equipment determines message observation port information according to the first mapping relation and a first mirror index in the message header, and mirrors the IPv6 message to a message observation port indicated by the message observation port information.
Optionally, the second network device is configured to forward an IPv6 packet to the first network device according to the second mapping relationship, where the IPv6 packet includes the service packet and a packet header, and the packet header includes a first mirror index; the first network device is configured to mirror the IPv6 message to a message observation port indicated by the message observation port information according to a first mapping relationship.
Optionally, the first network device is an intermediate device or an egress device on a first IPv6 forwarding path, the second network device is an ingress device on the first IPv6 forwarding path, and the first IPv6 forwarding path is a forwarding path for the IPv6 packet.
In a fourth aspect, a message mirroring apparatus is provided for use with a first network device, the message mirroring apparatus comprising respective modules for performing the method as provided in the first aspect or any of the alternatives of the first aspect.
In a fifth aspect, there is provided a message mirroring apparatus for use with a second network device, the message mirroring apparatus comprising respective modules for performing the method as provided in the second aspect or any of the alternatives of the second aspect described above.
In a sixth aspect, a message mirroring apparatus is provided, for application to a network management device, the message mirroring apparatus comprising respective modules for performing the method as provided in the third aspect or any of the alternatives of the third aspect.
The modules of the fourth to sixth aspects described above may be implemented based on software, hardware or a combination of software and hardware, and the modules may be arbitrarily combined or divided based on specific implementations.
In a seventh aspect, a message mirroring apparatus is provided, applied to a first network device, where the message mirroring apparatus includes a memory and a processor; the memory is used for storing a computer program; the processor is configured to execute a computer program stored in the memory to cause the message mirroring means to perform a method as provided in the first aspect or any of the alternatives of the first aspect.
An eighth aspect provides a message mirroring apparatus, applied to a second network device, where the message mirroring apparatus includes a memory and a processor; the memory is used for storing a computer program; the processor is configured to execute a computer program stored in the memory to cause the message mirroring device to perform a method as provided in the second aspect or any alternative of the second aspect described above.
A ninth aspect provides a message mirroring device, applied to a network management device, where the message mirroring device includes a memory and a processor; the memory is used for storing a computer program; the processor is configured to execute a computer program stored in the memory to cause the message mirroring device to perform a method as provided in the third aspect or any alternative of the third aspect.
In a tenth aspect, a message mirroring system is provided, where the message mirroring system includes a first network device and a second network device; the first network device comprises the message mirroring device provided in the fourth aspect, and the second network device comprises the message mirroring device provided in the fifth aspect; or the first network device comprises the message mirroring device provided in the seventh aspect, and the second network device comprises the message mirroring device provided in the eighth aspect.
Optionally, the message mirroring system further includes a network management device, where the network management device includes a message mirroring device provided in the sixth aspect, or the network management device includes a message mirroring device provided in the ninth aspect.
In an eleventh aspect, there is provided a computer readable storage medium having stored therein a computer program which when executed implements a method as provided in the above first aspect or any of the alternatives of the first aspect; or implementing a method as provided in the second aspect or any of the alternatives of the second aspect; or to implement a method as provided in the third aspect or any alternative of the third aspect.
In a twelfth aspect, there is provided a computer program product comprising a program or code which when executed implements a method as provided in the first aspect or any of the alternatives of the first aspect; or implementing a method as provided in the second aspect or any of the alternatives of the second aspect; or to implement a method as provided in the third aspect or any alternative of the third aspect.
In a thirteenth aspect, there is provided a chip comprising programmable logic circuitry and/or program instructions, the chip being operable to implement a method as provided in the above-described first aspect or any of the alternatives of the first aspect; or implementing a method as provided in the second aspect or any of the alternatives of the second aspect; or to implement a method as provided in the third aspect or any alternative of the third aspect.
Technical effects of the fourth to thirteenth aspects described above may refer to the first to third aspects, and are not described here again.
Drawings
Fig. 1 is a schematic diagram of a communication system according to an embodiment of the present application;
FIG. 2 is a flow chart of a method for mirroring messages according to an embodiment of the present application;
FIG. 3 is a schematic diagram of an IPv6 packet according to an embodiment of the present application;
FIG. 4 is a schematic diagram of another IPv6 packet according to an embodiment of the present application;
FIG. 5 is a schematic diagram of another IPv6 packet according to an embodiment of the present application;
FIG. 6 is a flowchart of another method for mirroring messages according to an embodiment of the present application;
FIG. 7 is a schematic diagram of a message mirroring device according to an embodiment of the present application;
FIG. 8 is a schematic diagram of another message mirroring apparatus according to an embodiment of the present application;
FIG. 9 is a schematic diagram of another message mirroring device according to an embodiment of the present application;
FIG. 10 is a schematic diagram of another message mirroring apparatus according to an embodiment of the present application;
Fig. 11 is a schematic diagram of another message mirroring apparatus according to an embodiment of the present application.
Detailed Description
Embodiments of the present application will be further described below with reference to the accompanying drawings.
The network device generally has a message mirroring function, which is a function of copying a message to a designated port of the network device by the network device. The designated port is also called a message observing port, and the network device (or the network device with the message mirroring function) comprising the designated port is also called a mirroring device, and the designated port is generally connected with a monitoring platform, and the monitoring platform can analyze and monitor the network traffic of the designated port.
The current message mirroring scheme comprises a port-based message mirroring scheme and a five-tuple-based message mirroring scheme.
In the port-based message mirroring scheme, the mirroring device mirrors the message at the granularity of the port. For example, the mirror device mirrors all the messages forwarded through a certain port of the mirror device to the message observation port of the mirror device, and/or the mirror device mirrors all the messages received through the certain port of the mirror device to the message observation port of the mirror device. But the network flow of the port is larger, and in the message mirror scheme based on the port, the network flow needing mirror image is larger, the network flow needing analysis and monitoring of the monitoring platform is larger, the pressure of the monitoring platform is larger, and the capability requirement on the monitoring platform is higher.
In the message mirroring scheme based on the quintuple, the mirroring device mirrors the message with the granularity of the quintuple. For example, the mirror device identifies a message carrying a particular five-tuple according to an access control list (access control list, ACL) rule, and the mirror device mirrors the message carrying the particular five-tuple to a message observation port of the mirror device. In the message mirroring scheme, the network flow needing mirroring is smaller, the network flow needing to be analyzed and monitored by the monitoring platform is smaller, and the pressure of the monitoring platform is smaller. The message mirror scheme has smaller mirror granularity and is suitable for mirror the message of specific services such as tool service, important service and the like.
With the development of network technology, internet protocol version 6 (internet protocol version, ipv 6) networks, such as the segment routing internet protocol version 6 (segment routing internet protocol version, srv 6) networks, are widely used. The IPv6 packet carried by the IPv6 network generally includes a service packet and a packet header (e.g., referred to as an IPv6 protocol header) encapsulated outside the service packet, and the five-tuple is included in the service packet. The network device in the IPv6 network can generally implement forwarding of the IPv6 packet only by parsing the IPv6 protocol header, and the quintuple in the service packet is generally invisible to the network device in the IPv6 network. However, in an IPv6 network, if the message mirroring is performed based on the five-tuple, the network device needs to analyze not only the IPv6 protocol header, but also a service message included in the IPv6 message, that is, the network device needs to analyze the IPv6 protocol header of the IPv6 message and the service message included in the IPv6 message layer by layer to obtain the five-tuple of the service message, and the network device needs to perform deep analysis on the IPv6 message, so that the deep analysis easily affects the forwarding efficiency of the IPv6 message and the forwarding performance of the network device.
The application provides a message mirroring scheme, which comprises a service message and a message header, wherein the message header comprises a first mirroring index, the first mirroring index and characteristic information in the service message, and after receiving the IPv6 message, a first network device determines message observation port information according to a first mapping relation and the first mirroring index in the message header, and mirrors the IPv6 message to a message observation port indicated by the message observation port information. Therefore, the first network equipment can realize mirroring of the IPv6 message based on the characteristic information in the service message included in the IPv6 message without deeply analyzing the IPv6 message, and the forwarding efficiency of the IPv6 message and the forwarding performance of the network equipment are ensured.
The technical scheme of the application is described below, and an application scene of the embodiment of the application is described first.
An application scenario of the embodiment of the present application provides a communication system, where the communication system includes an IPv6 network and a user equipment accessing the IPv6 network. The IPv6 network may be a unicast network or a multicast network. For example, the IPv6 network is a SRv network or a bit-index explicit copy (bit index explicit replication, BIER) network, which may be a bit-index explicit copy internet protocol version 6 (bit index explicit replication internet protocol version, bierv 6) network or a bit-index explicit copy (bit index explicit replication IN INTERNET protocol version 6, BIER 6) network in internet protocol version 6.
The IPv6 network includes a plurality of network devices communicatively coupled thereto. The network device may be a switch, router, virtual switch or virtual router, etc. for message forwarding. The plurality of network devices may be the same type of network device, e.g. the plurality of network devices are all switches. Or at least two of the plurality of network devices are of different types, e.g., a portion of the plurality of network devices are routers and another portion of the plurality of network devices are switches. The plurality of network devices includes edge network devices and may also include core network devices, as classified by deployment location. The edge network device is at the edge of the IPv6 network and the core network device is at the core location of the IPv6 network. For example, the edge network device is a Provider Edge (PE) device, and the core network device is a provider (P) device. The edge network devices in the IPv6 network may include an ingress device for introducing traffic into the IPv6 network and an egress device for directing traffic in the IPv6 network out of the IPv6 network.
The user equipment is connected with the edge network equipment in the IPv6 network to access the IPv6 network. Optionally, the user equipment is connected to the edge network device in the IPv6 network through an access device or an access network (i.e., the access device or the access network is connected between the user equipment and the edge network device in the IPv6 network). The access device may be a device for forwarding a message, such as a switch, a router, a virtual switch, or a virtual router, for example, the access device is a Customer Edge (CE) device. The access network is formed by a plurality of access devices communicatively connected. The user equipment accessing the IPv6 network may be a host, a user terminal, a home gateway, a server, a Virtual Machine (VM) created in the server, and the like. The user equipment accessing the IPv6 network may include a source device connected to an ingress device in the IPv6 network and a destination device connected to an egress device in the IPv6 network.
In the embodiment of the application, the network devices in the IPv6 network can all support IPv6 forwarding, and the network devices in the IPv6 network can be called IPv6 network devices or IPv6 forwarding devices. In one embodiment, the IPv6 network is a unicast network and is a SRv6 network, network devices in the SRv network all support SRv6 forwarding, and network devices in the SRv network may be referred to as SRv6 network devices or SRv6 forwarding devices. In another embodiment, the IPv6 network is a multicast network and is a BIER network, such as BIERv network or BIERin network, where network devices in the BIER network all support BIER forwarding, which may be referred to as BIER network devices or BIER forwarding devices. Illustratively, the network devices in the BIER network are all bit-forwarding routers (bit-forwarding router, BFR), the ingress devices in the BIER network are bit-forwarding ingress routers (bit forwarding ingress router, BFIR), and the egress devices in the BIER network are bit-forwarding egress routers (bit forwarding egress router, BFER).
In the embodiment of the application, at least one network device in the IPv6 network has a message mirror function to mirror the message. For convenience of description, the network device having the message mirroring function is referred to as a mirroring device. The communication system can also comprise a monitoring platform which is connected with the message observation port of the mirror image equipment so as to analyze and monitor the network traffic transmitted by the message observation port. The monitoring platform can be a monitoring device, a monitoring system or a monitoring network formed by a plurality of monitoring devices, and the monitoring platform can be directly connected with a message observation port of the mirror image device or can be connected with the mirror image device through a transmission network. The monitoring device may be a host, server, computer, etc.
Optionally, the communication system further includes a network management device, where the network management device is connected to at least one network device in the IPv6 network, so as to control the at least one network device. For example, the network management device controls the network device in the IPv6 network to forward the message. The network management equipment integrates the functions of network management, service control, network analysis and the like. The network management device may be a server, a server cluster formed by a plurality of servers, or a cloud computing service center. In some embodiments, the network management device is also referred to as a network management device, a network control device, a network controller, a control device, or the like.
In the embodiment of the application, the IPv6 network comprises an IPv6 forwarding path, and the IPv6 forwarding path comprises a plurality of network devices. The network devices on the IPv6 forwarding path include an ingress (ingress) device, an egress (egress) device, and an intermediate (transit) device located between the ingress device and the egress device. According to the difference of the length of the IPv6 forwarding path, the number of the intermediate devices is different, or the IPv6 forwarding path only comprises an inlet device and an outlet device, and does not comprise the intermediate devices. Optionally, the IPv6 forwarding path penetrates through the IPv6 network, the ingress device on the IPv6 forwarding path and the ingress device of the IPv6 network are the same network device, and the egress device on the IPv6 forwarding path and the egress device of the IPv6 network are the same network device. In one embodiment, the IPv6 network is a unicast network and the IPv6 forwarding path is a unicast forwarding path. In another embodiment, the IPv6 network is a multicast network and the IPv6 forwarding path is a multicast forwarding path. In alternative embodiments, the IPv6 forwarding path is a tunnel, for example, the IPv6 forwarding path is a segment routing TRAFFIC ENGINEERING (SR-TE) tunnel, a traffic engineering extension based resource reservation protocol (resource reservation protocol-TRAFFIC ENGINEERING, RSVP-TE) tunnel, a SRv tunnel, a point-to-multipoint (point to multipoint, P2 MP) tunnel, or a BIER tunnel, etc., and the SRv tunnel may be a SRv policy (policy) tunnel.
The designations of embodiments of the present application with respect to network devices, ingress devices, intermediate devices, egress devices, forwarding paths, etc. are merely exemplary, and in some implementation scenarios, network devices are also referred to as network nodes, forwarding devices, gateway nodes, gateway devices, routing nodes, routing devices, switching nodes, switching devices, etc. Ingress devices are also referred to as ingress nodes, head nodes (head nodes), head node devices, head nodes, head node devices, etc. Intermediate devices are also referred to as intermediate nodes, transit devices, etc. The egress devices are also referred to as egress nodes, end nodes (end nodes), end node devices, etc.; the forwarding paths are also referred to as transmission paths, communication paths, transmission channels, etc., and the embodiments of the present application are not limited thereto.
As an example, please refer to fig. 1, which shows a schematic diagram of a communication system according to an embodiment of the present application. The communication system comprises an IPv6 network 1, network management equipment 10, a monitoring platform 20 and user equipment H1-H4 accessed to the IPv6 network 1. The IPv6 network 1 is a unicast network, which may be a SRv network, or a multicast network, which may be a BIER network. The IPv6 network 1 includes 6 network devices, i.e., PE1 to PE4 and P1 to P2. PE1 to PE4 are all edge network devices in the IPv6 network 1. P1 to P2 are core network devices in the IPv6 network 1. The user equipment H1 is connected to the PE1 and the PE4 through the CE1 to access the IPv6 network 1. The user equipment H2 is connected to the PE2 through the CE2 to access the IPv6 network 1. The user equipments H3 to H4 are connected to the PE3 through the CE3 to access the IPv6 network 1. Optionally, PE1 and PE4 are ingress devices of the IPv6 network 1, PE2 and PE3 are egress devices of the IPv6 network 1, the user equipment H1 is a source device, and at least one of the user equipment H2 to H4 is a destination device. In one example, the IPv6 network 1 is a unicast network, the user equipment H1 is a source device, and one of the user equipments H2 to H4 is a destination device. In another example, the IPv6 network 1 is a multicast network, for example, a BIER network, PE1 to PE4, P1 to P2 are all BFRs, PE1 and PE4 are all BFIR, PE2 and PE3 are all BFERs, the user equipment H1 is a source device, and at least two of the user equipments H2 to H4 are destination devices. As shown in fig. 1, the IPv6 network 1 includes an IPv6 forwarding path S1 (PE 1- > P1- > PE2- > PE 3), the IPv6 forwarding path S1 penetrates through the IPv6 network 1, PE1 is an ingress device of the IPv6 forwarding path S1, P1 and PE2 are intermediate devices on the IPv6 forwarding path S1, and PE3 is an egress device of the IPv6 forwarding path S1. In one example, IPv6 network 1 is a unicast network and IPv6 forwarding path S1 is a unicast forwarding path. In another example, IPv6 network 1 is a multicast network, IPv6 forwarding path S1 is a multicast forwarding path, e.g., IPv6 forwarding path S1 is one of the multicast forwarding paths.
Fig. 1 illustrates that PE2 is a mirror device, where PE2 includes a message observation port (not shown in fig. 1), and a monitoring platform 20 is connected to the message observation port of PE2 to analyze and monitor network traffic of the message observation port. As shown in fig. 1, the network management device 10 is connected with the PE1 (an ingress device of the IPv6 forwarding path S1) and the PE2, respectively, where the network management device 10 can control the PE1 to perform IPv6 encapsulation on the service packet, and control the PE2 to perform mirroring on the IPv6 packet. The monitoring platform 20 and the message observation port of the PE2 may be directly connected, or may be connected through a transmission network, which is not limited in the embodiment of the present application.
The communication system shown in fig. 1 is only used as an example, and is not used to limit the technical solution of the embodiment of the present application. In the implementation process, the number of network devices, the number of mirror devices, the number of network management devices and the relationship between the devices in the communication system can be configured according to the need. For example, fig. 1 only shows connection lines between the network management device 10 and the PEs 1 and 2 for brevity, in practical application, the network management device 10 may be connected to the PEs 1to 4 and the PEs 1to 2, and the network management device 10 may be connected to the CEs 1to 3. In addition, whether the network device is a mirror device can be realized through configuration, for example, the network device is provided with a message mirror function by performing functional configuration on a certain network device, and then the network device can be used as a mirror device. Any network device may be used as a mirror device, the same mirror device may mirror messages of different data flows, and different mirror devices may mirror messages of the same data flow, where fig. 1 illustrates that the mirror device is an intermediate device on the IPv6 forwarding path S1, and the mirror device may also be an ingress device or an egress device of the IPv6 forwarding path S1. Further, the "communication system" and the "communication system" described in the present application are equivalent concepts, and the two are interchangeable.
The above is an introduction to the application scenario of the present application, and the following describes an embodiment of the message mirroring method of the present application.
Referring to fig. 2, a flowchart of a message mirroring method according to an embodiment of the present application is shown. The message mirroring method is applied to an IPv6 network comprising a first network device and a second network device. The second network device is an ingress device on the first IPv6 forwarding path and the second network device is an intermediate device or an egress device on the first IPv6 forwarding path. For example, the IPv6 network is an IPv6 network 1 shown in fig. 1, the first IPv6 forwarding path is an IPv6 forwarding path S1, the first network device is a PE2, and the second network device is a PE1. As shown in fig. 2, the message mirroring method includes the following steps S201 to S207.
S201, the second network device receives the service message A1.
The second network device receives the service message A1 from the last hop device of the second network device. For example, as shown in fig. 1, the second network device is PE1, the last hop device of the second network device is CE1, and PE1 receives the service packet A1 from CE 1.
S202, the second network equipment determines a first mirror index according to the second mapping relation and feature information C in the service message A1, and the first mirror index corresponds to the feature information C in the service message A1.
The second network device may parse the service packet A1 to obtain feature information C in the service packet A1, and then determine the first mirror index according to the second mapping relationship and the feature information C in the service packet A1. The second mapping relationship is used for indicating that the first mirror index corresponds to the feature information C in the service packet A1. For example, the second mapping relationship includes a correspondence between the feature information C in the service packet A1 and the first mirror index, where the correspondence is used to indicate that the feature information C corresponds to the first mirror index. Wherein the characteristic information C includes at least one of: n tuples, source Media Access Control (MAC) address, priority information, n being a positive integer. The n-tuple may be a tuple, a triplet, a quintuple, etc. The five-tuple includes a source internet protocol (internet protocol, SIP) address, a destination internet protocol (destination internet protocol, DIP) address, a source port number, a destination port number, and a transport layer protocol. A tuple comprises one of the tuples. The tuple comprises two tuples of the five-tuple. The triplet includes three tuples of the five-tuple. The priority information may be class of service (COS) priority information, type of service (TOS) priority information, or Differential Service Code Point (DSCP) information, the COS priority also being referred to as 802.1p priority, "802.1p" being an Institute of Electrical and Electronics Engineers (IEEE) 802.1p for short, and "802.1p" being one of IEEE 802.1 series protocols.
In an alternative embodiment, the second mapping relationship is used for recording a correspondence between the characteristic information of the packet and the mirror index, and the second mapping relationship includes a correspondence between the characteristic information C in the service packet A1 and the first mirror index. The second network device searches a second mapping relation according to the characteristic information C, and the second network device determines the mirror index corresponding to the characteristic information C in the second mapping relation as the first mirror index. In one example, the second mapping is shown in table 1 below.
TABLE 1
Message characteristic information Mirror index
FI-1 MI-1
FI-2 MI-2
FI-3 MI-3
... ...
As shown in Table 1, message characteristic information "FI-1" corresponds to mirror index "MI-1", message characteristic information "FI-2" corresponds to mirror index "MI-2", message characteristic information "FI-3" corresponds to mirror index "MI-3", and so on. For example, message characteristic information "FI-1" is a tuple (e.g., 1.1.1.1), message characteristic information "FI-2" is a five-tuple, and message characteristic information "FI-3" is a source MAC address; the mirror index "MI-1" is "1", the mirror index "MI-2" is "2", and the mirror index "MI-3" is "3". The mirror index is merely exemplary, and the mirror index in the present application is any possible index information that can mirror a message and corresponds to feature information in a service message. For example, the feature information C in the service packet A1 is "FI-1", the second network device searches the second mapping relationship shown in table 1 according to the feature information C, and the second network device determines that the first mirror index is "MI-1" according to the search result.
In an alternative embodiment, the second mapping relationship is associated with (or referred to as binding, corresponding to, etc.) the first IPv6 forwarding path, and the message characteristic information recorded in the second mapping relationship is characteristic information in a service message carried by the first IPv6 forwarding path, and the mirror index recorded in the second mapping relationship is used for mirroring the IPv6 message transmitted on the first IPv6 forwarding path. The service message carried by the first IPv6 forwarding path includes a service message that needs to be drained to the first IPv6 forwarding path by the second network device and/or a service message included in an IPv6 message transmitted on the first IPv6 forwarding path. For example, the indication information of the first IPv6 forwarding path is recorded in the second mapping relationship, so that the second mapping relationship is associated with the first IPv6 forwarding path. The indication information of the first IPv6 forwarding path may be a path identifier of the first IPv6 forwarding path, for example, the first IPv6 forwarding path is a SRv forwarding path, and the indication information of the first IPv6 forwarding path is a segment list for indicating the first IPv6 forwarding path. After the second network device receives the service message A1, the second network device determines that the IPv6 forwarding path for carrying the service message A1 is a first IPv6 forwarding path, and the second network device determines a first mirror index according to the second mapping relationship and feature information C in the service message A1. Wherein the first IPv6 forwarding path may be a tunnel.
In one example, the second mapping is shown in table 2 below.
TABLE 2
S203, the second network device obtains an IPv6 message A according to the service message A1 and the first mirror index, wherein the IPv6 message A comprises the service message A1 and a message header A2, and the message header A2 comprises the first mirror index.
The second network device is an ingress device on a first IPv6 forwarding path, the first IPv6 forwarding path being a forwarding path for IPv6 packet a. The second network device may generate a header A2 including the first mirror index, and the second network device encapsulates the header A2 outside the service packet A1 to obtain an IPv6 packet a. Wherein the first IPv6 forwarding path may be a tunnel.
In an alternative embodiment, the message header A2 includes an IPv6 basic header (basic header) and an IPv6 extension header (extension header), where the IPv6 extension header and the IPv6 basic header are sequentially located outside the service message A1, and the IPv6 extension header includes a first mirror index. The second network device firstly generates the IPv6 basic header and the IPv6 extension header comprising the first mirror index, and then the second network device sequentially encapsulates the IPv6 extension header and the IPv6 basic header outside the service message A1. Optionally, the header A2 further includes other headers, for example, the header A2 further includes an ethernet header (ETHERNET HEADER, ETH).
The first IPv6 forwarding path in the present application may be a unicast forwarding path or a multicast forwarding path, and the corresponding IPv6 extension header may include a unicast extension header or a multicast extension header. The following description is given in two cases.
First case: the first IPv6 forwarding path is a unicast forwarding path, and the IPv6 extension header includes a unicast extension header.
For example, the first IPv6 forwarding path is a SRv forwarding path, the IPv6 packet a is a SRv packet, and the IPv6 extension header is an SRH. The SRH comprises an SRH basic head, a segment list (SEGMENT LIST) and a type-lenghth-value (TLV) field, wherein the segment list comprises a plurality of segment identifiers (SEGMENT IDENTIFIER, SIDs) which are sequentially arranged, the SIDs are in one-to-one correspondence with a plurality of network devices along the first IPv6 forwarding path, and each network device in the plurality of network devices forwards an IPv6 message A according to the corresponding SID. In one embodiment, the first mirror index is located in the TLV field. In another embodiment, the first mirror index is located in the segment list, e.g., the first mirror index is located in a parameter (arguments) field of a first SID, which is the SID corresponding to the first network device (i.e., the mirror device).
The first mirror index is illustrated in the TLV field in the SRH. For example, please refer to fig. 3, which illustrates a schematic diagram of an IPv6 packet a provided by an embodiment of the present application. The IPv6 packet a is SRv packets, where the IPv6 packet a includes a service packet A1 and a packet header A2, and the service packet A1 is a payload (payload) of the IPv6 packet a. The header A2 includes SRH, IPv6 base header, and ETH sequentially distributed in the order from inside to outside (i.e., in a direction away from the service packet A1). The SRH includes an SRH basic header, a segment list, and TLV fields. The TLV field comprises a type sub-field, a length sub-field, a reserved sub-field and a mirror index sub-field; the type subfield is used for indicating the type of the TLV field, and the type of the TLV field is a mirror type; the length subfield is used to indicate the length of the data subfield (i.e., the mirror index subfield) in the TLV field; the mirror index subfield is used to carry a mirror index, and the first mirror index is located in the mirror index subfield. As shown in fig. 3, the segment list includes sequentially arranged segment lists [1] to [ k ], each segment list in the segment lists [1] to [ k ] is a SID, so that the segment list includes sequentially arranged k SIDs, the k SIDs are in one-to-one correspondence with k network devices along the first IPv6 forwarding path, the first network device is one network device in the k network devices, the first SID in the k SIDs is corresponding to the first network device, and k is a positive integer. Optionally, the first mirror index is used for the first network device to mirror the IPv6 packet a, and the type of the first SID is a target type, where the target type is used to instruct the first network device to process the TLV field to mirror the IPv6 packet a. For example, the target type is end.mi, i.e., the first SID is end.mi SID.
The SRH basic header is used for carrying SRH basic information, and comprises the following fields: next Header (NH), header extension length (header extension length, HLEN), routing type (routing type), remaining segment (SEGMENT LEFT, SL), last entry (LAST ENTRY), flag (flags), and tag (tag). The IPv6 basic header is used to carry IPv6 basic information, and the IPv6 basic header typically includes the following fields (not shown in fig. 3): version (version), stream classification (TRAFFIC CLASS, TC), stream label (flow label), payload length (payload length), next header, hop limit (hop limit), source address and destination address. The ETH is used to carry ethernet information. The SRH basic header, the IPv6 basic header, and the ETH refer to related standard documents, and are not described herein.
Second case: the first IPv6 forwarding path is a multicast forwarding path, and the IPv6 extension header includes a multicast extension header.
For example, the first IPv6 forwarding path is a BIER forwarding path, the IPv6 packet a is a BIER packet, and the IPv6 extension header includes a BIER header. Wherein the BIER head may be BIERv heads or BIERin heads. In one embodiment, the BIER header includes an extension field in which the first mirror index is located. In another embodiment, the BIER header includes a reserved field in which the first mirror index is located. Optionally, the IPv6 packet a includes an IPv6 extension header, where the IPv6 extension header includes the BIERv header (i.e., the BIERv header is located in the IPv6 extension header), for example, the BIERv header is an option field (option) in the IPv6 extension header. Illustratively, the IPv6 extension header is a destination option header (destination options header, DOH) or a hop-by-hop option header (hop by hop options header, HBH), and the BIERv header is an option field in the DOH or the HBH. If the IPv6 extension header is a DOH, the destination device of the IPv6 packet a (e.g., the egress device on the first IPv6 forwarding path) processes the DOH to mirror the IPv6 packet, and the mirror device may be the destination device of the IPv6 packet a, for example, the mirror device is the egress device on the first IPv6 forwarding path. If the IPv6 extension header is HBH, all network devices along the path of the IPv6 message A process the HBH to mirror the IPv6 message, and all network devices along the path of the IPv6 message A are mirror devices.
For example, please refer to fig. 4, which shows a schematic diagram of another IPv6 packet a provided by an embodiment of the present application. The IPv6 message a is BIERin messages, where the IPv6 message a includes a service message A1 and a message header A2, and the service message A1 is a payload of the IPv6 message a. The message header A2 includes BIERin headers (i.e., IPv6 extension headers), IPv6 base headers, and ETH, which are sequentially distributed in the order from inside to outside (i.e., in a direction away from the service message A1). The BIERin header includes the following fields: bit forwarding table (bit index forwarding table, BIFT) identification, stream classification (TRAFFIC CLASS, TC), S, time To Live (TTL), nibble (nibble), version (version), bit string length (bitstring length, BSL), entropy (entropy), operation management and maintenance (AND MAINTENANCE, OAM), reserved (R), differential service code point (DIFFERENTIATED SERVICES code point, DSCP), protocol (protocol), bit forwarding entry router (bit-forwarding egress router, BFIR) identification, bit string (bitstring), and extension fields. The extension field is a field extended in the BIERin header for carrying a mirror index in which the first mirror index is located. In one example, the reserved (R) field in the BIERin header is employed to indicate the meaning of the extension field. In another example, the extension field is a TLV field, the extension field includes a type subfield, the type subfield is used to indicate the meaning of the extension field, for example, the structure of the extension field may refer to the structure of the TLV field in fig. 3. In yet another example, the extension field includes a mirror index subfield for carrying a mirror index and a flag subfield (not shown in fig. 4) that may be adjacent to the high order bits of the mirror index subfield for indicating the meaning of the mirror index subfield.
Wherein BIFT identification field is used to carry BIFT identification, one BIFT identification corresponds to a specific combination of BSL, sub-domains (SDs) and set identification (SET IDENTIFIER, SI). The TC field is used to carry flow classification information. The S field is also referred to as an S flag bit. The TTL field is used to carry the lifetime of BIERin messages (i.e., IPv6 message a). The version field is used to carry the version of the BIERin header. The entropy field is used to carry an "entropy" value to perform equivalent load balancing during BIER forwarding. The OAM field is used to carry OAM information, and typically may be reserved. The DSCP field is used to carry DSCP information. The protocol field is used to carry the type of payload. The BFIR identification field is used to carry the identification of BFIR (e.g., the second network device). The bit string field is used to carry a bit string, where the bit string includes a plurality of bits corresponding one-to-one to a plurality of bit forwarding egress routers (bit-forwarding egress router, BFER) of a BIERin message (e.g., IPv6 message a), where the bit string identifies the BFER of the BIERin message along with the SI and SD of the BIERin message, and where the SI and SD of the BIERin6 message are determined according to the BIFT identification carried by the BIERin header, and where the bit string field is typically increased by a fixed length of 32 bits. The BSL field is used to carry the length of the bit string field. The IPv6 base header typically includes the following fields therein: version, flow classification, flow label, payload length, next header, hop limit, source address and destination address. The ETH is used to carry ethernet information. The content of the IPv6 basic header and the ETH refer to related standard documents, and will not be described herein.
For example, please refer to fig. 5, which illustrates a schematic diagram of another IPv6 packet a provided by an embodiment of the present application. The IPv6 message a is BIERv messages, where the IPv6 message a includes a service message A1 and a message header A2, and the service message A1 is a payload of the IPv6 message a. The message header A2 includes an IPv6 extension header, an IPv6 base header, and an ETH, which are sequentially distributed in the order from inside to outside (i.e., in a direction away from the service message A1). The IPv6 extension header may be DOH or HBH, and the IPv6 extension header includes BIERv header. The BIERv head has the same structure as the BIERin head shown in fig. 4, and a detailed description thereof is omitted. The content of the IPv6 basic header and the ETH refer to related standard documents, and will not be described herein.
S204, the second network equipment forwards the IPv6 message A.
The second network device forwards the IPv6 message a to the next-hop device of the second network device. The next hop device of the second network device may or may not be the first network device. For example, as shown in fig. 1, the second network device is PE1, the next-hop device of the second network device is P1, and the PE1 forwards the IPv6 packet a to P1.
In one embodiment, the IPv6 packet a is SRv packets, and the SRH of the IPv6 packet a includes a second SID, where the second SID corresponds to the second network device, and the second network device forwards the IPv6 packet a to a next-hop device of the second network device according to the second SID.
In another embodiment, the IPv6 packet a is a BIER packet, and the BIER header of the IPv6 packet a includes a bit string, and the second network device forwards the IPv6 packet a to the next-hop device of the second network device according to the bit string and the multicast forwarding table of the second network device. The multicast forwarding table may be a bit forwarding table (bit index forwarding table, BIFT), among others.
S205, the first network equipment receives the IPv6 message A.
The first network device is an intermediate device or an exit device on a first IPv6 forwarding path, where the first IPv6 forwarding path is a forwarding path of an IPv6 packet a, and the first network device may receive the IPv6 packet a forwarded by a last hop device of the first network device. The last hop device of the first network device may or may not be the second network device. For example, as shown in fig. 1, the first network device is PE2, the last hop device of the first network device is P1, and the PE2 receives the IPv6 packet a forwarded by P1.
S206, the first network device determines message observing port information B according to the first mapping relation and the first mirror index in the message header A2 of the IPv6 message A, wherein the message observing port information B is used for indicating the message observing port B.
The first network device may parse the IPv6 packet a to obtain a first mirror index in a packet header A2 of the IPv6 packet a, and the first network device determines, according to the first mapping relationship and the first mirror index, packet observation port information B. The first mapping relationship is used for indicating that the first mirror index corresponds to the message observation port information B. For example, the first mapping relationship includes a correspondence between the first mirror index and the message observing port information B, where the correspondence is used to indicate that the first mirror index corresponds to the message observing port information B. The message observing port information B may be a port identifier, and the first network device includes the message observing port B.
In an alternative embodiment, the first mapping relationship is used for recording a corresponding relationship between the mirror index and the message observing port information, and the first mapping relationship includes a corresponding relationship between the first mirror index and the message observing port information B. The first network device searches a first mapping relation according to the first mirror index in the IPv6 message A, and the first network device determines message observation port information corresponding to the first mirror index in the first mapping relation as message observation port information B.
In one example, the first mapping is shown in table 3 below.
TABLE 3 Table 3
Mirror index Message observation port information
MI-1 P1-1
MI-2 P1-2
MI-3 P1-3
... ...
As shown in table 3, the mirror index "MI-1" corresponds to the message observing port information "P1-1", the mirror index "MI-2" corresponds to the message observing port information "P1-2", the mirror index "MI-3" corresponds to the message observing port information "P1-3", and so on. The message observing port information "P1-1", the message observing port information "P1-2" and the message observing port information "P1-3" may be indication information, such as port identification, for indicating a network port, for example, the message observing port information "P1-1" is g1/0/0. For example, the first mirror index is "MI-1", the first network device searches the first mapping relationship shown in table 2 according to the first mirror index, determines that the first mirror index corresponds to the message observing port information "P1-1", and the first network device determines that "P1-1" is the message observing port information B, where the message observing port information "P1-1" is used to indicate the message observing port B.
In an alternative embodiment, the first mapping relationship is associated with (or referred to as binding, corresponding to, etc.) the first IPv6 forwarding path, and the mirror index and the message observing port information recorded in the first mapping relationship are used for mirroring the IPv6 message transmitted on the first IPv6 forwarding path. For example, the indication information of the first IPv6 forwarding path is recorded in the first mapping relationship, so that the first mapping relationship is associated with the first IPv6 forwarding path. After the first network device receives the IPv6 packet a, the first network device determines that the IPv6 packet a is transmitted on the first IPv6 forwarding path (for example, the IPv6 packet a carries indication information of the first IPv6 forwarding path), and the first network device determines, according to the first mapping relationship and a first mirror index in a header A2 of the IPv6 packet a, packet observation port information B. In one example, the first mapping is shown in table 4 below.
TABLE 4 Table 4
S207, the first network device mirrors the IPv6 message A to the message observation port B.
In an alternative embodiment, the first network device replicates an IPv6 message a, and the first network device forwards the replicated IPv6 message a through a message observation port B, so as to mirror the IPv6 message a to the message observation port B.
In the embodiment of the application, the message observation port B is connected with the monitoring platform, the first network equipment forwards the IPv6 message A through the message observation port B, the monitoring platform can receive the IPv6 message A, and the monitoring platform can analyze and monitor the IPv6 message A. For example, the monitoring platform analyzes the IPv6 packet a to obtain a service packet A1 in the IPv6 packet a, and analyzes the service packet A1 to obtain a packet loss condition of a service flow to which the service packet A1 belongs. For example, the monitoring platform determines whether packet loss occurs in the service flow to which the service message A1 belongs according to the sequence number of the service message A1.
In one embodiment, the message observation port B is directly connected to the monitoring platform (i.e., no other device exists between the message observation port B and the monitoring platform), the first network device forwards the IPv6 message a to the monitoring platform through the message observation port B, and the monitoring platform receives the IPv6 message a forwarded by the first network device. In another embodiment, the message observation port B is connected to the monitoring platform through a transmission network (i.e. other devices exist between the message observation port B and the monitoring platform), the first network device forwards the IPv6 message a to the transmission network through the message observation port B, the transmission network forwards the IPv6 message a to the monitoring platform, and the monitoring platform receives the IPv6 message a forwarded by the transmission network.
As can be seen from the foregoing description, the second mapping relationships shown in table 1 and table 2 are used for the second network device (the ingress device on the first IPv6 forwarding path) to determine the mirror index according to the feature information in the service packet, the first mapping relationships shown in table 3 and table 4 are used for the first network device (the mirror device) to determine the port information of the packet Wen Jingxiang according to the mirror index in the header of the IPv6 packet to mirror the IPv6 packet, so in an embodiment, table 1 and/or table 2 are also referred to as a flow mirror table, and table 3 and/or table 4 are also referred to as a flow observation table. In some embodiments, the second mapping relationship does not include a correspondence between the feature information C in the service packet A1 and the first mirror index, and the second network device searches the second mapping relationship according to the feature information C in the service packet A1 to determine that the feature information C does not hit the second mapping relationship, and the second network device performs IPv6 encapsulation on the service packet a according to a conventional IPv6 encapsulation method. Similarly, the embodiment of the present application is illustrated by taking the corresponding relationship between the first mirror index and the message observing port information B included in the first mapping relationship as an example, in some embodiments, the corresponding relationship between the first mirror index and the message observing port information B is not included in the first mapping relationship, the first network device searches the first mapping relationship according to the first mirror index in the header A2 of the IPv6 message a to determine that the first mirror index does not hit the first mapping relationship, and the first network device does not mirror the IPv6 message a.
In summary, according to the technical solution provided in the embodiments of the present application, the IPv6 packet includes a service packet and a packet header, the first mirror index in the packet header corresponds to feature information in the service packet, the first network device determines packet observation port information according to the first mapping relationship and the first mirror index in the packet header, and mirrors the IPv6 packet to the packet observation port indicated by the packet observation port information, so that the first network device can implement mirroring of the IPv6 packet based on the feature information in the service packet included in the IPv6 packet without deeply analyzing the IPv6 packet, thereby guaranteeing forwarding efficiency of the IPv6 packet.
Prior to S206 described above, the first network device may acquire the first mapping relationship. Prior to S202 described above, the second network device may acquire the second mapping relationship. In the embodiment of the present application, the first mapping relationship may be generated by the first network device or may be generated by the network management device. The second mapping relationship may be generated by the second network device or may be generated by the network management device. Thus, the first network device obtaining the first mapping relation includes: the first network equipment generates a first mapping relation or receives the first mapping relation sent by the network management equipment. The second network device obtaining the second mapping relation includes: the second network device generates a second mapping relation, or the second network device receives the second mapping relation sent by the network management device.
In one embodiment, the first mapping is generated by a first network device and the second mapping is generated by a second network device. The first network device may obtain the first configuration information, and generate a first mapping relationship according to the first configuration information. The second network device may obtain the second configuration information, and generate a second mapping relationship according to the second configuration information. The first configuration information may be sent by the network management device to the first network device, or may be configured by a worker in the first network device. The second configuration information may be sent by the network management device to the second network device, or may be configured by the staff member in the second network device. For example, a worker may input first configuration information to a first network device via a command line and a worker may input second configuration information to a second network device via a command line. In one example, the first configuration information includes a first mirror index, after the first network device obtains the first configuration information, the first network device determines message observation port information B according to a message observation port B of the first network device, and the first network device generates a first mapping relationship according to the first mirror index in the first configuration information and the message observation port information B determined by the first network device. In another example, the first configuration information includes a first mirror index and message observing port information B, and the first network device generates a first mapping relationship according to the first mirror index in the first configuration information and the message observing port information B in the first configuration information. The second configuration information may include a first mirror index and feature information C in the service packet A1, and the first network device generates a second mapping relationship according to the feature information C in the second configuration information and the first mirror index in the second configuration information. Optionally, the staff inputs the first mapping relation to the first network device through the command line, and the first network device obtains the first mapping relation input by the staff; the staff inputs a second mapping relation to the second network equipment through the command line, and the second network equipment acquires the second mapping relation input by the staff.
In another embodiment, the first mapping relationship and the second mapping relationship are generated by the network management device, and after the network management device generates the first mapping relationship and the second mapping relationship, the network management device sends the first mapping relationship to the first network device, and the network management device sends the second mapping relationship to the second network device. The generation of the first mapping relationship and the second mapping relationship by the network management device will be described below as an example.
Referring to fig. 6, a flowchart of another message mirroring method according to an embodiment of the application is shown. The message mirroring method is applied to a communication system comprising first network equipment, second network equipment and network management equipment, wherein the communication system comprises an IPv6 network, and the first network equipment and the second network equipment are positioned in the IPv6 network. The second network device is an ingress device on the first IPv6 forwarding path, the first network device is an intermediate device or an egress device on the first IPv6 forwarding path, and the network management device is configured to manage the IPv6 network. For example, as shown in fig. 1, the IPv6 network is IPv6 network 1 in fig. 1, the first IPv6 forwarding path is IPv6 forwarding path S1, the first network device is PE2, the second network device is PE1, and the network management device is network management device 10. As shown in fig. 6, the message mirroring method includes the following steps S601 to S612.
S601, network management equipment generates a first mapping relation and a second mapping relation, wherein the first mapping relation is used for indicating that a first mirror index corresponds to message observation port information B, the message observation port information B is used for indicating a message observation port B in first network equipment, and the second mapping relation is used for indicating that the first mirror index corresponds to characteristic information C in service message A1.
The network management equipment can acquire the characteristic information C, the first mirror index and the message observation port information B in the service message A1, generates a first mapping relation according to the first mirror index and the message observation port information B, and generates a second mapping relation according to the characteristic information C and the first mirror index in the service message A1. The first mapping relationship is used for recording the corresponding relationship between the mirror index and the message observing port information, and the first mapping relationship comprises the corresponding relationship between the first mirror index and the message observing port information B. The second mapping relation is used for recording the corresponding relation between the characteristic information of the message and the mirror index, and the second mapping relation comprises the corresponding relation between the characteristic information C in the service message A1 and the first mirror index.
In one embodiment, the network management device obtains observation configuration information and stream feature configuration information, where the observation configuration information includes a first mirror index and message observation port information B, the stream feature configuration information includes a first mirror index and feature information C in a service packet A1, for example, the observation configuration information includes a correspondence between the first mirror index and the message observation port information B, the stream feature configuration information includes a correspondence between the feature information C in the service packet A1 and the first mirror index, the network management device generates a first mapping relationship according to the observation configuration information, and the network management device generates a second mapping relationship according to the stream feature configuration information. In another embodiment, the network management device obtains observation configuration information and stream feature configuration information, where the observation configuration information includes message observation port information B, the stream feature configuration information includes feature information C in service message A1, the network management device generates a first mirror index, the network management device generates a first mapping relationship according to the observation configuration information and the first mirror index, and the network management device generates a second mapping relationship according to the stream feature configuration information and the first mirror index.
In an alternative embodiment, the first mapping relationship and the second mapping relationship are respectively associated with the first IPv6 forwarding path. For example, the first mapping relationship and the second mapping relationship respectively include indication information of the first IPv6 forwarding path. The network management equipment can determine the indication information of the first IPv6 forwarding path, generates a first mapping relation according to the indication information of the first IPv6 forwarding path, the first mirror index and the message observation port information B, and generates a second mapping relation according to the indication information of the first IPv6 forwarding path, the characteristic information C in the service message A1 and the first mirror index.
S602, the network management equipment sends a first mapping relation to the first network equipment.
The network management device sends the first mapping relationship to the first network device via a border gateway protocol (border gateway protocol, BGP), a network configuration protocol (network configuration protocol, netcon), a path computation element communication protocol (path computation element communication protocol, PCEP), or other proprietary protocol.
For example, the network management device generates a first control message, where the first control message includes a first mapping relationship, and the network management device sends the first control message to the first network device. The first control message may be a BGP message, a netcon message, a PCEP message, or a message of another proprietary protocol.
S603, the network management equipment sends a second mapping relation to the second network equipment.
The network management device sends the second mapping relationship to the second network device through BGP, NETCONF, PCEP or other private protocols.
For example, the network management device generates a second control message, where the second control message includes a second mapping relationship, and the network management device sends the second control message to the second network device. The second control message may be a BGP message, a netcon message, a PCEP message, or a message of another proprietary protocol.
S604, the first network equipment receives a first mapping relation sent by the network management equipment.
The first network device receives a first control message sent by the network management device, where the first control message includes a first mapping relationship, and the first network device analyzes the first control message to obtain the first mapping relationship.
S605, the second network equipment receives a second mapping relation sent by the network management equipment.
The second network device receives a second control message sent by the network management device, where the second control message includes a second mapping relationship, and the second network device parses the second control message to obtain the second mapping relationship.
S606, the second network device receives the service message A1.
S607, the second network device determines a first mirror index according to the second mapping relation and the characteristic information C in the service message A1.
S608, the second network device obtains an IPv6 message A according to the service message A1 and the first mirror index, wherein the IPv6 message A comprises the service message A1 and a message header A2, and the message header A2 comprises the first mirror index.
S609, the second network device forwards the IPv6 message A.
S610, the first network equipment receives the IPv6 message A.
S611, the first network device determines message observing port information B according to the first mapping relation and a first mirror index in a message header A2 of the IPv6 message A, wherein the message observing port information B is used for indicating the message observing port B.
S612, the first network device mirrors the IPv6 message A to the message observation port B.
The implementation procedures of S606 to S612 may refer to the implementation procedures of S201 to S207 described above, and will not be described here.
In summary, according to the technical solution provided in the embodiments of the present application, the IPv6 packet includes a service packet and a packet header, the first mirror index in the packet header corresponds to feature information in the service packet, the first network device determines packet observation port information according to the first mapping relationship and the first mirror index in the packet header, and mirrors the IPv6 packet to the packet observation port indicated by the packet observation port information, so that the first network device can implement mirroring of the IPv6 packet based on the feature information in the service packet included in the IPv6 packet without deeply analyzing the IPv6 packet, thereby guaranteeing forwarding efficiency of the IPv6 packet.
The foregoing is an introduction to the method embodiments of the present application and the following description of the apparatus embodiments of the present application. The apparatus of the present application may be used to perform the method of the present application. For details not disclosed in the device embodiments of the present application, please refer to the method embodiments.
Fig. 7 is a schematic diagram of a message mirroring device 700 according to an embodiment of the present application. The message mirroring device 700 is applied to the first network device, for example, the message mirroring device 700 is the first network device or a functional component in the first network device. Referring to fig. 7, the message mirroring apparatus 700 includes a receiving module 710 and a processing module 720.
The receiving module 710 is configured to receive an IPv6 packet, where the IPv6 packet includes a service packet and a packet header, and the packet header includes a first mirror index, and the first mirror index corresponds to feature information in the service packet. The functional implementation of the receiving module 710 may refer to the relevant description in S205 above.
The processing module 720 is configured to determine message observing port information according to the first mirror index and the first mapping relationship, where the message observing port information is used to indicate a message observing port, and the first network device includes the message observing port. The functional implementation of the processing module 720 may refer to the relevant description in S206 above.
The processing module 720 is further configured to mirror the IPv6 message to the message observation port. The functional implementation of the processing module 720 may also refer to the relevant description in S207 above.
Optionally, the message header includes an IPv6 basic header and an IPv6 extension header, where the IPv6 extension header includes a first mirror index.
Optionally, the IPv6 extension header includes an SRH.
Optionally, the IPv6 extension header includes a BIER header.
Optionally, the BIER head is BIERv heads or BIERin heads.
Optionally, the receiving module 710 is further configured to receive the first mapping relationship sent by the network management device. The functional implementation of the receiving module 710 may also refer to the relevant description in S604 above.
Optionally, the characteristic information includes at least one of: n-tuple, source MAC address, priority information, n is a positive integer.
Optionally, the first network device is an intermediate device or an egress device on a first IPv6 forwarding path, and the first IPv6 forwarding path is a forwarding path of the IPv6 packet.
In summary, according to the technical solution provided in the embodiments of the present application, the IPv6 packet includes a service packet and a packet header, the first mirror index in the packet header corresponds to feature information in the service packet, the first network device determines packet observation port information according to the first mapping relationship and the first mirror index in the packet header, and mirrors the IPv6 packet to the packet observation port indicated by the packet observation port information, so that the first network device can implement mirroring of the IPv6 packet based on the feature information in the service packet included in the IPv6 packet without deeply analyzing the IPv6 packet, thereby guaranteeing forwarding efficiency of the IPv6 packet.
Fig. 8 is a schematic diagram of another message mirroring apparatus 800 according to an embodiment of the present application. The message mirroring apparatus 800 is applied to the second network device, for example, the message mirroring apparatus 800 is the second network device or a functional component in the second network device. Referring to fig. 8, the message mirroring apparatus 800 includes a receiving module 810, a processing module 820, and a forwarding module 830.
A receiving module 810, configured to receive a service packet. The functional implementation of the receiving module 810 may also refer to the relevant description in S201 above.
A processing module 820, configured to determine a first mirror index according to the second mapping relationship and the feature information in the service packet; and the IPv6 message is used for obtaining the IPv6 message according to the service message and the first mirror index, wherein the IPv6 message comprises the service message and a message header, and the message header comprises the first mirror index. The functional implementation of the processing module 820 may also refer to the relevant descriptions in S202 to S203 above.
And a forwarding module 830, configured to forward the IPv6 packet. The functional implementation of the forwarding module 830 may also refer to the relevant descriptions in S204 to S203 above.
Optionally, the message header includes an IPv6 basic header and an IPv6 extension header, where the IPv6 extension header includes a first mirror index.
Optionally, the IPv6 extension header includes an SRH.
Optionally, the IPv6 extension header includes a BIER header.
Optionally, the BIER head is BIERv heads or BIERin heads.
Optionally, the receiving module 810 is further configured to receive a second mapping relationship sent by the network management device. The functional implementation of the receiving module 810 may also refer to the relevant description in S605 above.
Optionally, the characteristic information includes at least one of: n-tuple, source MAC address, priority information, n is a positive integer.
Optionally, the second network device is an ingress device on a first IPv6 forwarding path, and the first IPv6 forwarding path is a forwarding path for the IPv6 packet.
In summary, according to the technical solution provided in the embodiments of the present application, the IPv6 message obtained by the second network device includes a service message and a message header, and the first mirror index in the message header corresponds to feature information in the service message, so that the mirror device (for example, the first network device) may determine a message observation port according to the first mirror index, mirror the IPv6 message to the message observation port, and the mirror device may implement mirroring the IPv6 message based on the feature information in the service message included in the IPv6 message without deeply analyzing the IPv6 message, thereby ensuring forwarding efficiency of the IPv6 message.
Fig. 9 is a schematic diagram of another message mirroring device 900 according to an embodiment of the present application. The message mirror device 900 is applied to a network management device, for example, the message mirror device 900 is a network management device or a functional component in the network management device. Referring to fig. 9, the message mirroring apparatus 900 includes a generating module 910 and a transmitting module 920.
The generating module 910 is configured to generate a first mapping relationship and a second mapping relationship, where the first mapping relationship is used to indicate that the first mirror index corresponds to the message observation port information, the message observation port information is used to indicate a message observation port in the first network device, and the second mapping relationship is used to indicate that the first mirror index corresponds to the feature information in the service message. The functional implementation of the generating module 910 may also refer to the related description in S601 above.
A sending module 920, configured to send the first mapping relationship to a first network device; and sending the second mapping relation to the second network device. The function implementation of the transmission module 920 may also refer to the related descriptions in S602 to S603 described above.
Optionally, the second network device is configured to forward an IPv6 packet to the first network device according to a second mapping relationship, where the IPv6 packet includes the service packet and a packet header, and the packet header includes the first mirror index; the first network device is configured to mirror the IPv6 message to a message observation port indicated by the message observation port information according to a first mapping relationship.
Optionally, the first network device is an intermediate device or an egress device on a first IPv6 forwarding path, the second network device is an ingress device on the first IPv6 forwarding path, and the first IPv6 forwarding path is a forwarding path for the IPv6 packet.
In summary, according to the technical scheme provided by the application, the network management device sends the second mapping relation to the second network device, so that when the second network device receives the service message, the second network device determines the first mirror index according to the second mapping relation and the characteristic information in the service message; the network management equipment sends a first mapping relation to the first network equipment, so that when the first network equipment receives the IPv6 message comprising the service message and the message header, the first network equipment determines a message observation port according to the first mapping relation and a first mirror index in the message header, and mirrors the IPv6 message to the message observation port.
The message mirror device provided by the embodiment of the application can also be implemented by an application-specific integrated circuit (ASIC) or a programmable logic device (programmable logic device, PLD). The PLD may be a complex program logic device (complex programmable logical device, CPLD), a field-programmable gate array (FPGA) GATE ARRAY, general-purpose array logic (GENERIC ARRAY logic, GAL), or any combination thereof. The method provided by the method embodiment can also be implemented by software, and when the method provided by the method embodiment is implemented by software, each module in the message mirroring device can also be a software module.
Referring to fig. 10, a schematic diagram of another message mirroring device 1000 according to an embodiment of the application is shown. The message mirroring apparatus 1000 is a network device or a functional component in the network device. Message mirroring apparatus 1000 includes a main control board 1010, an interface board 1030, and an interface board 1040. The plurality of interface boards also comprises, in the case of a plurality of interface boards, a switching network board (not shown in fig. 10) for completing the data exchange between the interface boards (interface boards are also called line cards or service boards).
The main control board 1010 is used for performing functions such as system management, equipment maintenance, and protocol processing. Interface board 1030 and interface board 1040 are used to provide various service interfaces (e.g., POS interface, GE interface, ATM interface, etc.) and to implement message forwarding. The main control board 1010 mainly has 3 kinds of functional units: the system comprises a system management control unit, a system clock unit and a system maintenance unit. The main control board 1010, the interface board 1030 and the interface board 1040 are connected with the system backboard through a system bus to realize intercommunication. Interface board 1030 includes one or more processors 1031 thereon. Processor 1031 is used to control and manage interface board 1030 and communicate with central processor 1012 on main control board 1010. A memory 1032 on interface board 1030 is used to store forwarding information, mapping relationships, and the like. Interface board 1030 includes one or more network interfaces 1033 for receiving and transmitting messages, the detailed description of which is omitted. As shown in fig. 10, the main control board 1010 further includes a memory 1014, where the memory 1014 is used to store system management information, protocols, and the like, which is not limited by the embodiment of the present application.
As shown in fig. 10, this embodiment includes multiple interface boards, and uses a distributed forwarding mechanism, where operations on interface board 1040 are substantially similar to those of interface board 1030. For example, interface board 1040 includes one or more network interfaces 1043 for receiving and transmitting messages, memory 1042 for storing forwarding information, mappings, etc., and processor 1041 for controlling and managing interface board 1040 and communicating with central processor 1012 on main control board 1010. For brevity, the interface board 1040 will not be described in detail herein.
Processor 1031 in interface board 1030 and/or processor 1041 in interface board 1040 in fig. 10 may be dedicated hardware or chips, such as network processors or application specific integrated circuits, implemented as so-called forwarding plane processing using dedicated hardware or chips. In further embodiments, processor 1031 in interface board 1030 and/or processor 1041 in interface board 1040 employ a general-purpose processor, such as a central processing unit (central processing unit, CPU).
In addition, it should be noted that the master control board may have one or more pieces, and the master control board may include a main master control board and a standby master control board when there are more pieces. The interface boards may have one or more, the more data processing capabilities the network device is, the more interface boards are provided. Under the condition of a plurality of interface boards, the interface boards can communicate through one or a plurality of exchange network boards, and load sharing redundancy backup can be realized jointly when a plurality of interface boards exist. Under the centralized forwarding architecture, the network device may not need to exchange network boards, and the interface board bears the processing function of the service data of the whole system. Under the distributed forwarding architecture, the network device comprises a plurality of interface boards, and data exchange among the plurality of interface boards can be realized through the exchange network board, so that high-capacity data exchange and processing capacity are provided. Therefore, the data access and processing power of the network device of the distributed architecture is greater than that of the network device of the centralized architecture. Which architecture is specifically adopted depends on the networking deployment scenario, and no limitation is made here.
In alternative embodiments, memory 1032 and/or Memory 1042 is a read-only Memory (ROM) or other type of static storage device that can store static information and instructions, a random access Memory (random access Memory, RAM) or other type of dynamic storage device that can store information and instructions, and may also be an electrically erasable programmable read-only Memory (ELECTRICALLY ERASABLE PROGRAMMABLE READ-only Memory, EEPROM), a compact disc (compact disc read-only Memory, CD-ROM) or other optical disc storage, optical disc storage (including compact discs, laser discs, optical discs, digital versatile discs, blu-ray discs, etc.), magnetic or other magnetic storage devices, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer, without limitation. The memory 1032 may be provided separately and coupled to the processor 1031 via a communication bus or may be integrated with the processor 1031. The memory 1042 may be provided separately, coupled to the processor 1041 via a communication bus, or may be integrated with the processor 1041.
The memory 1032 is used for storing program codes and is controlled to be executed by the processor 1031 to perform part or all of the steps of the method provided by the above-described embodiment. The processor 1031 is used to execute program code stored in the memory 1032. One or more software modules may be included in the program code. The one or more software modules may be the functional modules provided in the embodiments shown in fig. 7 or 8 described above. Memory 1042 may also be used for storing program code and it may be controlled by processor 1041 to perform some or all of the steps of the methods provided by the embodiments described above. Similarly, memory 1014 may also be used for storing program code and for controlling execution by central processor 1012 to perform some or all of the steps of the methods provided by the embodiments described above.
In alternative embodiments, network interface 1033, network interface 1043 is a device that uses any transceiver or the like for communicating with other devices or communication networks, such as ethernet, radio access network (radio access network, RAN), wireless local area network (wireless local area networks, WLAN), etc.
Referring to fig. 11, a schematic diagram of another message mirroring device 1100 according to an embodiment of the application is shown. The message mirroring apparatus 1100 may be a network device or a functional component in a network device, or may be a network management device or a functional component in a network management device. The message mirroring device 1100 includes a processor 1102, a memory 1104, a communication interface 1106 and a bus 1108, the processor 1102, the memory 1104 and the communication interface 1106 being communicatively coupled via the bus 1108. In other embodiments, the processor 1102, memory 1104, and communication interface 1106 may be connected in other ways.
The memory 1104 is used to store a computer program 11042, which computer program 11042 may include instructions and data. The memory 1104 may be various types of storage media such as RAM, ROM, nonvolatile RAM (NVRAM), programmable ROM (PROM), erasable PROM (erasable PROM, EPROM), electrically erasable PROM (ELECTRICALLY ERASABLE PROM, EEPROM), flash memory, optical memory, registers, and the like.
The processor 1102 may be a general-purpose processor, which is a processor that performs certain steps and/or operations by reading and executing a computer program (e.g., computer program 11042) stored in a memory (e.g., memory 1104), which may use data stored in the memory in performing the steps and/or operations. The stored computer program may be executed to implement the relevant functions of the aforementioned processing module 720, processing module 820, generating module 910, etc. The general purpose processor may be a CPU. The processor 1102 may also be a special purpose processor, which is a specially designed processor for performing certain steps and/or operations, which may be a digital signal processor (DIGITAL SIGNAL processor), ASIC, FPGA, or the like. The processor 1102 may also be a multi-core processor. The processor 1102 includes at least one circuit to perform all or part of the steps of the methods of the embodiments described above.
Communication interface 1106 includes input/output (I/O) interfaces, physical interfaces, logical interfaces, and the like for implementing device interconnection inside message mirroring apparatus 1100, and interfaces for implementing interconnection of message mirroring apparatus 1100 with other devices (e.g., network devices). The physical interface may be a gigabit ethernet interface (gigabit Ethernet, GE) that may be used to implement the message mirroring apparatus 1100 to interconnect with other devices. The logical interface is an interface inside the message mirroring apparatus 1100, which may be used to implement device interconnection inside the message mirroring apparatus 1100. It is to be readily understood that the communication interface 1106 may be used for the message mirroring apparatus 1100 to communicate with other devices, for example, the communication interface 1106 may be used for sending and receiving messages between the message mirroring apparatus 1100 and the other devices, where the communication interface 1106 may implement the functions related to the foregoing receiving module 710, the receiving module 810, the forwarding module 830, the sending module 920, and so on.
The bus 1108 may be any type of communication bus, such as a system bus, that interconnects the processor 1102, the memory 1104, and the communication interface 1106.
The above devices may be provided on separate chips, or may be provided at least partially or entirely on the same chip. Whether the individual devices are independently disposed on different chips or integrally disposed on one or more chips is often dependent on the needs of the product design. The embodiment of the application does not limit the specific implementation form of the device.
The message mirroring apparatus 1100 shown in fig. 11 is merely an example, and the message mirroring apparatus 1100 may further include other components. The message mirroring device 1100 performs message mirroring by performing all or part of the steps of the method provided by the above embodiments.
The embodiment of the application provides a message mirror system, which comprises a first network device and a second network device. In one implementation, the first network device includes a message mirroring device 700 as shown in fig. 7, and the second network device includes a message mirroring device 800 as shown in fig. 8. In another implementation, at least one of the first network device and the second network device includes a message mirroring apparatus 1000 as shown in fig. 10 or a message mirroring apparatus 1100 as shown in fig. 11.
Optionally, the message mirroring system further includes a network management device, where the network management device includes a message mirroring device 900 shown in fig. 9 or a message mirroring device 1100 shown in fig. 11.
The message mirroring system is, for example, a communication system as shown in fig. 1.
The present application provides a computer readable storage medium having stored therein a computer program which, when executed (e.g., by a network device, network management device, one or more processors, etc.), performs all or part of the steps of the method as provided by the method embodiments described above.
The present application provides a computer program product comprising a program or code which, when executed (e.g. by a network device, network management device, one or more processors, etc.), implements all or part of the steps of a method as provided by the method embodiments described above.
Embodiments of the present application provide a chip comprising programmable logic circuits and/or program instructions, which when executed is adapted to carry out all or part of the steps of the method as provided by the method embodiments described above.
In the above embodiments, it may be implemented in whole or in part by software, hardware, firmware, or any combination thereof. When implemented in software, may be embodied in whole or in part in the form of a computer program product comprising one or more computer instructions. When loaded and executed on a computer, produces a flow or function in accordance with embodiments of the present application, in whole or in part. The computer may be a general purpose computer, a network of computers, or other programmable devices. The computer instructions may be stored in or transmitted from one computer readable storage medium to another, for example, by wired (e.g., coaxial cable, optical fiber, digital subscriber line) or wireless (e.g., infrared, wireless, microwave, etc.) means from one website, computer, server, or data center. The computer readable storage medium may be any available medium that can be accessed by a computer or a data storage device including one or more servers, data centers, etc. that can be integrated with the available medium. The usable medium may be a magnetic medium (e.g., floppy disk, hard disk, magnetic tape), an optical medium, or a semiconductor medium (e.g., solid state disk), etc.
It should be understood that the term "at least one" in the present application means one or more, and "a plurality" means two or more. The term "and/or" in the present application is merely an association relation describing the association object, and means that three kinds of relations may exist, for example, a and/or B may mean: a exists alone, A and B exist together, and B exists alone. In addition, for the purpose of clarity of description, the words "first," "second," "third," and the like are used herein to distinguish between identical or similar items that have substantially the same function and effect. Those skilled in the art will appreciate that the words "first," "second," "third," etc. do not limit the number and order of execution.
Different types of embodiments, such as a method embodiment and a device embodiment, provided by the embodiment of the present application may be referred to each other, and the embodiment of the present application is not limited to this. The sequence of the operations of the method embodiment provided by the embodiment of the application can be properly adjusted, the operations can also be increased or decreased according to the situation, and any method which is easily conceivable to be changed by a person skilled in the art within the technical scope of the disclosure of the application is covered in the protection scope of the application, so that the description is omitted.
In the corresponding embodiments provided in the present application, it should be understood that the disclosed apparatus and the like may be implemented by other structural means. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of modules is merely a logical division of functionality, and there may be additional divisions of actual implementation, e.g., multiple modules or components may be combined or integrated into another system, or some features may be omitted, or not performed.
The modules illustrated as separate components may or may not be physically separate, and the components described as modules may or may not be physical modules, may be located in one place, or may be distributed over a plurality of devices. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
While the application has been described with reference to exemplary embodiments, it will be understood by those skilled in the art that various changes and substitutions of equivalents may be made without departing from the spirit and scope of the application. Therefore, the protection scope of the application is subject to the protection scope of the claims.

Claims (45)

1. A method for mirroring messages, the method comprising:
The method comprises the steps that a first network device receives an IPv6 message of an internet protocol version 6, wherein the IPv6 message comprises a service message and a message header, the message header comprises a first mirror index, and the first mirror index corresponds to characteristic information in the service message;
The first network device determines message observing port information according to the first mirror index and a first mapping relation, wherein the message observing port information is used for indicating a message observing port, and the first network device comprises the message observing port;
the first network device mirrors the IPv6 message to the message observation port.
2. The method of claim 1, wherein the message header comprises an IPv6 base header and an IPv6 extension header, and wherein the IPv6 extension header includes the first mirror index.
3. The method of claim 2, wherein the IPv6 extension header includes a segment routing header SRH.
4. The method of claim 2, wherein the IPv6 extension header comprises a bit index explicit copy BIER header.
5. The method of claim 4, wherein the BIER header is a bit index explicit copy internet protocol version 6, BIERv, header or a bit index explicit copy BIERin header in internet protocol version 6.
6. The method according to any one of claims 1 to 5, further comprising:
and the first network equipment receives the first mapping relation sent by the network management equipment.
7. The method according to any one of claims 1 to 6, wherein the characteristic information comprises at least one of: n-tuple, source Media Access Control (MAC) address, priority information, n is a positive integer.
8. The method according to any of claims 1 to 7, wherein the first network device is an intermediate device or an egress device on a first IPv6 forwarding path, the first IPv6 forwarding path being a forwarding path for the IPv6 message.
9. A method for mirroring messages, the method comprising:
The second network equipment receives the service message;
The second network device determines a first mirror index according to a second mapping relation and characteristic information in the service message, wherein the second mapping relation is used for indicating that the first mirror index corresponds to the characteristic information in the service message;
the second network device obtains an IPv6 message of an internet protocol version 6 according to the service message and the first mirror index, wherein the IPv6 message comprises the service message and a message header, and the message header comprises the first mirror index;
and the second network equipment forwards the IPv6 message.
10. The method of claim 9, wherein the message header comprises an IPv6 base header and an IPv6 extension header, and wherein the IPv6 extension header includes the first mirror index.
11. The method of claim 10, wherein the IPv6 extension header comprises a segment routing header SRH.
12. The method of claim 10, wherein the IPv6 extension header comprises a bit index explicit copy BIER header.
13. The method of claim 12, wherein the BIER header is a bit index explicit copy internet protocol version 6, BIERv, header or a bit index explicit copy BIERin header in internet protocol version 6.
14. The method according to any one of claims 9 to 13, further comprising:
And the second network equipment receives the second mapping relation sent by the network management equipment.
15. The method according to any one of claims 9 to 14, wherein the characteristic information comprises at least one of: n-tuple, source Media Access Control (MAC) address, priority information, n is a positive integer.
16. The method according to any of claims 9 to 15, wherein the second network device is an ingress device on a first IPv6 forwarding path, the first IPv6 forwarding path being a forwarding path for the IPv6 message.
17. A method for mirroring messages, the method comprising:
The network management equipment generates a first mapping relation and a second mapping relation, wherein the first mapping relation is used for indicating that a first mirror index corresponds to message observation port information, the message observation port information is used for indicating a message observation port in first network equipment, and the second mapping relation is used for indicating that the first mirror index corresponds to characteristic information in service messages;
The network management equipment sends the first mapping relation to the first network equipment;
and the network management equipment sends the second mapping relation to second network equipment.
18. The method according to claim 17, wherein the second network device is configured to forward an IPv6 version 6 internet protocol packet to the first network device according to the second mapping relationship, the IPv6 packet including the service packet and a packet header, the packet header including the first mirror index; the first network device is configured to mirror the IPv6 message to the message observation port according to the first mapping relationship.
19. The method according to claim 17 or 18, wherein the first network device is an intermediate device or an egress device on a first IPv6 forwarding path and the second network device is an ingress device on the first IPv6 forwarding path.
20. A message mirroring apparatus for use with a first network device, the apparatus comprising:
the receiving module is used for receiving an IPv6 message of an internet protocol version 6, wherein the IPv6 message comprises a service message and a message header, the message header comprises a first mirror index, and the first mirror index corresponds to characteristic information in the service message;
The processing module is used for determining message observation port information according to the first mirror index and the first mapping relation, the message observation port information is used for indicating a message observation port, and the first network equipment comprises the message observation port;
the processing module is further configured to mirror the IPv6 message to the message observation port.
21. The apparatus of claim 20, wherein the message header comprises an IPv6 base header and an IPv6 extension header, and wherein the IPv6 extension header comprises the first mirror index.
22. The apparatus of claim 21, wherein the IPv6 extension header comprises a segment routing header SRH.
23. The apparatus of claim 21, wherein the IPv6 extension header comprises a bit index explicit copy BIER header.
24. The apparatus of claim 23, wherein the BIER header is a bit index explicit copy internet protocol version 6, BIERv, header or a bit index explicit copy BIERin header in internet protocol version 6.
25. The device according to any one of claims 20 to 24, wherein,
The receiving module is further configured to receive the first mapping relationship sent by the network management device.
26. The apparatus of any one of claims 20 to 25, wherein the characteristic information comprises at least one of: n-tuple, source Media Access Control (MAC) address, priority information, n is a positive integer.
27. The apparatus according to any of claims 20 to 26, wherein the first network device is an intermediate device or an egress device on a first IPv6 forwarding path, the first IPv6 forwarding path being a forwarding path for the IPv6 message.
28. A message mirroring apparatus for use with a second network device, the apparatus comprising:
The receiving module is used for receiving the service message;
The processing module is used for determining a first mirror index according to a second mapping relation and characteristic information in the service message, wherein the second mapping relation is used for indicating that the first mirror index corresponds to the characteristic information in the service message; the IPv6 message is used for obtaining an IPv6 version of internet protocol according to the service message and the first mirror index, wherein the IPv6 message comprises the service message and a message header, and the message header comprises the first mirror index;
And the forwarding module is used for forwarding the IPv6 message.
29. The apparatus of claim 28, wherein the message header comprises an IPv6 base header and an IPv6 extension header, and wherein the IPv6 extension header comprises the first mirror index.
30. The apparatus of claim 29, wherein the IPv6 extension header comprises a segment routing header SRH.
31. The apparatus of claim 29, wherein the IPv6 extension header comprises a bit index explicit copy BIER header.
32. The apparatus of claim 31, wherein the BIER header is a bit index explicit copy internet protocol version 6, BIERv, header or a bit index explicit copy BIERin header in internet protocol version 6.
33. The device according to any one of claims 28 to 32, wherein,
The receiving module is further configured to receive the second mapping relationship sent by the network management device.
34. The apparatus of any one of claims 28 to 33, wherein the characteristic information comprises at least one of: n-tuple, source Media Access Control (MAC) address, priority information, n is a positive integer.
35. The apparatus according to any of claims 28 to 34, wherein the second network device is an ingress device on a first IPv6 forwarding path, the first IPv6 forwarding path being a forwarding path for the IPv6 message.
36. A message mirroring device, applied to a network management apparatus, the device comprising:
the generation module is used for generating a first mapping relation and a second mapping relation, wherein the first mapping relation is used for indicating that the first mirror index corresponds to message observation port information, the message observation port information is used for indicating a message observation port in first network equipment, and the second mapping relation is used for indicating that the first mirror index corresponds to characteristic information in service messages;
A sending module, configured to send the first mapping relationship to the first network device; and sending the second mapping relation to a second network device.
37. The apparatus according to claim 36, wherein the second network device is configured to forward an IPv6 version 6 of an internet protocol message to the first network device according to the second mapping relationship, the IPv6 message including the service message and a message header, the message header including the first mirror index; the first network device is configured to mirror the IPv6 message to the message observation port according to the first mapping relationship.
38. The apparatus of claim 36 or 37, wherein the first network device is an intermediate device or an egress device on a first IPv6 forwarding path and the second network device is an ingress device on the first IPv6 forwarding path.
39. The message mirror device is characterized by being applied to first network equipment and comprising a memory and a processor;
The memory is used for storing a computer program;
The processor is configured to execute a computer program stored in the memory to cause the message mirroring device to perform the message mirroring method according to any one of claims 1 to 8.
40. The message mirror device is characterized by being applied to second network equipment and comprising a memory and a processor;
The memory is used for storing a computer program;
The processor is configured to execute a computer program stored in the memory to cause the message mirroring device to perform the message mirroring method according to any one of claims 9 to 16.
41. The message mirror device is characterized by being applied to network management equipment and comprising a memory and a processor;
The memory is used for storing a computer program;
The processor is configured to execute a computer program stored in the memory to cause the message mirroring device to perform the message mirroring method according to any one of claims 17 to 19.
42. The message mirroring system is characterized by comprising first network equipment and second network equipment;
the first network device comprising the message mirroring apparatus according to any one of claims 20 to 27, the second network device comprising the message mirroring apparatus according to any one of claims 28 to 35; or alternatively
The first network device includes the message mirroring apparatus of claim 39, and the second network device includes the message mirroring apparatus of claim 40.
43. The system of claim 42, wherein the system further comprises a network management device;
The network management equipment comprises a message mirroring device according to any one of claims 36 to 38; or alternatively
The network management device comprising the message mirroring apparatus of claim 41.
44. A computer readable storage medium, wherein a computer program is stored in the computer readable storage medium, which when executed implements the message mirroring method according to any one of claims 1 to 19.
45. A computer program product, characterized in that the computer program product comprises a program or code which, when executed, implements the message mirroring method according to any one of claims 1 to 19.
CN202310158555.8A 2022-11-28 2023-02-13 Message mirroring method, device and system Pending CN118101670A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP23212414.9A EP4376375A1 (en) 2022-11-28 2023-11-27 Packet mirroring method, apparatus, and system
US18/521,141 US20240179226A1 (en) 2022-11-28 2023-11-28 Packet Mirroring Method, Apparatus, and System

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202211501238 2022-11-28
CN2022115012383 2022-11-28

Publications (1)

Publication Number Publication Date
CN118101670A true CN118101670A (en) 2024-05-28

Family

ID=91141141

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310158555.8A Pending CN118101670A (en) 2022-11-28 2023-02-13 Message mirroring method, device and system

Country Status (1)

Country Link
CN (1) CN118101670A (en)

Similar Documents

Publication Publication Date Title
US11570285B2 (en) Packet processing method, network node, and system
EP3720066B1 (en) Packet sending and processing method and apparatus, pe node, and node
EP4102785A1 (en) Message processing method and apparatus, and network device and storage medium
US10320664B2 (en) Cloud overlay for operations administration and management
US11979322B2 (en) Method and apparatus for providing service for traffic flow
US9548896B2 (en) Systems and methods for performing network service insertion
US9985794B2 (en) Traceroute in a dense VXLAN network
US20230300070A1 (en) Packet Sending Method, Device, and System
US20240048479A1 (en) Packet Forwarding Method and Apparatus, Network Device, and Storage Medium
EP3920512A1 (en) Transmission method and device for message
CN112822097A (en) Message forwarding method, first network device and first device group
EP4152704A1 (en) Bier multicast traffic statistics method, device and system
CN115348202A (en) Data transmission method, device and equipment based on network slice and storage medium
US9356838B1 (en) Systems and methods for determining network forwarding paths with a controller
US20230254246A1 (en) Mechanisms for packet path tracing and per-hop delay measurement in segment routing with multiprotocol label switching (sr-mpls) networks
CN114760165A (en) Message transmission method, device and system
WO2022166465A1 (en) Message processing method and related apparatus
TWI281804B (en) Packet forwarding method and system
US11582156B2 (en) Traffic detection method, apparatus, and system
CN114760248B (en) Message transmission method, device and system
CN118101670A (en) Message mirroring method, device and system
CN116094987A (en) Method and device for determining forwarding path
EP4376375A1 (en) Packet mirroring method, apparatus, and system
CN115242699A (en) Message transmission method, slice generation method, device and system
CN115242713A (en) IPV 6-based segmented routing message forwarding method, configuration method and equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication