JP2010074688A - Apparatus and method for visualizing fault part of ip network, and recording medium - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an apparatus and a method for visualizing a fault part of an IP network and a recording medium in which, even if a packet from a transmission source node or a packet to a destination node is not present, a node to be present originally can be displayed and the absence of a packet with the node as a transmission source or as a destination can be visualized, and to provide the apparatus and the method for visualizing a fault part of the IP network and a recording medium in which the information of protocols on respective paths on a network configuration diagram can be visualized. <P>SOLUTION: An apparatus for visualizing a fault part of an IP network displays a typical network configuration as a template on an initial screen and overlaps a network configuration diagram generated with an obtained packet and its connection status with the template. <P>COPYRIGHT: (C)2010,JPO&INPIT

Description

  The present invention relates to an IP network failure location visualization apparatus that visualizes a failure location of a network from a packet flowing on the IP network, a method for visualizing a failure location of an IP network, and a record that records a program for causing a computer to execute the method. It relates to the medium.

A visualization method (for example, non-patent literature) that acquires a packet flowing on an IP network and converts the traffic flowing on the network configuration diagram and the configuration diagram into a 3D view in order to make it partially easy to see while looking at the whole. 1), and a technique using a hyperpolic tree (for example, see Non-Patent Document 2) has been proposed in order to express easily even when the number of terminals is large. In this specification, a node refers to both a case where a single terminal is shown and a case where a plurality of terminals are combined.
Burns, C.I. M.M. , Kuo, J. et al. and Ng, S .; (2003) “Ecological interface design: a new approach for visualizing network management”, Computer networks, vo. 369-388. Duez, P.M. P. and Vicente, K.M. J. et al. (2003) “Ecological interface design for network management”, Proceedings of the Human Factors and Engineering Society 47th Annual Meeting, p. 572-575.

  Each method takes a packet as an input and generates a network configuration diagram from that information, so it is not possible to visualize a failure location where a packet does not flow due to a wiring error or the like, and a node that should have appeared originally appears. By doing so, there was a problem that a failure such as a wiring mistake had to be estimated.

  Also, regarding the protocol information of each route on the network configuration diagram, even if the information on the protocol that was communicated is visualized, it is not clear which protocol packet communication is normal on which route. There is also a problem that there is.

  Therefore, the present invention has been made to solve the above-mentioned problem, and even if there is no packet from the transmission source node or the packet to the destination node, the original node can be displayed and the node can be displayed. The first object of the present invention is to provide an IP network failure location visualization apparatus, an IP network failure location visualization method, and a recording medium that can visualize that there is no packet having a transmission source or destination as a transmission source.

  The present invention also provides an IP network failure location visualization apparatus, an IP network failure location visualization method, and a recording medium that can visualize information of each protocol of each route on a network configuration diagram. Second purpose.

  In order to achieve the first object, a failure location visualization apparatus for an IP network according to the present invention displays a typical network configuration as a template on an initial screen, and generates a network configuration using acquired packets. The figure and its connection status were overlapped with the template.

  Specifically, an apparatus for visualizing a fault location of an IP network according to the present invention includes a packet acquisition unit that acquires a packet flowing through a network to be monitored, a template storage unit that stores a template indicating the configuration of the network, Based on information included in the packet acquired by the packet acquisition unit, a communication network of a route through which a packet is communicated is estimated, the communication network is compared with the template stored in the template storage unit, and the network A network state calculation unit that determines whether or not a packet is communicated with respect to each of the routes; and the template that is stored in the template storage unit displays the presence or absence of the packet communication that is determined by the network state calculation unit for each route of the network And an output unit for outputting.

  The IP network failure location visualization method of the IP network failure location visualization method includes: a packet acquisition procedure for acquiring a packet flowing through a network to be monitored; a template storage procedure for storing a template indicating the configuration of the network; , Based on information included in the packet acquired in the packet acquisition procedure, estimating a communication network of a route through which the packet communicates, comparing the communication network and the template stored in the template storage procedure, For each route of the network, the network state calculation procedure for determining the presence or absence of packet communication for each route of the network, and the template stored in the template storage procedure, the presence or absence of the packet communication determined in the network state calculation procedure table Output instructions to and outputs, in, to visualize the fault point of an IP network.

  When the area is limited, the pattern of the network configuration diagram is limited. For example, the network configuration is determined in a home Internet connection environment provided by an arbitrary company. This typical network configuration is displayed on the initial screen as a template, and a node without packet communication can be detected by superimposing the network configuration diagram generated by the acquired packet and its connection state on the template.

  Therefore, according to the present invention, even if there is no packet from the transmission source node or to the destination node, the original node can be displayed, and there is no packet having the node as the transmission source or destination. It is possible to provide an IP network failure location visualization apparatus and an IP network failure location visualization method.

  In order to achieve the second object, an IP network failure location visualization apparatus according to the present invention is a database necessary for a function of any type of application and a protocol database to be communicated in the path. It was decided to create.

  Specifically, the template storage unit of the IP network failure location visualization apparatus according to the present invention stores the protocol information necessary for each application in each route of the network in the template, and performs the network state calculation. Preferably, the unit determines the presence / absence of packet communication for each protocol, and the output unit displays the presence / absence of packet communication for each protocol.

  In the template storage procedure of the IP network failure location visualization method of the IP network failure location visualization apparatus, the template includes the protocol information necessary for each application in each path of the network, and stores the network status. In the calculation procedure, it is preferable to determine the presence / absence of packet communication for each protocol, and in the output procedure, the presence / absence of packet communication is preferably displayed for each protocol.

  In troubleshooting an arbitrary application, if the type of application is limited, which protocol should be communicated to which route is limited. For this reason, by creating a database of the routes necessary for the functioning of any type of application and the protocols that should be communicated with the routes, once the application type is selected on the screen, the route and the relevant The protocol corresponding to the route can be displayed on the initial screen, and the route of the network configuration diagram and the protocol that communicates with the route can be displayed superimposed on the acquired test packet.

  Therefore, the present invention can provide an IP network failure location visualization apparatus and an IP network failure location visualization method that can visualize information of each protocol of each route on the network configuration diagram.

  In addition, a recording medium according to the present invention is a computer-readable recording medium that records a program for causing a computer to execute the method for visualizing a failure location of the IP network. It is possible to cause a computer to execute a method for visualizing a failure location of the IP network.

  The present invention makes it possible to display a node that should originally exist even if there is no packet from a source node or a packet to a destination node, and visualize that there is no packet having the node as a source or destination An IP network failure location visualization apparatus, an IP network failure location visualization method, and a recording medium can be provided. The user can visualize that there is no traffic due to a wiring error, disconnection, or the like, thus facilitating trouble solution.

  Furthermore, the present invention can provide an IP network failure location visualization apparatus, an IP network failure location visualization method, and a recording medium that can visualize information of each protocol of each route on the network configuration diagram. . When the protocol information of each route on the network configuration diagram is visualized, the difference from the normal communication template for each protocol is cleared, so it is easy to determine which part is what kind of abnormality. .

  Embodiments of the present invention will be described with reference to the accompanying drawings. The embodiment described below is an example of the configuration of the present invention, and the present invention is not limited to the following embodiment. In the present specification and drawings, the same reference numerals denote the same components.

(First embodiment)
FIG. 1 is a block diagram illustrating a configuration of a failure point visualization apparatus 301 in the IP network according to the present embodiment.

  An IP network failure location visualization apparatus 301 according to the present embodiment includes a packet acquisition unit 11 that acquires a packet that flows through the network 101 to be monitored, a template storage unit 12 that stores a template indicating the configuration of the network 101, and a packet. Based on the information included in the packet acquired by the acquisition unit 11, the communication network of the route through which the packet communicates is estimated, the communication network and the template stored in the template storage unit 12 are compared, and each route of the network 101 is compared. The network state calculation unit 13 that determines the presence or absence of packet communication and the template stored in the template storage unit 12 display and output the presence or absence of packet communication determined by the network state calculation unit 13 for each route of the network 101. And an output unit 14 That.

  Consider an example in which a network configuration template when using the Internet 100 at home as shown in FIG. 2 is displayed as an initial screen. Here, the monitoring target network 101 is between the Internet 100 and the router 201, and between the router 201 and the personal computer 203.

  The template storage unit 12 performs a template storage procedure for storing a template indicating the configuration of the network 101. The template storage unit 12 stores a template having the network configuration shown in FIG. The network configuration is configured by a path connecting nodes. In FIG. 2, the nodes are the Internet 100, the router 201, and the personal computer 203.

  The packet acquisition unit 11 performs a packet acquisition procedure for acquiring packets flowing through the network 101 to be monitored. The packet acquisition unit 11 acquires a packet that flows on the network 101 to be monitored. As the packet acquisition unit 11, a switching hub 202 having a port mirroring function as shown in FIG. 3 is connected to the monitoring target network 101, and a monitoring terminal is connected to a packet flowing on the monitoring target port of the switching hub 202. There is a means to replicate to the port. For on-site maintenance, it is preferable to connect the switching hub 202 to the monitoring target network 101 as shown in FIG.

  Further, as another packet acquisition unit 11, a router 201 which is a terminal constituting the network as shown in FIG. 4 has a built-in port mirroring function, and a packet passing through the router 201 is visualized as a failure location of the IP network. A means for transferring to 301 via a network is also conceivable. For remote maintenance, it is preferable to set the packet acquisition unit 11 to transfer packets from the router 201 as shown in FIG.

  The network state calculation unit 13 estimates a communication network of a route through which the packet communicates based on information included in the packet acquired by the packet acquisition procedure, compares the communication network and the template stored in the template storage procedure, A network state calculation procedure for determining whether or not a packet is communicated for each path of the network 101 is performed. The network state calculation unit 13 calculates which route in the network 101 has packet communication from the packet information acquired by the packet acquisition unit 11, and estimates the communication network. Further, the network state calculation unit 13 matches the template of the network configuration stored in the template storage unit 12 with the estimated communication network, and determines which part of the template has communication.

  The output unit 14 performs an output procedure for displaying the presence / absence of packet communication determined by the network state calculation procedure for each route of the network 101 in the template stored by the template storage procedure. The output unit 14 displays on the display which part of the template stored in the template storage unit 12 has packet communication based on the determination result of the network state calculation unit 13. FIG. 5 is a display example after the test packet is transmitted. FIG. 5 shows that there is communication between the Internet 100 and the router 201, but there is no communication between the router 201 and the personal computer 203.

  As described above, the IP network failure location visualization apparatus 301 can also display nodes that do not have packet communication, and can easily estimate failure causes such as route wiring errors and disconnections.

  FIG. 6 shows another display example after the test packet is transmitted. FIG. 6 shows that there is packet communication from the router 201 to one of the two personal computers 203. As described above, the visualization device 301 for the failure location of the IP network determines that a node that does not exist in the network configuration of the template exists as a template as a result of the communication status of each path calculated by the network state calculation unit 13. The network configuration can be displayed on the output unit 14. It is possible to grasp the temporarily connected nodes and the nodes connected after the network setting.

(Second Embodiment)
The second embodiment is the same as the configuration of the failure point visualization apparatus 301 in the IP network described in the first embodiment. The difference between the second embodiment and the first embodiment is that the template storage unit 12 includes not only the route information of the network configuration but also the information of the protocol that should be communicated with the route.

  Specifically, the template storage unit 12 of the IP network failure location visualization apparatus 301 according to the present embodiment stores the protocol information necessary for each application in each route of the network 101 in the template, and the network state calculation unit. 13 determines the presence or absence of packet communication for each protocol, and the output unit 14 displays the presence or absence of packet communication for each protocol.

  The template storage unit 12 stores the protocol information necessary for each application in each route of the network 101 in the template in the template storage procedure. The network state calculation unit 13 determines the presence / absence of packet communication for each protocol in the network state calculation procedure. The output unit 14 displays the presence / absence of packet communication for each protocol in the output procedure.

  FIG. 7 is a display example of the initial screen. Select the application type in the upper left tab. The required network configuration (route) and protocol differ depending on the application. Here, an example of an application of browsing a Web page using a personal computer will be described.

  Representative examples of protocols necessary for the entire network in browsing a Web page are shown immediately below the upper left tab, and examples thereof include HTTP, DNS, IP, PPPoE, DHCP, and Ether. In the lower part of the screen, protocols corresponding to each route are shown. It is shown that PPPoE protocol communication is necessary between the Internet 100 and the router 201, but PPPoE protocol communication is not required between the router 201 and the personal computer 203.

  FIG. 8 shows a display example after transmitting a test packet to confirm normality. All protocols communicate between the Internet 100 and the router 201, but some protocols do not communicate between the router 201 and the personal computer 203. Since there is communication to the Ether layer, it is possible to estimate that there is a failure cause in the upper layer.

(Example of recording medium)
The failure location visualization method of the IP network according to the present embodiment can be realized by causing a computer to execute a failure location visualization method program of an IP network (IP network failure location visualization program). A program for visualizing a failure location of an IP network is provided by being stored in a recording medium, for example. Examples of the recording medium include a recording medium such as a flexible disk, a CD-ROM, and a DVD, a semiconductor memory, and the like. The program for visualizing the failure location of the IP network may be provided via a LAN (Local Area Network) or the Internet.

  FIG. 9 is a diagram illustrating an example of a computer 300 for executing a program recorded in the recording medium 90. The computer 300 includes a recording medium reading device 111 that reads a recording medium 90 such as a flexible disk, a CD-ROM, and a DVD, a working memory (RAM) 112, a memory 113 that stores a program recorded on the recording medium 90, A display 114, a mouse 115 and a keyboard 116 as input devices, a CPU 117 that controls execution of a program, a hard disk 118 that stores data, a cable 119 that is connected as a packet acquisition unit 11 to a router or a switching hub (not shown), It has. In FIG. 9, the working memory 112, the memory 113, the CPU 117, and the hard disk 118 are shown in broken lines because they are built in the housing.

  When the recording medium 90 is inserted into the recording medium reading device 111, the computer 300 installs the IP network failure location visualization program stored in the recording medium 90 from the recording medium reading device 111 into the memory 113. After the installation in the memory 113 is completed, the CPU 117 can access the failure network visualization program for the IP network, and the computer 300 can operate as the failure network visualization device for the IP network according to this embodiment. become.

  When the computer 300 operates as a failure location visualization device of the IP network in FIG. 1, the CPU 117 functions as the network state calculation unit 13. The hard disk 118 functions as the template storage unit 12. The display 114 functions as the output unit 14. The CPU 117 estimates the communication network by analyzing the packet acquired by the packet acquisition unit 11 (not shown) as described above. Further, the CPU 117 matches the estimated network with the network configuration template stored in the hard disk 118, and determines which part of the template has communication. This determination result is temporarily stored in the work memory 112. The computer 300 can display the determination result on the display 114 as described in FIGS. 5, 6, and 8.

  The computer 300 here is not limited to a personal computer as shown in FIG. 9 but includes a DVD player, a game machine, a mobile phone, and the like that include a recording medium reader 111 and a CPU 117 and perform processing and control by software.

  The IP network failure location visualization apparatus, IP network failure location visualization method, and recording medium according to the present invention can be applied to a home LAN or a corporate LAN.

It is a block diagram explaining the structure of the visualization part of the failure location of the IP network which concerns on this invention. It is a figure explaining the example of the template which the template memory | storage part of the visualization part of the failure location of the IP network which concerns on this invention memorize | stores. It is a figure explaining the example which connected the visualization apparatus of the failure location of the IP network which concerns on this invention to the monitoring object network. It is a figure explaining the example which connected the visualization apparatus of the failure location of the IP network which concerns on this invention to the monitoring object network. It is an example of a display of the output part of the visualization part of the failure location of the IP network which concerns on this invention. It is an example of a display of the output part of the visualization part of the failure location of the IP network which concerns on this invention. It is an example of a display of the output part of the visualization part of the failure location of the IP network which concerns on this invention. It is an example of a display of the output part of the visualization part of the failure location of the IP network which concerns on this invention. It is the figure which showed the example of the computer for performing the program recorded on the recording medium.

Explanation of symbols

11: Packet acquisition unit 12: Template storage unit 13: Network state calculation unit 14: Output unit 90: Recording medium 100: Internet 101: Network 111: Recording medium reader 112: Work memory 113: Memory 114: Display 115: Mouse 116: Keyboard 117: CPU
118: Hard disk 119: Cable 201: Router 202: Switching hub 203: Personal computer 300: Computer 301: Visualization device for failure location of IP network

Claims (5)

A packet acquisition unit for acquiring packets flowing through the monitored network;
A template storage unit for storing a template indicating the configuration of the network;
Based on information included in the packet acquired by the packet acquisition unit, a communication network of a route through which a packet is communicated is estimated, the communication network is compared with the template stored in the template storage unit, and the network A network state calculation unit that determines the presence or absence of packet communication for each of the routes,
An output unit for displaying and outputting, for each route of the network, the presence or absence of packet communication determined by the network state calculation unit in the template stored in the template storage unit;
An IP network failure location visualization apparatus comprising: The template storage unit stores the protocol information necessary for each application in each route of the network in the template,
The network state calculation unit determines the presence or absence of packet communication for each protocol,
2. The apparatus for visualizing a fault location of an IP network according to claim 1, wherein the output unit displays the presence / absence of packet communication for each protocol. A packet acquisition procedure for acquiring packets flowing through the monitored network;
A template storage procedure for storing a template indicating the configuration of the network;
Based on information included in the packet acquired in the packet acquisition procedure, a communication network of a route through which the packet communicates is estimated, the communication network and the template stored in the template storage procedure are compared, and the network A network state calculation procedure for determining the presence or absence of packet communication for each of the routes,
An output procedure for displaying and outputting the presence / absence of packet communication determined in the network state calculation procedure for each route of the network in the template stored in the template storage procedure;
Then, a method for visualizing the failure location of the IP network for visualizing the failure location of the IP network. In the template storing procedure, the template is stored including protocol information necessary for each application in each route of the network.
In the network state calculation procedure, the presence or absence of packet communication is determined for each protocol,
4. The method for visualizing a fault location in an IP network according to claim 3, wherein, in the output procedure, presence / absence of packet communication is displayed for each protocol.   A computer-readable recording medium on which a program for causing a computer to execute the method for visualizing a failure location of an IP network according to claim 3 or 4 is recorded.

Images