JP2013046371A - Traffic information extractor, traffic information extraction system and traffic information extraction method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a traffic information extractor whose information processing or arithmetic operation load is smaller than that of prior art, and which can grasp a traffic volume exactly.SOLUTION: A traffic information extractor comprises: a flow information acquisition unit 103a which acquires from a PE router P connected directly to CE routers α,β the information identifying a PE router U opposed to a PE router P via a communication path and the information indicating a traffic volume in a communication path from the PE router P to the PE router U; a topology acquisition unit 103b which acquires preset information indicating the connection relations of P routers R, S and T installed between the PE router P and the PE router U; a communication path identification unit 103c which identifies from topology information a communication path leading from the PE router P toward the PE router U and makes the traffic volume acquired by the flow information acquisition unit to be the traffic volume of the identified communication path; and a traffic information extraction unit 103d.

Description

  The present invention relates to a traffic information extraction device, a traffic information extraction system, and a traffic information extraction method, and more particularly to a traffic information extraction device, a traffic information extraction system, and traffic information that extract information related to traffic volume in a VPN (Virtual Private Network). It relates to an extraction method.

  The VPN is an independent network that has a tunneling function, an encryption function, and the like, adds a new header to the packet, and performs communication by encapsulating the packet. A person who provides a VPN service such as a telecommunications carrier configures a network using, for example, an IP / MPLS technology and provides the service so that a plurality of VPNs can be accommodated. When the VPN is used, the user can realize private address communication and multi-protocol communication without being aware of other users' use addresses.

  FIG. 6 is a diagram for explaining a general VPN. A VPN providing network V, which is a common network that accommodates and provides VPNs, includes a plurality of routers. Among the routers, a CE (Customer Edge) router that is a customer router is accommodated, and a router directly connected to the CE router is a PE (Provider Edge) router. In the VPN providing network V, a router other than the PE router is a P (Provider) router. In FIG. 6, the CE router is shown with the symbol “CE”. Further, the PE router is indicated by the symbol “PE”, and the P router is indicated by the symbol “P”.

  For example, when there are VPN-A and VPN-B, if the CE router surrounded by a solid line constitutes VPN-A and the CE router enclosed by a dotted line constitutes VPN-B, VPN-A, VPN -B can perform address design and the like independently, and is provided as an independent network. Further, the VPN providing network V is controlled so that the permitted communication is only in the VPN-A and only in the VPN-B. In addition, among the CE router group constituting each VPN, each CE router is also referred to as a VPN site.

By the way, in recent years, the communication band used by VPN increases with the expansion of the demand of VPN, and the load concerning a router also tends to become large. At present, the communication bandwidth is increased by increasing the line speed or increasing the number of facilities. However, there is a demand for a technology that can more efficiently cope with the increase in the communication bandwidth.
A VPN providing network that accommodates and provides VPNs is configured based on a pre-designed network topology (hereinafter simply referred to as topology), and the communication paths in the VPN providing network are within the VPN providing network. It is determined automatically by the routing protocol in operation, manually by static setting, or both.

  In order to adapt efficiently to the increase in VPN communication bandwidth, not only the speed of the bottleneck in the VPN providing network but also the change of topology information such as bypassing the point (change of physical network design) Alternatively, it is conceivable as a method to bypass the bottleneck point by using a TE tunnel using RSVP-TE used in MPLS technology. However, in order to realize this, it is necessary to grasp the amount of traffic on the communication path between VPN sites (the amount of data moving on the communication path).

  A technique for grasping the traffic volume of VPN is described in Patent Document 1, for example. In the invention described in Patent Document 1, the monitoring device collects information related to the communication path of the label switch path (hereinafter referred to as LSP information). The LSP information includes a label attached to the packet, communication path UP, Down, bandwidth information, and other parameters. According to the invention described in Patent Document 1, it is possible to acquire information on the communication path from the PE router and the P router in FIG.

JP 2005-286818 A

However, the above-described invention described in Patent Document 1 needs to collect information from a plurality of PE routers and P routers included in the VPN and analyze the collected information. The analysis of the LSP information described above extracts information at a deep level (data portion) of the packet, which increases the load on information collection and calculation processing. Further, in the invention described in Patent Document 1, the accuracy of the extracted traffic information can be improved by acquiring traffic information related to the traffic volume from more routers. For this reason, if it is attempted to extract accurate traffic information using the invention described in Patent Document 1, the load on the processing will increase more and more.
The present invention has been made in view of the above points, and a traffic information extraction device, a traffic information extraction system, a traffic that can grasp the traffic amount accurately with a smaller load on information processing and calculation than in the prior art. An object is to provide an information extraction method.

  In order to solve the above-described problem, a traffic information extraction device according to an aspect of the present invention includes a second network (a second network (among others) included in a first network (for example, the networks 112, 113, and 114 illustrated in FIG. 1)). For example, a first router (for example, PE routers P and Q shown in FIG. 1) directly connected to a router included in the VPN providing network 111 shown in FIG. 1 and a plurality of routers included in the first network, The communication path between the routers included in the third network (for example, the networks 115, 116, and 7 shown in FIG. 1) and the second router (for example, the PE routers U and V shown in FIG. 1) that are directly connected. A traffic information extraction device (for example, the flow calculation unit 103 shown in FIG. 1) that extracts information related to traffic volume, the first router and the previous router A flow information acquisition unit (for example, the flow information acquisition unit 103a shown in FIG. 1) for acquiring a traffic amount of a communication path between the first router and the second router from a second router; Pre-set topology information indicating the relationship regarding the connection of one or more third routers (for example, P routers R, S, T shown in FIG. 1) provided between the second routers. A communication path between the first router and the second router is specified from the topology acquisition unit to be acquired (for example, the topology acquisition unit 103b shown in FIG. 1) and the topology information acquired by the topology acquisition unit. The amount of traffic acquired by the communication path specifying unit (for example, the communication path specifying unit 103c shown in FIG. 1) and the flow information acquiring unit is specified by the communication path specifying unit. It said traffic information extracting unit to the traffic volume of the communication path (e.g. traffic information extracting unit 103d shown in FIG. 1), characterized in that it contains the.

In the traffic information extracting device of one aspect of the present invention, when there are a plurality of the third routers, the communication path specifying unit is directly or indirectly connected to a directly connected router that is a third router directly connected to the first router. Information for specifying other third routers to be connected to the network is sequentially acquired from the topology information, and the third router specified by the information acquired from the topology information is directly connected to the second router. The route from the first router to the second router via a plurality of third routers for which information has been acquired by the topology acquisition unit, between the first router and the second router. It is specified as a communication path between.
Further, in the traffic information extracting device of one aspect of the present invention, the topology information includes information indicating a connection relationship between the third routers, information indicating a connection relationship between the third router and the first router, And information indicating a connection relationship between the third router and the second router.

  The traffic information extraction system according to one aspect of the present invention includes a first router directly connected to a router included in the second network among a plurality of routers included in the first network, and a plurality of routers included in the first network. A traffic information extracting device for extracting information relating to a traffic amount of a communication path between a second router directly connected to a router included in a third network, the first router and the second router From the flow information acquisition unit that acquires the traffic amount of the communication path between the first router and the second router, and one or more provided between the first router and the second router A topology acquisition unit for acquiring preset topology information indicating the connection relationship of the third router, and acquired by the topology acquisition unit From the topology information, the communication path specifying unit for specifying the communication path between the first router and the second router, and the traffic amount acquired by the flow information acquiring unit are specified by the communication path specifying unit. A traffic information extraction unit including a traffic information extraction unit configured to obtain a traffic amount of the communication path, and a traffic amount between the first router and the second router from the first router and the second router A flow information acquisition server (for example, the flow management unit 104 shown in FIG. 1) that collects information related to the flow information and supplies it to the flow information acquisition unit, and a topology that supplies preset topology information to the topology acquisition unit And an information management server (for example, topology management unit 105 shown in FIG. 1).

  The traffic information extraction method of one aspect of the present invention includes a first router directly connected to a router included in the second network among a plurality of routers included in the first network, and a plurality of routers included in the first network. A traffic information extraction method for extracting information on the traffic amount of a communication path between a router included in a third network and a second router directly connected to the router, the first router and the second router From the first step (for example, steps S501 to S504 shown in FIG. 5) for acquiring the traffic amount of the communication path between the first router and the second router, the first router and the second router To obtain pre-set topology information indicating the relationship regarding the connection of one or more third routers provided between Step (for example, steps S505 to S506 shown in FIG. 5) and a third step for specifying a communication path between the first router and the second router from the topology information acquired in the second step ( For example, steps S505 to S507 shown in FIG. 5 and a fourth step (for example, shown in FIG. 5) in which the traffic volume acquired in the first step is the traffic volume of the communication path specified in the third step. Step S508).

  According to the present invention, it is only necessary to acquire flow information (traffic volume information) from only the first router and the second router, and the load on the apparatus for collecting information can be reduced. In addition, since the information indicating the connection relation regarding the third router is acquired from the preset topology information, it is possible to reduce the load on the process of specifying the communication path rather than extracting the data information passing through the router. it can. Furthermore, the processing load is not increased by increasing the accuracy of specifying the communication path. For this reason, the present invention can provide a traffic information extraction device, a traffic information extraction system, and a traffic information extraction method that can reduce the load on information processing and calculation as compared with the prior art and can accurately grasp the traffic volume.

It is a figure for demonstrating the traffic information extraction system of one Embodiment of this invention. It is a figure for demonstrating the VPN accommodation information about PE router P shown in FIG. (A) is a figure for demonstrating the flow information of PE router P shown in FIG. (B) is a figure for demonstrating the traffic amount obtained from flow information. It is the figure which illustrated the configuration file about PE router P shown in FIG. It is a figure for demonstrating the traffic information extraction method of this embodiment. It is a figure for demonstrating general VPN.

Hereinafter, an embodiment of a traffic information extraction device, a traffic information extraction system, and a traffic information extraction method according to the present invention will be described with reference to the drawings.
(Traffic information extraction system)
FIG. 1 is a diagram for explaining a traffic information extraction system of this embodiment. The illustrated traffic information extraction system 101 is a system for grasping the flow of the VPN providing network 111. The flow referred to in the present embodiment refers to information that combines the communication path in the VPN providing network 111 and the amount of data (traffic volume) that moves through the communication path.

  The traffic information extraction system 101 includes a VPN specifying unit 102 for a user to specify a VPN for which a flow is to be grasped, a flow calculation unit 103 for calculating a specified flow, and a flow calculation unit 103 for calculating a flow. A flow management unit 104 that provides information acquired from the PE router (hereinafter referred to as flow information) and information indicating the connection relationship of the P routers to the flow calculation unit 103 (hereinafter referred to as topology information) for flow calculation. A topology management unit 105 that provides information) and a communication unit 106 that collects flow information from the PE.

  The flow calculation unit 103 includes a flow information acquisition unit 103a that acquires flow information and VPN information from the flow management unit 104, a topology management unit 103b that acquires topology information from the topology management unit 105, and traffic information that extracts flow information and VPN information. The extraction unit 103d includes a communication path specifying unit 103c that performs a calculation for specifying a communication path from the flow information and the topology information.

  In this embodiment, the traffic information extraction system will be described as extracting the VPN flow information shown in FIG. The VPN providing network 111 shown in FIG. 1 accommodates a plurality of networks 112 to 117. In the present embodiment, among the plurality of networks 112 to 117, the network 112 and the network 115 construct one VPN, and the network 113 and the network 116 construct one VPN. Further, it is assumed that the network 114 and the network 117 construct one VPN.

  Routers α, β, Χ, Δ, Φ, and E shown in the figure indicate CE routers that are included in any of the networks 112 to 117 and that are directly connected to the routers of the VPN providing network 111. In addition, routers R, S, and T are routers P, Q, U, V, and P routers that are PE routers as routers constituting the VPN providing network 111.

  The PE router P has three interfaces. Of the three interfaces, the interfaces a and b connected to the CE routers α and β are also referred to as IIF (InputInterFace), and the interface c connected to the P router R is also referred to as OIF (OutputInterFace). IIF and OIF are descriptions that are conscious of traffic flow. For example, when considering the traffic flow from CE router α to PE router P, PE router P is described as IIF because interface a is on the input side. ing.

  The PE router Q has two interfaces. Of the two interfaces, the interface q connected to the CE router IV is also referred to as IIF, and the interface d connected to the P router H is also referred to as OIF. In the present embodiment, as shown in FIG. 1, the PE routers U, V, and P routers R, S, and T are also shown with lower case alphabets attached to the interfaces. The alphabet indicating the interface is used in the following description.

(Flow Management Department)
The flow management unit 104 holds VPN information and flow information. Here, VPN information and flow information will be described.
FIG. 2 is a diagram for explaining VPN information regarding the PE router P shown in FIG. The VPN information indicates VPN α and β corresponding to the CE routers α and β connected to the PE router P and the interfaces a and b of the PE router P connected to the VPN α and β.

FIG. 3A is a diagram for explaining the flow information of the PE router P shown in FIG.
The flow information includes information indicating IIF and OIF that connect the PE router P to the VPNα, and other PE routers (hereinafter referred to as opposite PE routers) that the data transmitted from the OIF of the PE router P reaches through one communication path. (Denoted as opposed PE router address in the figure)) and the traffic volume of data moving from VPNα to the opposed PE router. The flow information includes information indicating IIF and OIF for connecting the PE router P to VPNβ, information indicating the opposite PE router of the PE router P (referred to as an opposite PE router address in the figure), and information from VPNβ to the opposite PE router. And the amount of data traffic to move. Note that the counter PE router address included in the flow information can be grasped by using a BGP next address as a flow key. In addition, IIF and OIF can be grasped based on the name of the interface through which packets actually flow in and out.

  According to the flow information shown in FIG. 3 (a), as shown in FIG. 3 (b), the data from the CE router α to the opposing PE router U (shown with an arrow 301 in the figure). Traffic volume, traffic volume from the CE router α to the opposing PE router V (indicated by arrow 302 in the figure), data traffic from the CE router β to the opposing PE router U (arrow arrow 303 in the figure) And the traffic amount of data (indicated by arrow 304 in the figure) from the CE router β to the opposite PE router V can be grasped.

The above VPN information and flow information are held by the PE router, and are collected by the communication unit 106 communicating with the PE router. The collection of VPN information and flow information may be performed periodically, or may be performed as necessary.
The flow management unit 104 manages the collected VPN information and flow information. In the present embodiment, “management” of VPN information and flow information means that VPN information and flow information are attached with identification information, stored at a predetermined address in a memory (not shown), and read out as necessary. Say.

(Topology Management Department)
In the present embodiment, the topology information refers to information for setting a physical connection (topology) and a communication path in the VPN providing network. The topology information is set, for example, in the form of a configuration file (configuration file).
FIG. 4A is a diagram exemplifying a connection state (config file) for the PE router P shown in FIG. 1 and held in the topology management unit 105. 4A shows that the PE router P has three interfaces a, b, and c, and the interface c is connected to the P router R. FIG. FIG. 4B is a diagram illustrating the connection state of the P router R shown in FIG. 1. The interfaces of the P router R are c, d, e, and f. For example, the interface f is connected to the P router. It can be seen that T is connected.

Further, FIG. 4C is a diagram illustrating the connection state of the P router T shown in FIG. The interfaces of the P router T are f, g, h, and j. For example, it can be seen that the PE router U is connected to the interface h.
As described above, information indicating the connection state of all PE and P routers is managed. In the present embodiment, it is possible to specify a communication path from the interface c of the PE router P to the PE router U that is the opposite PE router by using the configuration file.

The configuration file may be manually set by the user according to the topology information. It can also be automatically generated from router setting information.
Further, in the present embodiment, for simplification of description, the alphabet of the interface shown in FIG. 1 is shown in FIGS. 4A, 4B, and 4C as a symbol for specifying the interface. However, the information for identifying the interface is set uniquely for each router. Therefore, for example, the identification information indicating the interface c shown in FIG. 1 may be different between the PE router P and the P router R.

(Flow calculation unit, traffic information extraction device)
The flow calculation unit 103 functions as a traffic information extraction device in this embodiment. For this reason, the flow information acquisition unit 103 a acquires VPN information and flow information from the flow management unit 104. Further, the topology acquisition unit 103b acquires a configuration file from the topology management unit 105. Then, the communication path specifying unit 103c and the traffic information extracting unit 103d calculate the traffic amount of data from the predetermined PE router to the opposite PE router using the VPN information and the flow information and the configuration file.

(VPN designation part)
The VPN designation unit 102 is configured as a user interface such as a keyboard or a touch panel. The user designates a VPN to be searched through the VPN designation unit 102 for which communication between VPNs connected to a CE router that is a data transmission source is to be grasped.

(Traffic information extraction method)
Next, a process for calculating the traffic amount executed in the flow calculation unit 103 will be described. A series of processes for calculating the traffic amount corresponds to the traffic information extraction method of the present embodiment. In the following description, for simplification of description, it is assumed that there is no communication path from one OIF to the same PE router through different communication paths.

  FIG. 5 is a diagram for explaining the traffic information extraction method of the present embodiment. The user designates a search target VPN via the VPN designation unit 102. The flow calculation unit 103 selects one PE router serving as a base point (referred to as a base PE router) from among PE routers directly connected to the CE router included in the designated VPN (step S501). The base PE router can be selected by detecting a designated VPN from the VPN information and specifying one PE router having an interface connected to the CE router corresponding to this VPN.

Next, the flow calculation unit 103 acquires an interface (IIF) in the base PE router (step S502), and uses information for specifying the counter PE router (step S503) of the specified base PE router from the flow information. Then, the traffic volume of data moving from the IIF toward the opposite PE router is extracted (step S504).
Next, the flow calculation unit 103 acquires interface (OIF) information included in the flow information. In addition, the first P router (Next hop router n0) to be the Next hop router connected to the OIF is specified from the configuration file (Step S505).

  The processing in step S505 will be described with reference to FIGS. 3A and 3B and the example shown in FIG. The flow calculation unit 103 specifies from the flow information that the OIF corresponding to the opposite PE router (assumed to be U) is the interface c. Then, it is detected from the configuration file shown in FIG. 4A that the P router connected to the interface c is the P router R. In such a case, P router R becomes Next hop router n0.

  Next, the flow calculation unit 103 connects to the P router R via the communication unit 106, acquires route information addressed to the opposite PE router address (address U), and acquires a next hop interface name (CLI, SNMP, etc. Collect information from the router). Thereafter, by searching for the next hop interface name from the configuration file, a router connected to the P router R is detected, and the detected router is set as the next hop router n1 (step S506). In the present embodiment, if the next hop interface addressed to the opposite PE router address (address U) is f in the P router R, in this embodiment, the P router T becomes the Next hop router n1.

In the above embodiment, the topology management unit 105 manages only the configuration file and the PE router address is acquired each time. However, in the topology management unit in advance, the route information addressed to all PE router addresses is described. By acquiring in advance, it is possible to save the trouble of acquiring each time.
The flow calculation unit 103 determines whether or not the P router T matches the opposite PE router (for example, the PE router U) specified by the flow information (step S507). In the present embodiment, the P router T is not the PE router U (step S507: No). For this reason, the flow calculation unit 103 increments “n1” of the Next hop router by one, and executes Step S506 again. By this process, the next hop router next to the P router T is specified.

  When step S506 is executed again, in this embodiment, it can be seen that the PE router U, which is the opposite PE router, is a Next hop router that is directly connected to the P router T (step S507: Yes). For this reason, the communication path specifying unit 103c determines that the communication path from VPNα to the PE router U is the path from the PE router P to the PE router U via the P router R and the P router T. Then, it is determined that the traffic amount obtained from the flow information is the traffic amount of the route from the PE router P to the PE router U via the P router R and the P router T. By combining the above information and the flow information, a process (mapping) for associating the route of data moving between the PE routers (VPN) and the traffic amount of the data moved along this route is executed (step S508).

Next, the flow calculation unit 103 determines whether there is another flow in the PE router selected in step 501 (step S509). When there is another flow (step S509: Yes), the flow calculation unit 103 executes again the processing after step S505 for the other flow.
Further, when there is no other flow (step S509: No), the flow calculation unit 103 determines whether or not to execute processing for grasping the traffic amount by selecting another PE router connected to the designated VPN. (Step S5010). When it is necessary to execute the process (step S5010: Yes), the flow calculation unit 103 executes the process after the process of step S501 again for the other PE routers. If there is no need to execute the process (step S5010: No), the flow calculation unit 103 ends the traffic information extraction process.

  According to the traffic information extraction apparatus, traffic information extraction system, and traffic information extraction method of the present embodiment described above, the flow information is acquired only from the PE router, so the load on the router for collecting information is reduced. Can be achieved. In addition, since the connection of the P router is specified from the information related to the topology information set in advance, it is possible to reduce the load on the process of specifying the communication path rather than extracting the information of the data passing through the router. . Furthermore, the processing load is not increased by increasing the accuracy of specifying the communication path.

  In addition, the scope of the present invention is not limited to the illustrated and described exemplary embodiments, and includes all embodiments that provide the same effects as those intended by the present invention. Furthermore, the scope of the invention is not limited to the combinations of features of the invention defined by the claims, but can be defined by any desired combination of particular features among all the disclosed features.

  The present invention can grasp the amount of VPN traffic and can be used for VPN design and topology information setting.

DESCRIPTION OF SYMBOLS 101 Traffic information extraction system 102 VPN designation | designated part 103 Flow calculation part 103a Flow information acquisition part 103b Topology acquisition part 103c Communication path identification part 103d Traffic information extraction part 104 Flow management part 105 Topology management part 106 Communication part 111 VPN provision network 112-117 Network a, b, c, d, e, f, g, h, j, k, m, n, q Interface P, Q, U, V PE router R, S, TP router α, β, Χ, Δ , Ε, Φ CE router

Claims (5)

Of the plurality of routers included in the first network, the first router directly connected to the router included in the second network, and among the plurality of routers included in the first network, directly to the router included in the third network A traffic information extracting device that extracts information relating to a traffic amount of a communication path between a connected second router,
A flow information acquisition unit for acquiring a traffic amount of a communication path between the first router and the second router from the first router and the second router;
A topology acquisition unit for acquiring preset topology information indicating a relationship regarding connection of one or a plurality of third routers provided between the first router and the second router;
From the topology information acquired by the topology acquisition unit, a communication path specifying unit that specifies a communication path between the first router and the second router;
A traffic information extracting unit that uses the traffic amount acquired by the flow information acquiring unit as the traffic amount of the communication path specified by the communication path specifying unit;
A traffic information extracting device comprising: When there are a plurality of the third routers,
The communication path specifying unit
Sequentially acquiring information for specifying other third routers directly or indirectly connected to a direct connection router which is a third router directly connected to the first router from the topology information;
When the third router specified by the information acquired from the topology information is directly connected to the second router, a plurality of third routers whose information is acquired from the first router by the topology acquisition unit 2. The traffic information extracting device according to claim 1, wherein a route to reach the second router via is specified as a communication route between the first router and the second router.   The topology information includes information indicating a connection relationship between the third routers, information indicating a connection relationship between the third router and the first router, and a connection relationship between the third router and the second router. The traffic information extracting device according to claim 2, comprising: information to be displayed. Of the plurality of routers included in the first network, the first router directly connected to the router included in the second network, and among the plurality of routers included in the first network, directly to the router included in the third network A traffic information extracting device that extracts information on a traffic amount of a communication path between a second router to be connected to the first router and the second router from the first router and the second router; A flow information acquisition unit that acquires the traffic amount of the communication path between the first router and the first router and the second router, and indicates a connection relationship between one or a plurality of third routers provided in advance A topology acquisition unit that acquires the topology information that is stored, and the topology information acquired by the topology acquisition unit, the first router and the first A communication path specifying unit that specifies a communication path to and from the router, and a traffic information extracting unit that uses the traffic volume acquired by the flow information acquiring unit as the traffic volume of the communication path specified by the communication path specifying unit A traffic information extracting device comprising:
A flow information acquisition server that collects information on the amount of traffic between the first router and the second router from the first router and the second router and supplies the information to the flow information acquisition unit;
Topology information management server for supplying topology information set in advance to the topology acquisition unit;
A traffic information extraction system comprising: Of the plurality of routers included in the first network, the first router directly connected to the router included in the second network, and among the plurality of routers included in the first network, directly to the router included in the third network A traffic information extraction method for extracting information related to a traffic amount of a communication path between a connected second router,
A first step of obtaining a traffic amount of a communication path between the first router and the second router from the first router and the second router;
A second step of acquiring preset topology information indicating a connection relationship between one or a plurality of third routers provided between the first router and the second router;
A third step of identifying a communication path between the first router and the second router from the topology information acquired in the second step;
A fourth step in which the traffic amount acquired in the first step is the traffic amount of the communication path specified in the third step;
A traffic information extracting method comprising:

Images