JP2019117972A - Network management device, network system, method, and program - Google Patents

Abstract

To acquire network configurations of a network including a plurality of communication devices each having a LAG port by acquiring LAG port configuration information.SOLUTION: A network management device is configured to: transmit a first message to a network including one or a plurality of communication devices each having a LAG port, and then acquire an address of each communication device in a route up to a target node; transmit a second message for communication confirmation which has the address of the communication device set in a destination address field of a header and a different value set in at least one of a transmission source address field and an identification information field, and extract port identification information included in a response from the communication device; use a port ID of one of two opposed communication devices arranged in the route to generate a command for communication confirmation for the other communication device opposed to the one communication device and also transmit it to the one communication device; and let the one communication device transmit a third message for communication confirmation to the other communication device.SELECTED DRAWING: Figure 5

Description

  The present invention relates to a network management device, a network system, a network management method, and a program.

  Ethernet (registered trademark) is not only for LAN (Local Area Network) but also for VPN (Virtual Private Network) etc. that provides connection of Layer 2 (L2) of Open Systems Interconnection (OSI) reference model between sites. Is also used. Ethernet OAM (Operation Administration and Maintenance) is a technology that standardizes Ethernet operation, maintenance, and management (OAM), and is based on the International Telecommunication Union Telecommunication Standardization Sector (ITU-T). It is standardized as 1731 and also as IEEE802.1ag (IEEE: Institute of Electrical and Electronics Engineers).

  In Ethernet OAM, two concepts of MEP (Maintenance Entity Group (MEG) End Point) and MIP (MEG Intermediate Point) are introduced. For example, MEPs and MIPs are provided for each management level by a network operator, a service provider or the like who provides a network service, and transmission and reception of Ethernet OAM frames are performed. MEP is a maintenance end point (end point) that generates and terminates an Ethernet OAM frame (abbreviated as "OAM frame"), and MIP is a middle point of a maintenance entity group (MEG) that relays an OAM frame. Ethernet OAM is implemented on full-duplex point-to-point or emulated point-to-point Ethernet links.

  FIG. 1 is a diagram for explaining the format (ITU-T.Y.1731) of an OAM frame. Referring to FIG. 1, destination MAC (Media Access Control) address (48 bits: 6 octets) of Ethernet frame header, source MAC (Media Access Control) address (6 octets), VLAN (Virtual Local Area Network) tag (4) Octet), OAM Ether-type (2 octets), MEG (Maintenance Entity Group) level and version number (1 octet), operation code (control code) (1 octet), flag (1 octet), TLV (Type-Length-Value) 2.) Offset (1 octet), OAM data information (36 to 1494 octets), FCS (Frame Check Sequence) (4 octets). In addition, preamble (7 octets) + SFD (Start of Frame Delimiter: fixed bit string of 1 octet) (IEEE 802.3) or preamble (8 octets) (Ethernet ver. 2) is added before the destination MAC address. Ru.

  The VLAN tag (4 octets) is composed of a tag protocol identifier (TPID: Tag Protocol Identifier) (2 octets) and tag control information (TCI: Tag Control Information) (2 octets).

TCI is
3-bit priority (PCP: Priority Code Point),
1-bit Canonical Format Identifier (CFI) (used for token ring, 0 for Ethernet),
12 bit VLAN-ID (VID)
It consists of

  The OAM Ether-type (2 octets) is set to 0x8902 (where 0x represents a hexadecimal notation). The MEG (Maintenance Entity Group) level is 3 bits, and the MEG level numerical value (for example, 0 to 7) of an OAM PDU (Protocol Data Unit) is set. For example, three levels of MEG level 0, 1, 2 are at the operator level, MEG level 3, 4 are at the service provider level, and MEG levels 5, 6, 7 are at the subscriber (customer) level. Note that, at the management point, in general, OAM frames for which the MEG level is set to a level higher than itself are transmitted, and low-level OAM frames are discarded. The version number is set to an integer value representing an OAM protocol version (for example, 0). The op code (control code) indicates the type of OAM PDU. CCM (Continuity Check Message) is 1, LBM (Loop Back Message) is 3, LBR (Loop Back Reply) is 2, LTM (Link Trace Message) is 5, and LTR (Link Trace Reply) is 4. The TLV (Type-Length-Value) offset includes an offset corresponding to the TLV offset field to the first TLV in the OAM PDU (corresponding to the type of OAM PDU). If the TLV offset is 0, point to the first octet (OAM data information) following the TLV offset field.

  The Ethernet OAM includes the following link OAM, connectivity OAM, and service OAM.

(1) Link OAM: Monitors the line status between two adjacent devices (Corresponding standard: IEEE802.3ah, ITU-T Y.1731):
(1-1) Discovery: Identify devices in the network and their OAM functions.
(1-2) Remote Link Monitoring: Detect and display link failure.
(1-3) Link Failure Indication: Function by which an OAM entity communicates a failure status to a peer according to a specific flag of the OAM PDU.
(1-4) Remote LoopBack: Loopback control: put the peer in loopback mode using OAM PDU.

(2) Connectivity OAM: Monitors the line status between two distant devices (Corresponding standard: IEEE802.1ag, ITU-T Y.1731):
(2-1) Continuity Check (CC),
(2-2) Loopback (LB) (corresponds to the PING function of layer 3: connectivity check)
(2-3) Link Trace (LT) (corresponds to the trace route function of layer 3)

(3) Service OAM: Monitors the line status and performance between a plurality of devices on the communication path (Corresponding standard: ITU-T Y. 1731).

  Referring to FIG. 2 (A), Continuity Check (CC) confirms connectivity between MEPs. Specifically, in order to detect a disconnection, the MEP at the end transmits a CCM (Continuity Check Message) to the MEP at the other end. The CCM check interval is, for example, 3.3 ms (millisecond) / 10 ms / 100 ms / 1 s (second) / 1 min. (minute) / 10 min. Loopback (LB) performs continuity check and fault isolation by exchanging loopback frames between MEP and MEP and between MEP and MIP on demand.

  Referring to FIG. 2 (B), LoopBack (LB) transmits, for example, unicast from MEP to LBM (Loopback Message) to the destination MIP or MEP. When the MIP or MEP receives an LBM frame, the MIP or MEP generates an LBR (Loopback Reply) frame and transmits it to the source MEP. The destination MAC address and the source MAC address of the LBR frame are obtained by replacing the destination MAC address and the source MAC address of the LBM frame. The opcode field of the LBR frame header is changed from LBM to LBR. When LBR is not received within a predetermined time (for example, at least 5 seconds), it is “loss of connectivity”. For example, in MEP, after transmitting a unicast LBM frame, the transaction ID is held, for example, for a minimum of 5 seconds.

  Referring to FIG. 2C, Link Trace (LT) exchanges loopback messages between MEPs and MEPs and MEPs and MIPs to confirm the normality of the route. For example, when a failure occurs, it is used to isolate the failure point. The MEP stores a destination (target) MAC address in a TLV field, describes a multicast address in a DA (Destination Address) field, and transmits an LTM (Link Trace Message). When the source MEP multicasts an LTM frame, all MIPs / MEPs through which the LTM frame passes returns a response frame (link trace reply (LTR)) to the source MEP. In addition, the MEP which received the LTM frame last does not transmit any more.

  Link aggregation (Link Aggregation) is, for example, adjacent to one another by configuring a link aggregation group (Ling Aggregation Group: LAG) in which a plurality of physical ports (interfaces) are taken as link aggregation member ports and logically accommodated as one line. Expand the communication bandwidth with the node. A bundle of ports is called a Link Aggregation Group (LAG) (or alternatively called a Trunk Group). In some cases, one MAC (Media Access Control) address of a plurality of ports (LAG port members) constituting the LAG may be used as a system ID (Identification) of the LAG.

  In LAG, a plurality of hash values (hash keys) prepared in advance are equally allocated to LAG member ports, and IP (Internet Protocol) addresses and MAC addresses of packets to be transmitted or port IDs etc. are used, for example. It is general to convert to a hash value (hash key) by a vendor-specific algorithm and to determine a transmission interface. As schematically shown in FIG. 3, in the L2 switch (SW1), a frame sent from the LAG is a hash value (for example, converted from a destination (destination) of the frame header and / or a MAC address of a source (source) Based on the hash key, it distributes to any one interface (port) among a plurality of lines (links) of LAG.

  When a hash value (hash key) is calculated based on the destination MAC address and the source MAC address, for example, a plurality of prepared hash values (hash keys) are 32 and a line with two LAGs (NIF (Network Interface) In the case where P.sub.1 and P.sub.2 consist of two), frames (packets) are allocated by allocating a hash value to each of 16 LAG member ports. Frames (packets) with the same hash value always pass through the same physical port. Alternatively, when there are two LAG member ports, the first digit (hexadecimal) of the frame source MAC address (or the first 12 hexadecimal digits) is converted to a hash value depending on whether it is even or odd, and two LAG Allocate to member port etc. As another example, in the case where the number of elements of the hash value (hash key) is eight and the LAG is four lines (the number of NIFs is four from P1 to P4), as an example of distribution based on the hash value, for example The hash values H1 and H5 for the port P1, the hash values H2 and H6 for the port P2, the hash values H3 and H7 for the port P3, and the hash values H4 and H8 for the port P4 are performed. Alternatively, in the layer 3 (L3) switch or the like, a hash value may be obtained based on, for example, an IP (Internet Protocol) address. For example, the output port of the distribution destination is determined based on the hash value of at least one of the source IP address and the destination IP address. Alternatively, the output port of the distribution destination may be determined based on a hash value such as a virtual local area network (VLAN) ID (Identifier) and a port ID.

  In link aggregation, for example, as port information at the time of setting MIP and MEP, not information of individual ports (physical ports), for example, information of logical ports obtained by bundling a plurality of ports (physical ports) is used. May be For example, one MAC address of a plurality of ports configuring a LAG may be used as a system identification (system identification) of the LAG. In this case, when the reachability is confirmed by an LBM frame or the like in a communication apparatus (node apparatus) in which a plurality of ports (physical ports) are bundled into a logical port, a specific physical of the plurality of ports (physical ports) It is known that only confirmation using a port is performed (see, for example, Patent Document 1).

  For example, an LBM frame that uses the MAC address of the MEP that generates and transmits an LBM frame and the MAC address of the MIP / MEP port that is the destination as the transmission source MAC address and the destination MAC address is, for example, the switch SW1 in FIG. The port to which the packet is to be distributed is determined by hash calculation based on the MAC address. Therefore, although the LBM frame arrives at the corresponding port, the reachability of other ports can not be confirmed.

  FIG. 4 is a diagram created based on FIG. 3 of the drawing of Patent Document 1. As shown in FIG. FIG. 4A shows an operation example of loopback test of Ethernet OAM. In FIG. 4B, the UpMEP is indicated by a triangle, and a state in which LBM and LBR frames are logically transferred in a section sandwiched by two UpMEPs is indicated by a long two-dot chain line. In FIG. 4A, physical transfer paths of LBM and LBR are indicated by long dashed lines.

  UpMEP communicates via a relay function. UpMEP is set, for example, for a port + VLAN (Virtual LAN) that is output after a frame is switched (relayed) and an output port is determined in the device. UpMEP drops OAM frame of same level or lower level coming from line direction and bridge relay side, processes same level OAM frame coming from bridge relay side, and from bridge side or line side The incoming high-level OAM frame is transparently transferred.

  On the other hand, Down MEPs can communicate via a line and can be placed, for example, on a port of a switch. The Down MEP is, for example, an MEP that terminates at a port that has received an OAM frame input from the outside of the device, and the port of the Down MEP also transmits a maintenance management frame in the direction from the port to the outside of the device. The Down MEP port processes the same level OAM frame received from the line direction, discards the lower level frame, and transparently transfers the upper level OAM frame received from the bridge relay side or the line side.

  As described with reference to FIG. 3, LBM and LBR frames transferred to LAG are distributed to any one port (physical port: network interface) based on the hash value converted based on the MAC address. .

  In loopback between MEPs, the combination of the LBM frame, the destination of the LBR frame header that is the response, and the source MAC address does not change (In the LBR frame, the destination, source MAC address is an LBM frame Replace with the destination MAC address of the). Therefore, the hash value in LAG of any LBM frame does not change from frame to frame. Also, the hash value in the LAG of the LBR frame returned from the peer MEP as a response to any LBM frame does not change from frame to frame. Therefore, the physical links through which the LBM and LBR pass are the same each time in each of the LBM frame and the LBR frame. Therefore, as illustrated in FIG. 4, when transferring an LBM frame from MEP of port P2 of switch SW1 to MIP of port P1 of switch SW2 on trunk 1 (LAG), port P2 of switch SW1 to switch SW2 The link to port P1 is selectively used. Therefore, the link between the port P3 of the switch SW1 and the port P2 of the switch SW2 is a section (path) where LBM and LBR do not pass, and the normality of frame transmission in the section can not be confirmed.

  When distribution to one port is performed based on the hash value of the MAC address of the frame from among a plurality of ports (physical ports) connected to LAG, for example, the MAC address of the transmission source (MEP) of the LBM frame is increased It is possible to distribute the LBM frame to another physical port connected to the LAG (by adding NIF (network interface)). However, when the number of elements of the hash value increases, the number of additional network interfaces at the transmission source of the LBM frame increases, which is not realistic.

  With regard to the above problem, Patent Document 1 supports comprehensively checking the normality of a plurality of frame transfer paths inside the communication apparatus in which a plurality of physical ports are bundled in a logical port. Technology is disclosed. The frame transmission apparatus described in Patent Document 1 includes a plurality of ports of the line unit and a setting control unit, and the setting control unit transfers the OAM frame from the first port to the second port inside the apparatus. Thus, the normality of the frame transfer state inside the device is confirmed. When the first port is a logical port in which a plurality of physical ports are link-aggregated, the setting control unit selects each of the plurality of physical ports as a transmission source port, and the plurality of physical ports to a second port To transfer multiple OAM frames.

  In addition, Patent Document 2 describes a port in which a maintenance entity such as MEP or MIP is configured to inspect a designated link of a group by transferring at least one connectivity fault management (CFM) via the designated link. A configuration is disclosed that includes a definer module that allows all LAG members to be checked during a unicast LBM check whether MEPs are associated with all links.

  Further, in Patent Document 3, the layer 2 network device transmits the Ethernet OAM frame received from the first port to all of the plurality of second ports connected to the link-aggregated circuit (link). A configuration is disclosed in which a link failure between communication devices can be detected by including an OAM frame duplicating unit to duplicate and forwarding the OAM frame to all the links constituting the link aggregation.

  Furthermore, for example, a tag VLAN (Virtual Local Area Network) may be configured on the above-described link aggregation. In the tag VLAN, a number (VLAN ID) is assigned to the VLAN, and this is registered in a database (DataBase: DB) for managing VLAN information of each switch. The switch refers to the DB to associate the VLAN of the source of the frame with the VLAN of the destination. In the trunk link between the opposing switches 1 and 2, the switch 1 transmits a tag VLAN number corresponding to the VLAN A to the header of the frame sent from the VLAN A and transmits it from the trunk port to the switch 2, and the switch 2 The tag field in the header of the frame received from the trunk port recognizes that the frame belongs to VLAN A, removes the tag inserted in Switch 1 and transfers it to the VLAN A port of Switch 2 Frames are only forwarded to the target VLAN.

  When the layer 2 switch receives a frame, it registers the source MAC address in a table called a filtering database (FDB). In each entry of the FDB, the correspondence between the MAC address and the port that received the frame is recorded. When a frame is received, the layer 2 switch compares the destination MAC address with the MAC address in the FDB, and if there is no matching entry, broadcasts the frame to all interfaces other than the interface (port) that received the frame (flooding). If there is an entry in the FDB that matches the destination MAC address, the switch compares the interface that received the frame with the interface of the FDB entry, and if the interface is different, relays the frame to the interface indicated in the FDB entry .

  When the switch distributes LAG ports based on the hash value of the VLAN number (VLAN ID (VID)), it monitors LAG interoperability between VLAN nodes between the source and destination of the frame with the same VLAN number. It is not easy to do.

  This is because when the VLAN numbers are the same, they are distributed to the same port.

JP, 2015-002413, A Japanese Patent Publication 2009-543500 JP, 2008-131615, A

  In the related art described above, in order to perform a continuity test on all physical ports subjected to link aggregation to check normality, a communication device such as a switch that configures MEP or MIP is a specification of each of the above patent documents. Needs to be modified (remodeled) or redesigned accordingly. Modification of each switch etc makes it difficult to apply to existing systems. In addition, modification (redesign) of the switch or model exchange in the case of application to an existing system causes an increase in cost, man-hour, and the like.

  In addition, when the switch distributes based on the hash value of the MAC address, VLAN ID, etc. of the received frame, it is difficult to acquire the network configuration including the LAG member port information between the switches.

  This is because, when a VLAN is configured on a link aggregation, for example, when the switch allocates LAG member ports based on the VLAN number, only the connectivity test of the same VLAN can be performed, and the network configuration can not be obtained. It is because it is difficult.

  Therefore, the present invention has been made in view of the above problems, and an object thereof is to acquire LAG port configuration information of a network including a plurality of communication devices having link aggregation (LAG) ports and acquire a network configuration. A network management apparatus, a network system, a network management method, and a program are provided.

  According to one aspect of the present invention, a communication device on a path to a destination node for a network including one or more communication devices having a plurality of ports aggregated into a link aggregation group (LAG). The first means of transmitting a first message for acquiring address information and acquiring the address of each communication device on the path, and the destination device of the header, which is obtained by the first means A second message for communication confirmation is transmitted, which is an address and is set to different values for at least one of the transmission source address field and the identification information field of the header, and a response from the communication device to the second message. A second means for extracting port identification information (port ID) included in the communication, and communication between one of two opposing communication devices arranged on the path Command for communication confirmation with respect to the other communication device facing the one communication device using the port ID (Identifier) of the device, and transmits the command to the one communication device, and the other communication device And a third means for causing the communication device to transmit a third message for communication confirmation.

  According to one aspect of the present invention, there is provided a network system comprising the network management device and a communication device.

According to one aspect of the present invention, a communication device on a path to a destination node for a network including one or more communication devices having a plurality of ports aggregated into a link aggregation group (LAG). Transmitting a first message for acquiring address information, acquiring an address of each communication device on the path;
A second message for communication confirmation is transmitted, in which the destination address field of the header is the address of the acquired communication device, and the value is set to different values for at least one of the source address field and the identification information field of the header. ,
Extracting port identification information (port ID) included in a response from the communication device to the second message;
Using a port ID of one communication device of two opposing communication devices disposed on the path, a command for communication confirmation for the other communication device opposing the one communication device is generated to perform the one communication A network management method is provided, which is transmitted to a device and causes the one communication device to transmit a third message for communication confirmation to the other communication device.

According to one aspect of the present invention, a communication device on a path to a destination node for a network including one or more communication devices having a plurality of ports aggregated into a link aggregation group (LAG). Transmitting a first message for acquiring address information, and acquiring an address of each communication device on the path;
A second message for communication confirmation is transmitted, in which the destination address field of the header is the address of the acquired communication device, and the value is set to different values for at least one of the source address field and the identification information field of the header. A process of extracting port identification information (port ID) included in a response from the communication device to the second message;
Using a port ID of one communication device of two opposing communication devices disposed on the path, a command for communication confirmation for the other communication device opposing the one communication device is generated to perform the one communication A program is provided that causes a computer to execute processing of transmitting to a device and transmitting a third message for communication confirmation from the one communication device to the other communication device.

  According to one aspect of the present invention, a computer readable recording medium storing the above program (for example, a random access memory (RAM), a read only memory (ROM), or an electrically erasable and programmable ROM (EEPROM)). , And a non-transitory computer readable recording medium such as an HDD (Hard Disk Drive), a CD (Compact Disc), a DVD (Digital Versatile Disc), and the like.

  According to the present invention, in a network including a plurality of communication devices having LAG ports, LAG port configuration information can be acquired, and the network configuration can be acquired.

It is a figure explaining an Ethernet OAM frame. (A), (B), (C) is a figure explaining connectivity OAM. It is a figure explaining the hash of related technology. (A), (B) is a figure based on the indication of patent documents 1. It is a figure explaining the 1st Embodiment of this invention. It is a figure explaining EoE network. It is a figure explaining TRACE ROUTE. It is a figure explaining an example of operation | movement of the 1st Embodiment of this invention. It is a figure which shows an example of a structure of the network management apparatus of the 1st Embodiment of this invention. It is a figure explaining the 1st Embodiment of this invention. It is a figure explaining the 1st Embodiment of this invention. It is a figure explaining the 1st Embodiment of this invention. It is a figure explaining the frame format (PING with EOE TAG) of a 1st embodiment of the present invention. It is a figure explaining the frame format (EOE PING) of the 1st Embodiment of this invention. It is a figure explaining the frame format (Ether-OAM LBM) of the 1st Embodiment of this invention. It is a figure explaining the frame format (PING with TAG) of a 1st embodiment of the present invention. It is a figure explaining the 1st Embodiment of this invention. It is a figure explaining the 1st Embodiment of this invention. It is a figure explaining the example of implementation of a computer.

  One embodiment of the present invention will be described. FIG. 5 is a diagram for explaining an embodiment of the present invention. The network management device 10 is a node that performs network monitoring control. The network management device 10 sends the first message (for example, the trace function in layer 2: EoE TRACE ROUTE message or Ethernet) to the network 1 including a switch having a plurality of ports aggregated into a link aggregation group (LAG). Switches (communication devices) 20-A, 20-B, 20-C, 20-D, 2 that transmit OAM Link Trace etc. and are on the route to the destination node (for example, edge switch 2-2) of the network 1 -2 address (MAC address) information is acquired (first step). Although an application example to an EoE network will be described below as an example of an embodiment of the present invention, it is a matter of course that the network 1 is not limited to the EoE network in FIG.

  The network management device 10 acquires the destination address field (Destination MAC Address) of the EoE header in each of the switches (communication devices) 20-A, 20-B, 20-C, 20-D, 2 acquired in the first step. Address (MAC address) of −2, and values (sweeped values) different for at least one of the source address field (Source MAC Address) of the EoE header and the identification information field (VLAN-ID) The set second communication confirmation message (for example, EoE PING request: PING request at layer 2) is transmitted (second step).

  In PING (Packet IN Ternet Groper) (also described as ping), an echo request (Echo request) packet of ICMP (Internet Control Message Protocol) is sent to the target node, and the echo response (returned from the target node) Communication confirmation is performed by confirming reception of Echo reply).

  The network management device 10 extracts the port ID included in the response (for example, the EoE PING reply) from the switch to the second message (for example, the EoE PING request). The network management device 10 designates a port ID (Identifier) (port number) of one switch (communication device) of two opposing switches (communication devices) arranged on the path as a transmission source port, A command (for example, an EoE PING command) for transmitting a message for communication confirmation to the other switch (communication device) opposed from the transmission source port of one switch (communication device) is generated. Then, the network management device 10 inputs the generated command (for example, an EoE PING command) into the one switch (communication device).

  One switch (communication device) that has received the command (for example, EoE PING command) from the network management device 10 receives a third message (for example, EoE for communication confirmation) from the transmission source port to the other switch (communication device). Send EoE PING request) (third step).

  The one switch (communication device) extracts the port ID included in the response (for example, EoE PING reply) from the other switch (communication device) to the third message (for example, EoE PING request). The port ID of the opposing switch (communication device) connected to the transmission source port of one switch (communication device) can be acquired.

  The network management device 10 transmits, for example, pair information of a transmission source port ID of the one switch (communication device) and a port ID of the other switch (communication device) facing the transmission source port. Communication device). The network management device 10 executes the third step for each switch (communication device) on the path to the edge switch 2-2 (target node) of the network 1 to obtain the LAG port of each switch. Configuration information (for example, how many lines the LAG is).

  By performing the first to third steps on all edge switches on the network 1 in the network management apparatus 10, the configuration of the network 1 can be acquired.

  According to one aspect of the present invention, an Ethernet over Ethernet (EoE) PING function for monitoring a network including one or more communication devices having a plurality of ports aggregated into a link aggregation group (LAG) is a header of an Ethernet frame. It is good also as a structure provided with a means to transmit the frame which swept at least one of the transmission source (source) MAC address and VLAN ID.

  According to one embodiment of the present invention, the network management device 10 includes switches (communication devices) 20-A, 20-B, 20-C, which are on the path to the edge switch 2-2 (destination node) of the network 1. The Ethernet-OAM Link Trace message (LTM in FIG. 2C) may be transmitted in the step of obtaining the address (MAC address) information of 20-D and 2-2 (the first step). In addition, the network management device 10 performs Ethernet OAM frame as an Ether-OAM function for performing communication confirmation of a network including one or more switches (communication devices) having a plurality of ports aggregated into a link aggregation group (LAG). The configuration may include means for transmitting a frame in which at least one of the source MAC address of the header and the VLAN ID is swept.

  According to one embodiment of the present invention, the network management device 10 is attached with a tag for monitoring a network including one or more switches (communication devices) having a plurality of ports aggregated into a link aggregation group (LAG). The PING function includes means for transmitting a frame obtained by sweeping at least one of a source MAC address of an Ethernet frame header, a VLAN ID, and a source IP address of an IP packet encapsulated in the frame. It is good also as composition.

In EoE (Ether over Ether), as schematically shown in FIG. 6, a unique Eo EMAC address is defined for each of the subscriber ports of the edge switches (edge routers) 5-1 and 5-3. The edge switches 5-1 and 5-3 may be, for example, PE routers (Provider Edge routers). Also, the network 1 may be Multi-Protocol Label Switching (MPLS) or Virtual Private LAN Service (VPLS). The edge switch 5-1 encapsulates the Ethernet frame 501 received from the source node 4 with an EoE header. EoE header is
Destination EoE MAC Address (EoE DA (Destination Address)): EoE MAC address of port of edge switch 5-3,
Source EoE MAC Address (EoE SA (Source Address): Eo EMAC address defined at the input port of the edge switch 5-1: a,
TAG (VID),
・ TTL (Time To Live) (corresponds to the number of times the router or switch has passed)
Etc.

  The edge switch 5-1 transfers the encapsulated Ethernet frame 502 to the edge switch 5-3, which is an EoE DA of an EoE header, via the core switch 5-2 (one or more). The edge switch 5-3 removes the EoE header added by the edge switch 5-1 from the Ethernet frame 502 (decapsulates), and transmits the original Ethernet frame 503 to the destination node 6. It is possible to dramatically reduce the MAC address which has to be learned in the core switch 5-2.

  In the present embodiment, the network management device 10 of FIG. 5 may be disposed in the edge switch 5-1 or the core switch 5-2 of the network 1. The network management device 10 sets its own MAC address in the source address field (EOE SA: SA2) of the EOE header and the MAC address of the edge switch 5-3 in the destination address end (EOD DA: DA2), and EoE TRACE ROUTE Send a message

  FIG. 7 is a diagram illustrating the TRACE ROUTE (also described as "TRACEROUTE") function. Note that TRACEROUTE may use UDP (User Datagram Protocol) or ICMP. On Linux (R), the default is UDP (ICMP is also possible).

  In the case of ICMP, ICMP Time Exceeded occurs with respect to TTL expiring (the value of TTL is 0) of the ICMP Echo request message. When a frame having a TTL of 2 or more arrives, the switch subtracts 1 from the value of TTL and transfers it to the next switch. When the switch receives a frame with a TTL of 1, the frame is discarded, and an “ICMP Time Exceeded” message (frame) is returned to the network management device 10 of the transmission source. The network management apparatus 10 acquires path information by transmitting frames (packets) while incrementing the TTL of TRACEROUTE by one. First, the network management device 10 transmits a frame in which TTL is set to 1. When the switch SW1 is reached, the TTL becomes zero, and "ICMP Time Exceeded" is returned from the switch SW1 (B). The IP address (MAC address) of the switch SW1 can be known by looking at the transmission source address field of the header of this frame.

  Next, the network management device 10 transmits a frame in which the TTL is set to 2. In this case, ICMP Time Exceeded is returned from the second switch SW2 to the network management device 10 (C).

  In the network management device 10, by increasing the TTL to 3 and 4, the IP address of the switch on the path to the edge switch SW4, which is the target node, is acquired in order. Note that in order to obtain the MAC address from the IP address, ARP (Address Resolution Protocol) may be used.

  FIG. 8 is a view for explaining an example of the operation of the embodiment of the present invention. One embodiment of the present invention will be described with reference to FIGS. 5 and 8.

  The network management device 10 has an address (MAC address) of switches (communication devices) 20-A, 20-B, 20-C, 20-D, and 2-2 on the path to the edge switch 2-2 of the network 1. Information is acquired (step S11).

  The network management apparatus 10 sets the destination address field (EoE DA) of the EoE header as the address (MAC address) of the switches 20-A, 20-B, 20-C, 20-D, and 2-2, and transmits the EoE header For at least one of the source address field (EoE SA) or VLAN-ID, prepare a value larger than the number of LAG member ports (number of lines aggregated as LAG) or number of LAG member ports (number of lines aggregated as LAG) The EoE PING request set to a value (for example, variable in order (ascending order or descending order)) swept in a larger range than) is transmitted (step S12).

  For example, referring to FIG. 5, in the network management device 10, the acquired MAC address is set in the destination address field (EoE DA) of the EoE frame header, and the MAC address of the source address field (EoE SA) of the EoE frame header is A plurality of EoE PING requests which are changed by a value larger than the number of LAG member ports (the number of lines aggregated as LAG) are transmitted to each switch.

  Each of the switches 20 -A to 20 -D determines a port (LAG member port) to which the frame is to be distributed, based on the hash value of the MAC address of the EoE SA column of the EoE header of the received frame (packet).

  The switch receives a plurality of frames (frames equal to or more than the number of LAG member ports) in which the MAC address in the EoE SA column of the EoE header of the frame (packet) is set to the number or more of LAG member ports from the network management device It can be distributed to all LAG member ports based on the hash value of the address. The same applies to the case where the switch determines the port (LAG member port) to which the frame is to be distributed based on the VID hash value of the EoE header. From the network management device 10, a plurality of frames (frames with the number of LAG member ports or more) in which the value of VLAN ID (VID: 12 bits) in the VID column of the EoE header of frames (packets) is set equal to or more than the number of LAG member ports The received switch can distribute to all LAG member ports based on the hash value of the VLAN ID.

  In this embodiment, the MAC address (virtual MAC address) is set in the source MAC address field of the EoE header in software, or the VLAN ID of the EoE header is set. Details of setting of the VID and setting of the virtual MA address will be described later.

  When the network management device 10 receives the EoE PING reply returned from each switch SW (YES in step S13), the network management device 10 acquires port ID information (for example, Port-ID of frame format in FIG. 14) included in the EoE PING reply. (Step S15).

The network management apparatus 10 uses the adjacent information of each switch on the route to the edge switch of the network 1 acquired by EoE TRACER OUTE and the LAG member port number information (port ID) of each switch acquired by EoE PING reply , EoE PING command (CLI (Command Line Interpreter) command executed by each switch, for example,
EoE ping [destination adjacent device address] from [port number of relevant switch]
Automatically generate

  The network management device 10 transmits the generated EoE PING command to the switch (step S16).

  For example, in FIG. 5, the network management device 10 switches the switches 20-A, 20-B and 20-C which face (adjacent to) each LAG member port of each switch 20-B, 20-C and 20-D. The destination EoE PING command is generated, and the EoE PING command is transmitted to each of the switches 20-B, 20-C, and 20-D.

  Each of the switches 20-B, 20-C, 20-D transmits an EoE PING request to each of the switches 20-A, 20-B, 20-C facing each other from each LAG member port. The switches 20-B, 20-C, 20-D include the switches 20-A, 20 included in the EoE PING reply transmitted from the switches 20-A, 20-B, 20-C facing (adjacent to) the switches 20-B, 20-C, 20-D respectively. The port ID (port number) of the LAG member port of -B, 20-C is acquired (step S17).

  The network management device 10 acquires port number information of LAG member ports of the switches 20-A, 20-B, 20-C facing the LAG member ports of the switches 20-B, 20-C, 20-D. . The network management device 10 is a member port of the LAG of each of the switches 20-B, 20-C, and 20-D, and a member port of the LAG of each of the switches 20-A, 20-B, and 20-C facing (adjacent to) each other. The port number correspondence of the LAG can be acquired, and the number of LAG member ports between the switches on the route to each edge switch of the network 1 (LAG line number information) can be acquired. As a result, the network management device 10 can output the configuration information of the network 1.

  As a result of the network management device 10 transmitting an EoE PING request, when the response (EoE PING reply) is not returned to the network management device 10 (No in step S13), the network management device 10 causes the relevant switch and the transmission source MAC address or The switch and the source MAC address or VLAN ID may be excluded from the table managing the correspondence with the VLAN ID (step S14).

  The network management device 10 automatically sweeps the source MAC address or VID of the EoE PING request (request) by at least the number of links of LAG and transmits the result to the switch. As a result, the EoE PING response (reply) In the case of a port ID for which no is returned, it may be detected as a silent failure.

  In FIG. 5, as will be described later, the network management apparatus 10 may be mounted on a computer having a communication function such as a server. In this case, the server functions as a network management device. For this reason, in this specification, reference numeral 10 may indicate a server that implements the function of the network management device.

  FIG. 9A is a diagram for explaining an example of the configuration of the network management device (server) 10. FIG. 9B is a view for explaining the ICMP header of the PING command.

  Referring to FIG. 9A, in the network management apparatus 10, the management module 18 includes a monitoring control unit 12, a trace frame creation unit 41, a PING request creation unit 42, and a transmission source MAC address / VID setting unit 43. And a switch PING command generation unit 44, a frame transmission unit 45, and a frame reception unit 46.

  The transmitter 111 and the receiver 112 of the network interface (NIF, NIC (Network Interface Card) 11) 11 such as an Ethernet card are, for example, unshielded twisted pair (UTP) cables (for example, category 3 (10BASE-T Ethernet standard) as transmission media. 10Mbps (Megabit per second), 100Mbps with 100BASE-T2 / T4 standard to Category 6 (1 Gbps (Giga bit per second) with 1000BASE-T, 1000BASE-TX standard)), STP (Shielded Twisted Pair) cable, Alternatively, a wired connection may be made with an optical fiber or a coaxial cable (100 base) or the like.

  The management module 18 may be implemented as a processing module of L2 (data link layer) and L3 (network layer).

  The trace frame creation unit 41 transmits a message (frame) for EoE TRACE ROUTE to all edge nodes of the network 1 (FIG. 5), as described with reference to FIG. It is assumed that MAC addresses of all edge nodes of the network 1 (for example, an EOE network) are previously set in the network management apparatus 10.

  The trace frame creation unit 41 sets the MAC address of the edge node in the destination MAC address field (EOE DA) of the EoE header, creates an EOE TRACE ROUTE frame in which the TTL is increased one by one from one, and a frame transmission unit 45 to transmit via the transmitter 111. The response (ICMP Time Exceeded) from each switch to the EoE TRACE ROUTE frame corresponding to the setting value of each TTL is received by the frame reception unit 46 and passed to the monitoring control unit 12. The supervisory control unit 12 extracts the MAC address of each switch based on the response of the EoE TRACE ROUTE frame. When Ethernet-OAM Link Trace is used as the trace function in layer 2, the trace frame creation unit 41 creates an Ethernet-OAM Link Trace message (LTM in FIG. Transmit via the transmitter 111. The Ethernet-OAM Link Trace reply (LTR in FIG. 2C), which is a response to the LTM, is received by the frame reception unit 46 and passed to the monitoring control unit 12 to extract the MAC address of the switch on the path. Ru.

  The PING request creation unit 42 sets the destination MAC address of the EoE header to the MAC address of each switch extracted by the monitoring control unit 12 and creates a frame of an EoE PING request.

  The transmission source MAC address / VID setting unit 43 sets VID (12 bits) in the transmission source MAC address field or VID field of the EoE header in the EoE PING frame created by the PING request creation unit 42. The transmission source MAC address / VID setting unit 43 may store and hold MAC addresses or VIDs that are equal to or greater than the number of LAG member ports of the switches 20 -A to 20 -D in FIG. 5. Alternatively, the transmission source MAC address / VID setting unit 43 may hold the upper limit value and the lower limit value when setting the MAC address or VID variably. The range of the upper limit value and the lower limit value is equal to or more than the number of LAG member ports of the switches 20-A to 20-D in FIG. The upper limit value and lower limit value of the MAC address or VID may be set by the administrator or the like for the network management apparatus (server) 10.

  The transmission source MAC address / VID setting unit 43 generates a plurality of EoE PING frames in which different MAC addresses equal to or more than the number of LAG member ports or VIDs are set, and transmits the frames from the frame transmission unit 45. When the frame reception unit 46 receives an EoE PING response (reply) corresponding to the EoE PING request (request), the frame reception unit 46 passes it to the monitoring control unit 12, and the monitoring control unit 12 extracts the port ID from the EoE PING reply.

  The switch control PING command creation unit 44 sets each port of each switch as a transmission source port based on the port ID of each switch and the network path information obtained as a result of execution of the EoE TRACE ROUTE command. An EoE PING command (CLI command) for a switch that transmits an EoE PING to the opposite switch (device) is created, and transmitted from the frame transmission unit 45 to each switch. A monitoring control unit that acquires information on the transmission source port ID of each switch and the port ID of the switch (device) facing the acquired information as a result of execution of the EoE PING command from each switch from each switch via the frame reception unit 46 In 12, the number of LAG member ports between each switch of the network can be acquired.

  Note that each time a PING command is executed, a different identification number is set in the ID number (FIG. 9B) of the ICMP header. When multiple PINGs are performed by one PING command, the same ID number is assigned to multiple frames. The sequence number (FIG. 9B) is assigned a different number for each packet (frame) to be transmitted. In FIG. 9B, the ICMP header of the PING request (echo request (ICMP_ECHO): type 8) is schematically illustrated. The frame transmission unit 45 transmits the PING frame via the transmitter 111. The frame transmission unit 45 may store transmission time information (time stamp) for the transmitted PING frame in correspondence with, for example, the ID number and the sequence number of the ICMP header in a storage unit (not shown). The network interface (NIF) 11 passes the PING reply received by the receiver 112 to the frame reception unit 46.

  The frame reception unit 46 associates the PING request with the response based on the ID number of the PING reply (Echo reply (ICMP_ECHOREPLY): type 0) and the sequence number. The type of ICMP header included in the PING reply is 0. When the PING reply of the ID number and the sequence number corresponding to the PING request is received, the frame reception unit 46 determines that there is a response.

  When the PING reply of the ID number and the sequence number corresponding to the PING request (ICMP frame of type 0) is not received, the frame reception unit 46 determines that there is no response. The frame reception unit 46 notifies the monitoring control unit 12 of the presence or absence of reception of the PING reply.

  The monitoring control unit 12 may determine the failure section based on the topology information of the network 1 based on the response result of the PING.

  The distribution of LAG member ports by VID will be described below. FIG. 10 is a diagram schematically illustrating how the switches 20 -A to 20 -D distribute the LAG member ports by the VID. The switches 20-A to 20-D perform sorting based on the hash value of VLAN ID (VID (12 bits) and VLAN number), respectively, and the PAG (frame) received from the input port is the LAG member of the sorting destination Output from the port (output port). The ports of the switches 20-A to 20-D may include LAG member ports, and for example, the ports may be connected by trunk links. A plurality of VLAN traffic can be transmitted to one trunk link, and a frame transmitted to the trunk link is identified by a tag (VID).

  In the switches 20-A to 20-D, when the port can be switched to a trunk port (port with tag) or an access port (without tag) and can be set, one port can belong to multiple VLANs. Set to a trunk port. Then, for each of the trunk ports of the switches 20-A to 20-D, a VLAN (VLANs 2 to 5) of VIDs (for example, VID = 2 to 5 in FIG. 10) set (swept) variably in the network management apparatus 10. It may be preset to pass traffic of In FIG. 10, the network 1 may be an EoE network, Ethernet (registered trademark), or the like, as in FIG.

  In FIG. 10, in the configuration in which each of the four opposed ports (four lines) of the switches 20-A to 20-D is put together into one by LAG, the broken line arrows from the network management device 10 are VID. Shows the paths of four pings with variable. It goes without saying that the LAG member port (the number of lines aggregated in the LAG) is not limited to four. In the following, the case of transmitting an EoE PING request (request) from the network management apparatus 10 to the switch 2-D will be described as an example.

  The switch 20-A that receives the tagged (for example, VID = 2) PING frame (ICMP Echo request) transmitted from the network management apparatus 10 from the input port has a VID value of 2 stored in the tag of the frame. Thus, it is recognized that the frame belongs to VLAN 2.

  The switch 20-A calculates a hash value of the VID = 2. Then, the switch 20 -A determines the LAG member port (output port) to which the frame is to be distributed based on the hash value, and distributes and outputs the frame to the determined output port (for example, trunk port). In the switch 20-A, VID = 2, which is the ID of the belonging VLAN 2, is set in the tag of the frame transferred to the output port.

  The frame (tagged PING frame) output from the switch 20-A is transferred to the input port (e.g., trunk port) of the switch 20-B.

  The switches 20 -B and 20 -C also recognize that the frame belongs to VLAN 2 from the tags (VID = 2) of the frames received from the switches 20 -A and 20 -B, respectively.

  The switches 20-B and 20-C calculate a hash value of VID = 2, and determine a LAG member port (output port) based on the hash value.

  The switches 20-B and 20-C transfer, from the output port to the input port of the switches 20-C and 20-D, frames in which VID = 2, which is the ID of the belonging VLAN 2, is set in the tag.

  The switch 20 -D recognizes that the frame belongs to the VLAN 2 from the tag (VID = 2) of the frame received from the switch 20 -C. The switch 20 -D sets, in the PING response (reply), the port ID at which the frame is received, and sends it back to the network management device 10.

  FIG. 11 transmits a plurality of PINGs in which the value of the VLAN ID (VID) in the header is changed (swept) to the target node under the edge switch 2-2 based on the network topology information. It is a figure which illustrates typically the process of detecting.

  FIG. 11A is a view for explaining an example of the topology of the network 1. In FIG. 11A, devices A to D may correspond to, for example, the switches 20-A to 20-D in FIG. 5, and devices E and F may correspond to the edge switch 2. The numbers 1-4 indicate sections between the devices. FIG. 11 (B) shows an example of the determination condition of each section in FIG. 11 (A).

  If the network management device (server) 10 does not return any one reply of PING for a plurality of PING requests sent to the destination node A (receiving a reply of PING from other destination nodes), the section It may be determined that there is one failure. If the network management device (server) 10 does not return any one reply of PING for a plurality of PING requests sent to the destination node B (when a reply of PING is received from another destination node), an interval It may be determined that the second failure. If the network management device (server) 10 does not return any one reply of PING for a plurality of PING requests sent to the destination node C (receiving a reply of PING from another destination node), the section It may be determined that there are three faults.

  The network management apparatus (server) 10 may determine that there is a failure in section 4 if any one of the PING replies to the plurality of PING requests transmitted to the target nodes A, B, C does not return. . As described above, it is possible to determine a section in which a silent failure or the like has occurred in the network using the LAG, based on the information of the target node in which the non-reach of the PING request has occurred.

  Furthermore, according to the present embodiment, when the devices A to F in FIG. 11A are formed of switches having the LAG port shown in FIG. 5, the devices A and B face each other (devices A and B, devices B and C). A network that can obtain the number of LAG member ports (the number of LAG lines) between device B and device D, device C and device E, and device C and device F), and the number of LAG member ports is specified Map can be displayed and output.

  In addition, in FIG. 10, the network management device (server) 10 sweeps the MTU (Maximum Transfer Unit) size, the UTP (Unshielded Twisted Pair) port number, and the like at the time of PING transmission, and thereby, the specified packet length or more. It is needless to say that detection of a transfer failure of only a specific packet length or less or silent failure regarding communication of an application using a specific UTP port is also possible.

  According to the first embodiment, when, for example, a VLAN is configured on link aggregation (LAG), the communication device such as a switch distributes LAG member ports based on the VLAN ID, for example. It is possible to realize monitoring of connectivity confirmation (communication confirmation) of different VLANs, detection of faulty sections, etc. without modifying communication devices such as switches (by using existing communication devices such as switches as they are). Furthermore, after tracing the link of the network, it is possible to acquire the number of LAG lines between adjacent devices (between opposite switches) and the like.

  Note that according to the present embodiment, the network management device (server) 10 has a number different from the number of LAG member ports so that PING requests can be distributed to all the lines grouped in LAG. It generates and transmits a PING frame in which each VID of the value is set in the tag. As a result, as schematically shown in FIG. 12, a plurality of EoE PING requests (frames) arrive at, for example, the same port of the switch. In FIG. 12, a state in which a plurality of EoE PING requests arrive at each of the input ports 1-4 of the switch 20-D is schematically shown by arrows.

  According to the present embodiment, the network management device (server) 10 compares the VIDs of a plurality of duplicate EoE PING requests with respect to EoE PING requests (requests) in which the port IDs of the EoE PING replies are duplicates, Among them, it may be controlled to continue retransmission of the EoE PING request having at least one VID. By doing this, the amount of traffic in the network 1 can be reduced and the impact on network resources can be reduced.

  If the LAG member port is down, the EoE PING request is hashed to avoid the down port. Therefore, all responses to the EoE PING request are returned to the network management device 10. Therefore, it can be determined whether or not there is a silent failure, based on whether there is at least one EoE PING request for which the EoE PING reply does not return. Specifically, the identification of a PING request without response can be regarded as an EoE PING request sent to a port where a silent failure has occurred if the sequence number of the EoE PING request packet is not present in the EoE PING reply.

  FIG. 13 is a diagram for explaining the format of the header of the EoE tagged PING function transmitted by the network management apparatus 10 of FIG. The network management device 10 may transmit a ping in which the EoE transmission source MAC address (EoE SA), the VID, and the transmission source IP address of the IP packet are swept (variably set).

  FIG. 14 is a diagram for explaining the format of the header of the EoE PING function transmitted by the network management apparatus 10 of FIG. The network management device 10 may transmit a PING in which the EoE transmission source MAC address (EoE SA) and the VID are swept (variably set).

  FIG. 15 is a diagram for explaining the format of the header of the Ethernet-OAM LBM (Loopback Message) function. The network management device 10 may transmit the Ethernet OAM LBM (FIG. 2B) to confirm the communication. In that case, the transmission source MAC address (SA) and the VID may be swept (set variably). Also, the network management device 10 may transmit an Ethernet-OAM Link Trace message (LTM) as a layer 2 trace function.

  FIG. 16 is a diagram for explaining the format of the header of the tagged PING function. The network management device 10 may transmit a PING in which a transmission source MAC address (SA), a VID, and a transmission source IP address of an IP packet are swept (variably set). In this case, in FIG. 5, the network 1 to which the network management apparatus 10 transmits a tagged PING frame may be Ethernet or the like.

  In the above embodiment, the switches (20-A to 20-D) may be configured such that one MAC address is assigned to each device. Alternatively, a MAC address may be assigned to each port.

  In the following, the Ether-OAM function in a configuration in which a MAC address is assigned to each switch port will be described as an example. Hereinafter, LB (LoopBack) of Ether-OAM will be described, but the present invention is similarly applicable to LT (Link Trace) and EoE PING frame.

  In the present embodiment, the network management apparatus 10 changes the value of the virtual transmission source MAC address in the transmission source address column, using the destination MAC address column as the MAC address of the port for each LAG member port of the switch. Send a plurality of frames (for example, LBM) (transmit one or more frames with different source MAC address fields to the number of LAG member ports addressed to one port of the switch) and respond to the frames (for example, Loop) When a back response (LBR) is received, the virtual transmission source MAC address of the transmission source address column of the frame (Loop Back Message (LBM)) is stored in the management table in correspondence with the port number and MAC address. It may be configured to

  In another embodiment of the present invention, the network management device 10 may be configured to acquire configuration information of the network based on the transmission of the frame (for example, LBM) and the reception of a response frame (for example, LBR).

  When checking the connectivity of a plurality of link-aggregated physical ports, for example, in layer 2 of the OSI reference model, it is possible to perform connectivity check, etc., without the need to modify existing communication devices. Therefore, according to the present invention, it is possible to suppress an increase in cost, an increase in labor and man-hours.

  The monitor control unit 12 of the network management device 10 sets the response frame from the port to which the frame is transmitted (the destination MAC address column of the header is set to the virtual source MAC address, and the source MAC address column of the header indicates the port MAC In order to receive the frame (set to the address), set the network interface (NIF) 11 and its device driver to the mode corresponding to the so-called promiscuous mode and receive all frames received It may be delivered to the part 46. In the frame reception unit 46, when the destination MAC address column of the header of the received response frame matches the virtual transmission source MAC address, the network management apparatus 10 sets the virtual transmission MAC address and transmits the frame in response to the frame. Detect that there is.

  FIGS. 17A and 17B are diagrams for explaining distribution based on hash values of MAC addresses in the switch in the embodiment.

  The network management apparatus 10 transmits the generated LBM (LoopBack Message) frame via the network interface (NIF) 11 and receives the LBR (LoopBack Reply) frame via the network interface (NIF) 11.

  The switch (SW1) 20 receives the LBM frame from the port P1, and performs link aggregation as the link aggregation group LAG1 based on the hash value calculated based on the MAC address (destination MAC address, source MAC address) of the header of the LBM frame. The port is distributed to one of the ports P2 and P3 (LAG member port).

  The switch (SW2) 30 has ports P1 and P2 link-aggregated as LAG1 and another port P3. For example, when the switch (SW2) 30 is an edge switch, port P1 or P2 of the switch (SW2) 30 is connected to port P3 and port P3 is connected to an end user (not shown) via a line (not shown). Good. In FIG. 17, the number of LAG lines is 2 and the number of ports of switches is 3 for the sake of simple explanation, but the present invention is not limited to this configuration. Of course.

  In this embodiment, as an example, in the switch (SW2) 30, the port P1 of the ports P1 and P2 (LAG member ports) aggregated into the link aggregation group LAG1 is one end (end point), and the network interface of the network management apparatus 10 An example in which a loopback test is performed with the (NIF) 11 as the other end (end point) will be described. In the network management device 10, unlike the unique MAC address of the network interface (NIF) 11 of the network management device 10, the network management device 10 is assigned to a vendor that provides network devices such as the network interface (NIF) 11 and the like. An LTM frame is created in which a MAC address that does not collide with MAC addresses of other network devices is set as a virtual source MAC address in the source MAC address field.

  The network management device 10 sets the port MAC address of the port P1 aggregated to LAG1 in the switch (SW2) 30 in the destination MAC address column of the LBM frame header.

  The network management device 10 transmits the created LBM frame from the transmitter of the network interface 11.

  As shown in FIG. 17A, the switch (SW1) 20 receives an LBM frame from the network management device 10 from the port P1 and calculates it based on the MAC address (destination, source MAC address) of the LBM frame. Based on the hash value (for example, H2), distribution is made to port P3 (LAG port member). In the switch (SW1) 20, the MAC address table of the connection destination of the port P3 is not shown (the port number of the switch and the MAC address of the node etc. connected to the end of the port are registered) If not registered, the MAC address of the connection destination of the port P3 is acquired, for example, by performing flooding. Here, in the switch (SW1) 20, it is assumed that the MAC address of the connection destination of the port P3 (the MAC address of the port P2 of the switch (SW2) 30) is stored in the MAC address table of the switch (SW1) 20. .

Switch (SW1) 20 is an LBM frame, via the line 40 ₂ is transmitted to the port P2 of the switch (SW2) 30.

Port P2 of the switch (SW2) 30, when the port P3 of the switch (SW1) 20 receives the LBM frame via the line 40 _2, for example, the destination MAC address in the header of LBM frame, and the unique MAC address of the port P2 Check for a match. In this case, since the destination MAC address of the LBM frame and the MAC address of the port P2 are different, the port P2 does not receive the LBM frame but discards it. Therefore, the port P2 of the switch (SW2) 30 does not send back an LBR frame as a response.

  In this case, since no response frame is received even if a predetermined time (for example, at least 5 seconds) or more has elapsed from the time of transmission of the LBM frame in the network management apparatus 10, a timeout error occurs, resulting in "loss of connectivity".

  Therefore, the network management device 10 sets the transmission source MAC address column of the header to the MAC address which is varied from the value of the virtual transmission source MAC address set in the LBR frame transmitted previously, and the destination MAC address column transmits the previous transmission Similar to the LBR frame described above, the LBR frame is generated as the MAC address of the port P2 of the switch (SW2) 30, and is transmitted via the network interface 11.

As shown in FIG. 17B, the switch (SW1) 20 uses the hash value (H1) calculated based on the MAC address (destination, source MAC address) of the LBM frame received from the port P1. It is assumed that the port is distributed to port P2 (LAG port member). That is, since the virtual transmission source MAC address of the LBM frame received from the current port P1 in the switch (SW1) 20 is different from the virtual transmission source MAC address of the previous LBM frame, the hash value based on the MAC address is the previous one. It is assumed that the value (H1) is different from the hash value (H2). In the switch (SW1) 20, when the connection destination of the port P2 is not known, flooding is performed. Here, in the switch (SW1) 20, it is assumed that the MAC address of the connection destination of the port P2 is stored in the MAC address table of the switch (SW1) 20. Switch (SW1) 20 is the currently received LBM frame, allocated to the port P2, via the line 40 _1, and transmits to the switch (SW2) 30 port P1 addressed.

The port P1 of the switch (SW2) 30 terminates an LBM frame, which is an OAM frame, as a MEP (Down MEP). That is, the port P1 of the switch (SW2) 30 receives the LBM frame via the line 40 ₁ from the port P2 of the switch (SW1) 20. Since the MAC address of the port P1 of the switch (SW2) 30 matches the destination MAC address of the LBM frame, the port P1 uses the destination MAC address column as the virtual MAC address of the LBM frame and the source MAC address column as set to the MAC address of the port P1, and generates an LBR frame set the opcode to LBR, line 40 ₁ of the LAG, the port P2 of the switch (SW1) 20, via the port P1, and transmits to the network management apparatus 10.

  During normal operation, the network interface 11 of the network management apparatus 10 and its device driver use the destination MAC address of the header of the frame arriving at the receiver and the unique MAC address of the network interface 11 (EEPROM (Electrically Erasable Programmable Read-Only Memory) Etc., it is determined that the frame is addressed to the own apparatus, and in the case of noncoincidence, the frame is discarded, but in the embodiment, the network interface is monitored at the time of monitoring by loopback etc. The frames arriving at the 11 receivers may be set to a mode for receiving all.

  The network management apparatus 10 analyzes the received frame, and the destination MAC address column matches the virtual source MAC address set in the LBM frame, and the source MAC address column indicates the destination MAC address of the LBM frame (switch (SW 2) It may be determined whether or not the LBR frame is the MAC address of the 30 port P1), the type is OAM Ether-type (0x8902), and the operation code is LBR (3). When the received frame is an LBR frame that matches the above conditions, the network management device 10 performs communication by loopback by an LBM frame in which the transmission source MAC address is a virtual transmission source MAC address and the destination MAC address is a MAC address of P2. Monitoring may be performed. Similarly, the connectivity check may be performed for the port P2 of the switch (SW2) 30, which is a member port of LAG 1 as an end point.

  Further, the connectivity check test may be performed as the end points as the ports P2 and P3 of the switch (SW1) 20 which are port members of the LAG. In this case, a communication test is performed in which the network interface (NIF) 11 of the network management apparatus 10 and the port P2 or P3 of the switch (SW1) 20 are endpoints.

  The monitoring control unit 12 of the network management apparatus 10 automatically generates a network map as exemplified in FIG. 18 by comprehensively acquiring information on LAG member ports between ports of opposing devices in the network. In FIG. 18, for example, the connection status between physical ports of the switch is graphically displayed on the screen of the display device. FIG. 18 also illustrates a pop-up screen in which the connection between the switches is enlarged.

  FIG. 19 is a diagram for explaining a configuration example of the network management device 10. Referring to FIG. 19, the network management device 10 includes a processor (CPU (Central Processing Unit), data processing device) 101, a semiconductor memory (for example, RAM (Random Access Memory), ROM (Read Only Memory), or EEPROM (Electrically). Storage device 102 including at least one of an erasable and programmable ROM), an HDD (Hard Disk Drive), a CD (Compact Disc), a DVD (Digital Versatile Disc), a display device 103, and a network interface (NIF) 11 Is equipped. A program for realizing the functions of the network management device 10 described in the above embodiments is stored in the storage device 102, and the processor 101 reads out and executes the program to obtain the network management device according to each of the above embodiments. Ten functions may be realized.

  The disclosures of Patent Documents 1 to 3 above are incorporated herein by reference. Within the scope of the entire disclosure of the present invention (including the scope of the claims), modifications and adjustments of the embodiments or examples are possible based on the basic technical concept of the invention. In addition, various combinations or selections of various disclosed elements (including each element of each claim, each element of each embodiment, each element of each drawing, etc.) are possible within the scope of the claims of the present invention. . That is, the present invention of course includes the entire disclosure including the scope of the claims, and various modifications and alterations that can be made by those skilled in the art according to the technical concept.

  The above-described embodiment is, for example, appended as follows (but not limited to the following).

(Supplementary Note 1)
First, for a network including one or more communication devices having a plurality of ports aggregated into a Link Aggregation Group (LAG), address information of the communication devices on the route to the target node is acquired first A first means for transmitting an address message of each of the communication devices on the path;
The destination address column of the header is the address of the communication device acquired by the first means, and the communication confirmation address is set to different values for at least one of the source address column of the header and the identification information column. A second means for transmitting a second message and extracting port identification information (port ID) included in a response from the communication device to the second message;
Using a port ID of one communication device of two opposing communication devices disposed on the path, a command for communication confirmation for the other communication device opposing the one communication device is generated to perform the one Third means for transmitting to the communication device, and transmitting a third message for communication confirmation from the one communication device to the other communication device;
A network management device comprising:

(Supplementary Note 2)
The port identification information of the other communication device acquired in response to the transmission of the third message from the one communication device is acquired, and the configuration information of the LAG (Link Aggregation Group) member port between the two opposing communication devices The network management device according to claim 1, further comprising means for acquiring.

(Supplementary Note 3)
The network is an EOE (Ethernet-Over-Ethernet) network,
The network management device according to claim 1 or 2, wherein the first message is an EOE Trace Route message.

(Supplementary Note 4)
The network management device according to claim 3, wherein the first means uses the destination node as a communication device of part or all of the edge nodes of the EOE network.

(Supplementary Note 5)
The network management device according to claim 3 or 4, wherein the communication device is a switch capable of tracing the path using TTL (Time To Live) of the first message.

(Supplementary Note 6)
The network management device according to any one of appendices 3 to 5, wherein the second and third messages are EOE PING requests.

(Appendix 7)
The network management device according to claim 1 or 2, wherein the first message is an Ethernet-OAM (Operations, Administration, Maintenance) Link Trace message.

(Supplementary Note 8)
The network management device according to any one of appendices 1 to 7, wherein a transmission source MAC address is set in the destination address field of the header of the second message.

(Appendix 9)
The network management according to any one of appendices 1 to 8, wherein a VLAN (Virtual Local Area Network) -ID (Identifier) is set in the identification information field of the header of the second message. apparatus.

(Supplementary Note 10)
The information of the source address column set in the header of the second message and / or the information of the identification information column is an output port of a message input from an input port of the communication device in the communication device The network management device according to any one of appendices 1 to 9, which is used for calculation of a hash value for distributing to a network.

(Supplementary Note 11)
The network management device according to any one of appendices 1 to 10,
And a plurality of communication devices having a plurality of ports aggregated into a link aggregation group (LAG).

(Supplementary Note 12)
The first communication device that has received the command for communication confirmation from the network management device uses the port ID of the first communication device as a transmission source, and the second communication device facing the first communication device is used as the transmission source. On the other hand, when the third message for communication confirmation is sent and the response message from the second communication device is received, the port ID included in the response message corresponds to the port ID of the first communication device. The network system according to claim 11, wherein the network management apparatus is notified as a port ID of the second communication apparatus.

(Supplementary Note 13)
Sends a first message to acquire address information of communication devices on the route to the destination node to a network including one or more communication devices having a plurality of ports aggregated into a link aggregation group (LAG) Obtain the address of each communication device on the path,
A second message for communication confirmation is transmitted, in which the destination address field of the header is the address of the acquired communication device, and the value is set to different values for at least one of the source address field and the identification information field of the header. ,
Extracting port identification information included in a response from the communication device to the second message;
Using a port ID of one communication device of two opposing communication devices disposed on the path, a command for communication confirmation for the other communication device opposing the one communication device is generated to perform the one Send to the communication device,
And transmitting a third message for communication confirmation from the one communication device to the other communication device.

(Supplementary Note 14)
Obtaining port identification information of the other communication device acquired in response to the transmission of the third message from the one communication device, and acquiring configuration information of a LAG member port between the two opposing communication devices. The network management method according to appendix 13, characterized in that:

(Supplementary Note 15)
The network is an EOE (Ethernet-Over-Ethernet) network,
The network management method according to appendix 13 or 14, wherein the first message is an EOE Trace Route message.

(Supplementary Note 16)
15. The network management method according to appendix 15, wherein the destination node is a communication device of part or all of the edge nodes of the EOE network.

(Supplementary Note 17)
The network management method according to claim 15, wherein the communication device is a switch capable of tracing the path using TTL (Time To Live) of the first message.

(Appendix 18)
The network management method according to any one of appendices 15 to 17, wherein the second and third messages are EOE PING requests.

(Appendix 19)
The network management method according to appendix 13 or 14, wherein the first message is an Ethernet-OAM (Operations, Administration, Maintenance) Link Trace message.

(Supplementary Note 20)
The network management method according to any one of appendages 13 to 19, wherein a transmission source MAC address is set in the destination address column of the header of the second message.

(Supplementary Note 21)
The network management according to any one of appendices 13 to 20, wherein a VLAN (Virtual Local Area Network) -ID (Identifier) is set in the identification information field of the header of the second message. Method.

(Supplementary Note 22)
The information of the source address column set in the header of the second message and / or the information of the identification information column is an output port of a message input from an input port of the communication device in the communication device The network management method according to any one of appendices 13 to 21, which is used for calculation of a hash value for distributing to a network.

(Supplementary Note 23)
Sends a first message to acquire address information of communication devices on the route to the destination node to a network including one or more communication devices having a plurality of ports aggregated into a link aggregation group (LAG) Acquiring an address of each communication device on the route;
A second message for communication confirmation is transmitted, in which the destination address field of the header is the address of the acquired communication device, and the value is set to different values for at least one of the source address field and the identification information field of the header. A process of extracting port identification information included in a response from the communication device to the second message;
Using a port ID of one communication device of two opposing communication devices disposed on the path, a command for communication confirmation for the other communication device opposing the one communication device is generated to perform the one A process of transmitting to the communication apparatus and causing the one communication apparatus to transmit a third message for communication confirmation to the other communication apparatus;
A program that causes a computer to execute.

(Supplementary Note 24)
Processing for acquiring port identification information of the other communication device acquired in response to transmission of the third message from the one communication device, and acquiring configuration information of a LAG member port between two opposing communication devices 24. The program according to appendix 23, which is executed by the computer.

(Appendix 25)
The network is an EOE (Ethernet-Over-Ethernet) network,
24. The program according to appendix 23 or 24, wherein the first message is an EOE Trace Route message.

(Appendix 26)
24. The program according to appendix 25, wherein the destination node is a communication device of part or all of the edge nodes of the EOE network.

(Appendix 27)
The program according to any one of Appendices 25 or 26, wherein the communication device is a switch capable of tracing the path using TTL (Time To Live) of the first message.

(Appendix 28)
The program according to any one of Appendices 25 to 27, wherein the second and third messages are EOE PING requests.

(Supplementary Note 29)
24. The program according to any one of Appendices 23 or 24, wherein the first message is an Ethernet-OAM (Operations, Administration, Maintenance) Link Trace message.

(Supplementary note 30)
24. The program according to any one of appendings 23 to 29, causing the computer to execute a process of setting a transmission source MAC address in the destination address field of the header of the second message.

(Supplementary Note 31)
24. The program according to any one of Appendices 23 to 30, wherein a Virtual Local Area Network (VLAN) -ID (Identifier) is set in the identification information field of the header of the second message, and the process is executed by the computer.

(Supplementary Note 32)
The information of the source address column set in the header of the second message and / or the information of the identification information column is an output port of a message input from an input port of the communication device in the communication device 24. The program according to any one of appendices 23 to 31, which is used for calculation of a hash value for distributing to a computer.

1 Network (network system)
2-1, 2-2, 5-1, 5-3 edge switch (router)
3 Purpose Node 4 Source Node 5-2 Core Switch 6 Destination Node 10 Network Management Device (Server)
11 Network Interface (NIF)
12 supervisory control unit 18 management modules 20, 20-A, 20-B, 20-C, 20-D, 30, 50 switches (communication device)
40, 40 ₁ , 40 ₂ circuits (links)
41 Trace frame creation unit 42 PING request creation unit 43 Transmission source MAC address / VID setting unit 44 Switch PING command creation unit 45 Frame transmission unit 46 Frame reception unit 101 Processor 102 Storage device 103 Display device 111 Transmitter 112 Receiver 501, 503 Ethernet frame 502 EoE frame

The network management apparatus 10 sets the destination address field (EoE DA) of the EoE header as the address (MAC address) of the switches 20-A, 20-B, 20-C, 20-D, and 2-2, and transmits the EoE header For at least one of the original address field (EoE SA) and VLAN-ID, prepare a value larger than the maximum number of elements of the hash key of the switch having the LAG member port , or more than the maximum number of elements of the hash key of the switch An EoE PING request set to a value swept in a large range (for example, variable in order (ascending or descending)) is transmitted (step S12).

For example, referring to FIG. 5, in the network management device 10, the acquired MAC address is set in the destination address field (EoE DA) of the EoE frame header, and the MAC address of the source address field (EoE SA) of the EoE frame header is Send a plurality of EoE PING requests, each of which has a variable value or more, to each switch addressed to at least the maximum number of elements of the hash key of the switch having the LAG member port.

From the network management apparatus 10, the MAC address of the EoE SA column EoE header of frames (packets), receiving the plurality of frames set to the maximum number or more different values of the elements of the hash key switch having a LAG member port said The switch can distribute to all LAG member ports based on the hash value of the MAC address. The same applies to the case where the switch determines the port (LAG member port) to which the frame is to be distributed based on the VID hash value of the EoE header. A plurality of frames (LAG in which the value of VLAN ID (VID: 12 bits) in the VID column of the EoE header of a frame (packet) is set to a different value greater than the maximum number of elements of the switch hash key from the network management device 10 In a switch that has received a frame (the number of member ports or more), it can be distributed to all LAG member ports based on the hash value of the VLAN ID.

The transmission source MAC address / VID setting unit 43 sets VID (12 bits) in the transmission source MAC address field or VID field of the EoE header in the EoE PING frame created by the PING request creation unit 42. The transmission source MAC address / VID setting unit 43 may store and hold MAC addresses or VIDs of the maximum number of elements of the hash keys of the switches 20 -A to 20 -D in FIG. 5. Alternatively, the transmission source MAC address / VID setting unit 43 may hold the upper limit value and the lower limit value when setting the MAC address or VID variably. The range of the upper limit value and the lower limit value is equal to or more than the number of LAG member ports of the switches 20-A to 20-D in FIG. The upper limit value and lower limit value of the MAC address or VID may be set by the administrator or the like for the network management apparatus (server) 10.

The transmission source MAC address / VID setting unit 43 generates a plurality of EoE PING frames in which different MAC addresses or VIDs greater than the maximum number of elements of the hash key of the switch are set, and transmits the frames from the frame transmission unit 45. When the frame reception unit 46 receives an EoE PING response (reply) corresponding to the EoE PING request (request), the frame reception unit 46 passes it to the monitoring control unit 12, and the monitoring control unit 12 extracts the port ID from the EoE PING reply.

Claims (15)

First, for a network including one or more communication devices having a plurality of ports aggregated into a Link Aggregation Group (LAG), address information of the communication devices on the route to the target node is acquired first A first means for transmitting an address message of each of the communication devices on the path;
The destination address column of the header is the address of the communication device acquired by the first means, and the communication confirmation address is set to different values for at least one of the source address column of the header and the identification information column. A second means for transmitting a second message and extracting port identification information (port ID) included in a response from the communication device to the second message;
Using a port ID of one communication device of two opposing communication devices disposed on the path, a command for communication confirmation for the other communication device opposing the one communication device is generated to perform the one Third means for transmitting to the communication device, and transmitting a third message for communication confirmation from the one communication device to the other communication device;
A network management device comprising:   The port identification information of the other communication device acquired in response to the transmission of the third message from the one communication device is acquired, and the configuration information of the LAG (Link Aggregation Group) member port between the two opposing communication devices The network management device according to claim 1, further comprising means for acquiring. The network is an EOE (Ethernet-Over-Ethernet) network,
The network management device according to claim 1, wherein the first message is an EOE Trace Route message.   The network management apparatus according to claim 3, wherein the first means sets the destination node as a communication device of part or all of the edge nodes of the EOE network.   5. The network management device according to claim 3, wherein said communication device is a switch capable of tracing said path using TTL (Time To Live) of said first message.   The network management device according to any one of claims 3 to 5, wherein the second and third messages are EOE PING requests.   The network management device according to claim 1 or 2, wherein the first message is an Ethernet-OAM (Operations, Administration, Maintenance) Link Trace message.   The network management device according to any one of claims 1 to 7, wherein a transmission source MAC address is set in the destination address field of the header of the second message.   9. The virtual local area network (VLAN) -ID (Identifier) is set in the identification information field of the header of the second message, according to any one of claims 1 to 8. Network management device.   The information of the source address column set in the header of the second message and / or the information of the identification information column is an output port of a message input from an input port of the communication device in the communication device The network management device according to any one of claims 1 to 9, wherein the network management device is used for calculation of a hash value for distributing to a network. A network management apparatus according to any one of claims 1 to 10.
And a plurality of communication devices having a plurality of ports aggregated into a link aggregation group (LAG).   The first communication device that has received the command for communication confirmation from the network management device uses the port ID of the first communication device as a transmission source, and the second communication device facing the first communication device is used as the transmission source. On the other hand, when the third message for communication confirmation is sent and the response message from the second communication device is received, the port ID included in the response message corresponds to the port ID of the first communication device. The network system according to claim 11, wherein the network management device is notified as a port ID of the second communication device. Sends a first message to acquire address information of communication devices on the route to the destination node to a network including one or more communication devices having a plurality of ports aggregated into a link aggregation group (LAG) Obtain the address of each communication device on the path,
A second message for communication confirmation is transmitted, in which the destination address field of the header is the address of the acquired communication device, and the value is set to different values for at least one of the source address field and the identification information field of the header. ,
Extracting port identification information (port ID) included in a response from the communication device to the second message;
Using a port ID of one communication device of two opposing communication devices disposed on the path, a command for communication confirmation for the other communication device opposing the one communication device is generated to perform the one Send to the communication device,
And transmitting a third message for communication confirmation from the one communication device to the other communication device.   Obtaining port identification information of the other communication device acquired in response to the transmission of the third message from the one communication device, and acquiring configuration information of a LAG member port between the two opposing communication devices. The network management method according to claim 13, characterized in that: Sends a first message to acquire address information of communication devices on the route to the destination node to a network including one or more communication devices having a plurality of ports aggregated into a link aggregation group (LAG) Acquiring an address of each communication device on the route;
A second message for communication confirmation is transmitted, in which the destination address field of the header is the address of the acquired communication device, and the value is set to different values for at least one of the source address field and the identification information field of the header. A process of extracting port identification information (port ID) included in a response from the communication device to the second message;
Using a port ID of one communication device of two opposing communication devices disposed on the path, a command for communication confirmation for the other communication device opposing the one communication device is generated to perform the one A process of transmitting to the communication apparatus and causing the one communication apparatus to transmit a third message for communication confirmation to the other communication apparatus;
A program that causes a computer to execute.

Images