JP2023128353A - Network management server, topology detection program and topology detection method - Google Patents

Abstract

To detect a topology of a network using a single network management server in a large scale network system.SOLUTION: A network management server detects a topology of a network by identifying a port of a switch that exists on a route for a combination of a terminal and the switch existing in the network on the basis of FDB information collected from the switch in the network.SELECTED DRAWING: Figure 2

Description

The present invention relates to a network management server, a topology detection program, and a topology detection method.

Network operators use network topology diagrams to understand the state of the network. However, as the scale of the network increases, the effort required to manually create a topology diagram becomes enormous, and it becomes even more labor intensive to keep it up to date. Therefore, there is a need for a function such as a network management server to automatically create a topology diagram that represents the connection status of devices within a network.

In order to draw a topology diagram, the network management server needs to know which devices each network device is adjacent to. For this purpose, information received from neighboring devices using a protocol such as LLDP (Link Layer Discovery Protocol) or adjacency relationships input by the user are used. However, especially in a multi-vendor environment, protocols for understanding adjacency relationships such as LLDP may not be available due to different support standards, or users may have to add network devices to manually enter adjacency relationships. There is a problem in which human error occurs, such as forgetting information and inputting information, and there is a need for a technology that automatically detects adjacency relationships between network devices without relying on a special protocol for detecting adjacency relationships.

An example of such a technique is the technique described in Patent Document 1, for example. This technology does not use a protocol to understand adjacency relationships such as LLDP, but instead uses the learning status of the MAC (Media Access Control) address of the network monitoring terminal and the layer 2 switch in each layer 2 switch in the layer 2 network. The topology of the layer 2 network is detected based on the

International publication number WO2006/118203

Generally, the MAC address in a packet is rewritten when it passes through a device such as a router or layer 3 switch. Since the technique described in Patent Document 1 also utilizes the learning status of the MAC address of the network monitoring terminal, the network monitoring terminal needs to be directly connected to the layer 2 network whose topology is to be detected.

Therefore, when attempting to apply the method to a large-scale network that combines a plurality of layer 2 networks via a layer 3 switch, there is a problem in that a network monitoring terminal must be provided for each layer 2 network.

An object of the present invention is to detect the topology of a network using a single network management server in a large-scale network system.

A network management server according to one aspect of the present invention is a network management server connected to a network including at least one terminal and a plurality of switches, wherein one switch of the plurality of switches is connected to another of the plurality of switches. The network management server includes a port connected to at least one of a switch and the terminal, and the network management server includes a topology detection unit that detects topology information representing a connection status regarding the terminal and the switch in the network, and the topology detection unit The unit collects FDB information from the switch, extracts the MAC address of the terminal or the switch learned from the FDB information, and aggregates identification information of the port that learned the MAC address for each MAC address. The learned port information is generated from the FDB information, and for each of the MAC addresses, it is specified whether it is a terminal MAC address owned by the terminal or a switch MAC address owned by the switch, and the learned port information having the switch MAC address is determined. A combination of the switch and the terminal is generated, with the switch as one side and the terminal having the terminal MAC address as the other, and for each combination, the The present invention is characterized in that a port is specified as route port information from the learning port information, and based on the route port information, a connection relationship of the switches is specified and the topology information is detected.

According to one aspect of the present invention, a single network management server can be used to discover the topology of a network in a large-scale network system.

1 is a diagram showing an example of a network system configuration according to a first embodiment; FIG. 1 is a diagram illustrating a configuration example of a network management server according to a first embodiment; FIG. FIG. 3 is a diagram illustrating a configuration example of a layer 3 switch according to the first embodiment. FIG. 2 is a diagram illustrating a configuration example of a layer 2 switch according to the first embodiment. 5 is a flowchart illustrating an example of a topology detection operation by the network management server in the first embodiment. 3 is a diagram showing an example of the contents of access information according to the first embodiment. FIG. FIG. 3 is a diagram showing an example of the contents of FDB collection information according to the first embodiment. FIG. 3 is a diagram showing an example of the contents of a learning port set according to the first embodiment. 3 is a diagram showing an example of the contents of a transit port set according to the first embodiment. FIG. FIG. 3 is a diagram showing an example of the contents of the number of MAC address learnings according to the first embodiment. FIG. 3 is a diagram showing an example of the contents of transit device information according to the first embodiment. FIG. 3 is a diagram showing an example of the contents of section information according to the first embodiment. FIG. 3 is a diagram illustrating an example of the content of adjacent information according to the first embodiment. FIG. 7 is a diagram illustrating an example of the contents of FDB collection information collected immediately after one of the layer 2 switches clears a learned MAC address in the second embodiment. FIG. 7 is a diagram illustrating an example of the contents of section information created based on FDB collection information generated immediately after one of the layer 2 switches clears a learned MAC address in the second embodiment. FIG. 3 is a diagram illustrating a configuration example of a network management server according to a second embodiment. 7 is a flowchart illustrating an example of topology detection operation by the network management server in the second embodiment.

Embodiments of the present invention will be described below with reference to the drawings.

FIG. 1 shows an example of the configuration of a network system targeted for topology detection of a layer 2 network according to the present invention.
This network system has a configuration in which three layer 2 networks are connected around one layer 3 switch 110. It is assumed that a different VLAN (Virtual Local Area Network) ID is assigned to each of the plurality of layer 2 networks, so that the layer 2 networks can be identified within the network system. In the example of FIG. 1, VLAN IDs of 10, 20, and 30 are assigned to three layer 2 networks, respectively, and each layer 2 network is expressed as VLAN10, VLAN20, and VLAN30, respectively. In the following description, the layer 2 network may be expressed as a VLAN.

VLAN 20 includes two layer 2 switches 120-1 and 120-2 and three terminals 130-1, 130-2, and 130-3. The terminal is, for example, a terminal device such as a PC that is directly used by a user, or a server that provides some kind of network service.

VLAN 30 includes one layer 2 switch 120-3 and two terminals 130-4 and 130-5.

The VLAN 10 includes a network management server 100 that performs layer 2 network topology detection according to the present invention. In this example, the only device existing in VLAN10 is the network management server 100, which is directly connected to port 111-1 of the layer 3 switch 110, but other terminal devices are connected via layer 2 switches, etc. You can leave it there.

In the following explanation, regarding multiple layer 2 switches and terminals, when explaining the individual layer 2 switches and terminals separately, the reference numerals shown in FIG. Referenced by switch 120 and terminal 130.

Furthermore, in the following description, layer 3 switches, layer 2 switches, terminals, etc. that constitute a network system are collectively referred to as network devices, and layer 3 switches and layer 2 switches are collectively referred to simply as switches.

Further, symbols such as N10, S10, and U10 placed in parentheses within each network device in FIG. 1 represent the MAC address possessed by that network device.

In the example of FIG. 1, the network management server 100 is connected within the VLAN 10, but it may be connected anywhere within the network as long as it can communicate with each switch within the network system and collect information.

An example in which the network management server 100 detects the topology of the VLAN 20 and VLAN 30, which are layer 2 networks, in the configuration of FIG. 1 will be described below.

FIG. 2 is a diagram showing the internal configuration of the network management server 100. The network management server 100 includes a CPU (Central Processing Unit) 201 for performing calculations, a memory 202 for storing data and programs executed by the CPU 201, and a network IF (interface) for connecting to other network devices via a line. 203.

The memory 202 stores a topology detection unit 210, which is a program executed by the CPU 201, and data required in the process of executing the topology detection unit 210 as several tables. The stored tables are access information 220, FDB (Forwarding DataBase) collection information 221, learning port set 222, route port set 223, number of learned MAC addresses 224, via device information 225, section information 226, and adjacent information 227. The structure and content example of each table will be shown in the explanation of the topology detection operation described later using the flowchart of FIG.

The network management server 100 collects necessary information from the layer 3 switch 110 and layer 2 switch 120 via the network IF 203 by having the CPU 201 execute the topology detection unit 210, which is a program, and collects necessary information from the layer 3 switch 110 and the layer 2 switch 120 through the network IF 203. It works to detect.

FIG. 3 is a diagram showing an example of the internal configuration of the layer 3 switch 110. A layer 3 switch is a network device that has a function of performing layer 2 relay or layer 3 relay of a packet received at a port to another port based on information included in the header of the packet.

The layer 3 switch 110 includes a CPU 301, a memory 302, a frame transfer unit 303, and a plurality of ports 111. Note that when the plurality of ports 111 are to be explained separately, they will be referred to by reference numerals such as 111-1 and 111-2 as shown in FIG.

The memory 302 includes an SNMP response unit 310, which is a program executed by the CPU 301 to respond to SNMP (Simple Network Management Protocol) inquiries from other network devices, and a layer 2 relay process for packets received at port 111. At least necessary FDB information 320 is stored. The FDB information 320 is a table that learns and stores the MAC address of a network device connected to each port 111 when a packet transmitted by the network device is received, and stores the learned MAC address and Information that combines the identifier of the port 111 that learned the MAC address and the VLAN ID of the VLAN to which the port 111 belongs is stored as one piece of learning information. In addition, an SNMP inquiry is, for example, a process such as a request to read the FDB information 320 and a response thereto.

Note that in the memory 302 of FIG. 3, descriptions of other program programs and data necessary for realizing the function as a layer 3 switch are omitted.

The frame transfer unit 303 determines the port 111 to which the packet is to be transferred by layer 3 relay or layer 2 relay processing based on the header information of the packet received at the port 111, and transmits the packet from the port 111. , for example, is composed of a hardware logic circuit such as an LSI.

FIG. 4 is a diagram showing an example of the internal configuration of the layer 2 switch 120. A layer 2 switch is a network device that has a function of layer 2 relaying a packet received at a port to another port based on information included in the header of the packet.

The layer 2 switch 120 includes a CPU 401, a memory 402, a frame transfer unit 403, and a plurality of ports 121. Note that when the plurality of ports 121 are to be explained separately, they will be referred to by reference numerals such as 121-11 and 121-12 as shown in FIG.

The memory 402 includes an SNMP response unit 410, which is a program executed by the CPU 401 in order to respond to SNMP inquiries from other network devices, and FDB information 420, which is necessary for layer 2 relay processing for packets received at the port 121. is stored at least. The FDB information 420 is similar to the FDB information 320 of the layer 3 switch 110 described in FIG. 3. Further, the inquiry by SNMP is also the same as that explained with reference to FIG.

Note that in the memory 402, descriptions of other programs and data necessary to realize the function as a layer 2 switch are omitted.

The frame transfer unit 403 determines the port 121 to which the packet is transferred by layer 2 relay processing based on the header information of the packet received at the port 121, and transmits the packet from the port 121. It consists of logic circuits based on hardware.

Next, an example of the operation of detecting the topology of two layer 2 networks, VLAN 20 and VLAN 30, by the process of the topology detection unit 210 executed by the CPU 201 of the network management server 100 will be described using a flowchart.

FIG. 5 is a flowchart illustrating an example of processing by the topology detection unit 210. In the following explanation, the operations in which programs such as the topology detection unit 210 are the subject are actually caused by the operations of the CPU 201 that executes the programs.

Note that the series of processes shown in this flowchart may be started periodically at predetermined times, for example, or may be instructed by a network administrator inputting a command or the like through a user interface (not shown) provided in the network management server 100. It is activated by

First, the topology detection unit 210 collects FDB information from layer 3 switches and layer 2 switches existing in the network system based on the access information 220, and stores it in the FDB collection information 221 (step 501).

FIG. 6 is a diagram showing an example of the contents of the access information 220. The access information 220 is a table that stores information about the layer 3 switch 110 and layer 2 switch 120 that are targets for collecting FDB information and their collection method, and is composed of zero or more entries. Each entry has fields of device 601, IP address 602, access means 603, and MAC address 604.

The device 601 is a field indicating the identifiers of the layer 3 switch 110 and layer 2 switch 120 targeted for FDB information collection. In the example of FIG. 6, the symbols given in FIG. 1 are used as identifiers for convenience, but it may also be a device name given for management purposes. The IP address 602 and MAC address 604 are fields indicating the IP address and MAC address of the switch indicated by the device 601.

Access means 603 is a field indicating means for reading FDB information from the device indicated by device 601. For example, if MIB (Management Information Base) is specified, it indicates that FDB information is to be read by SNMP. .

It is assumed that the contents of FIG. 6 have been set in advance before the processing shown in the flowchart of FIG. 5 begins.

FIG. 7 is a diagram showing an example of the contents of the FDB collection information 221.
The FDB collection information 221 is a table for storing FDB information collected from the layer 3 switch 110 and the layer 2 switch 120, and is composed of zero or more entries identified by entry numbers. Each entry has fields of device 701, MAC address 702, learning VLAN 703, and learning port 704. Note that in the following description, the entry with entry number n will be expressed as entry n. This also applies to other tables having entry numbers, which will be described later.

The device 701 is a field indicating the identifiers of the layer 3 switch 110 and layer 2 switch 120 from which the FDB information was collected. The MAC address 702, learned VLAN 703, and learned port 704 contain the learned MAC address, which is information for one entry of the collected FDB information, the VLAN ID of the VLAN to which the port that learned the MAC address belongs, and the MAC address. This field stores the identifier of each port that has learned.

To specifically explain the processing content of the topology detection unit 210 in step 501, the topology detection unit 210 refers to the access information 220 and determines the access means for the layer 3 switch 110 and layer 2 switch 120 indicated in each entry. Since the value of 603 is MIB, an SNMP FDB read request packet is sent to the IP address indicated by IP address 602 of the same entry.

The layer 3 switch 110 and layer 2 switch 120 that received the request packet process the request packet in the SNMP response unit 310 or 410, and send a response packet containing the contents of the FDB information 320 or 420 to the network management server 100. Send it back. When the network management server 100 receives the response packet, the topology detection unit 210 adds information on the identifier of the device from which the information was collected (the value of the device 601 in the same entry) to the information included in the response packet and sends it to the FDB. The collected information 221 is sequentially stored in empty entries.

The numerical example shown in FIG. 7 shows the contents of the FDB collection information 221 generated in step 501 in the case of the network configuration shown in FIG. Note that in FIG. 7, the identifiers stored in the device 701 and the learning port 704 are shown by the symbols given in FIG. 1 for convenience, but other identifiers given for management purposes may be used.

Next, the topology detection unit 210 creates a learning port set 222 by referring to the FDB collection information 221 generated in step 501 (step 502).

The learning port set is a set of ports that have learned the combination of VLAN ID and MAC address of the network device collected as part of the FDB information, using the combination of VLAN ID and MAC address as a key. be.

FIG. 8 is a diagram showing an example of the contents of the learning port set 222. The learning port set 222 is composed of zero or more entries identified by entry numbers, and each entry has fields of VLAN 801, MAC address 802, and learning port 803. The above-described combination of key values is stored in the combination of VLAN 801 and MAC address 802, and a set of identifiers of ports that have learned the combination is stored in learning port 803.

To specifically explain the processing content of the topology detection unit 210 in step 502, for example, the port that has learned the MAC address S10 of the layer 3 switch 110 in the VLAN 20 has the MAC address of each entry in the FDB collection information 221 shown in FIG. When searching for the values of 702 and learning VLAN 703, it is found that they are stored in entries 10 and 15, and since the values of learning port 704 in each entry are 121-11 and 121-21, set 20 to VLAN 801. , S20 is stored in the MAC address 802, and entries {121-11, 121-21} are stored in the learning port 803, respectively, in the learning port set 222.

In the example of FIG. 8, entry 2 corresponds to the entry created in this example. The topology detection unit 210 extracts all unique combinations of MAC addresses 702 and learning VLANs 703 stored in FIG. 7, and performs the above-described processing on each of them. As a result, for example, for the FDB collection information 221 as shown in FIG. 7, a learning port set 222 as shown in FIG. 8 is created.

Next, the topology detection unit 210 creates a route port set 223 by referring to the learning port set 222 created in step 502 (step 503).

A route port set is a set of ports that have learned the MAC addresses of terminals that exist on a route from a specific switch to a specific terminal in the network system. This information is used to identify all the switches on the route including another layer 2 switch if there is another layer 2 switch between the specific switch and the terminal.

If we generate a set of ports like this for each VLAN ID and find the combinations of all the terminals and switches that belong to that VLAN, then we will have all the information needed to derive the connection relationships between the switches. can be obtained.

FIG. 9 is a diagram showing an example of the contents of the route port set 223.
The route port set 223 is composed of zero or more entries identified by entry numbers, and each entry has fields of VLAN 901, terminal MAC address 902, switch MAC address 903, and route port 904.

The details of the processing performed by the topology detection unit 210 in step 503 will be explained in detail as follows.

First, the topology detection unit 210 refers to the learning port set 222 created in step 502 and extracts all MAC addresses of network devices belonging to each VLAN.

For example, if we look at the VLAN with VLAN ID 20 in the learning port set 222 in FIG. It can be seen that there are 6 pieces. Among these, three of them, S10, S20, and S21, are known to be the MAC addresses of the switch from the information pre-registered in the MAC address 604 of the access information 220, so the other MAC addresses U10, U20, and U30 These three can be determined to be the MAC addresses of the terminal.

Therefore, the total number of combinations of terminals and switches in VLAN 20 is 3×3 (9). The example in FIG. 9 shows how these nine combinations are stored in the VLAN 901, terminal MAC address 902, and switch MAC address 903 of entries 2 to 10.

Similar processing is performed for the other VLANs so that values are stored in the VLAN 901, terminal MAC address 902, and switch MAC address 903 of each entry. Note that a VLAN in which no switch MAC address has been learned means that the layer 3 switch 110 and the layer 2 switch 120 do not exist in that VLAN, and is therefore excluded from subsequent processing.

Next, the topology detection unit 210 performs processing to obtain a value to be stored in the route port 904 of each entry in the route port set 223. This value can be obtained as a set obtained by removing elements included in the switch learning port set from the terminal learning port set stored in the learning port set 222.

To explain with a specific example, for example, the value stored in the route port 904 of entry 3 (VLAN 901 is 20, terminal MAC address 902 is U10, switch MAC address 903 is S20) of the route port set 223 in FIG. From the set {111-2, 121-12, 121-22} stored in the learning port 803 of entry 5 (VLAN 801 is 20, MAC address 802 is U10) of port set 222, entry 3 (VLAN 801 is 20, MAC address 802 is U10) The set {121-12, 121-22} is obtained by removing common elements from the set {111-2, 121-21} stored in the learning port 803 whose address 802 is S20).

The meaning of this processing is as follows. When a packet flows from the terminal 130-1 with the MAC address U10 to the layer 2 switch 120-1 with the MAC address S20, the port that becomes the route is a port that has learned at least U10 (learning port set 222 (value of learning port 803 in entry 5).

If these candidates include a port that has also learned S20 (corresponding to 111-2 included in the value of learning port 803 in entry 3 of learning port set 222), that port is U10 and S20. This indicates that they are learning both. This means that when viewed from the terminal 131-1 with U10 as the starting point, the layer 3 switch 110 with port 111-2 is located upstream from the layer 2 switch 120-1 with MAC address S20. do.

Therefore, if such ports that have learned both U10 and S20 are removed from the original set, a set of route ports existing on the route from terminal 130-1 to layer 2 switch 120-1 remains. Become.

Step 503 is completed by executing the processing as described above for all entries in the route port set 223. Note that at this stage, it may not be possible to specify the order of the ports in the group on the route using only the information on the route port set 223, so a process for specifying it is required, which is followed by step 504. Then, the process of step 505 is performed.

Next, the topology detection unit 210 creates the number of learned MAC addresses 224 by referring to the FDB collection information 221 generated in step 501 (step 504). The number of MAC addresses learned 224 is a total of how many MAC addresses have been learned in each port of the layer 3 switch 110 and layer 2 switch 120.

FIG. 10 is a diagram showing an example of the contents of the MAC address learning number 224. The number of learned MAC addresses 224 is composed of zero or more entries identified by entry numbers, and each entry has fields of a port 1001, a learned MAC address 1002, and a learned number 1003.

The processing of the topology detection unit 210 in step 504 will be specifically explained as follows.

First, the topology detection unit 210 extracts all unique port identifiers stored in the learning ports 704 of the FDB collection information 221, and stores each in the port 1001 of the entry of the MAC address learning number 224 (this example In the following, the identifiers are expressed using the symbols given in Figure 1).

Then, for each entry with the number of MAC address learning numbers 224, the MAC addresses learned on the port 1001 of the corresponding entry are extracted from the FDB collection information 221, all of them are stored as a set in the MAC address 1002, and the number of elements is learned. It is stored in number 1003.

For example, if the FDB collection information 221 is in the state shown in FIG. 3 is stored, and the MAC addresses learned by that port are S22, U40, and U50 stored in the MAC address 702 of each entry.

Therefore, as shown in FIG. 10, the learning MAC address 1002 of entry 3 that stores 111-3 in port 1001 is set to the set {S22, U40, U50}, and the learning number 1003 is set to 3, which is the number of elements thereof. Store.
This completes the process of step 504.

Next, the topology detection unit 210 creates transit device information 225 using the route port set 223 created in step 503 and the number of learned MAC addresses 224 created in step 504 (step 505).

The relay device information is information that, for a combination of a certain terminal and a certain switch, is a list of switches existing on the route arranged in the order on the route.

FIG. 11 is a diagram showing an example of the contents of the transit device information 225. The route device information 225 is composed of zero or more entries identified by entry numbers, and each entry has fields of VLAN 1101, terminal MAC address 1102, switch MAC address 1103, and route device 1104. The transit device 1104 has a plurality of subfields so that identifiers of a plurality of switches can be stored in an ordered manner.

Although FIG. 11 shows an example with three subfields, the number is not limited to three and may be determined depending on the scale of the target network system. The route device information 225 can also be viewed as having a structure in which the route port 904 field is replaced with the route device 1104 in each entry of the route port set 223.

The processing of the topology detection unit 210 in step 505 will be specifically explained as follows.
First, the topology detection unit 210 refers to the route port set 223 created in step 503, and for all entries, the values of the VLAN 901, terminal MAC address 902, and switch MAC address 903 are changed to the VLAN 1101 of the entry of the transit device information 225. , the terminal MAC address 1102, and the switch MAC address 1103. That is, through this process, the same number of entries as the route port set 223 are created in the via device information 225.

Next, the route port 904 of each entry in the route port set 223 is referred to, and the information on each port identifier stored there as a set is sorted in the order of the route from the switch side to the terminal side. Specifically, based on the information on the number of MAC addresses learned 224, the MAC addresses are sorted in descending order of the number of learned MAC addresses.

This process is based on the property that when a plurality of switches are connected hierarchically and the terminal side is expressed as downstream, the number of learned MAC addresses increases as the port of the switch on the upstream side increases. This property is due to the fact that at least the MAC address of a switch that is passed through on the way is learned by a switch that is upstream. Taking the example of entry 2 of the route port set 223 as a specific example, the number of MAC address learned at each port registered in the route port 904 is 5 for 111-2, 3 for 121-12, and 121 for each port. Since -22 becomes 1, the ports arranged in the order of the route from the switch to the terminal are 111-2, 121-12, and 121-22.

When this sorting process is completed, the identifier of each port is replaced with the identifier of the switch that has the port, and stored in the sub-entry of the via device 1104 of the corresponding entry in the via device information 225 in order from the upstream side. To explain using the example of entry 2 above, the switches to which ports 111-2, 121-12, and 121-22, arranged in route order, belong are 110, 120-1, and 120-2, respectively, so these are connected to It is stored in the relay device 1104 of entry number 2 of the information 224. This indicates that the switches indicated by the subfields of the via device 1104 are adjacent in the order of the subfields.

The above processing is performed for all entries in the via device information 225, and step 505 is ended.

Next, the topology detection unit 210 creates section information 226 by referring to the transit device information 225 created in step 505 and the learning port set 222 created in step 502 (step 506). The section information is information indicating which ports of the adjacent switches are actually connected for each combination of adjacent switches indicated by the via device information obtained in step 506.

FIG. 12 is a diagram showing an example of the contents of the section information 226. The section information 226 is composed of zero or more entries identified by entry numbers, and each entry has fields of VLAN 1201, terminal MAC address 1202, switch MAC address 1203, and section 1204. Note that section 1204 has a plurality of subfields so that port connection information between a plurality of switches can be stored.

Although FIG. 12 shows an example with two subfields, the number may be determined depending on the scale of the target network system. The interval information 226 can also be regarded as the value of the intermediate device 1104 replaced with the interval 1204 for each entry of the intermediate device information 225.

The processing of the topology detection unit 210 in step 506 will be specifically explained as follows.

First, the topology detection unit 210 refers to the transit device information 225 created in step 505, and calculates the values of the VLAN 1101, terminal MAC address 1102, and switch MAC address 1103 for all entries, and the values of the VLAN 1201, terminal MAC address, and Copy as is to MAC address 1202 and switch MAC address 1203. That is, by this process, the same number of entries as the transit device information 225 are created in the section information 226.

Next, the information on the transit device 1104 in the transit device information 225 is referred to, and the port connection relationship between the switches indicated therein is determined, and the result is stored in the section 1204 of the corresponding entry in the section information 226. The combination of ports connected between two switches can be found by referring to the learning port set 222.

As a specific example, taking Entry 2 of the transit device information 225 as an example, the transit device 1104 has layer 3 switch 110 and layer 2 switch 120-1, and layer 2 switches 120-1 and 120-2 are adjacent to each other. It shows that there is.

Here, the layer 3 switch 110 is located upstream from the layer 2 switch 120-1 for the terminal (terminal 130-1) with the MAC address U10 indicated by the terminal MAC address 1202, based on the order of subfields in the via device 1104. Therefore, the port to which the layer 2 switch 120-1 is connected should have learned the MAC address U10. Referring to the learning port set 222, it can be seen from the contents of entry 5 that the port on which U10 is learned in the layer 3 switch 110 is port 111-2.

Therefore, the port to which the layer 2 switch 120-1 is connected in the layer 3 switch 110 is required to be the port 111-2. On the other hand, since the layer 3 switch 110 is upstream, the port to which the layer 3 switch 110 is connected in the layer 2 switch 120-1 should have learned the MAC address S10 of the layer 3 switch 110, and the MAC address It can be seen from entry 2 of the learning port set 222 that the port of the layer 2 switch 120-1 that is learning S10 in the VLAN 20 to which the terminal U10 (terminal 130-1) belongs is port 121-11.

From the above, it can be seen that the layer 3 switch 110 and layer 3 switch 120-1 are connected through ports 111-2 and 121-11, respectively, and the value "111-2⇔121-11" is It is stored in the first subfield of section 1204 of entry 2 of section information 226. By following the same procedure, you can see that layer 2 switch 120-1 and layer 2 switch 120-2 are connected through ports 121-12 and 121-21, respectively. 21'' is stored in the second subfield of section 1204 of entry 2 of section information 226.

Step 506 is completed by performing the above processing on all entries of section information 226.

Finally, the topology detection unit 210 creates adjacent information 227 from the section information 226 (step 507). Adjacent information is information that aggregates the interconnection relationships of switches existing in the layer 2 network targeted for topology detection, and is the final topology detection result.

FIG. 13 is a diagram showing an example of the contents of the adjacent information 227. The adjacent information 227 is composed of zero or more entries identified by entry numbers, and each entry has fields of connection source device 1301, connection source port 1302, connection destination device 1303, and connection destination port 1304.

The processing of the topology detection unit 210 in step 507 will be specifically explained as follows.

In the section 1204 of all entries in the section information 226, as a result of the processing from step 501 to step 506, information (this (herein referred to as an interval) are stored, and topology detection is substantially completed.

However, in the process of deriving this, sections are determined for each route in all combinations of terminals and switches that exist in each layer 2 network within the network system. If any of these routes share the same section, duplicate values will be stored in section 1204. Therefore, the topology detection unit 210 performs a process of extracting a unique section from the sections 1204 of all entries in the section information 226 in step 507. When this process is performed on the section information 226 in the state shown in FIG. 21". The topology detection unit 210 associates one entry of the adjacent information 227 with each of these sections, and stores information obtained by expanding the section information in each entry.

To explain specifically using the example of entry 1 shown in FIG. 13, entry 1 corresponds to the section "111-2⇔121-11", and the switch to which port 111-2 belongs is layer 3 switch 110, so the connection source device 1301 has 110 as its identifier, connection source port 1302 has 111-2 as the identifier of port 111-2, and since the switch to which port 121-11 belongs is layer 2 switch 120-1, connection destination device 1303 has 111-2 as its identifier. 120-1 is stored as the identifier, and 121-1 is stored in the connection destination port 1304 as the identifier of the port 121-11.

When the above processing is performed for all unique sections extracted from the section information 226, the adjacency information 227 includes adjacency information between all directly connected switches for each layer 2 network in the network system targeted for topology detection. You will get it.

The contents of the adjacency information 227 shown in FIG. 13 are the adjacency relationships among the layer 3 switch 110, layer 2 switch 120-1, layer 2 switch 120-2, and layer 2 switch 120-3 included in the network system shown in FIG. represents.

As described above, the topology detection unit 210 can detect the topology of the layer 2 network by the processing shown in the flowchart shown in FIG. The contents of the adjacency information 227, which is the final topology detection result, may be drawn as a network topology diagram by a drawing processing program (not shown) included in the network management server 100, and displayed on an output device (not shown), for example. It can be used in particular.

According to the first embodiment, even in a large-scale network system in which a plurality of layer 2 networks are connected by layer 3 switches, each switch in the network does not require a network management server in each layer 2 network. An advantage can be obtained that topology information indicating the adjacency relationship of switches in each layer 2 network can be obtained by one network management server connected to an arbitrary location where information can be collected from the network management server.

When using a switch in a network system, it may become necessary to restart the switch for some reason. The FDB information in the switch is dynamically generated by learning part of the header information of packets received while the switch is operating, so when the switch is restarted, the FDB information learned up to that point is temporarily lost. It is cleared and regenerated by learning from the received packets again.

Therefore, if you try to execute the process according to the flowchart in FIG. 5 of Embodiment 1 immediately after one of the switches is restarted, the FDB information obtained from that switch will be empty. There are cases where this happens.

FIG. 14 shows FDB collection information obtained by the topology detection unit 210 executing step 501 of the flowchart of FIG. 221 is a diagram showing an example of No. 221. The content is as if the values of each field of entries 10 to 14 in the FDB collection information 221 of FIG. 7 shown as Example 1 have been deleted.

FIG. 15 is a diagram showing the contents of the adjacency information 227 finally obtained in step 507 when the topology detection unit 210 executes the processing from step 502 onwards with the FDB collection information 221 shown in FIG. 14. .

A detailed explanation of the processing process will be omitted, but as shown in FIG. 15, if the FDB information of the layer 2 switch 120-1 is not obtained, the port 111-2 of the layer 3 switch 110 is Topology information that indicates that the layer 2 switch 120-1 is directly connected to the port 121-21 of the layer 2 switch 120-1 is obtained. Embodiment 2 shows an example of a network management server that can obtain correct topology information even in such a situation.

FIG. 16 is a diagram showing the configuration of the network management server 140 in the second embodiment.
The difference in configuration between the network management server 140 and the network management server 100 of the first embodiment shown in FIG. 202, and the topology detection unit 210 is replaced with a topology detection unit 240 whose processing content is different from that of the topology detection unit 210.

The other components are the same as those of the network management server 100, and are given the same reference numerals as in FIG. 2. The contents of each table added to the network management server 140 will be described later.

Further, in the second embodiment, it is assumed that the network management server 140 is connected to the port 111-1 of the layer 3 switch 110 in place of the network management server 100 in the network system example of FIG.

Next, an example of the operation in which the topology detection unit 240 performs topology detection in the second embodiment will be described using a flowchart.

FIG. 17 is a flowchart illustrating an example of the operation of the topology detection unit 240 in the network management server 140. In the following explanation, the operations in which programs such as the topology detection unit 240 are the subject are actually caused by the operations of the CPU 201 that executes the programs.

Note that the process shown in this flowchart may be started periodically at a predetermined time, for example, or may be started by a network administrator inputting a command or the like through a user interface (not shown) provided in the network management server 140. shall be

First, the topology detection unit 240 executes a series of processes in the flowchart 500 shown in FIG. 5 (step 1401).

Next, the topology detection unit 240 copies the contents of the adjacent information 227 obtained as a result of step 1401 to the previous adjacent information 228 (step 1402). The previous adjacent information 228 is a table for temporarily saving the contents of the adjacent information 227, and has the same data structure as the adjacent information 227 illustrated in FIG.

Next, the topology detection unit 240 initializes the value of the convergence counter 229 (step 1403). The convergence counter 229 is a table that stores integer values, and its initialization is a process of copying the value of the convergence counter initial value 230 to the convergence counter 229. The convergence counter initial value 230 is a table that stores the initial value (integer value) of the convergence counter 229.

The value is determined so that the result of the neighbor information 227 obtained in step 1401 or step 1404 described later is stable, taking into consideration the time required for the network administrator to relearn FDB information on a restarted switch. The appropriate number of repetitions of the process required to complete the process is calculated and set in advance using a user interface (not shown) of the network management server 140.

Next, the topology detection unit 240 re-executes the series of processes in the flowchart 500 shown in FIG. 5 (step 1404).

Next, the topology detection unit 240 compares the contents of the adjacent information 227 obtained in step 1404 with the contents of the previous adjacent information 228 obtained in step 1402, and if they do not match, returns to the process of step 1402 and changes the contents. Repeat the following process. If they match, the process advances to step 1406 (step 1405).

In step 1406, the topology detection unit 240 subtracts 1 from the value of the convergence counter 229.

Next, the topology detection unit 240 determines the value of the convergence counter 229, and if it is not 0, returns to the process of step 1404 and repeats the subsequent processes, and if it is 0, ends the process according to this flowchart (step 1407). ). The information stored in the adjacent information 227 at this point becomes the finally obtained topology information.

The meaning of the series of processes described above is that the basic topology detection process shown in flowchart 500 is repeatedly executed until the result becomes stable, and the value after stabilization is regarded as the topology detection result. In this embodiment, it is determined that the result is stable when the same topology detection result is obtained by the process of flowchart 500 consecutively for a preset number of repetitions (value of convergence counter 230).

According to the second embodiment, in addition to the effects obtained by the second embodiment, even if a transient state occurs in the learning status of FDB information in the switch due to factors such as switch restart, the network system The effect is that topology information indicating the adjacency relationship of switches in each layer 2 network can be correctly detected.

In this way, in the above embodiment, the network management server identifies the switches existing on the route and their The topology of each layer 2 network is detected by identifying the switch port that connects the layer 2 network.

According to the embodiment described above, in a large-scale network composed of a plurality of layer 2 networks, a network management server is provided that is capable of detecting the topology of each layer 2 network regardless of the connection location within the network. be able to.

100, 140 Network management server 110 Layer 3 switch 120 Layer 2 switch 111, 121 Port 130 Terminal 201, 301, 401 CPU
202, 302, 402 Memory 203 Network IF
303, 403 Frame transfer unit 210 Topology detection unit 310, 410 SNMP response unit 220 Access information 221 FDB collection information 222 Learning port set 223 Route port set 224 MAC address learning number 225 Via device information 226 Section information 227 Adjacent information 228 Previous adjacent information 229 Convergence counter 230 Convergence counter initial value 320, 420 FDB information

Claims (12)

A network management server connected to a network including at least one terminal and a plurality of switches,
One of the plurality of switches is
including a port connected to at least one of the other switches of the plurality of switches and the terminal,
The network management server includes a topology detection unit that detects topology information representing a connection status regarding the terminal and the switch in the network,
The topology detection unit includes:
collecting FDB information from the switch;
Extracting the MAC address of the terminal or the switch learned from the FDB information,
generating learned port information that aggregates identification information of the port that has learned the MAC address for each MAC address from the FDB information;
For each of the MAC addresses, identify whether it is a terminal MAC address owned by the terminal or a switch MAC address owned by the switch,
generating a combination of the switch and the terminal, with the switch having the switch MAC address as one side and the terminal having the terminal MAC address as the other;
For each of the combinations, the port existing on the route from one of the switches to the other of the terminals is identified as route port information from the learning port information,
A network management server characterized in that the topology information is detected by specifying the connection relationship of the switches based on the route port information. The topology detection unit includes:
Generating a MAC address learning number that is the learning number of the MAC address based on the FDB information,
generating, for each combination of the switch and the terminal, via device information in which a list of the switches existing on the route is arranged in accordance with the order on the route, based on the route port information and the number of MAC address learnings;
generating section information indicating a connection relationship between the one switch and the port of the other switch for each combination of the switch and the terminal based on the transit device information and the learning port information;
generating adjacency information that aggregates interconnection relationships of the switches existing in the network based on the section information;
The network management server according to claim 1, wherein the topology information is detected based on the neighbor information. The topology detection unit includes:
If a transitional state occurs in the learning status of the FDB information in the switch due to restart of the switch, the process of detecting the topology information is repeated until the result of the adjacent information becomes stable. The network management server according to claim 2. The network management server includes:
a previous adjacency information storage table that stores the previous adjacency information;
a convergence counter,
further comprising a convergence counter initial value storage table that stores an initial value of the convergence counter,
The topology detection unit includes:
temporarily saving the adjacency information to the previous adjacency information storage table to generate the previous adjacency information;
initializing the value of the convergence counter by copying the initial value of the convergence counter to the convergence counter;
Comparing the adjacent information and the previous adjacent information,
As a result of the comparison, if the adjacent information and the previous adjacent information do not match, repeating the process of detecting the topology information;
As a result of the comparison, if the adjacent information and the previous adjacent information match, 1 is subtracted from the value of the convergence counter;
determining the value of the convergence counter;
As a result of the determination, if the value of the convergence counter is not 0, repeating the process of detecting the topology;
4. The network management server according to claim 3, wherein if the result of the determination is that the value of the convergence counter is 0, the process of detecting the topology is terminated. The topology detection unit includes:
The initial value of the convergence counter is
The number of repetitions of the process for detecting the topology information required until the result of the adjacent information is stabilized is set, taking into account the time required for the restarted switch to re-learn the FDB information. The network management server according to claim 4. a plurality of said networks are connected to a single said network management server;
The topology detection unit includes:
The network management server according to claim 1, wherein the network management server detects the topology information regarding a plurality of the networks. A topology detection program that is stored in a network management server connected to a network including at least one terminal and a plurality of switches, and detects topology information representing a connection status regarding the terminal and the switch in the network,
One of the plurality of switches is
including a port connected to at least one of the other switches of the plurality of switches and the terminal,
The topology detection program is
collecting FDB information from the switch;
Extracting the MAC address of the terminal or the switch learned from the FDB information,
generating learned port information that aggregates identification information of the port that has learned the MAC address for each MAC address from the FDB information;
For each of the MAC addresses, identify whether it is a terminal MAC address owned by the terminal or a switch MAC address owned by the switch,
generating a combination of the switch and the terminal, with the switch having the switch MAC address as one side and the terminal having the terminal MAC address as the other;
For each of the combinations, the port existing on the route from one of the switches to the other of the terminals is identified as route port information from the learning port information,
a process of identifying the connection relationship of the switches based on the route port information and detecting the topology information;
A topology detection program configured to be executed by a computer. The topology detection program is
Generating a MAC address learning number that is the learning number of the MAC address based on the FDB information,
generating, for each combination of the switch and the terminal, via device information in which a list of the switches existing on the route is arranged in accordance with the order on the route, based on the route port information and the number of MAC address learnings;
generating section information indicating a connection relationship between the one switch and the port of the other switch for each combination of the switch and the terminal based on the transit device information and the learning port information;
generating adjacency information that aggregates interconnection relationships of the switches existing in the network based on the section information;
8. The topology detection program according to claim 7, wherein the topology information is detected based on the adjacent information. The topology detection topology detection program includes:
If a transitional state occurs in the learning status of the FDB information in the switch due to restart of the switch, the process of detecting the topology information is repeated until the result of the adjacent information becomes stable. The topology detection program according to claim 8. A topology detection method for detecting, in a network management server connected to a network including at least one terminal and a plurality of switches, topology information representing a connection status regarding the terminal and the switch in the network, the method comprising:
One of the plurality of switches is
including a port connected to at least one of the other switches of the plurality of switches and the terminal,
The topology detection method includes:
collecting FDB information from the switch;
extracting the MAC address of the terminal or the switch learned from the FDB information;
generating, from the FDB information, learning port information that aggregates identification information of the port that has learned the MAC address for each MAC address;
For each of the MAC addresses, specifying whether it is a terminal MAC address owned by the terminal or a switch MAC address owned by the switch;
generating a combination of the switch and the terminal, with the switch having the switch MAC address as one side and the terminal having the terminal MAC address as the other;
For each of the combinations, identifying the port existing on the route from one of the switches to the other of the terminals as route port information from the learning port information;
identifying the connection relationship of the switches based on the route port information and detecting the topology information;
A topology detection method characterized by having the following. generating a learned number of MAC addresses, which is the number of learned MAC addresses, based on the FDB information;
generating, for each combination of the switch and the terminal, via device information in which a list of the switches existing on the route is arranged in accordance with the order on the route, based on the route port information and the number of MAC address learnings; and,
generating section information indicating a connection relationship between the one switch and the port of the other switch for each combination of the switch and the terminal based on the transit device information and the learning port information;
generating adjacency information that aggregates interconnection relationships of the switches existing in the network based on the section information;
detecting the topology information based on the neighbor information;
11. The topology detection method according to claim 10, further comprising: If a transient state occurs in the learning status of the FDB information in the switch due to restart of the switch, repeating the step of detecting the topology information until the result of the neighbor information becomes stable;
12. The topology detection method according to claim 11, further comprising:

Images