JP5664862B2 - Port detection method, port detection program, investigation terminal, and network system - Google Patents

Description

  The present invention relates to a port detection method, a port detection program, an investigation terminal, and a network system in a network environment in which switches are connected in multiple stages.

  In recent years, VLAN (Virtual LAN) technology has been actively used in network configurations, and the physical switch connection form and the logical network configuration are not consistent. Although it is possible to know to which network a specific connection terminal belongs by the IP address, it is not easy to confirm to which switch the connection terminal is actually physically connected. Of course, the connected switch can be confirmed by visiting the site where the connection terminal is installed, but the confirmation method is not practical due to the widespread and distributed organization network. Therefore, there is a demand for a method for remotely confirming the network configuration status.

  Here, SNMP (Simple Network Management Protocol) is known as a protocol for monitoring and managing a device connected to a TCP / IP network via the network. Various types of switch information are acquired and utilized from a MIB (Management Information Base) that stores setting / state information. Since SNMP and MIB are described in RFC (Request For Comments), they can be commonly used in many vendor switches except vendor-specific ones.

  In addition, the switch has a database called a MAC address (Media Access Control address) learning table. This MAC address learning table includes the physical port of the switch and the MAC address of the connected terminal connected to the end of the port. The correspondence is recorded. When the switch receives a frame from the connection terminal connected to the port, the switch updates the MAC address learning table by referring to the MAC address of the transmission source included in the frame. By advancing learning of the MAC address, the switch does not need to transfer a frame to an unnecessary port, and as a result, the communication load can be reduced.

  Conventionally, there has been known a method for acquiring information of a switch MAC address learning table using SNMP communication and generating network configuration information (may be expressed as a network topology or a network map) from the information. (For example, see Patent Document 1 and Patent Document 2).

  As a related technique, there is known a method of generating a network map by learning a MAC address by connecting to a layer 3 switch with Telnet and broadcasting an ICMP echo (see, for example, Patent Document 3).

JP 2005-236893 A JP 2009-130572 A JP 2007-228382 A JP 2002-190819 A WO2006 / 118203

  However, in the technologies described in Patent Document 1 to Patent Document 3, a network environment in which switches are connected in multiple stages is not considered, and a specific connection terminal is used in a network environment in which switches are connected in multiple stages. There was a problem that it was not possible to detect and identify the switch port of the connection destination. That is, as shown in FIG. 11, in a network environment in which the switches S1 to S3 are connected in multiple stages, the MAC address M (N1) of the same connection terminal N1 is learned by the plurality of switches S1 to S3. Therefore, even if the MAC address learning table information of each of the switches S1 to S3 is acquired from the investigation terminal T using SNMP communication, the MAC address M (N1) is learned in any MAC address learning table. Therefore, there is a problem that it is impossible to determine which switch S1 to S3 is directly connected to the connection terminal N1, and it is not possible to accurately determine the network configuration.

  On the other hand, Patent Document 4 and Patent Document 5 are known as conventional techniques that consider a network environment in which switches are connected in multiple stages. However, these Patent Documents 4 and 5 are intended to guide the connection status between switches, and cannot detect which port of which switch a specific connection terminal is directly connected to. It was.

  Therefore, the present invention solves the conventional problem, that is, the object of the present invention is to specify a switch port to which a connection terminal is connected even in a network environment in which switches are connected in multiple stages. A possible port detection method, a port detection program, an investigation terminal, and a network system are provided.

  The port detection method of the present invention includes a plurality of switches connected in multiple stages, each holding a MAC address learning table that learns in pairs by associating a MAC address and a port of a device connected to the end of the port, and the port A port detection method for identifying a port to which the connection terminal is connected in a network including a connection terminal connected to the end of the port and a research terminal connected to the end of the port, the port detecting method comprising: Corresponding to the MAC address of the switch from the procedure of extracting the information of each pair from the MAC address learning table, the procedure of storing the information of the plurality of extracted pairs, and the set of the extracted plurality of pairs All the pairs including the ports corresponding to the MAC address of the investigation terminal and all the pairs including the ports corresponding to the MAC address of the investigation terminal are connected. By including the steps of specifying the port, it is obtained by solving the problems described above.

  The port detection program of the present invention includes a plurality of switches connected in multiple stages, each storing a MAC address learning table that learns in pairs by associating a MAC address and a port of a device connected to the end of the port, and the port A port detection program for identifying a port to which the connection terminal is connected in a network including a connection terminal connected to the end of the port and a research terminal connected to the end of the port. Corresponding to the MAC address of the switch from the procedure of extracting the information of each pair from the MAC address learning table, the procedure of storing the information of the plurality of extracted pairs, and the set of the extracted plurality of pairs All the pairs including the ports corresponding to the MAC address of the investigation terminal and the pair including the port corresponding to the MAC address of the investigation terminal are removed. By executing the steps of specifying the port to which the terminal is connected to the computer, in which to solve the problems described above.

  The investigation terminal according to the present invention includes a plurality of switches connected in multiple stages, each holding a MAC address learning table that learns a pair by associating a MAC address and a port of a device connected to the end of the port, and the port A search terminal connected to a network including a connection terminal connected to the front end of the plurality of switches, the means for extracting each of the pair information from the MAC address learning table of the plurality of switches, and the plurality of the extracted A pair including a port corresponding to the MAC address of the switch, and a pair including a port corresponding to the MAC address of the investigation terminal from a set of a plurality of extracted pairs. And determining means for identifying the port to which the connection terminal is connected, and output means for outputting the determination result by the determining means By is obtained by solving the problems described above.

  The network system of the present invention includes a plurality of switches connected in multiple stages, each holding a MAC address learning table that learns in pairs by associating the MAC address and port of a device connected to the end of the port. A connection terminal that is connected first, a means that is connected to the end of the port and that extracts the pair information from the MAC address learning table of the plurality of switches, and stores the extracted information of the plurality of pairs And a pair including a port corresponding to the MAC address of the switch and a pair including a port corresponding to the MAC address of the investigating terminal are removed from the extracted set of the plurality of pairs, A search terminal having a determination means for identifying a port to which the connection terminal is connected, and an output means for outputting a determination result by the determination means; By providing, in which to solve the problems described above.

  According to the present invention, even in a network in which switches are connected in multiple stages, a port of a switch to which a connection terminal is connected can be specified remotely.

It is explanatory drawing which shows the outline | summary of this invention. It is the schematic which shows the system configuration | structure which concerns on 1st Example of this invention. It is a flowchart figure which shows the port detection method in this invention. It is explanatory drawing which shows the data structure of each MAC address learning table. It is a table | surface which normalizes and shows the data structure of the set of a pair. It is a table | surface which shows the data structure of the set of a pair after removing a specific pair according to 1st conditions. It is a table | surface which shows the data structure of the set of a pair after removing a specific pair according to 2nd conditions. It is the schematic which shows the system configuration | structure which concerns on 2nd Example of this invention. It is a table | surface which normalizes and shows the data structure of the set of a pair. It is a table | surface which shows the data structure of the set of a pair after removing a specific pair according to the 1st condition and the 2nd condition. It is explanatory drawing used in order to demonstrate the problem of a prior art.

  First, the outline | summary of this invention is demonstrated below based on FIG.

  In the following description, each switch installed in a LAN (Local Area Network) to be managed is Si (1 ≦ i ≦ n, n is the total number of switches in the LAN), and each connection terminal is Nj. (1 ≦ j ≦ m, m is the total number of terminals in the LAN), T is the investigation terminal, M (Si) is the MAC address of the switch Si, M (Nj) is the MAC address of the connection terminal Nj, and T is the investigation terminal T. Is represented by M (T), and the kth port of the switch Si is represented by P (Si-k).

  The present invention holds a MAC address learning table for learning a pair of a device MAC address M (Z) and a port P (Si-k), respectively, and a plurality of switches Si connected in multiple stages and a port P ahead. An object is to identify the port P (Si-k) to which the connection terminal Nj is connected in a network including the connection terminal Nj connected and the investigation terminal T connected to the end of the port P.

  In a network environment in which switches Si are connected in multiple stages, as shown in FIG. 1, only the MAC address M (Z) of the device directly connected to the switch Si is included in the MAC address learning table of each switch Si. In addition, the MAC address M (Z) of the device indirectly connected via another switch Si is also learned and stored in pairs with the port P (Si-k) to which the device is connected. . For example, as shown in FIG. 1, the MAC address learning table of the switch S1 includes only the MAC address M (T) of the investigation terminal T directly connected to the switch S1 and the MAC address M (S2) of the switch S2. In addition, the MAC address M (S3) of the switch S3 indirectly connected via the switch S2 and the MAC address M (N1) of the connection terminal N1 are also learned together with the own port P (S1-k). Memorized in pairs.

  Thus, the MAC address M (N1) of the connected terminal N1 is learned in the MAC address learning table of each switch S1 to S3, and SNMP communication is performed from the investigation terminal T to the MAC address learning table of each switch S1 to S3. Even if the information is acquired by using it, the port P (Si-k) of the switch Si to which the connection terminal N1 is directly connected cannot be specified by that alone.

  Therefore, the present invention provides a port corresponding to the MAC address M (Si) of the switch Si from a set of pairs of the MAC address M (Z) and the port P (Si-k) of the device acquired by the investigation terminal T. By removing all the pairs including P (Si-k) and removing all the pairs including the port P (Si-k) corresponding to the MAC address M (T) of the investigating terminal T, the connecting terminal Nj becomes The identification of the connected port P (Si-k) is realized.

  Hereinafter, the present invention will be described in detail based on a plurality of embodiments.

  Next, a network system according to the first embodiment of the present invention will be described with reference to FIGS.

  First, as shown in FIG. 2, the network system of the first embodiment includes three switches S1 to S3 connected in series in multiple stages and constituting a LAN and having a function as an SNMP agent, and corresponding switches S1 to S1. It comprises three connection terminals N1 to N3 each connected to S3, and a survey terminal T connected to the corresponding switch S1 and having a function as an SNMP manager. These devices are connected to each other via a LAN line.

  In this embodiment, the switches S1 to S3 are each configured as a layer 2 switch, and include eight physical ports P, a memory that stores at least a MAC address learning table, a processor that performs processing for an inquiry according to a given procedure, and an Ethernet Each includes a MAC control LSI that performs communication processing based on a standard such as (registered trademark), and a port circuit that transmits and receives a transmission frame from a transmission path of the network. The MAC control LSI and the port circuit constitute an interface to the network. Further, the MAC address learning table described above includes the MAC address M (Z) of each device connected to the end of the port P (in this embodiment, the switches S1 to S3, the investigation terminal T, and the connection terminals N1 to N3). A pair with port P (Si-k) is learned. In the following description, a pair consisting of the MAC address M (Z) and the port P (Si-k) is represented by the notation {M (Z): P (Si-k)}.

  The connection terminals N1 to N3 are configured as ordinary personal computers in this embodiment, and each includes a control unit, a storage unit, an input unit, an output unit, a network interface, an auxiliary storage device, and the like, and the control unit is expanded in the storage unit. It is configured to operate according to the software. The control unit is configured by a CPU or the like, and the storage unit is configured by a ROM, a RAM, or the like. In this embodiment, as shown in FIG. 2, the connecting terminal N1 is connected to the fifth port P (S1-5) of the switch S1, and the connecting terminal N2 is connected to the sixth port P (S2-6) of the switch S2. The connection terminal N3 is connected to the seventh port P (S3-7) of the switch S3.

  The investigation terminal T is configured as a normal personal computer in this embodiment, and is a terminal provided for managing a LAN to be managed, and includes a control unit, a storage unit, an input unit, an output unit, a network interface, Each is provided with an auxiliary storage device or the like, and is configured to realize each unit described later by operating the control unit according to software expanded in the storage unit. In this embodiment, the survey terminal T includes a display as one of output units (output means), but other output means may be provided. The control unit is configured by a CPU or the like, and the storage unit is configured by a ROM, a RAM, or the like. As a part of the software configuration, the investigation terminal T consists of a method using a standard SNMP protocol, refers to the MIB (Management Information Base) of the switches S1 to S3, and transmits information from the MAC address learning table through the network. An extraction unit that extracts the first pair, a first determination unit that excludes a specific pair from the pair set according to a first condition described later, and a second that excludes the specific pair from the pair set according to a second condition described later And at least a determination unit. In this embodiment, as shown in FIG. 2, the investigation terminal T is connected to the third port P (S1-3) of the switch S1.

  In this embodiment, the display of the survey terminal T is used as the output means for outputting the determination results of the first determination section and the second determination section of the survey terminal T. It may be provided separately from the survey terminal T.

  Next, the port detection method according to the present invention will be described.

  First, as preparation, the MAC addresses M (Si) of all the interfaces of all the switches S1 to S3 are collected. The MAC address (Si) can be collected by performing SNMP communication with respect to the IP addresses of the switches S1 to S3. In some cases, the MAC address M (Si) of the switch Si can be acquired by referring to MIB-2 defined in RFC1213. Alternatively, the MAC address M (Si) may be confirmed by logging in to each of the switches S1 to S3 from a remote location using a telnet (telecommunication network). In addition, the MAC address M (T) of the investigation terminal T is also collected and recorded. This procedure usually only needs to be performed once for the first time unless replacement of the switch Si or the like occurs.

  Next, in order for each switch Si to learn the MAC address M (Z) necessary for deriving the network configuration information, all the switches S1 to S3 and the connection terminals N1 to N3 in the LAN are connected from the investigation terminal T. On the other hand, some communication is performed to obtain a response (first procedure).

  This communication may be any communication as long as each switch Si issues a response frame as a transmission source. For example, it may be an inquiry using SNMP, or an ICMP (Internet Control Message Protocol) echo. It may be a request. Even before the execution of the first procedure, there is a high possibility that the connected terminals N1 to N3 to be detected perform some kind of communication and the MAC addresses are learned in the switches S1 to S3, but the frames are not transmitted spontaneously. The switch Si may not be recorded in the MAC address learning table. By executing the first procedure, the MAC addresses M (S1 to S3) of the switches S1 to S3, the MAC addresses M (N1 to 3) of the connection terminals N1 to N3, and the MAC address M ( T) is associated with the port P (Si-k) connected to the device, and is reliably stored in the MAC address learning table of each switch S1 to S3 as a pair {M (Z), P (Si-k)}. To be learned.

  In the present embodiment, the pair {M (Z): P (Si-k)} is learned in the MAC address learning table of each of the switches S1 to S3 as shown in FIG. 4 by executing the first procedure. .

  Next, SNMP communication is performed from the investigation terminal T to all the switches S1 to S3, and information on the pairs stored in the MAC address learning table of each switch S1 to S3 is acquired (second procedure).

  In many cases, this can be extracted by referring to the extended Bridge-MIB or Q-Bridge-MIB. Here, FIG. 5 is a table showing a data structure obtained by normalizing a set of a plurality of pairs acquired by the investigation terminal T using the port P as a key. Note that normalization may be performed using the MAC address as a key.

  In a network environment in which layer 2 switches are connected in multiple stages, in the first procedure described above, the MAC address M (Nj) of a specific connection terminal Nj is associated with a different port P (Si-k). There is a possibility. That is, the MAC address M (Nj) of a specific connection terminal Nj is learned not only by the switch Si to which the connection terminal Nj is directly connected, but also by another switch Si to which the connection terminal Nj is indirectly connected. Therefore, a plurality of identical MAC addresses M (Nj) are extracted. In this embodiment, for example, the MAC address M (N3) of the connection terminal N3 is not only the seventh port P (S3-7) of the directly connected switch S3 but also the fourth port P (S1) of the switch S1. -4) and 8th port P (S2-8) of switch S2. Therefore, in order to specify the port P (Si-k) to which the connection terminal Nj is directly connected, the switch is obtained from all the acquired sets of pairs based on the following first condition and second condition. It is necessary to remove all pairs including the port P (Si-k) in which Sis are directly connected.

  First, based on the first condition, all specific pairs are removed from the extracted set of pairs (third procedure).

  Here, the first condition is to remove the pair including the port P (Si-k) corresponding to the MAC address M (Si) of the switch Si from the set composed of the plurality of extracted pairs. With this first condition, the port P (Si-k) to which the switches Si are directly connected can be excluded.

  The third procedure using the first condition will be specifically described in the light of the present embodiment. As shown in FIG. 5, the pair {M (N2): P including the port P (S1-4) is shown. (S1-4)}, pair {M (N3): P (S1-4)}, pair {M (S2): P (S1-4)}, pair {M (S3): P (S1-4) } And the pair {M (N3): P (S2-8)} including the port P (S2-8) and the pair {M (S3): P (S2-8)} are acquired in the second procedure. Removed from the set of pairs. FIG. 6 is a table showing the data structure after the third procedure.

  Next, based on the second condition, all the specific pairs are removed from the remaining set of pairs (fourth procedure).

  Here, the second condition is that a pair including the port P (Si-k) corresponding to the MAC address M (T) of the investigation terminal T is removed from a set of a plurality of pairs. According to the fourth procedure using the second condition, even when the investigation terminal T and the connection terminal Nj are on the same network segment, the port P (Si-k) to which the switches Si are directly connected is changed. Can be excluded.

  The fourth procedure using the second condition will be specifically described in the light of the present embodiment. As shown in FIG. 6, the pair {M (T): P including the port P (S1-3) is shown. (S1-3)} and a pair {M (T): P (S2-1)} including a port P (S2-1), a pair {M (N1): P (S2-1)}, Pair {M (T): P (S3-2)} including port P (S3-2), pair {M (N1): P (S3-2)}, pair {M (N2): P (S3- 2)} is removed from the set of pairs obtained in the second procedure. FIG. 7 is a table showing the data structure after the fourth procedure.

  By performing the first to fourth procedures described above, as shown in FIG. 7, one pair of ports P (Si-k) is paired with respect to the MAC address M (Nj) of the specific connection terminal Nj. The specified port P can be remotely determined as the port P to which the connection terminal Nj is directly connected. In this embodiment, the connection terminal N1 is connected to the fifth port P (S1-5) of the switch S1, the connection terminal N2 is connected to the sixth port P (S2-6) of the switch S2, and the connection terminal N3 is It can be determined that it is connected to the seventh port P (S3-7) of the switch S3. Then, from the correspondence between the MAC address M (Nj) generated by the investigation terminal T and the port P (Si-k), the switch Si to which the connection terminal Nj is connected is determined, or output / viewed as a list. Is possible.

  Next, a network system according to a second embodiment of the present invention will be described with reference to FIGS. Here, the contents of the second embodiment are the same as those of the first embodiment described above except that some of the connection terminals Nj are indirectly connected to the switch Si via a HUB that does not support SNMP communication. Therefore, the description is omitted except for the differences from the first embodiment.

  First, in the second embodiment, as shown in FIG. 8, a HUB that does not support SNMP communication is connected to the sixth port P (S2-6) of the switch S2. This HUB has eight physical ports. The connection terminal N2 is connected to the 7th port of this HUB, and the connection terminal N4 is connected to the 8th port of the HUB.

  The port detection method according to the present invention can be applied even in a network environment in which a HUB that does not support SNMP communication is included in the network.

  That is, after executing the same preparation and the first procedure as in the first embodiment, the MAC address of each of the switches S1 to S3 is obtained by performing SNMP communication from the investigation terminal T to all the switches S1 to S3. A second procedure for acquiring learning table information is executed. The set of pairs obtained by the second procedure is as shown in FIG.

  Then, the third procedure based on the first condition for removing the pair including the port P (Si-k) corresponding to the MAC address M (Si) of the switch Si from the set, and the MAC address of the investigation terminal T A fourth procedure based on the second condition for removing the pair including the port P (Si-k) corresponding to M (T) from the set is executed. The data structure after the execution of the third procedure and the fourth procedure is as shown in FIG.

  As a result, as shown in FIG. 10, the connecting terminal N1 is connected to the fifth port P (S1-5) of the switch S1, and the connecting terminal N3 is connected to the seventh port P (S3-7) of the switch S3. That the connection terminal N2 and the connection terminal N4 are connected to the sixth port P (S2-6) of the switch S2.

  As described above, in this embodiment, the connection terminal Nj under the HUB that does not support SNMP communication cannot specify the one-to-one correspondence relationship between the MAC address M (Nj) and the connected port. However, it is possible to specify up to the port P (Si-k) of the switch Si corresponding to the upper level SNMP communication.

  In the above-described embodiment, three switches, three or four connection terminals, one investigation terminal, and one HUB are described. However, the number of these devices is not limited to this. .

  In the above-described embodiment, each switch and HUB are described as having eight ports. However, the number of switches and HUB ports is not limited to this.

  In the above-described embodiment, each switch is described as a layer 2 switch. However, the present invention can be applied even when all or some of the switches are configured as layer 3 switches.

T ... Investigation terminal N1 to N4 ... Connection terminal S1 to S3 ... Switch

Claims (4)

A plurality of switches each holding a MAC address learning table that learns a pair by associating a MAC address and a port of a device connected to the end of the port, and a connection terminal connected to the end of the port And a port detection method for identifying a switch to which the connection terminal is connected and a port of the switch in a network including an investigation terminal connected to the end of the port,
A procedure for extracting each pair of information from a MAC address learning table of the plurality of switches;
Storing a plurality of extracted pairs of information;
All the pairs including the port corresponding to the MAC address of the switch and the pair including the port corresponding to the MAC address of the investigating terminal are removed from the extracted set of the pairs, A port detection method comprising: a connected switch and a procedure for specifying a port of the switch . A plurality of switches each holding a MAC address learning table that learns a pair by associating a MAC address and a port of a device connected to the end of the port, and a connection terminal connected to the end of the port And a port detection program for identifying a switch to which the connection terminal is connected and a port of the switch in a network including an investigation terminal connected to the end of the port,
A procedure for extracting each pair of information from a MAC address learning table of the plurality of switches;
Storing a plurality of extracted pairs of information;
All the pairs including the port corresponding to the MAC address of the switch and the pair including the port corresponding to the MAC address of the investigating terminal are removed from the extracted set of the pairs, A port detection program for causing a computer to execute a connected switch and a procedure for specifying a port of the switch . A plurality of switches each holding a MAC address learning table that learns a pair by associating a MAC address and a port of a device connected to the end of the port, and a connection terminal connected to the end of the port A survey terminal connected to a network including
Means for extracting each pair of information from the MAC address learning table of the plurality of switches;
Means for storing a plurality of extracted pairs of information;
All the pairs including the port corresponding to the MAC address of the switch and the pair including the port corresponding to the MAC address of the investigating terminal are removed from the extracted set of the pairs, A determination means for identifying a connected switch and a port of the switch ;
An investigation terminal comprising: output means for outputting a determination result by the determination means. A plurality of switches connected in multiple stages, each holding a MAC address learning table that learns in pairs by associating the MAC address and port of the device connected to the end of the port;
A connection terminal connected to the end of the port;
Means connected to the end of the port, respectively, for extracting the information of the pair from the MAC address learning table of the plurality of switches; means for storing the extracted information of the plurality of pairs; from the set consisting of pairs, pair comprising a port corresponding to the MAC address of the switch, and, adjusting査用pairs were all removed including the port corresponding to the MAC address of the terminal, switch and the said connection terminal is connected An investigation terminal having a determination means for identifying a switch port;
An output means for outputting a determination result by the determination means;

Images