JP5684748B2 - Network quality monitoring apparatus and network quality monitoring method - Google Patents

Description

  The present invention relates to a network quality monitoring apparatus and a network quality monitoring method.

  Conventionally, a wide variety of services represented by cloud services are provided via a network. For example, in a cloud service, various services can be received by accessing a data center from a user base. In such a cloud service, the network is logically divided for each tenant (provider that provides a service on a cloud service platform) by virtual network technology.

  In recent years, demands for network quality in cloud services have been increasing year by year, and network quality monitoring and management for each tenant is required in response to cloud network environments. As a conventional network quality management method, for example, management is performed by SNMP (Simple Network Management Protocol) based on MIB (Management information base) information, which is management information of a transfer device constituting a network such as a switch or a router. The method is known.

  As another method of network quality monitoring, for example, a Flow technique for measuring traffic flow rate and quality for each service is known. In the Flow technology, a specific packet is extracted by a transfer device, thereby measuring a traffic flow rate and quality for each service.

"A Simple Network Management Protocol (SNMP)", [online], [searched on January 12, 2012], Internet <http://tools.ietf.org/html/rfc1157> “Methodology for Network Flow Performance Measurement”, [online], [searched on January 12, 2012], Internet <http://tools.ietf.org/html/draft-akhter-opsawg-perfmon-method-01>

  However, in the above-described conventional technology, there is a certain limit to monitoring the network quality in detail without adding a new function to the transfer apparatus. For example, management by SNMP based on MIB is quality control with coarse granularity of transfer device units or transfer device port units, and quality cannot be monitored and managed for each tenant, and there is a certain limit. . Further, in the monitoring by the Flow technology, since the transfer apparatus performs processing, the protocol to be monitored is limited, and there is a certain limit to monitoring the network quality in detail. For example, in the monitoring based on the Flow technology, the processing load on the transfer device is remarkably increased, so that it is difficult to support TCP (Transmission Control Protocol), which is necessary for monitoring the quality in the cloud network environment. there were. Further, in the monitoring by the Flow technology, it is difficult to measure the traffic encapsulated by the virtual network technology.

  Therefore, the technology according to the present application has been made in view of the above-described problems of the conventional technology, and makes it possible to monitor the network quality in detail without adding a new function to the transfer device. An object is to provide a network quality monitoring apparatus and a network quality monitoring method.

  In order to solve the above-described problems and achieve the object, the network quality monitoring apparatus according to the present application uses, for each tenant that provides a service by using a network that transfers IP packets, the route information of the IP packets on the network. Referring to the route information and the route information, the transfer device included in the network is caused to extract the IP packet of a predetermined tenant from the IP packets transferred by the transfer device. An extraction control unit that controls, a collection unit that collects flow information generated from the IP packet of the predetermined tenant extracted by the transfer device under the control of the extraction control unit, and the collection unit that collects the flow information. Communication quality in the predetermined tenant based on the header information of the IP packet included in the flow information Characterized by comprising a detecting unit for detecting deterioration.

  The network quality monitoring apparatus according to the present application makes it possible to monitor the network quality in detail without adding a new function to the transfer apparatus.

FIG. 1 is a diagram illustrating an example of a configuration of a network quality monitoring apparatus according to the first embodiment. FIG. 2 is a diagram schematically illustrating a flow information distribution process performed by the transfer apparatus according to the first embodiment. FIG. 3 is a diagram illustrating an example of route information stored by the route information DB according to the first embodiment. FIG. 4 is a diagram illustrating an example of flow information stored by the flow information DB according to the first embodiment. FIG. 5 is a diagram illustrating an example of the determination criterion stored by the determination criterion DB according to the first embodiment. FIG. 6 is a diagram schematically illustrating specific packet collection and analysis according to the related art. FIG. 7 is a flowchart illustrating a processing procedure performed by the network quality monitoring apparatus according to the first embodiment. FIG. 8 is a diagram illustrating an example of the configuration of the network quality monitoring apparatus according to the second embodiment. FIG. 9 is a diagram illustrating an example of MIB information stored by the MIB information DB according to the second embodiment. FIG. 10 is a flowchart illustrating a processing procedure performed by the network quality monitoring apparatus according to the second embodiment. FIG. 11 is a diagram illustrating an example of a configuration of a network quality monitoring apparatus according to the third embodiment. FIG. 12 is a flowchart illustrating a processing procedure performed by the network quality monitoring apparatus according to the third embodiment.

  Exemplary embodiments of a network quality monitoring apparatus and a network quality monitoring method according to the present application will be described below in detail with reference to the accompanying drawings. The network quality monitoring apparatus and the network quality monitoring method according to the present application are not limited to the following embodiments.

(First embodiment)
[Configuration of Network Quality Monitoring Apparatus According to First Embodiment]
First, the configuration of the network quality monitoring apparatus according to the first embodiment will be described. FIG. 1 is a diagram illustrating an example of a configuration of a network quality monitoring apparatus 100 according to the first embodiment. As shown in FIG. 1, the network quality monitoring apparatus 100 is connected to a network 200 and monitors the communication quality in the network 200.

  The network 200 includes transfer devices 210, 220, 230 and 240 as shown in FIG. In FIG. 1, only four transfer devices are shown, but in reality, the network 200 includes a number of transfer devices or bridge devices. The network 200 is a LAN (Local Area Network), a WAN (Wide Area Network), or the like, and is a network that transfers IP (Internet Protocol) packets or encapsulated IP packets.

  Here, in the network 200, for example, in order to provide a cloud service, the network is logically divided by a virtual network technology, and tenants that provide various services are assigned to the divided logical networks.

  As illustrated in FIG. 1, the transfer device 210 includes a transfer processing unit 211, a filtering unit 212, a packet processing unit 213, and a flow information distribution unit 214, and transfers IP packets on the network 200. Further, the transfer device 210 distributes the specific packet to the network quality monitoring device 100 under the control of the network quality monitoring device 100. Note that other transfer devices (transfer devices 220 to 240, etc.) and bridge devices included in the network 200 have the same configuration as the transfer device 210.

  The transfer processing unit 211 transfers the IP packet received from another transfer device to the transfer destination. Specifically, the transfer processing unit 211 transfers an IP packet or an encapsulated IP packet received via a plurality of physical ports or logical ports to a port included in another transfer device. Hereinafter, the IP packet and the encapsulated IP packet are collectively referred to as a packet.

  The filtering unit 212 extracts a specific packet from the packets transferred by the transfer processing unit 211 under the control of the network quality monitoring apparatus 100 described later. Specifically, the filtering unit 212 displays header information (for example, IP / TCP header and frame header information) of a packet transferred at the reception port and transmission port designated by the network quality monitoring apparatus 100. The specific packet is extracted by filtering the packet with reference to the designated transmission destination IP address, transmission source IP address, transmission destination Mac address, transmission source Mac address, protocol, and the like.

  For example, the filtering unit 212 extracts the above-mentioned source / destination IP address, source / destination port, source / destination port, protocol information (5-tuple), and header information of the encapsulated IP packet. Is received from the network quality monitoring apparatus 100 and a packet corresponding to the received information is extracted.

  The packet processing unit 213 cuts out part or all of the header information of the packet extracted by the filtering unit 212. Specifically, the packet processing unit 213 cuts out a predetermined fixed number of bytes from the beginning of the extracted packet.

  The flow information distribution unit 214 gives the acquisition time to the header information of the fixed number of bytes extracted by the packet processing unit 213. Then, the flow information distribution unit 214 assigns an acquisition time to all the header information cut out by the packet processing unit 213, combines the flow information into a flow information distribution format, and distributes it to the network quality monitoring apparatus 100. To do.

  FIG. 2 is a diagram schematically illustrating a flow information distribution process performed by the transfer apparatus 210 according to the first embodiment. As shown in FIG. 2, the transfer device 210 receives a packet transferred on the network 200 by the transfer processing unit 211. The filtering unit 212 extracts only the packets that meet the conditions from the packets received by the transfer processing unit 211 and transmits them to the packet processing unit 213.

  The packet processing unit 213 cuts off the first fixed byte of the packet received from the filtering unit 212 and transmits the cut header information to the flow information distribution unit 214. The flow information distribution unit 214 summarizes the header information received from the packet processing unit 213 in the flow information distribution format, and distributes the collected flow information to the network quality monitoring apparatus 100.

  Returning to FIG. 1, the network quality monitoring apparatus 100 includes a communication control I / F unit 110, an input unit 120, a display unit 130, a storage unit 140, and a control unit 150, as shown in FIG. . Then, the network quality monitoring apparatus 100 collects flow information from each transfer apparatus included in the network 200 and monitors the communication quality in the network 200 based on the collected flow information.

  The communication control I / F unit 110 controls communication related to various types of information exchanged between each transfer device included in the network 200 and the control unit 150. For example, the communication control I / F unit 110 controls communication related to distribution of flow information to each transfer device. The communication control I / F unit 110 controls the exchange of various information between the input unit 120 and the display unit 130 and the control unit 150.

  The input unit 120 is, for example, a keyboard or a mouse, and accepts various information input processes by the user. For example, the input unit 120 receives route information stored in the storage unit 140 described later, input processing such as a determination criterion, and the like. Note that route information and determination criteria will be described later. The display unit 130 is, for example, a display, and displays and outputs the processing result to the user. For example, the display unit 130 displays and outputs information related to communication quality degradation for each tenant in the network 200.

  As illustrated in FIG. 1, the storage unit 140 includes a route information DB 141, a flow information DB 142, and a determination criterion DB 143. The storage unit 140 is, for example, a storage device such as a hard disk or an optical disk, or a semiconductor memory element such as a RAM (Random Access Memory) or a flash memory, and various programs executed by the network quality monitoring device 100. Remember.

  The route information DB 141 stores route information of IP packets for each tenant that provides a service using the network 200 that transfers IP packets. Specifically, the route information DB 141 stores route information for specifying a route in the network 200 of a packet of a predetermined tenant from packets transferred on the network 200. FIG. 3 is a diagram illustrating an example of route information stored by the route information DB 141 according to the first embodiment.

  For example, as illustrated in FIG. 3, the route information DB 141 stores route information in which key information for specifying a packet route is associated with a tenant. For example, the route information DB 141 stores a source IP address, a destination IP address, a source Mac address, a destination Mac address, a protocol, and encapsulation key information as key information of the traffic of the tenant A. The route information DB 141 stores route information in which the reception port and the transmission port (route information) of each transfer device through which the traffic passes are associated with each other. In FIG. 3, only the route information of “tenant: A” is shown, but in reality, the route information DB 141 stores route information for all tenants that provide services using the network 200. To do.

  Here, “source IP address” and “destination IP address” shown in FIG. 3 indicate the IP address of the source device and the IP address of the destination device of the packet, respectively. Also, “source Mac address” and “destination Mac address” shown in FIG. 3 indicate the Mac address of the source device of the packet and the Mac address of the destination device, respectively. Further, “protocol” shown in FIG. 3 means a protocol for transferring a packet.

  Also, “encapsulated key information” shown in FIG. 3 means outer header information when the IP packet is encapsulated. For example, in the case of encapsulation at L3 (Layer 3), the source / destination IP address is included in the encapsulation key information. For example, in the case of encapsulation at L2 (Layer 2), the encapsulation key information includes the source / destination Mac address. In addition, “transfer device” shown in FIG. 3 means a transfer device through which a packet passes, and “reception port” and “transmission port” mean a receiving side through which each packet passes when transferred by the transfer device. Port and sender port. Note that the route information illustrated in FIG. 3 is merely an example, and the data structure is not limited to that illustrated. That is, the route information may have any data structure as long as it can identify the packet route for each tenant.

  Returning to FIG. 1, the flow information DB 142 stores the flow information received from the transfer device. Specifically, the flow information DB 142 stores flow information in which header information included in flow information received from the transfer device by the control unit 150 to be described later is stored in chronological order. FIG. 4 is a diagram illustrating an example of flow information stored by the flow information DB 142 according to the first embodiment.

  For example, as shown in FIG. 4, the flow information DB 142 is associated with a collection time, and includes a port, a reception port, a transmission port, a transmission source IP address, a transmission source Mac address, a transmission destination IP address, a transmission destination Mac address, and a sequence. A number and a flag are stored in association with each other. Here, the “collection time” shown in FIG. 4 means the time given by the flow information distribution unit 214 in the transfer apparatus. Further, the “port” shown in FIG. 4 means a port in the transfer apparatus from which the header information has been acquired. Also, “reception port” and “transmission port” shown in FIG. 4 mean a reception port number and a transmission port number through which a packet from which header information is cut is transmitted and received. Further, “source IP address” and “source Mac address” shown in FIG. 4 mean the IP address and Mac address of the source of the packet from which the header information has been cut off. Further, “destination IP address” and “destination Mac address” shown in FIG. 4 mean the IP address and Mac address of the transmission destination of the packet from which the header information has been cut off.

  Here, the “sequence number” and “flag” shown in FIG. 4 are information acquired and stored by the control unit 150 described later from the header information included in the flow information. The “sequence number” is included in the TCP header information, assigned in ascending order for each byte at the time of packet transmission, and is a number indicating how far data has been transmitted. “Flag” means flag information of various flag areas included in the TCP header information. That is, information indicating ON / OFF of each flag is stored in the “flag” of the flow information. Note that the flow information illustrated in FIG. 4 is merely an example, and the data structure is not limited to that illustrated.

  Returning to FIG. 1, the determination criterion DB 143 stores determination criteria used for determining deterioration in communication quality of the network 200 by the control unit 150 described later. Specifically, the determination criterion DB 143 stores an allowable value for deterioration in communication quality for each tenant. FIG. 5 is a diagram illustrating an example of determination criteria stored by the determination criterion DB 143 according to the first embodiment.

  For example, as illustrated in FIG. 5, the determination criterion DB 143 stores a determination criterion in which an allowable value (packet discard rate) is associated with each tenant. Here, the “allowable value (packet discard rate)” indicates “%” in which packet discard is permitted when packet discard (packet loss) occurs on the network 200. For example, the criterion DB 143 stores “tenant: A” in association with “allowable value (packet discard rate): 5”.

  That is, according to the above-described information, in “tenant A”, when the packet discard rate exceeds “5%” (for example, 6 out of 100 packets are discarded), the communication quality is deteriorated. Determined. Similarly, the criterion DB 143 stores an allowable value for determining communication quality for each tenant. In FIG. 5, the allowable value of the packet discard rate has been described as an example. However, the allowable value to be set is not limited to the packet discard rate, and for example, the allowable value of the packet transmission delay is used. It may be the case.

  Returning to FIG. 1, the control unit 150 includes a dynamic filter control unit 151, a flow information collection unit 152, a flow information analysis unit 153, and a quality deterioration detection unit 154. The control unit 150 is, for example, an electronic circuit such as a CPU (Central Processing Unit) or MPU (Micro Processing Unit), an integrated circuit such as an ASIC (Application Specific Integrated Circuit) or an FPGA (Field Programmable Gate Array), and monitors network quality. The overall control of the apparatus 100 is executed.

  The dynamic filter control unit 151 refers to the route information and controls the transfer device included in the network 200 to extract a packet of a predetermined tenant from the packets transferred by the transfer device. Specifically, the dynamic filter control unit 151 controls the filtering unit 212 of the transfer apparatus so as to extract packets for a certain period for each tenant with reference to the path information. For example, the dynamic filter control unit 151 transmits the key information to the filtering unit 212 so that the packet of the tenant A is extracted at the port through which the packet of the tenant A passes.

  In such a case, the filtering unit 212 extracts only the packet of the tenant A by referring to the header information of the packet transferred by the transfer processing unit 211 based on the key information received from the dynamic filter control unit 151. To do. And the dynamic filter control part 151 transmits key information to the filtering part 212 so that the packet of another tenant may be extracted after a fixed time.

  The flow information collection unit 152 collects the flow information filtered by the filtering unit 212 and distributed from the flow information distribution unit 214 under the control of the dynamic filter control unit 151. Then, the flow information collection unit 152 analyzes the header information included in the collected flow information and stores it in the flow information DB 142 in chronological order.

  Here, the flow information collection unit 152 reads the sequence number and flag included in the TCP header information, and stores the read sequence number and flag in the flow information DB 142. For example, the flow information collection unit 152 reads information as illustrated in FIG. 4 from each header information included in the flow information, and stores the read information in the flow information DB 142.

  Returning to FIG. 1, the flow information analysis unit 153 detects a decrease in communication quality such as packet loss based on the information stored in the flow information DB 142 by the flow information collection unit 152. Specifically, the flow information analysis unit 153 detects a decrease in communication quality based on the sequence number or flag of the TCP header information included in the information stored by the flow information DB 142. For example, the flow information analysis unit 153 analyzes the sequence numbers of the information in time series order to determine whether there are any missing or overlapping sequence numbers.

  Here, if the sequence number is missing or duplicated, the flow information analysis unit 153 determines that communication quality has deteriorated. That is, if there is a missing sequence number, the flow information analysis unit 153 determines that a packet loss has occurred. In addition, when there is an overlap in the sequence number, the flow information analysis unit 153 determines that retransmission of the packet is being performed. Then, the flow information analysis unit 153 calculates how much packet loss or packet retransmission occurs in the entire packet. For example, the flow information analysis unit 153 calculates what percentage of the entire packet is discarded (lost).

  Here, the processing by the flow information analysis unit 153 described above is executed while being shifted in time from the processing by the dynamic filter control unit 151 and the flow information collection unit 152. That is, as described above, the dynamic filter control unit 151 extracts packets for each tenant at regular time intervals, and the flow information collection unit 152 collects the information. Therefore, the flow information analysis unit 153 performs the above-described process every time collection of flow information from one tenant packet is completed in order to detect a decrease in communication quality for each single tenant.

  In the above description, the detection of the communication quality deterioration due to the sequence number has been described. However, the flow information analysis unit 153 can also detect the communication quality deterioration using a flag. For example, when using a flag, the flow information analysis unit 153 detects a decrease in communication quality by determining whether each flag is turned on / off in the same tenant information. That is, the flow information analysis unit 153 determines that the communication quality has deteriorated when different flags are set in the same flag area.

  The quality degradation detection unit 154 determines whether or not the communication quality is degraded from the analysis result by the flow information analysis unit 153. Specifically, the quality deterioration detection unit 154 refers to the determination criterion stored by the determination criterion DB 143 to determine communication quality deterioration for each tenant. When it is determined that the communication quality has deteriorated, the quality deterioration detection unit 154 displays the determination result on the display unit 130, and the communication quality of the predetermined tenant has deteriorated for the administrator. To make it known.

  For example, when the packet loss in the tenant A reaches 10%, the quality degradation detection unit 154 refers to the determination criterion shown in FIG. It is determined that the communication quality has deteriorated, and the determination result is displayed on the display unit 130.

  As described above, the network quality monitoring apparatus 100 according to the first embodiment causes the transfer apparatus to extract packets for each tenant, collects the extracted packets, and performs analysis to thereby analyze the communication quality for each tenant. Perform deterioration judgment. On the other hand, in the conventional technique, when a specific packet is collected and communication quality is to be measured, the transfer device has to perform analysis, which increases the processing load. FIG. 6 is a diagram schematically illustrating specific packet collection and analysis according to the related art.

  For example, in the prior art, as shown in FIG. 6, the transfer device extracts a packet that meets a condition from the transferred packet, and executes statistical processing for each 5-tuple included in the header information of the extracted packet. As a result, the deterioration of communication quality is determined. As a result, the target protocol is limited due to the processing load problem in the transfer apparatus, and it is not possible to cope with TCP or the like used in the cloud service.

  On the other hand, in the present application, since the analysis is performed by the network quality monitoring device (corresponding to the flow collector in FIG. 6), the processing load on the transfer device is reduced and the protocol such as TCP can be supported. Is possible.

[Processing Procedure by Network Quality Monitoring Device According to First Embodiment]
Next, a processing procedure performed by the network quality monitoring apparatus 100 according to the first embodiment will be described with reference to FIG. FIG. 7 is a flowchart illustrating a processing procedure performed by the network quality monitoring apparatus 100 according to the first embodiment. As illustrated in FIG. 7, in the network quality monitoring apparatus 100 according to the first embodiment, the dynamic filter control unit 151 sets a filtering unit to extract a packet for each tenant based on route information. (Step S101).

  Then, the flow information collection unit 152 collects the flow information configured from the extracted packet header information (step S102). Thereafter, the dynamic filter control unit 151 and the flow information analysis unit 153 determine whether or not a predetermined time has elapsed (step S103).

  Here, when the predetermined time has not elapsed (No at Step S103), the flow information collection unit 152 continues to collect the flow information. On the other hand, when the predetermined time has elapsed (Yes at Step S103), the flow information analysis unit 153 analyzes the quality of the collected packets based on the TCP header information (for example, sequence numbers, flags, etc.). (Step S104). When a predetermined time has elapsed (Yes at Step S103), the dynamic filter control unit 151 returns to Step S101 and controls the filtering unit to extract other tenant packets.

  When the quality of the collected packet is analyzed in step S104, the quality degradation detection unit 154 determines whether or not the analysis result exceeds the threshold (step S105). If the analysis result exceeds the threshold (Yes at Step S105), the quality deterioration detection unit 154 notifies the administrator (Step S106) and determines whether a monitoring end command has been accepted. (Step S107). On the other hand, when the analysis result does not exceed the threshold value (No at Step S105), the quality degradation detection unit 154 determines whether or not a monitoring end command has been received (Step S107).

  Here, when the monitoring end command is received (Yes at Step S107), the network quality monitoring apparatus 100 ends the process. On the other hand, if the monitoring end command has not been received (No at Step S107), the network quality monitoring apparatus 100 returns to Step S103 and continuously executes the above-described processing.

[Effect of the first embodiment]
As described above, according to the first embodiment, the path information DB 141 stores the path information of packets on the network 200 for each tenant that provides services using the network 200 that transfers packets. . Then, the dynamic filter control unit 151 controls the transfer device included in the network 100 to extract a packet of a predetermined tenant from the packets transferred by the transfer device with reference to the route information. To do. Then, the flow information collection unit 152 collects flow information generated from packets of a predetermined tenant extracted by the control of the dynamic filter control unit 151. The quality deterioration detection unit 154 detects communication quality deterioration in the predetermined tenant based on the header information of the packet included in the flow information of the predetermined tenant collected by the flow information collection unit 152. Therefore, the network quality monitoring apparatus 100 according to the first embodiment can monitor the communication quality for each tenant using the network, determine the deterioration, and add a new function to the transfer apparatus. And allows detailed monitoring of network quality.

  Further, according to the first embodiment, the quality deterioration detection unit 154 detects communication quality deterioration based on the TCP header information in the tenant's IP packet. Therefore, the network quality monitoring apparatus 100 according to the first embodiment can determine the quality degradation for TCP, and can monitor the network quality in detail.

(Second Embodiment)
In the first embodiment described above, a case has been described in which flow information is collected in order for each tenant from the port of the transfer device included in the network 200 and the communication quality for each tenant is monitored. In the second embodiment, first, a case will be described in which a tenant is specified after detecting a port where degradation has occurred based on MIB information. In the second embodiment, an increase in packet loss will be described as an example of communication quality degradation.

[Configuration of Network Quality Monitoring Device According to Second Embodiment]
First, the configuration of the network quality monitoring apparatus according to the second embodiment will be described. FIG. 8 is a diagram illustrating an example of the configuration of the network quality monitoring apparatus 100a according to the second embodiment. As shown in FIG. 8, the network quality monitoring apparatus 100a is connected to the network 200a and monitors the communication quality in the network 200a. In FIG. 8, the same components as those of the network quality monitoring apparatus 100 according to the first embodiment shown in FIG.

  As shown in FIG. 8, the network 200a includes transfer devices 210a, 220a, 230a, and 240a. In FIG. 8, only four transfer devices are shown, but actually, the network 200a includes a large number of transfer devices or bridge devices. The network 200a is a LAN (Local Area Network), a WAN (Wide Area Network), or the like, and is a network that transfers IP (Internet Protocol) packets or encapsulated IP packets.

  Here, in the network 200a, for example, in order to provide a cloud service, the network is logically divided by a virtual network technology, and tenants that provide various services are assigned to the divided logical networks.

  As illustrated in FIG. 8, the transfer device 210 a includes MIB (Management Information Base) information 215 in addition to the transfer processing unit 211, the filtering unit 212, the packet processing unit 213, and the flow information distribution unit 214. Note that other transfer devices (transfer devices 220a to 240a, etc.) and bridge devices included in the network 200a have the same configuration as the transfer device 210a.

  The MIB information 215 stores management information of the transfer device 210a. For example, the MIB information 215 stores the resource status of the transfer device itself defined by RFC1213 and management information for each port. For example, the MIB information 215 includes a plurality of objects for each monitoring target group such as a system and an interface, and information is managed for each object. Note that the information stored in the MIB information 215 is appropriately updated by a processing unit (not shown).

  As shown in FIG. 8, the network quality monitoring apparatus 100a has a new MIB information DB 144 and a MIB information monitoring unit 155 as compared with the network quality monitoring apparatus 100 of FIG. Is different from the network quality monitoring apparatus 100. Hereinafter, this point will be mainly described.

  The MIB information DB 144 of the storage unit 140a stores the MIB information acquired from the transfer device on the network 200a by the control unit 150a described later. FIG. 9 is a diagram illustrating an example of MIB information stored in the MIB information DB 144 according to the second embodiment. For example, as illustrated in FIG. 9, the MIB information DB 144 stores MIB information in which “ifIncards” and “ifOutcards” are associated with each port. Here, “ifIncards” illustrated in FIG. 9 indicates the number of received packets discarded for reasons other than errors in the ports (interfaces) of the transfer apparatuses 210a to 240a on the network 200a. In addition, “ifOutcards” illustrated in FIG. 9 indicates the number of transmission packets discarded for a reason other than an error in each port (interface) included in each of the transfer apparatuses 210a to 240a on the network 200a.

  The MIB information monitoring unit 155 acquires MIB information over time from a transfer device on the network 200a and stores it in the MIB information DB 144. Then, the MIB information monitoring unit 155 detects a decrease in communication quality for each port of the transfer device from the MIB information acquired over time. For example, the MIB information monitoring unit 155 acquires the MIB information “ifIncards” and “ifOutcards” over time from the port of the transfer apparatus 210a, and stores the MIB information in the MIB information DB 144. When the MIB information monitoring unit 155 newly acquires MIB information, the MIB information monitoring unit 155 calculates a difference from the MIB information acquired last time. If the calculated difference exceeds a predetermined threshold, a packet loss occurs. Detect that

  Here, acquisition of MIB information by the MIB information monitoring unit 155 will be described. The MIB information monitoring unit 155 acquires MIB information from the transfer device 210a by, for example, SNMP (Simple Network Management Protocol). In other words, the MIB information monitoring unit 155 has a function as an SNMP manager, and acquires MIB information by issuing a request command to the SNMP agent provided in the transfer apparatus 210a. In the above-described example, the case of acquiring “ifIndiscards” and “ifOutdiscards” has been described, but the MIB information monitoring unit 155 can acquire various other MIB information.

  When the MIB information monitoring unit 155 detects a packet loss at a predetermined port of the transfer apparatus 210a, the dynamic filter control unit 151 refers to the path information DB 141 and refers to the packet passing through the port where the packet loss is detected. Extract tenants. Then, the dynamic filter control unit 151 controls the filtering unit to extract tenant packets extracted at ports before and after the port where the packet loss is detected, with the extracted tenant packet as a filtering target.

  For example, when a packet loss is detected at a predetermined port of the transfer device 210a, the dynamic filter control unit 151 extracts tenants A to D of packets that pass through the port. Then, the dynamic filter control unit 151 transfers the packets of the tenants A to D at regular time intervals at the port of the transfer device 220a and the port of the transfer device 230a, which are ports before and after the port of the transfer device 210a. The filtering unit of the device 220a and the transfer device 230a is controlled.

  Thereby, the flow information collection unit 152 can collect the flow information of the packets of the tenants A to D at regular intervals from the transfer device 220a and the transfer device 230a. Then, the flow information analysis unit 153 analyzes the flow information of the packets of the tenants A to D extracted from the transfer device 220a and the transfer device 230a, respectively. Specifically, the flow information analysis unit 153 identifies the tenant in which the packet loss has occurred from the difference between the flow information of the same tenant collected from the previous and subsequent ports.

  For example, the flow information analysis unit 153 includes the number of sequence numbers included in the flow information of the tenant A collected from the port of the transfer device 220a and the sequence included in the flow information of the tenant A collected from the port of the transfer device 230a. The difference with the number of numbers is calculated, and when the difference exceeds a predetermined threshold, the tenant in which the packet loss has occurred is identified as the tenant A.

  The quality degradation detection unit 154 performs quality degradation determination on the tenant that has been identified by the flow information analysis unit 153 that a packet loss has occurred. For example, the quality deterioration detection unit 154 determines whether or not the packet discard rate in the tenant A exceeds a predetermined threshold, and determines that the communication quality is deteriorated when the packet deterioration rate exceeds the predetermined threshold. , Notify the administrator.

[Processing Procedure by Network Quality Monitoring Device According to Second Embodiment]
Next, a processing procedure performed by the network quality monitoring apparatus 100a according to the second embodiment will be described with reference to FIG. FIG. 10 is a flowchart illustrating a procedure of processing performed by the network quality monitoring apparatus 100a according to the second embodiment. As shown in FIG. 10, in the network quality monitoring apparatus 100a according to the second embodiment, the MIB information monitoring unit 155 collects MIB information for each port from the transfer apparatuses included in the network 200a (step S201).

  When the MIB information monitoring unit 155 detects deterioration in the port (Yes in step S202), the dynamic filter control unit 151 extracts a tenant that uses the port in which deterioration is detected (step S203). Ports before and after the detected port are extracted (step S204). Thereafter, the dynamic filter control unit 151 sets the filtering unit so as to extract a packet for each extracted tenant in each of the ports before and after extraction based on the path information (step S205).

  Then, the flow information collection unit 152 collects the flow information configured from the extracted packet header information (step S206). Thereafter, the dynamic filter control unit 151 and the flow information analysis unit 153 determine whether or not a predetermined time has elapsed (step S207).

  Here, when the predetermined time has not elapsed (No at Step S207), the flow information collection unit 152 continues to collect the flow information. On the other hand, when the predetermined time has elapsed (Yes at step S207), the flow information analysis unit 153 compares the TCP header information (for example, sequence number, flag, etc.) of the collected packets of the same tenant. Quality is analyzed (step S208). When the predetermined time has elapsed (Yes at Step S207), the dynamic filter control unit 151 returns to Step S205 and controls the filtering unit to extract packets of other tenants.

  When the quality of the packet is analyzed in step S208, the quality deterioration detection unit 154 determines whether or not the analysis result exceeds the threshold (step S209). If the analysis result exceeds the threshold (Yes at Step S209), the quality deterioration detection unit 154 notifies the administrator (Step S210) and determines whether a monitoring end command has been accepted. (Step S211). On the other hand, when the analysis result does not exceed the threshold value (No at Step S209), the quality degradation detection unit 154 determines whether a monitoring end command has been received (Step S211).

  Here, when the monitoring end command is received (Yes at Step S211), the network quality monitoring apparatus 100a ends the process. On the other hand, if the monitoring end command has not been received (No at Step S211), the network quality monitoring apparatus 100a returns to Step S207 and continuously executes the above-described processing.

[Effects of Second Embodiment]
As described above, according to the second embodiment, the MIB information monitoring unit 155 acquires MIB information for each port included in the transfer device included in the network 200a. Then, the MIB information monitoring unit 155 determines whether or not degradation has occurred for each port based on the MIB information. The dynamic filter control unit 151 identifies a tenant of a packet transmitted / received by a port determined to have deteriorated by the MIB information monitoring unit 155, and assigns each of the ports located before and after the port on the packet path. On the other hand, control is performed so that the packet of the identified tenant is extracted. Then, the flow information collection unit 152 collects the packets extracted from the front and rear ports under the control of the dynamic filter control unit 151, respectively. The quality degradation detection unit 154 identifies the tenant in which the communication quality is degraded by comparing the header information of the IP packets of the same tenant collected from the front and back ports by the flow information collection unit 152, respectively. Accordingly, the network quality monitoring apparatus 100a according to the second embodiment can monitor the communication quality for each tenant that uses the network, can determine deterioration more accurately, and has a new function for the transfer apparatus. Enables detailed monitoring of network quality without adding.

(Third embodiment)
In the second embodiment described above, a case has been described in which a port in which deterioration has occurred is detected based on MIB information and filtering is performed dynamically. In the third embodiment, a case will be described in which after the deterioration of the communication quality of the tenant is detected, the filtering location is dynamically changed based on the detection result. In the third embodiment, an increase in packet loss will be described as an example of communication quality degradation.

[Configuration of Network Quality Monitoring Device According to Third Embodiment]
First, the configuration of the network quality monitoring apparatus according to the third embodiment will be described. FIG. 11 is a diagram illustrating an example of the configuration of the network quality monitoring apparatus 100b according to the third embodiment. As shown in FIG. 11, the network quality monitoring apparatus 100b is connected to the network 200b and monitors the communication quality in the network 200b. In FIG. 11, the same components as those in the network quality monitoring apparatus 100 according to the first embodiment shown in FIG.

  In the network 200b, as shown in FIG. 11, transfer devices 210, 220, 230, 240, and 250 construct a tree-type network. In FIG. 11, only five transfer devices are shown, but actually, the network 200b includes a number of transfer devices or bridge devices. The network 200b is a LAN (Local Area Network), a WAN (Wide Area Network), or the like, and is a network that transfers IP (Internet Protocol) packets or encapsulated IP packets.

  Here, in the network 200b, for example, in order to provide a cloud service, the network is logically divided by virtual network technology, and tenants that provide various services are assigned to the divided logical networks, respectively.

  As shown in FIG. 11, the network quality monitoring apparatus 100b has a new dynamic quality measurement location changing unit 156 and processing by the control unit 150b is compared with the network quality monitoring apparatus 100 of FIG. Different from the monitoring device 100. Hereinafter, this point will be mainly described.

  In the network quality monitoring apparatus 100b according to the third embodiment, one or a plurality of transfer apparatuses at the edge of the tree-type network 200b are constantly monitored. Specifically, the dynamic filter control unit 151 causes the monitoring target ports of the transfer device 210 and the transfer device 220 to perform filtering so as to cover all tenants of packets passing through each port. That is, the dynamic filter control unit 151 sets the filtering unit of the transfer device 210 so that packets of all tenants that pass through the monitoring target port of the transfer device 210 are extracted for each tenant at regular time intervals. Similarly, the dynamic filter control unit 151 sets the filtering unit of the transfer device 220 so that packets of all tenants that pass through the monitoring target port of the transfer device 220 are extracted for each tenant at regular time intervals.

  The route information used at this time is, for example, a combination of a source / destination IP address and a source / destination Mac address, or when encapsulated, the outer source / destination is encapsulated in L3 encapsulation. Add an IP address to the condition. On the other hand, in the encapsulation at L2, the outer transmission destination / original Mac address is added to the condition.

  The flow information collection unit 152 collects flow information from each of the transfer device 210 and the transfer device 220 and stores the flow information in the flow information DB 142. Here, if the packet from which the header information included in the flow information is cut out is a normal packet (a packet that is not encapsulated), the flow information collection unit 152 performs 5-tuple (source / destination IP address). Each packet is classified based on the source / destination port number, protocol) information and the source / destination Mac address, and is stored in the flow information DB 142 together with accompanying information.

  On the other hand, when the packet is an encapsulated packet, the flow information collection unit 152 classifies the identifier information of the encapsulation header as a set in addition to the internal 5-tuple and classifies the flow information together with the accompanying information. Store in the DB 142. In addition, since the format of the accompanying information differs depending on the protocol, it is stored as it is as header information of each protocol.

  The flow information analysis unit 153 analyzes the communication quality using, for example, a sequence number or a flag. Then, the quality deterioration detection unit 154 compares the analyzed result with a threshold value to detect communication quality deterioration. Here, the network quality monitoring apparatus 100b according to the third embodiment searches for the cause location for the tenant in which the quality degradation is detected by the quality degradation detection unit 154 by the processing of the dynamic quality measurement location changing unit 156.

  The dynamic quality measurement location changing unit 156 changes the monitoring target location so as to go back up from the transfer device at the edge portion with reference to the route information of the tenant in which the quality deterioration is detected. For example, when quality degradation is detected in the tenant A passing through the port of the transfer device 210, the dynamic quality measurement location changing unit 156 determines the port through which the tenant A passes in the opposite transfer device 230 as the monitoring target port. To do.

  Then, the dynamic quality measurement point changing unit 156 causes the dynamic filter control unit 151 to control the filtering unit so as to extract the packet of the tenant A from the determined port. In addition, when there are a plurality of tenants in which quality degradation is detected, the dynamic filter control unit 151 controls the filtering unit so that packets of all tenants are extracted.

  The network quality monitoring apparatus 100b according to the third embodiment continuously executes the above-described processing until the cause location where the packet discard has finally occurred is identified. Note that the cause of the packet discard may be a location where the packet is not discarded at the port of the upper transfer device when viewed from the tree-type network.

[Processing Procedure by Network Quality Monitoring Device According to Third Embodiment]
Next, a processing procedure performed by the network quality monitoring apparatus 100b according to the third embodiment will be described with reference to FIG. FIG. 12 is a flowchart illustrating a processing procedure performed by the network quality monitoring apparatus 100b according to the third embodiment. As shown in FIG. 12, in the network quality monitoring apparatus 100b according to the third embodiment, the dynamic filter control unit 151 provides the tenant that uses the transfer apparatus at the edge portion of the network based on the path information. The filtering unit is set to extract packets for each tenant (step S301).

  Then, the flow information collection unit 152 collects the flow information configured from the extracted packet header information (step S302). Thereafter, the dynamic filter control unit 151 and the flow information analysis unit 153 determine whether or not a predetermined time has elapsed (step S303).

  Here, when the predetermined time has not elapsed (No at Step S303), the flow information collection unit 152 continues to collect the flow information. On the other hand, when the predetermined time has elapsed (Yes at Step S303), the flow information analysis unit 153 analyzes the quality of the collected packets based on the TCP header information (for example, sequence number, flag, etc.). (Step S304). When the predetermined time has elapsed (Yes at Step S303), the dynamic filter control unit 151 returns to Step S301 and controls the filtering unit so as to extract packets of other tenants.

  When the quality of the packet is analyzed in step S304, the quality degradation detection unit 154 determines whether or not the analysis result exceeds the threshold (step S305). Here, when the analysis result exceeds the threshold value (Yes in step S305), the dynamic quality measurement location changing unit 156 sets the upper port of the ports used by the tenant whose measurement result exceeds the threshold value as the monitoring target. Determine (step S306).

  Then, the dynamic filter control unit 151 sets the filtering unit so as to extract a tenant packet whose measurement result exceeds the threshold (step S307). Then, the flow information collection unit 152 collects the flow information configured from the extracted packet header information (step S308). Thereafter, the dynamic filter control unit 151 and the flow information analysis unit 153 determine whether or not a predetermined time has elapsed (step S309).

  Here, when the predetermined time has not elapsed (No at Step S309), the flow information collection unit 152 continues collecting the flow information. On the other hand, when the predetermined time has elapsed (Yes at Step S309), the flow information analysis unit 153 analyzes the quality of the collected packets based on the TCP header information (Step S310). When the predetermined time has not elapsed (No at Step S309), the flow information collection unit 152 continuously collects flow information.

  When the quality of the packet is analyzed in step S310, the quality degradation detection unit 154 determines whether or not the analysis result exceeds the threshold value (step S311). Here, when the analysis result exceeds the threshold value (Yes in step S311), the dynamic quality measurement location changing unit 156 sets the upper port of the ports used by the tenant whose measurement result exceeds the threshold value as the monitoring target. Determine (step S306).

  On the other hand, if the analysis result does not exceed the threshold value (No at Step S311), the quality degradation detection unit 154 notifies the administrator (Step S312) and determines whether or not a monitoring end command has been received (Step S311). Step S313). Here, when the monitoring end command is received (Yes at step S313), the network quality monitoring apparatus 100b ends the process. On the other hand, if the monitoring end command has not been received (No at Step S313), the network quality monitoring apparatus 100b returns to Step S301 and continuously executes the above-described processing.

[Effect of the third embodiment]
As described above, according to the third embodiment, the dynamic quality measurement location changing unit 156 refers to the route information when the deterioration of the communication quality of the tenant is detected by the quality deterioration detection unit 154, and The transfer device and port that become the packet path of the tenant are specified, and the control target of the dynamic filter control unit 151 is changed to the specified transfer device and port. Therefore, the network quality monitoring apparatus 100b according to the third embodiment can identify the cause of quality degradation, and can monitor the network quality in detail without adding a new function to the transfer apparatus. Enable.

(Fourth embodiment)
Although the first to third embodiments have been described so far, the examples according to the present application are not limited to the first to third embodiments. That is, these embodiments can be implemented in various other forms, and various omissions, replacements, and changes can be made.

  For example, the specific form of distribution / integration of each device (for example, the form shown in FIG. 1) is not limited to the one shown in the figure, and all or a part thereof can be changed in arbitrary units according to various loads and usage conditions. Functionally or physically distributed and integrated. As an example, the flow information analysis unit 153 and the quality deterioration detection unit 154 may be integrated as one detection unit, while the flow information collection unit 152 includes a collection unit that collects flow information from the transfer device, You may distribute to the storage part which extracts header information from the collected flow information, and stores it. The storage unit 140 may be a case where an existing management system or an external DB is used. That is, an existing management system DB or an external DB has a path information DB 141, a flow information DB 142, and a determination criterion DB 143 included in the storage unit 140, and the control unit 150 is an existing management system DB or It may be a case where an external DB is accessed to read / write information.

  In addition, the control unit 150 may be connected as an external device of the network quality monitoring apparatus 100 via a network, or another apparatus has a flow information analysis unit 153 and a quality deterioration detection unit 154, respectively. The network quality monitoring apparatus 100 described above may be realized by being connected to and cooperating with each other.

  These embodiments and modifications thereof are included in the invention disclosed in the claims and equivalents thereof as well as included in the technology disclosed in the present application.

100, 100a, 100b Network quality monitoring device 141 Route information DB
142 Flow information DB
143 Criteria DB
144 MIB information DB
151 Dynamic Filter Control Unit 152 Flow Information Collection Unit 153 Flow Information Analysis Unit 154 Quality Degradation Detection Unit 155 MIB Information Monitoring Unit 156 Dynamic Quality Measurement Location Change Unit

Claims (6)

A path information storage unit that stores path information of IP packets on the network for each tenant that provides a service using a network that transfers IP packets;
For each tenant, a determination criterion storage unit that stores a determination criterion indicating an allowable value of communication quality in the tenant,
An extraction control unit that controls the transfer device included in the network to extract the IP packet of a predetermined tenant from the IP packets transferred by the transfer device with reference to the route information;
A collection unit that collects flow information generated from the IP packet of the predetermined tenant extracted by the transfer device under the control of the extraction control unit;
Based on header information of the IP packet included in the flow information collected by the collection unit and an allowable value of the communication quality of the predetermined tenant in the determination criterion, the deterioration of the communication quality in the predetermined tenant is detected. A detection unit;
An acquisition unit that acquires management information for each port included in the transfer device included in the network;
A determination unit that determines whether deterioration has occurred for each port based on the management information acquired by the acquisition unit;
Have
The extraction control unit identifies a tenant of an IP packet transmitted / received by a port determined to be deteriorated by the determination unit, and sets each port located before and after the port on the route of the IP packet. On the other hand, control to extract the IP packet of the specified tenant,
The collection unit collects flow information generated from IP packets extracted from the front and rear ports under the control of the extraction control unit;
The detection unit identifies a tenant in which the communication quality has deteriorated by comparing header information of IP packets included in flow information of the same tenant collected from the front and rear ports by the collection unit. features and to Rene Ttowaku quality monitoring device to.   When the detection unit detects a deterioration in the communication quality of the tenant, the path information is referred to identify a transfer device and a port that are a route of the tenant's IP packet, and the control target of the extraction control unit The network quality monitoring apparatus according to claim 1, further comprising a changing unit that changes the specified transfer apparatus and port. The detection part, based on TCP header information in the IP packet of the tenant, network quality monitoring device according to claim 1 or 2, characterized in that for detecting the deterioration of the communication quality. A network quality monitoring method executed by a network quality monitoring apparatus that monitors communication quality of a network that transfers IP packets,
The network quality monitoring device includes:
For each tenant that provides a service using the network, a route information storage unit that stores route information of an IP packet on the network, and a determination that indicates an allowable value of the communication quality of the tenant for each tenant A determination criterion storage unit for storing the reference,
An extraction control step of referring to the path information and controlling the transfer device included in the network to extract the IP packet of a predetermined tenant from the IP packets transferred by the transfer device;
A collection step of collecting flow information generated from the IP packet of the predetermined tenant extracted by the transfer device under the control of the extraction control step;
Based on the header information of the IP packet included in the flow information collected by the collection step and the allowable value of the communication quality of the predetermined tenant in the determination criterion, the deterioration of the communication quality in the predetermined tenant is detected. A detection process;
An acquisition step of acquiring management information for each port included in the transfer device included in the network;
A determination step of determining whether or not deterioration has occurred for each port based on the management information acquired by the acquisition step;
Including
The extraction control step identifies a tenant of an IP packet transmitted / received by a port determined to have deteriorated by the determination step, and is assigned to each of the ports positioned before and after the port on the route of the IP packet. On the other hand, control to extract the IP packet of the specified tenant,
The collecting step collects flow information generated from IP packets extracted from the front and rear ports by the control of the extraction control step,
The detection step identifies a tenant in which the communication quality has deteriorated by comparing header information of IP packets included in the flow information of the same tenant respectively collected from the front and rear ports by the collection step. features and to Rene Ttowaku quality monitoring method that. When a deterioration in communication quality of the tenant is detected by the detection step, the transfer information and the port that become the route of the IP packet of the tenant are specified with reference to the route information, and the control target of the extraction control step is 5. The network quality monitoring method according to claim 4 , further comprising a changing step of changing to the specified transfer device and port. The detection step is based on TCP header information in the IP packet of the tenant, network quality monitoring method according to claim 4 or 5, characterized in that for detecting the deterioration of the communication quality.

Images