WO2017008712A1 - Détection d'accessibilité pour un chemin entre des points d'extrémité de tunnel vxlan (vtep) - Google Patents

Détection d'accessibilité pour un chemin entre des points d'extrémité de tunnel vxlan (vtep) Download PDF

Info

Publication number
WO2017008712A1
WO2017008712A1 PCT/CN2016/089597 CN2016089597W WO2017008712A1 WO 2017008712 A1 WO2017008712 A1 WO 2017008712A1 CN 2016089597 W CN2016089597 W CN 2016089597W WO 2017008712 A1 WO2017008712 A1 WO 2017008712A1
Authority
WO
WIPO (PCT)
Prior art keywords
vtep
path
vxlan
detection
detection packet
Prior art date
Application number
PCT/CN2016/089597
Other languages
English (en)
Chinese (zh)
Inventor
高瑞昌
乔剡
鄢能
缪琛
Original Assignee
杭州华三通信技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 杭州华三通信技术有限公司 filed Critical 杭州华三通信技术有限公司
Publication of WO2017008712A1 publication Critical patent/WO2017008712A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0805Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
    • H04L43/0811Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking connectivity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]

Definitions

  • VXLAN Virtual eXtensible Local Area Network
  • the VXLAN technology encapsulates the Layer 2 packet with the Layer 3 protocol.
  • the main principle is to introduce an outer tunnel in the User Datagram Protocol (UDP) format as the data path layer and the original Layer 2 packet.
  • UDP User Datagram Protocol
  • the outer layer of the payload uses UDP as the transmission means, this ensures that the payload is smoothly transmitted in the Layer 2 and Layer 3 networks, and the capability of the Layer 2 network to cover the Layer 3 network is realized.
  • the covered virtual network is referred to as an overlay network
  • the covered physical bearer network is referred to as an underlay network.
  • FIG. 1 is a schematic flow chart of a method provided by an example of the present application.
  • FIG. 2 is a schematic structural diagram of a VXLAN package provided by an example of the present application.
  • FIG. 3 is a schematic diagram of an application networking provided by an example of the present application.
  • FIG. 4 is a schematic diagram of an application networking provided by an example of the present application.
  • FIG. 5 is a schematic structural diagram of an apparatus provided by an example of the present application.
  • FIG. 6 is a schematic structural diagram of hardware of an apparatus provided by an example of the present application.
  • a data center that provides services such as a data center that provides cloud services, VXLAN technology architecture overlay network and underlay network.
  • the Overlay network includes a tunnel endpoint (VTEP: VXLAN Tunnel End Point).
  • VXLAN related processing is performed on VTEP, such as VXLAN encapsulation of packets and VXLAN decapsulation.
  • the VTEP can be a virtual switch or a physical switch.
  • An Underlay network can be a physical bearer network, including multiple hosts and other devices.
  • the VTEP in the Overlay network is connected to the underlay network, and the IP address of the physical bearer network of the underlay network is allocated, and the IP address is independent of the overlay network.
  • the path between different VTEPs may have multiple or even multiple equivalent multipaths (ECMP: Equal-Cost).
  • ECMP Equal-Cost
  • FIG. 1 is a flowchart of a method provided by an example of the present application. As shown in FIG. 1, the method may include the following steps:
  • the first VTEP is configured to detect whether the forwarding path from the first VTEP to the second VTEP is reachable to the second VTEP according to the principle that different detection packets correspond to different UDP source port numbers.
  • the detection packet determines the UDP source port number.
  • first VTEP and the second VTEP are only for naming for convenience of description, and do not limit the present application.
  • N is greater than or equal to the number M of paths from the first VTEP to the second VTEP.
  • the N test packets may have different message key information.
  • the message key information is at least one parameter included in the message quintuple or the message quintuple.
  • the packet quintuple includes the following parameters: destination IP address, source IP address, destination port number, source port number, and protocol type.
  • the packet quintuple includes the following parameters: destination IP address, source IP address, and destination MAC address.
  • the destination MAC address is used as the destination MAC address.
  • you can define a destination MAC address range for example, 00-00-5E-90-00-01.
  • the destination MAC address of the N detection packets may be different destination MAC addresses in the destination MAC address range.
  • other parameters of the N detection packets such as the source MAC address, the source IP address, the destination IP address, the destination port number, the source port number, and the protocol type are the same.
  • the source MAC address of the N detection packets can be the bridge MAC address of the source VTEP
  • the source IP address can be the IP address of the source VTEP
  • the destination IP address can be fixed to one for the representation.
  • the value of the packet discarded by the destination VTEP after receiving it such as 127.0.0.1.
  • the destination port number, source port number, and protocol type can be set in advance according to actual requirements, and are not described here.
  • the N detection messages may also have the same message key information.
  • the key information of the packet is the same, the other parameters of the N detection packets may be the same or different, and are not specifically limited herein.
  • the principle that the different detection packets correspond to different UDP source port numbers is the The N detection packets sent by the VTEP to detect whether the forwarding path from the first VTEP to the second VTEP is reachable may determine that the outer UDP source port number is implemented in the following manner 1 or mode 2:
  • Method 1 For each detection packet, the algorithm determines the key information of the packet in the detection packet according to the set UDP source port number determination algorithm, and determines the obtained result as the UDP source port number of the detection packet. For example, according to the hash algorithm, the UDP source port number of the detection packet is calculated according to the packet quintuple of the detection packet.
  • Manner 2 The N detection packets are queued into a queue, and the UDP source port number is determined as the default port number K for the first detection packet in the queue, and the second detection packet in the queue is determined and first.
  • the UDP source port number of the outer UDP source port number of the detection packet is, for example, the default port number K+1, and so on, until the last detection packet in the queue is determined to be the one of the queue detection packets.
  • the N test packets may have the same message key information.
  • the step 201 according to the principle that different test packets correspond to different UDP source port numbers, The N detection packets sent by the second VTEP for detecting whether the forwarding path from the first VTEP to the second VTEP is reachable can be determined by the foregoing mode 2.
  • step 201 it is finally possible to determine different UDP source port numbers for the N detection messages for detecting whether the forwarding path from the first VTEP to the second VTEP is reachable.
  • Step 202 The first VTEP performs VXLAN encapsulation on the detection packet by using the UDP source port number determined for the detection packet for each detection packet.
  • the first VTEP in step 202, for each detection packet, performing VXLAN encapsulation on the detection packet by using the UDP source port number determined for the detection packet may include the following steps a1 to a2:
  • step a1 a VXLAN encapsulation parameter used for detecting whether the forwarding path from the first VTEP to the second VTEP is reachable is determined.
  • the above N detection messages are used to detect from the first VTEP to the second If the forwarding path of the VTEP is reachable, in this example, the VXLAN encapsulation parameters of the N detection packets when the VXLAN encapsulation is performed are the same, and are the VXLAN encapsulation parameters determined in step a1.
  • Figure 2 shows the structure of a VXLAN package.
  • the VXLAN encapsulation parameters here include parameters in the VXLAN encapsulation except for the UDP source port number (Source Port) in the outer UDP header.
  • the detection packet is VXLAN encapsulated by using the outer UDP source port number and the VXLAN encapsulation parameter determined for the detection packet for each detection packet.
  • the UDP source port number in the outer UDP header of the VXLAN encapsulation of each detection packet is the UDP source port number determined by the detection packet, and other parameters are the VXLAN encapsulation parameters described above.
  • Step 203 The first VTEP shares the detection packet of the N VXLAN encapsulation by the egress port corresponding to the path of the VTEP to the second VTEP, so that the intermediate device or the second VTEP of the VXLAN encapsulated detection packet is received.
  • the path detecting device transmits a path parameter for the path detecting device to determine a reachable forwarding path from the first VTEP to the second VTEP.
  • the first VTEP and the second VTEP are underlay Layer 3 forwarding links, and the intermediate device can be a Layer 3 switch or router.
  • the first VTEP can send the detection messages of the N VXLAN encapsulations by using the egress port corresponding to all the paths from the VTEP to the second VTEP.
  • step b1 an egress port corresponding to the path from the first VTEP to the second VTEP is determined.
  • the egress port corresponding to the path from the first VTEP to the second VTEP may be used by the first VTEP to find an egress port corresponding to the path of the second VTEP according to the local routing table, and is not specifically described.
  • M is the number of forwarding paths from the first VTEP to the second VTEP, based on Therefore, the number of outbound ports (indicated by L) corresponding to the path determined in this step b1 is less than or equal to M.
  • step b2 when the number L of the egress ports corresponding to the determined path is 1, the detection packets of the N VXLAN encapsulations are sent by the egress port corresponding to the determined path; the number of egress ports corresponding to the determined path When L is greater than 1, a target egress port is allocated for each VXLAN encapsulated detection packet from the egress port corresponding to the L paths according to the equalization sharing principle, and the VXLAN encapsulation is sent by the target egress port allocated for the detection packet of the VXLAN encapsulation. Detect the message.
  • a specific implementation form may be allocated for each target detection port from the egress port corresponding to the L paths, and only one implementation form may be used, for example, N
  • the detection packet is grouped, and the number of detection packets in any group is less than or equal to L, and different detection ports are assigned as the target egress port from the L out ports for the detection packets in each group.
  • the first VTEP can share the detection packets of the N VXLAN encapsulations to the egress port corresponding to all the paths from the VTEP to the second VTEP by using the step b1 to the step b2.
  • VXLAN there is generally a controller control management VTEP, based on which, when there is a controller in the VXLAN, as an example of the present application, the above path detecting device may be a controller.
  • the N detection packets that are reachable by the forwarding path from the first VTEP to the second VTEP are the controller determining whether to detect the forwarding path from the first VTEP to the second VTEP. Generated and sent to the first VTEP when reachable.
  • the VXLAN encapsulation parameter used when the forwarding path of the VTEP to the second VTEP is reachable includes: receiving a VXLAN encapsulation parameter sent by the controller for detecting whether a forwarding path from the first VTEP to the second VTEP is reachable.
  • the above-described path detecting device may be the first VTEP regardless of whether or not the above-described controller is present in the VXLAN.
  • the N detection packets for detecting whether the forwarding path from the first VTEP to the second VTEP is reachable are generated by the first VTEP.
  • the VXLAN encapsulation parameter used in the step a1 to determine whether the forwarding path from the first VTEP to the second VTEP is reachable may include: all VXLAN encapsulation parameters pre-configured from the local.
  • the VXLAN encapsulation parameter used to detect whether the forwarding path from the first VTEP to the second VTEP is reachable is determined.
  • the VXLAN encapsulation parameter includes an outer UDP destination port (Dest Port), an outer Ethernet header (Outer Ethernet Header), and an outer UDP header.
  • Layer IP header Outer IP Header
  • VXLAN header VXLAN Header
  • the inner UDP destination port number (Dest Port) of the outer UDP header is the set port number specified by the VXLAN protocol.
  • the outer destination destination MAC address of the outer layer Ethernet header is the bridge MAC address of the second VTEP
  • the outer source MAC address of the outer layer outer header is the bridge MAC address of the first VTEP, outside the outer IP header.
  • the IP address of the layer is the IP address of the second VTEP
  • the outer source IP address of the outer IP header is the IP address of the first VTEP.
  • the value in the designated reserved field (such as the first reserved field shown in FIG. 2) in the VXLAN header is a set value such as 100
  • the VXLAN identifier (VNID) in the VXLAN header is the first VTEP.
  • the VXLAN identifier is such as VNID200.
  • the intermediate device is between the first VTEP and the second VTEP, and the second VTEP receives the detection packet of the VXLAN encapsulation.
  • the device or the second VTEP can use the VXLAN encapsulation of the detection packet to match the locally saved matching rule. If the matching succeeds, the device sends the path detection device to the path detection device to determine from the first.
  • the matching rule here may be sent by the path detecting device, or may be pre-configured, and the example of the present application is not specifically limited.
  • the matching rule herein may be: the outer UDP header inner and outer UDP destination port number is a set port number specified by the VXLAN protocol, and the specified reserved field in the VXLAN header is as shown in FIG. 2 The value in the first reserved field shown is a set value such as 100.
  • the path parameter sent by the intermediate device may include at least the device identifier of the intermediate device and the identifier of the port that the intermediate device receives the detection packet of the VXLAN encapsulation.
  • the intermediate device sends the detection packet of the VXLAN encapsulation received and received by the egress port for forwarding the detection packet according to the destination IP address of the outer IP header in the VXLAN encapsulation.
  • the intermediate device selects the detection packet of the VXLAN encapsulation received by the egress port for forwarding the detection packet, and specifically determines the egress port for forwarding the detection packet according to the destination IP address of the outer IP header in the VXLAN encapsulation.
  • the outgoing port of the VXLAN encapsulation received by the determined outbound port is directly selected. If the number of the outbound ports is greater than 1, the UDP source port number in the outer UDP header in the VXLAN encapsulation is performed.
  • the hash operation selects an outbound port from the determined outbound port to forward the received VXLAN encapsulated test packet according to the hash operation result.
  • the intermediate device receives multiple detection packets with the destination end being the second VTEP. Because the UDP source port numbers in the outer UDP header of the VXLAN encapsulation of the multiple detection packets are different, The detection packets will be forwarded from different egress ports, so that the detection packets can traverse different forwarding paths.
  • the path parameter sent by the second VTEP may be implemented by at least the device identifier of the second VTEP and the identifier of the port that the second VTEP receives the detection packet of the VXLAN encapsulation. Moreover, in order to prevent the normal service from being affected, the second VTEP discards the detected packet of the received VXLAN encapsulation.
  • the path parameter sent by the intermediate device and the second VTEP may further include The identifier of a VTEP and the identifier of the second VTEP. That is, in the example of the present application, the specific content of the path parameter is not limited, as long as it can be finally guaranteed to detect whether the forwarding path from the first VTEP to the second VTEP is reachable.
  • the first VTEP may also receive the detection packet of the VXLAN package sent by the other VTEP.
  • the processing process of the first VTEP is similar to the second VTEP described above. , no longer repeat them here.
  • FIG. 3 is a diagram of an application networking diagram of an example provided by the present application.
  • the Overlay network The network shows only two VTEPs: VTEP1 and VTEP2, the controller 30 controls VTEP1 and VTEP2, and the underlay network shows only five devices, respectively device 31 to device 35.
  • the path detecting device is the controller 30.
  • the controller 30 determines that the forwarding path reachability between two VTEPs (using VTEP1 as the source VTEP and VTEP2 as the destination VTEP as an example) is reached, the controller 30 is based on the collected network topology. Determine the number of forwarding paths from VTEP1 to VTEP2.
  • the controller 30 also generates 5 or more detection messages according to the determined number of forwarding paths 5 from VTEP1 to VTEP2, here to generate 5 detection reports
  • the text is an example.
  • the controller 30 sends the generated 5 detection messages to VTEP1.
  • the detection packets have different packet key information, and the packet key information is the destination MAC address.
  • the destination MAC address of message 01 is 00-00-5E-90-00-01
  • the destination MAC address of the message 02 is 00-00-5E-90-00-02
  • the destination MAC address of the message 03 is 00-00-5E-90-00-03
  • the destination MAC address of the message 04 is 00.
  • the destination MAC address of message 05 is 00-00-5E-90-00-05.
  • the controller 30 also notifies VTEP1 of the VXLAN encapsulation parameters (parameters in the VXLAN encapsulation other than the outer UDP source port in the outer UDP header) used to detect whether the forwarding path from VTEP1 to VTEP2 is reachable.
  • the UDP destination port number in the outer UDP header of the VXLAN encapsulation parameter is the set port number specified by the VXLAN protocol (take the port number 200 as an example), and the outer destination MAC address of the outer Ethernet header is VTEP2.
  • the bridge MAC address, the external source MAC address is the bridge MAC address of VTEP1, the outer destination IP address of the outer IP header is the IP address of VTEP2, and the outer source IP address of the outer IP header is the IP address of VTEP1, VXLAN header
  • the middle VXLAN identifier is the ID of the first VXLAN where VTEP1 is located (here, VNID100 is taken as an example), and the reserved field such as the value in the first reserved field in the VXLAN header is set to a set value such as 100.
  • the controller 30 sends a matching rule to VTEP2.
  • the controller 30 sends a matching rule to the intermediate device on any forwarding path from VTEP1 to VTEP2 (here, the intermediate device is the device 31 to the device 35 in FIG. 3, and FIG. 3 is not shown because the line is relatively large.
  • the controller 30 issues a matching rule to the line of the device 31 to the device 35).
  • the matching rule may be: the value in the specified reserved field in the VXLAN header in the VXLAN encapsulation is a set value, and the UDP destination port number in the outer UDP header in the VXLAN encapsulation is the set port number specified by the VXLAN protocol.
  • the VTEP1 receives a total of five detection messages from the message 01 to the message 05 sent by the controller 30, and receives the VXLAN encapsulation parameters sent by the controller 30.
  • VTEP1 finds that the message 01 to the message 05 have different message key information, and the key information of the message is the destination MAC address. For example, the VTEP1 calculates the UDP source port number and uses the destination MAC address of the message 01. -00-5E-90-00-01 Calculates the UDP source port number of message 01. VTEP1 uses the UDP source port number calculation method and uses the destination MAC address of message 02 00-00-5E-90-00- 02 Calculate the UDP source port number of the message 02; VTEP1 calculates the UDP source port of the message 03 according to the set UDP source port number calculation method and the destination MAC address 00-00-5E-90-00-03 of the message 03.
  • VTEP1 calculates the UDP source port number of packet 04 according to the configured UDP source port number calculation method and uses destination MAC address 00-00-5E-90-00-04 of packet 04; VTEP1 follows the set UDP source. Port number calculation method and use the purpose of message 05 The MAC address 00-00-5E-90-00-05 calculates the UDP source port number of the message 05.
  • VTEP1 uses the VXLAN encapsulation parameter notified by the controller 30 and the UDP source port number of the packet 01 to perform VXLAN encapsulation on the packet 01, that is, the UDP source port number in the outer UDP header in the VXLAN encapsulation is the UDP source port determined by the message 01. No. Other parameters in the VXLAN package are the VXLAN package parameters as described above.
  • the VTEP1 performs VXLAN encapsulation on the message 02 by using the VXLAN encapsulation parameter notified by the controller 30 and the UDP source port number of the message 02; the VTEP1 uses the VXLAN encapsulation parameter notified by the controller 30 and the UDP source port number of the message 03.
  • the VXLAN encapsulation is performed by the VXLAN encapsulation parameter notified by the controller 30 and the UDP source port number of the message 04; the VXLAN encapsulation parameter notified by the controller 30 and the UDP source of the message 05 are used by the VTEP1.
  • the port number encapsulates the message 05 in VXLAN.
  • the message 01 to the message 05 in the VXLAN encapsulation are sequentially recorded as the message 11, the message 12, the message 13, the message 14, and the message 15.
  • VTEP1 determines the egress port corresponding to the path from this VTEP1 to VTEP2. If the number of outbound ports corresponding to the path determined by VTEP1 is 2, which is port 11 and port 12, VTEP1 sends packet 11 through port 11, sends packet 12 through port 12, and sends packet 13 through port 11. The message 14 is sent through port 12 and the message 15 is sent through port 11.
  • the packet 11 is received by any intermediate device in any path from VTEP1 to VTEP2 (here, only device 31 is taken as an example), and the value in the specified reserved field in the VXLAN header of the VXLAN encapsulation of the packet 11 is found to be the set value. 100.
  • the UDP destination port number in the outer UDP header of the VXLAN encapsulation is the set port number 200 specified by the VXLAN protocol. If the matching rule sent by the controller is met, the path parameter is sent to the controller, where the path parameter includes at least The device identifier of the device 31 and the port number of the port on which the device 31 receives the packet 11 (taking port 311 as an example).
  • the device 31 determines the path to the destination IP address of the outer layer according to the outer destination IP address of the outer IP header in the VXLAN encapsulation of the packet 11.
  • the result is that the path is more than one, which is three equal-cost paths, which are: 31->Device 32->Device 34->VTEP2; Device 31->Device 32->Device 35->VTEP2, Device 31->Device 33->Device 34->VTEP2, based on this, device 31 pairs message 11
  • the UDP source port number of the outer UDP header in the VXLAN encapsulation is hashed, and a path corresponding to the hash result is found from the three equal-cost paths according to the hash result, such as device 31->device 33->device 34->VTEP2
  • the received message 11 is forwarded through a path found.
  • the process of receiving the message 13 and receiving the message 15 by the device 31 is similar to the process of receiving the message 11, and details are not described herein again.
  • the controller 30 receives and saves the path parameters transmitted by the device 31.
  • the processing after the device 32 to the device 35 receives the packet is similar to the processing of the device 31, and details are not described herein again.
  • VTEP2 when VTEP2 receives any of the packets from message 11 to message 15, it finds that the value in the first reserved field in the VXLAN header of the VXLAN encapsulation of the packet is the set value of 100, and the outer UDP in the VXLAN encapsulation The destination UDP port number in the header is the set port number 200 specified by the VXLAN protocol. If the matching rule sent by the controller is met, the path parameter is sent to the controller.
  • the path parameter here includes at least: the device identifier of VTEP2 and the VTEP2. The identifier of the port to the packet.
  • VTEP2 discards the received destination packet when the outer IP address of the outer IP header in the VXLAN encapsulation is the IP address of the VTEP2.
  • the controller 30 After receiving the path parameter sent by VTEP2, the controller 30 summarizes and counts the reachable paths from VTEP1 to VTEP2 according to all the received path parameters.
  • the path parameters received by the controller 30 are:
  • the controller 30 connects the VTEP1 to the port corresponding to the port 311 on the device 31 based on the collected network topology.
  • the path from VTEP1 to device 31 is determined by (device 31, port 311); the controller 30 is based on the collected network.
  • the port corresponding to the port 321 of the topology discovery device 32 is connected to the device 31.
  • the path from the device 31 to the device 32 is determined by (device 32, port 321), and the previously determined path from VTEP1 to device 31 is reachable.
  • the controller 30 discovers the port connection device 32 corresponding to the port 352 on the device 35 based on the collected network topology, and thus, the slave device is determined by (device 35, port 352).
  • the path from 32 to device 35 is reachable, and the path from VTEP1 to device 32 is determined to be reachable, and then the path from VTEP1 to device 35 is further determined; controller 30 discovers VTEP2 based on the collected network topology.
  • the port corresponding to port 25 is connected to device 35.
  • the path from device 35 to VTEP2 is determined by (VTEP2, port 25), combined with the previously determined path from VTEP1 to device 35. Up, it is further determined at this time to the path VTEP1 VTEP2 up, i.e. up above the transfer path 2.
  • the controller 30 connects the VTEP1 to the port corresponding to the port 322 on the device 32 based on the collected network topology.
  • the path from VTEP1 to device 32 is determined by (device 32, port 322); the controller 30 is based on the collected network.
  • the port corresponding to the port 342 of the topology discovery device 34 is connected to the device 32.
  • the path from the device 32 to the device 34 is determined by (device 34, port 342), and the previously determined path from VTEP1 to device 32 is reachable.
  • the controller 30 discovers the port connection device 34 corresponding to the port 24 on the VTEP2 based on the collected network topology, and thus, the slave device 34 is determined by (VTEP2, port 24)
  • the path of VTEP2 is reachable, and the path from VTEP1 to device 34 is determined to be reachable. Steps determine that the path from VTEP1 to VTEP2 is reachable, that is, the above forwarding path 5 is reachable.
  • controller 30 summarizes and counts the received path parameters to determine that only the forwarding path 2 and the forwarding path 5 are reachable, and the forwarding paths 1, 3, and 4 are unreachable.
  • FIG. 4 is a schematic diagram of an application networking of an example provided by the present application.
  • the Overlay network shows only two VTEPs: VTEP3 and VTEP4, and the underlay network shows only five devices, device 61 to device 65, respectively.
  • an example is taken to detect whether the forwarding path from VTEP3 to VTEP4 is reachable.
  • the path detection device is VTEP3.
  • VTEP3 determines the number of forwarding paths from the VTEP3 to VTEP4 based on the previously collected network topology. If the number of forwarding paths is 5, respectively: forwarding path 1, VTEP3->device 61->device 62->device 64->VTEP4, Forwarding path 2, VTEP3->Device 61->Device 62->Device 65->VTEP4, Forwarding Path 3, VTEP3->Device 61->Device 63->Device 64->VTEP4, Forwarding Path 4, VTEP3->Device 62->Device 65->VTEP4, Forwarding Path 5, VTEP3->Device 62->Device 64->VTEP4.
  • the VTEP3 generates 5 or more detection packets according to the determined number of forwarding paths 5 from the VTEP3 to the VTEP4.
  • five detection packets are generated as an example.
  • the detection packets have different packet key information, and the packet key information is the destination MAC address.
  • the five detection messages are respectively recorded as message 61, message 62, message 63, message 64, message 65, wherein the destination MAC address of the message 61 is 00-00-5E-90-00-06
  • the destination MAC address of the packet 62 is 00-00-5E-90-00-07
  • the destination MAC address of the packet 63 is 00-00-5E-90-00-08
  • the destination MAC address of the packet 64 is 00.
  • -00-5E-90-00-09 the destination MAC address of message 65 is 00-00-5E-90-00-10.
  • VTEP3 sends a matching rule to VTEP4.
  • VTEP3 determines the intermediate device (ie, device 61 to device 65 in Figure 4) on the path from the VTEP3 to VTEP4 according to the previously collected network topology, and VTEP3 sends The matching rule is given to the device 61 to the device 65 in Fig. 4 (Fig. 4 because the line is relatively large, the line for transmitting the matching rule is not shown).
  • the matching rule may be: the value in the first reserved field in the VXLAN header in the VXLAN encapsulation is a set value, and the UDP destination port number in the outer UDP header in the VXLAN encapsulation is the set port number specified by the VXLAN protocol.
  • VTEP3 determines the UDP source port number of the packet 61 to the packet 65 according to the set UDP source port number calculation method.
  • VTEP3 performs VXLAN encapsulation on the packets 61 to 65 respectively.
  • the UDP source port numbers of the outer UDP headers in the VXLAN encapsulation of the packets 61 to 65 are the UDP source port numbers determined by the packets 61 to 65, respectively.
  • the message 61 to the message 65 in the VXLAN encapsulation are sequentially recorded as the message 71 to the message 75.
  • VTEP3 determines the egress port corresponding to the path from this VTEP3 to VTEP4. If the number of outbound ports L determined by VTEP3 is 2, which is port 31 and port 32 respectively (not shown in FIG. 4), VTEP3 sends a message 71 through port 31, and sends a message 72 through port 32, which is sent through port 31. In the message 73, the message 74 is sent through the port 32, and the message 75 is sent through the port 31.
  • Any intermediate device in any path from VTEP3 to VTEP4 receives the message 71, and finds that the value in the first reserved field in the VXLAN header of the VXLAN encapsulation of the message 71 is set. The value is set, and the UDP destination port number in the outer UDP header of the VXLAN encapsulation is the set port number specified by the VXLAN protocol. If the matching rule sent by VTEP3 is met, the path parameter is sent to VTEP3, and the path parameter includes: the device identifier of the device 61, The device 61 receives the port number of the port of the message 71.
  • the device 61 determines the path to the destination IP address of the outer layer according to the outer destination IP address of the outer IP header in the VXLAN encapsulation of the packet 71, and finds that there is more than one path, which is three equal-cost paths. 61 pairs of messages 71 of VXLAN The UDP source port number of the outer UDP header in the encapsulation is hashed, and a path corresponding to the hash result is found from the three equal-cost paths according to the hash result, such as device 61->device 63->device 64->VTEP4 and passes A path found forwards the received message 71.
  • the process of receiving the message 73 and receiving the message 75 by the device 61 is similar to the process of receiving the message 71, and details are not described herein again.
  • VTEP3 receives and saves the path parameters sent by device 61.
  • the processing after the device 62 to the device 65 receives the message is similar to the processing of the device 61, and details are not described herein again.
  • VTEP4 when VTEP4 receives any of the packets from message 71 to message 75, it finds that the value in the first reserved field in the VXLAN header of the VXLAN encapsulation of the packet is the set value, and the outer UDP header in the VXLAN encapsulation The UDP destination port number is the set port number specified by the VXLAN protocol. If the matching rule sent by VTEP3 is met, the path parameter is sent to VTEP3, and the outer destination IP address of the outer IP header in the VXLAN encapsulation is the IP address of VTEP4. , the received message is discarded.
  • VTEP3 After receiving the path parameters sent by VTEP4, VTEP3 summarizes and counts the reachable forwarding paths from VTEP3 to VTEP4 according to all the received path parameters. The summary and statistics are similar to the previous examples, and are not described here. 4 The port of the VXLAN encapsulated detection packet is not specifically shown. Finally, VTEP3 will globally count all path reachable conditions from VTEP3 to VTEP4, including how many reachable paths, etc., for upper-layer queries. Here, VTEP3 finally globally counts the reachability of all paths from VTEP3 to VTEP4. There may be no intuitive access to all paths that are counted by the controller.
  • FIG. 5 is a schematic structural diagram of a device provided by an example of the present application. As shown in Figure 5, the apparatus 50 includes:
  • the determining unit 51 is configured to detect, according to the principle that different detection packets correspond to different UDP source port numbers, whether the forwarding path from the first VTEP to the second VTEP is sent by the first VTEP to the second VTEP.
  • the detection message determines the UDP source port number; wherein N is greater than or equal to the number M of paths from the first VTEP to the second VTEP.
  • the VXLAN encapsulating unit 52 is configured to perform VXLAN encapsulation on the detection packet by using a UDP source port number determined for the detection packet for each detection packet.
  • the detection packet sending unit 53 is configured to share the detection packets of the N VXLAN encapsulations by using the egress port corresponding to all the paths from the first VTEP to the second VTEP, so that the intermediate device that receives the detection packet of the VXLAN encapsulation or The second VTEP transmits to the path detecting device a path parameter for the path detecting device to determine a reachable forwarding path from the first VTEP to the second VTEP.
  • the path detecting device is a controller for managing VTEP in the VXLAN
  • the N detecting messages for detecting whether the forwarding path from the first VTEP to the second VTEP is reachable is the control. Transmitted to the first VTEP;
  • the N detecting messages for detecting whether the forwarding path from the first VTEP to the second VTEP is reachable are generated by the first VTEP.
  • the VXLAN encapsulation unit 52 performs VXLAN encapsulation on the detection packet by using the UDP source port number determined for the detection packet for each detection packet, including:
  • VXLAN encapsulation parameter used to detect whether a forwarding path from the first VTEP to the second VTEP is reachable
  • the detection packet For each detection packet, the detection packet is VXLAN encapsulated by using the UDP source port number and the VXLAN encapsulation parameter determined for the detection packet.
  • the VTLAN encapsulation parameter used by the controller of the VTEP to determine whether the forwarding path from the first VTEP to the second VTEP is reachable includes: receiving, by the controller, detecting the first VTEP to the second VXLAN encapsulation parameters used when the forwarding path of the VTEP is reachable;
  • the determining the VXLAN encapsulation parameter used for detecting whether the forwarding path from the first VTEP to the second VTEP is reachable includes: determining from all locally preconfigured VXLAN encapsulation parameters A VXLAN encapsulation parameter used to detect whether a forwarding path from the first VTEP to the second VTEP is reachable.
  • the detection packet sending unit 53 performs the detection of the N VXLAN encapsulated detection packets by using the outbound port corresponding to the path from the first VTEP to the second VTEP.
  • the detection packets of the N VXLAN encapsulations are sent by the egress port corresponding to the determined one path;
  • a target out port is allocated for each VXLAN encapsulated detection packet from the outbound ports corresponding to the L paths according to the equalization sharing principle, and the detection packet is encapsulated by the VXLAN.
  • the target outgoing port of the file sends a detection packet of the VXLAN encapsulation.
  • the apparatus 50 further includes:
  • the receiving unit 54 is configured to receive a detection packet of the VXLAN package.
  • the path parameter sending unit 55 is configured to: when the receiving unit 54 receives the detection packet of the VXLAN encapsulation, send the path parameter corresponding to the received detection packet of the VXLAN encapsulation to the path detecting device, where the received VXLAN encapsulation
  • the path parameter corresponding to the detection packet includes at least: the device identifier of the first VTEP, and the first VTEP receives the VXLAN The identifier of the port of the encapsulated detection packet;
  • the processing unit 56 is configured to determine that the destination IP address of the outer IP header in the VXLAN encapsulation is the IP address of the VTEP, and discard the detection packet of the VXLAN encapsulation received by the receiving unit.
  • FIG. 6 is a schematic structural diagram of hardware of an apparatus provided by an example of the present application.
  • the device 60 is a first VTEP.
  • the device 60 includes a processor 61 and a memory 62.
  • the processor 61 is, for example, a central processing unit (CPU).
  • the memory 62 can be a non-volatile storage medium storing computer-executable instructions, which can be specifically path-detectable instructions.
  • the processor 61 reads the path reachable detection command to perform:
  • UDP is determined for the N detection packets sent by the first VTEP to the second VTEP for detecting whether the forwarding path from the first VTEP to the second VTEP is reachable.
  • Source port number
  • the detection packet is VXLAN encapsulated by using the UDP source port number determined for the detection packet;
  • the path detecting device determines a path parameter of a reachable forwarding path from the first VTEP to the second VTEP;
  • N is greater than or equal to the number M of paths from the first VTEP to the second VTEP.
  • the path detecting device is a controller for managing VTEP in the VXLAN
  • the N detecting messages for detecting whether the forwarding path from the first VTEP to the second VTEP is reachable is that the controller is first Sent by VTEP;
  • the N are used to detect from the first A detection message that the forwarding path of the VTEP to the second VTEP is reachable is generated by the first VTEP.
  • the VXLAN encapsulation of the detection packet by using the UDP source port number determined for the detection packet for each detection packet includes:
  • VXLAN encapsulation parameter used to detect whether a forwarding path from the first VTEP to the second VTEP is reachable
  • the detection packet For each detection packet, the detection packet is VXLAN encapsulated by using the UDP source port number and the VXLAN encapsulation parameter determined for the detection packet.
  • the determining the VXLAN encapsulation parameter used when detecting whether the forwarding path from the first VTEP to the second VTEP is reachable includes: receiving the controller The VXLAN encapsulation parameter sent when detecting whether the forwarding path from the first VTEP to the second VTEP is reachable;
  • the determining the VXLAN encapsulation parameter used for detecting whether the forwarding path from the first VTEP to the second VTEP is reachable includes: determining from all locally preconfigured VXLAN encapsulation parameters A VXLAN encapsulation parameter used to detect whether a forwarding path from the first VTEP to the second VTEP is reachable.
  • the detecting, by the outbound port corresponding to all the paths corresponding to the path from the first VTEP to the second VTEP, the sending of the detection messages of the N VXLAN encapsulations includes:
  • the detection packets of the N VXLAN encapsulations are sent by the egress port corresponding to the determined one path;
  • a target out port is allocated for each VXLAN encapsulated detection packet from the outbound ports corresponding to the L paths according to the equalization sharing principle, and the detection packet is encapsulated by the VXLAN.
  • Target assigned port outgoing Detection packet encapsulated in VXLAN.
  • the processor 61 reads the path reachable detection instruction, and further performs: receiving the detection packet encapsulated by the VXLAN;
  • the path parameter corresponding to the detection packet of the received VXLAN encapsulation is sent to the path detection device, and the path parameter corresponding to the detection packet of the received VXLAN encapsulation includes at least: the first VTEP Device identifier, the identifier of the port on which the first VTEP receives the detection packet encapsulated by the VXLAN;
  • the destination IP address of the outer IP header in the VXLAN encapsulation is determined to be the IP address of the first VTEP, and the detection packet of the received VXLAN encapsulation is discarded.
  • the UDP source port number is determined by:
  • the algorithm determines the key information of the packet, and determines the UDP source port number of the detection packet according to the UDP source port number determination algorithm;
  • the N detection packets are arranged in a queue, and different preset port numbers are determined for each detection message in the queue.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer Security & Cryptography (AREA)
  • Environmental & Geological Engineering (AREA)

Abstract

Selon la présente invention, un premier point VTEP (point d'extrémité de tunnel de réseau VXLAN) détermine différents numéros de port de source UDP à utiliser dans une encapsulation de réseau VXLAN pour un nombre N de paquets de détection à transmettre à un second point VTEP. Cela permet à un dispositif intermédiaire de recevoir des paquets de détection encapsulés VXLAN pour utiliser les numéros de port de source UDP dans une encapsulation de réseau VXLAN par la sélection d'un chemin aller lorsque deux chemins aller ou plus vers le second point VTEP sont déterminés, le nombre N des paquets de détection étant supérieur au nombre M de tous les chemins aller entre le premier point VTEP et le second point VTEP tandis que le premier point VTEP transmet de manière distributive le nombre N de paquets de détection encapsulés VXLAN via des ports de sortie correspondant à tous les chemins entre le premier point VTEP et le second point VTEP.
PCT/CN2016/089597 2015-07-10 2016-07-11 Détection d'accessibilité pour un chemin entre des points d'extrémité de tunnel vxlan (vtep) WO2017008712A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510408264.5A CN106330597B (zh) 2015-07-10 2015-07-10 Vxlan隧道端点vtep之间的路径可达检测方法和装置
CN201510408264.5 2015-07-10

Publications (1)

Publication Number Publication Date
WO2017008712A1 true WO2017008712A1 (fr) 2017-01-19

Family

ID=57725554

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/089597 WO2017008712A1 (fr) 2015-07-10 2016-07-11 Détection d'accessibilité pour un chemin entre des points d'extrémité de tunnel vxlan (vtep)

Country Status (2)

Country Link
CN (1) CN106330597B (fr)
WO (1) WO2017008712A1 (fr)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109995654A (zh) * 2017-12-29 2019-07-09 中兴通讯股份有限公司 一种基于隧道传输数据的方法及装置
CN112636997A (zh) * 2020-11-17 2021-04-09 新华三技术有限公司 一种路径检测方法及设备
CN112637051A (zh) * 2020-11-26 2021-04-09 新华三技术有限公司合肥分公司 一种路径检测报文转发方法及设备
CN113141290A (zh) * 2020-01-19 2021-07-20 华为技术有限公司 一种报文传输方法、装置及设备
CN113794616A (zh) * 2021-08-31 2021-12-14 新华三信息安全技术有限公司 一种报文转发方法及设备
CN118041859A (zh) * 2023-12-12 2024-05-14 天翼云科技有限公司 一种vxlan转发表自学习方法

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107547343B (zh) * 2017-06-28 2020-06-05 新华三技术有限公司 报文操作控制方法及装置
CN108616418A (zh) * 2018-03-30 2018-10-02 新华三技术有限公司 检测故障的方法及装置
CN112751727A (zh) * 2020-12-23 2021-05-04 新华三技术有限公司 一种检测链路的方法和网络设备

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102177681A (zh) * 2011-04-21 2011-09-07 华为技术有限公司 检测故障的方法和系统
US20140348006A1 (en) * 2013-05-24 2014-11-27 Alcatel-Lucent Usa Inc. System and Method for Detecting a Virtual Extensible Local Area Network (VXLAN) Segment Data Path Failure
CN104283738A (zh) * 2014-10-11 2015-01-14 杭州华三通信技术有限公司 一种链路检测方法及设备

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101197731B (zh) * 2007-12-12 2012-02-01 华为技术有限公司 路径故障检测的方法、系统及装置
CN101626324B (zh) * 2009-08-19 2011-12-07 杭州华三通信技术有限公司 转发路径检测方法和设备
CN102523221B (zh) * 2011-12-20 2014-11-19 国家计算机网络与信息安全管理中心 数据报文的检测方法及网络安全检测设备
US9769049B2 (en) * 2012-07-27 2017-09-19 Gigamon Inc. Monitoring virtualized network
US8837476B2 (en) * 2012-09-07 2014-09-16 International Business Machines Corporation Overlay network capable of supporting storage area network (SAN) traffic
CN104270298B (zh) * 2014-09-30 2018-10-09 新华三技术有限公司 一种vxlan网络中的报文转发方法及装置

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102177681A (zh) * 2011-04-21 2011-09-07 华为技术有限公司 检测故障的方法和系统
US20140348006A1 (en) * 2013-05-24 2014-11-27 Alcatel-Lucent Usa Inc. System and Method for Detecting a Virtual Extensible Local Area Network (VXLAN) Segment Data Path Failure
CN104283738A (zh) * 2014-10-11 2015-01-14 杭州华三通信技术有限公司 一种链路检测方法及设备

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
JAIN P. ET AL.: "Detecting VXLAN Segment Failure, draft-jain-nvo3-vxlan-ping-00", NETWORK WORKING GROUP INTERNET -DRAFT, 6 June 2013 (2013-06-06), XP015090668 *
PANG, JUNYING ET AL.: "Path Detection in VXLAN Overlay Network, draft-pang-nvo3-vxlan-path-detection-00", NETWORK WORKING GROUP INTERNET -DRAFT, 22 May 2015 (2015-05-22), XP015106326 *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109995654A (zh) * 2017-12-29 2019-07-09 中兴通讯股份有限公司 一种基于隧道传输数据的方法及装置
CN113141290A (zh) * 2020-01-19 2021-07-20 华为技术有限公司 一种报文传输方法、装置及设备
CN113141290B (zh) * 2020-01-19 2023-12-19 华为技术有限公司 一种报文传输方法、装置及设备
CN112636997A (zh) * 2020-11-17 2021-04-09 新华三技术有限公司 一种路径检测方法及设备
CN112636997B (zh) * 2020-11-17 2022-08-30 新华三技术有限公司 一种路径检测方法及设备
CN112637051A (zh) * 2020-11-26 2021-04-09 新华三技术有限公司合肥分公司 一种路径检测报文转发方法及设备
CN112637051B (zh) * 2020-11-26 2022-07-12 新华三技术有限公司合肥分公司 一种路径检测报文转发方法及设备
CN113794616A (zh) * 2021-08-31 2021-12-14 新华三信息安全技术有限公司 一种报文转发方法及设备
CN118041859A (zh) * 2023-12-12 2024-05-14 天翼云科技有限公司 一种vxlan转发表自学习方法

Also Published As

Publication number Publication date
CN106330597B (zh) 2019-07-26
CN106330597A (zh) 2017-01-11

Similar Documents

Publication Publication Date Title
WO2017008712A1 (fr) Détection d'accessibilité pour un chemin entre des points d'extrémité de tunnel vxlan (vtep)
US11848757B2 (en) In-situ passive performance measurement in a network environment
US10243847B2 (en) Forwarding packets with encapsulated service chain headers
US20220407800A1 (en) Traceroute for multi-path routing
US9912614B2 (en) Interconnection of switches based on hierarchical overlay tunneling
KR101317969B1 (ko) 링크 애그리게이션 방법 및 노드
US9379975B2 (en) Communication control system, control server, forwarding node, communication control method, and communication control program
WO2019105462A1 (fr) Procédé et appareil d'envoi de paquet, procédé et appareil de traitement de paquet, nœud pe et nœud
US8351329B2 (en) Universal load-balancing tunnel encapsulation
JP5857058B2 (ja) 最短パスブリッジングネットワークにおける負荷バランシング
US8995444B2 (en) Method and system for extending routing domain to non-routing end stations
US20180026889A1 (en) Progressive mac address learning
US20120314605A1 (en) Communication system, path control apparatus, packet forwarding apparatus, and path control method
US9548930B1 (en) Method for improving link selection at the borders of SDN and traditional networks
US20150334057A1 (en) Packet forwarding
JP6589060B2 (ja) ソフトウェア定義ネットワークのエントリ生成およびパケット転送
WO2016107379A1 (fr) Procédé et appareil d'envoi de paquets
US9467367B2 (en) Universal labels in internetworking
WO2015039617A1 (fr) Procédé, système et dispositif pour traitement de paquet
EP3586482B1 (fr) Mécanisme de détection de boucles de plan de données dans un réseau de flux ouvert
WO2017000802A1 (fr) Procédé et dispositif de localisation d'anomalie de service
WO2022042503A1 (fr) Procédé, appareil et système de transmission de messages
US10313274B2 (en) Packet forwarding
WO2015039616A1 (fr) Procédé et dispositif de traitement de paquets
RU2461131C2 (ru) Сервер, система передачи и реализуемый ими способ переноса инкапсуляции по gre-туннелю

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16823859

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16823859

Country of ref document: EP

Kind code of ref document: A1