WO2018099249A1 - 在nfv系统中检测故障的方法、装置和系统 - Google Patents

在nfv系统中检测故障的方法、装置和系统 Download PDF

Info

Publication number
WO2018099249A1
WO2018099249A1 PCT/CN2017/109756 CN2017109756W WO2018099249A1 WO 2018099249 A1 WO2018099249 A1 WO 2018099249A1 CN 2017109756 W CN2017109756 W CN 2017109756W WO 2018099249 A1 WO2018099249 A1 WO 2018099249A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
fault
detection
monitoring point
locating
Prior art date
Application number
PCT/CN2017/109756
Other languages
English (en)
French (fr)
Inventor
王帅兵
潘继雨
乔乃强
朱夏
程剑
李祖庆
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to EP17875587.2A priority Critical patent/EP3541014B1/en
Publication of WO2018099249A1 publication Critical patent/WO2018099249A1/zh
Priority to US16/429,059 priority patent/US10999129B2/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0677Localisation of faults
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0604Management of faults, events, alarms or notifications using filtering, e.g. reduction of information by using priority, element types, position or time
    • H04L41/0618Management of faults, events, alarms or notifications using filtering, e.g. reduction of information by using priority, element types, position or time based on the physical or logical position
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0631Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/40Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using virtualisation of network functions or resources, e.g. SDN or NFV entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/02Capturing of monitoring data
    • H04L43/028Capturing of monitoring data by filtering
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/10Active monitoring, e.g. heartbeat, ping or trace-route
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/12Network monitoring probes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/20Arrangements for monitoring or testing data switching networks the monitoring system or the monitored elements being virtualised, abstracted or software-defined entities, e.g. SDN or NFV
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/04Network management architectures or arrangements
    • H04L41/046Network management architectures or arrangements comprising network management agents or mobile agents therefor

Definitions

  • the present application relates to the field of communications, and in particular, to a method, apparatus, and system for detecting a fault in a Network Functions Virtualization (NFV) system.
  • NFV Network Functions Virtualization
  • NFV is a technology standard that carries the functions of network software by means of virtualization technology and uses devices such as general-purpose large-capacity servers and memories.
  • NFV mainly uses a general-purpose server hardware platform to run virtualization software on the server and generate virtual machines.
  • the network function of a common network element can be run on a virtual machine in the form of software to form a virtualized network function (VNF).
  • VNF virtualized network function
  • NFV requires layered integration of multiple components, such as: physical server, host operating system (Host OS), virtual machine monitor (hypervisor), virtual switch (virtual switch, vSwitch), guest operating system (guest operating system, guest OS), VNF and NFV Management and Orchestration (MANO) and other components integration.
  • the main functions of the NFV can be implemented through packet forwarding and service processing. When packets are transmitted through the host OS, hypervisor, vSwitch, guest OS, and VNF, packets will be lost due to faults. Therefore, the NFV system needs to be fast and fast. Effective fault location.
  • the embodiments of the present application provide a method, a device, and a system for detecting a fault in an NFV system, which are useful for effectively locating faults in the NFV and improving fault location efficiency.
  • a method of detecting a fault in an NFV system includes: the detecting proxy device receiving location information of a monitoring point on a service path sent by the detecting control device, the detecting proxy device being located in the NFV system; and the detecting proxy device according to the location information of the monitoring point, Obtaining information for locating the fault from the monitoring point, the information for locating the fault is information obtained by the monitoring point according to the filtering condition, and the information for locating the fault includes location information of the monitoring point; The detecting proxy device transmits the information for locating the fault to the detecting control device.
  • the detection proxy device in the NFV system can obtain the information for locating the fault carried by the packet forwarded by the monitoring point according to the location information of the monitoring point on the service path sent by the detection control device.
  • the detecting proxy device may send the information for locating the fault to the detecting control device, which is helpful for monitoring and fault locating each layer included in the NFV system or between the NFV systems to avoid
  • the logs of the NFV system are analyzed one by one to locate faults and improve fault location efficiency.
  • the method further includes: the detecting proxy device receiving the sending by the detecting control device The detection message and the location information of the injection point on the service path, the detection message is obtained by the monitoring point for determining The packet to be captured is based on the information of the bit fault; the detecting proxy device sends the detection packet to the injection point.
  • the injection point is a node for injecting the detection message into a service path of the NFV system.
  • the injection point may be selected from a plurality of monitoring points included in the service path.
  • the detecting proxy device may obtain a detection packet for a certain service from the detection control device, and send a detection packet of the certain service to the injection point to implement corresponding to the certain service.
  • the detection message is injected on the service path.
  • the information carried in the detection packet such as the quintuple information in the packet header of the detection packet, may be changed based on the forwarding action.
  • the information that is changed based on the forwarding action in the packet header of the detection packet includes the information for locating the fault.
  • the detecting proxy device may obtain, by using the monitoring point, information for locating the fault carried in the detection packet that is forwarded by the service path.
  • the method further includes: the detecting proxy device receiving the sending by the detecting control device The feature information corresponding to the service path and the location information of the injection point on the service path; the detection proxy device generates M detection messages according to the feature information corresponding to the service path, M is an integer greater than or equal to 1, and any one of the M detection packets is a to-be-obtained packet on which the monitoring point obtains the information for locating the fault; the detection proxy The device sends the M detection messages to the injection point.
  • the injection point is a node for injecting the detection message into a service path of the NFV system.
  • the injection point may be selected from a plurality of monitoring points included in the service path.
  • the detection proxy device may generate M detection messages according to the feature information for generating the detection message sent by the detection control device, that is, the feature information corresponding to the service path.
  • the detecting proxy device may send a detection message to the injection point, and send the detection message to the injection point to inject the one detection report through the injection point.
  • the detection packet is used to detect whether the service path deployed in the NFV system is faulty.
  • the detecting proxy device may obtain a detection message according to the feature information, and copy the M-1 copy of the one detection message to obtain the M detection reports. Text.
  • Any one of the M detection packets may also carry a sequence number, where the sequence number is used to identify the sequence in which the detection packets carrying the sequence number are injected into the service path.
  • the detecting proxy device may send the M detection packets to the injection point based on the sequence number, so as to enable the M detection packets to be injected into the service path through the injection point.
  • the monitoring information is still available when the monitoring information is not the same as the one of the M detection packets, even if the monitoring point misses one of the M detection packets.
  • the other detection messages in the M detection packets are captured to obtain the information for locating the fault, which helps to improve the success rate of fault location.
  • the information used for locating the fault is information obtained by the monitoring point after filtering the service packet forwarded along the service path.
  • the information for locating the fault may be information obtained by taking snapshots of the service packets forwarded along the service path according to the filtering condition.
  • the detecting proxy device may not inject the detection packet into the service path, and directly use the service packet forwarded along the service path for monitoring and fault location.
  • the information obtained by the detecting proxy device for locating the fault from the monitoring point is derived from the service packet forwarded by the service path, and helps to prevent the detecting proxy device or the detecting control device from generating the detecting packet.
  • the location information of the monitoring point is within a hardware layer of the NFV system or within an operating system layer or within a virtualization layer.
  • the location information of the monitoring point may be between the hardware layer and the operating system layer or Between the operating system layer and the virtualization layer.
  • the detection proxy device may obtain location information of one or more monitoring points from the detection control device. Any one of the monitoring points may be distributed between adjacent two layers of the NFV system or within each layer of the NFV system. The distribution position and the number of the one or more monitoring points may be set according to requirements such as the accuracy of the fault location.
  • the detection proxy device is located within the hardware layer of the NFV system or within the operating system layer or within the virtualization layer.
  • the detection proxy device located in the hardware layer can locate the fault in the hardware layer.
  • a detection proxy device located within the virtualization layer or the operating system layer can detect and locate faults caused by the vSwitch within the hardware layer.
  • a detection proxy device located within the virtualization layer or the operating system layer may be within the virtualization layer, within the operating system layer, between the virtualization layer and the operating system layer, or the virtualization The fault between the layer and the hardware layer is detected and located.
  • the detection proxy device can be configured as needed, such as setting one or more detection proxy devices in the NFV system for comprehensive detection and fault location of the hardware layer, the operating system layer, and the virtualization layer.
  • the filtering condition may be set to the monitoring point by using a static configuration manner, where the filtering condition is used to obtain the information for locating a fault from a packet to be filtered.
  • the method further includes: the detecting proxy device receiving the sending by the detecting control device The filtering condition of the monitoring point, the filtering condition is used to obtain the information for locating a fault from a message to be filtered; the detecting proxy device is to the monitoring according to location information of the monitoring point The point sends the filter condition of the monitoring point.
  • the filtering condition may include one or more filtering rules, and any one of the one or more filtering rules includes a length, an offset, and a value.
  • the monitoring point may use the length, the offset, and the value of the filtering rule obtained by the monitoring point to filter out the information carrying the information for locating the fault from the service packet or the detection packet forwarded by the service path. Message.
  • the detecting by the detecting proxy device, obtaining information for locating the fault from the monitoring point according to the location information of the monitoring point, that: the detecting proxy device periodically reads the used information from the monitoring point Locate the fault information.
  • the detecting by the detecting proxy device, obtaining information for locating the fault from the monitoring point according to the location information of the monitoring point, where the detecting proxy device receives the Locate the fault information.
  • a method of detecting a fault in an NFV system includes: the detection control device transmitting location information of a monitoring point on a service path to the detection proxy device, the detection proxy device being located in the NFV system; the detection control device receiving the notification sent by the detection proxy device Locating the fault information, the information for locating the fault is information obtained by the monitoring point according to the filtering condition, the information for locating the fault includes location information of the monitoring point; the detecting and controlling device according to the The information for locating the fault and the service model corresponding to the service path determine a monitoring point where the fault exists in the NFV system.
  • the detection control device sends the location information of the monitoring point on the service path to the detection proxy device, and obtains, by the detection proxy device, the monitoring point to capture the report on the service path.
  • the detection control device can use the information for locating the fault to determine the monitoring point where the fault exists, and does not need to analyze the debugging information, the statistical information and the log information of the NFV system layer by layer, which helps to shorten The time of fault location improves the fault location efficiency.
  • the detection control device can set a monitoring point corresponding to the service path, which helps to improve flexibility and versatility.
  • the method further includes: the detecting and controlling device obtaining, according to the service model, a corresponding to the service path. Feature information and location information of an injection point on the service path, the feature information is information required by the detection proxy device to generate a detection message, and the detection message is obtained by the monitoring point for the positioning The message to be captured on which the failure information is based; the detection control device transmits the feature information and the location information of the injection point to the detection agent device.
  • the method further includes: the detecting and controlling device obtaining, according to the service model, a corresponding to the service path. Feature information and location information of an injection point on the service path, the feature information is information required to generate a detection message; the detection control device generates the detection message according to the feature information, the detection report The monitoring point obtains the to-be-caught message according to the information for locating the fault, and the detecting control device sends the detection message and the location information of the injection point to the detecting proxy device.
  • the injection point is a node for injecting the detection message into a service path of the NFV system.
  • the injection point may be selected from a plurality of monitoring points included in the service path.
  • the detection control device may send the detection message generated according to the feature information to the detection proxy device to prevent the detection proxy device from generating the detection message, which helps to reduce the detection.
  • the burden of the proxy device may be sent to send the detection message generated according to the feature information to the detection proxy device to prevent the detection proxy device from generating the detection message, which helps to reduce the detection. The burden of the proxy device.
  • the method further includes: the detecting, determining, by the detecting, the filtering condition of the monitoring point according to the service model And the filtering condition is used to obtain the information for locating the fault from the message to be filtered; the detecting control device sends the filtering condition of the monitoring point to the detecting proxy device.
  • the method further includes: determining, by the detecting control device, the first node of the service path according to the service a tail node and L intermediate nodes, wherein the L is an integer greater than or equal to 0; the detection control device obtains location information of the head node, location information of the tail node, and the L according to the service path Location information of each of the intermediate nodes, filtering conditions of the first node, filtering conditions of the tail node, and filtering conditions of each of the L intermediate nodes; the detection control device according to the Position information of the head node, location information of the tail node, location information of each of the L intermediate nodes, filtering condition of the head node, filtering condition of the tail node, and the L pieces
  • the filtering condition of each intermediate node in the intermediate node obtains a business model.
  • the head node is a node at a starting location included in the service
  • the service model corresponding to the path obtains a reference value of the N parameters, where the N parameters are parameters carried by the packet forwarded by the service path, where N is an integer greater than or equal to 1, and the reference value is The estimated value of the N parameters obtained when the service path does not have a fault point;
  • the detection control device obtains the measured value of the N parameters from the information for locating the fault, the measurement a value is an actual value of the N parameters obtained from a message forwarded by the service path;
  • the detection control device compares a reference value of the N parameters with a measured value of the N parameters, The monitoring point with the fault is determined, and the monitoring point with the fault is a monitoring point corresponding to the parameter whose measured value is different from the reference value.
  • the method further includes: the detecting and controlling device triggering through a Network Configuration Protocol (NETCONF) interface
  • NETCONF Network Configuration Protocol
  • the detecting proxy device acquires the information for locating a fault.
  • the detection control device may also trigger the detection proxy device to acquire the information for locating the fault through other types of interfaces.
  • the other types of interfaces may be a simple network management protocol (SNMP) interface, a Simple Object Access Protocol (SOAP) interface, and a multi-Technology Operations System Interface (MTOSI). ), Representational State Transfer (REST) interface or Representational State Transfer Configuration Protocol (RESTCONF) interface.
  • SNMP simple network management protocol
  • SOAP Simple Object Access Protocol
  • MTOSI multi-Technology Operations System Interface
  • REST Representational State Transfer
  • RESTCONF Representational State Transfer Configuration Protocol
  • a detection proxy device configured, the detection proxy device being located in an NFV system, the detection proxy device comprising: a first receiving module, an obtaining module, and a first sending module.
  • the obtaining module is capable of communicating with the first receiving module and the first transmitting module.
  • the first receiving module is configured to receive location information of a monitoring point on a service path sent by the detection control device.
  • the obtaining module is configured to obtain information for locating a fault from the monitoring point according to the location information of the monitoring point, where the information for locating the fault is information obtained by the monitoring point according to the filtering condition,
  • the information for locating the fault includes location information of the monitoring point.
  • the first sending module is configured to send the information for locating a fault to the detection control device.
  • the detection proxy device further comprises one or more modules for performing any of the possible implementations of the first aspect described above.
  • the obtaining module includes a first submodule, and the first submodule is configured to periodically read the information for locating a fault from the monitoring point.
  • the obtaining module includes a second submodule, where the second submodule is configured to receive the information for locating the fault periodically sent by the monitoring point.
  • a detection proxy device configured for NFV system, the detection proxy device comprising a processor, a memory, and a communication interface.
  • the processor, the memory, and the communication interface are connected by a communication bus.
  • the memory is used to store programs.
  • the processor performs the method provided by any one of the first aspect or the first aspect of the first aspect, in accordance with executable instructions included in a program read from the memory.
  • a detection control apparatus comprising: a first transmission module, a reception module, and a fault determination module.
  • the fault determination module is capable of communicating with the first transmitting module and the receiving module.
  • the first sending module is configured to send location information of a monitoring point on a service path to the detection proxy device, where the detection proxy device is located in the NFV system.
  • the receiving module is configured to receive, by the detecting proxy device, information for locating a fault, where the information for locating the fault is information obtained by the monitoring point according to the filtering condition, where the information for locating the fault includes The location information of the monitoring point.
  • the fault determining module is configured to determine, according to the information for locating the fault and the service model corresponding to the service path, a monitoring point that is faulty in the NFV system.
  • the detection control device further comprises one or more modules for performing any of the possible implementations of the second aspect described above.
  • the fault determining module includes a first obtaining submodule, a second obtaining submodule, and a comparing submodule.
  • the comparison sub-module is capable of communicating with the first obtaining sub-module and the second obtaining sub-module.
  • the first obtaining submodule is configured to obtain reference values of N parameters according to a service model corresponding to the service path.
  • the second obtaining submodule For obtaining the measured values of the N parameters from the information for locating the fault.
  • the comparison submodule is configured to compare the reference values of the N parameters and the measured values of the N parameters to determine the monitoring point where the fault exists.
  • the reference value of the N parameters and the measured value of the N parameters can be referred to the corresponding content in the second aspect.
  • a detection control apparatus comprising a processor, a memory, and a communication interface.
  • the processor, the memory, and the communication interface are connected by a communication bus.
  • the memory is used to store programs.
  • the processor performs the method provided by any one of the possible implementations of the second aspect or the second aspect, according to the executable instructions included in the program read from the memory.
  • a seventh aspect a system for performing fault detection, the system comprising the detection agent apparatus provided by any one of the foregoing third aspect or the third aspect, and the foregoing fourth or fourth aspect a detection control device provided by any of the possible implementations; or
  • the system includes the detection agent device provided by any one of the foregoing fifth aspect or the fifth aspect, and the detection control device provided by any of the foregoing sixth or sixth possible implementations.
  • Figure 1 is a schematic diagram of a possible application scenario.
  • FIG. 2 is a schematic diagram of a scenario provided by Embodiment 1 of the present application.
  • FIG. 3 is a flowchart of a method for detecting a fault in an NFV system according to Embodiment 1 of the present application.
  • FIG. 4 is a schematic diagram of a scenario provided by Embodiment 2 of the present application.
  • FIG. 5 is a flowchart of a method for detecting a fault in an NFV system according to Embodiment 2 of the present application.
  • FIG. 6 is a schematic diagram of a scenario provided by Embodiment 3 of the present application.
  • FIG. 7 is a flowchart of a method for detecting a fault in an NFV system according to Embodiment 3 of the present application.
  • FIG. 8 is a schematic diagram of a GOAM packet according to an embodiment of the present application.
  • FIG. 9 is a schematic structural diagram of a detection proxy device according to Embodiment 1 of the present application.
  • FIG. 10 is a schematic structural diagram of a detection proxy device according to Embodiment 2 of the present application.
  • FIG. 11 is a schematic structural diagram of a detection control apparatus according to Embodiment 1 of the present application.
  • FIG. 12 is a schematic structural diagram of a detection control apparatus according to Embodiment 2 of the present application.
  • the NFV system includes a virtualized network function (VNF) and a network functions virtualization infrastructure (NFVI).
  • the VNF includes a virtual broadband network gateway (vBNG), an operating system (OS), and x virtual network interface cards (vNICs), where x is an integer greater than or equal to 1.
  • the x vNICs may include vNIC1 and vNIC2 in FIG.
  • the OS includes a pipe OS and a guest OS.
  • the NFVI includes a hypervisor and a hardware layer.
  • the hypervisor includes an open source virtual switch (opensport, OVS) and a routing/network address translation (Routing/NAT) module.
  • the OVS includes y virtual terminals (virtual port, vport), y is an integer greater than or equal to 1.
  • the y vports may include vport1, vport2, vport3, and vport4 in FIG.
  • the hardware layer includes z network interface cards (NICs), and z is an integer greater than or equal to 1.
  • the z NICs may include NIC3 and NIC4 in FIG. Among them, the guest OS (guest OS) can be Linux.
  • the Routing/NAT module is used to perform network address translation (NAT) and routing on received packets.
  • the server receives the service packet sent by the customer-premises equipment (CPE).
  • CPE customer-premises equipment
  • the service packet enters the NFV system included in the server via the NIC3 of the server. After the service packet is forwarded along the service path of the NFV system, it is forwarded to the network capable of communicating with the server via the NIC 4 of the server.
  • the service path of the NFV system is the path shown by the dotted line in FIG.
  • the service path identified by the dotted line in Figure 1 can be expressed as NIC3->Routing/NAT->vport1->vport2->vNIC1->Linux->pipe OS->vBNG->pipe OS->Linux->vNIC2->vport3 ->vport4->Routing/NAT->NIC4.
  • the erroneous filtering list includes a source Internet Protocol (IP) address that is not allowed to access the network, and the disallowed connection is not allowed.
  • IP Internet Protocol
  • the source IP address of the incoming network includes the source IP address of the service packet, and the vBNG discards the service packet. If the vBNG is configured with the wrong filter list, after the service packet is found to be lost, the debugging information and/or the log information of the NFV system may be analyzed layer by layer to locate the fault occurrence point in the vBNG. .
  • the embodiments of the present application provide a method capable of quickly implementing fault location and simplifying fault detection.
  • the detecting agent device obtains information for locating the fault from the monitoring point according to the position information of the monitoring point transmitted by the detecting control device.
  • the information for locating the fault may be information obtained by the monitoring point from the packet forwarded by the service path according to the filtering condition.
  • the packet forwarded by the service path may be a detection packet injected by the detection proxy device, or may be a service packet from the CPE.
  • the detecting proxy device sends the information for locating the fault to the detecting control device, and the detecting control device may determine that there is a fault in the NFV system according to the information for locating the fault and the service model.
  • the method for performing fault detection in the NFV system provided by the embodiment of the present application can implement fault location by grasping the information carried in the packet on the service path, and does not need to analyze debugging information and/or log information after the fault occurs. Inferring the location information of the fault point improves the flexibility, versatility and fault location efficiency, and reduces the difficulty of fault detection.
  • the server shown in Figure 2 is similar to the basic structure of the server shown in Figure 1.
  • the detection agent device is located in the VNF, and the detection control device may be a server independent device.
  • the detection proxy device is capable of communicating with one or more of the VNF and NFVI shown in FIG. 2, such as: the detection proxy device can communicate with the pipeline OS, the guest OS, the vNIC1, and the vNIC2 in the VNF, the detection The proxy device can also communicate with vport1 and vport4 included in NIC3, NIC4, and OVS in the NFVI.
  • the detection agent device is also capable of communicating with other layers or other modules included in the VNF and NFVI, and will not be exemplified herein.
  • the hardware in Figure 2 belongs to the hardware layer of the NFV system.
  • the vNIC1 and vNIC2 included in the hypervisor, vBNG, and VNF in FIG. 2 belong to the virtualization layer of the NFV system.
  • the OS in Figure 2 belongs to the operating system layer of the NFV system.
  • the service path shown in FIG. 2 is the same as the node through which the service path shown in FIG. 1 passes.
  • the service path identified by the dotted line in Figure 2 is NIC3->Routing/NAT->vport1->vport2->vNIC1->Linux->pipe OS->vBNG->pipe OS->Linux->vNIC2->vport3-> Vport4->Routing/NAT->NIC4.
  • the service path in the embodiment of the present application corresponds to the service, that is, the service path that the first service packet and the second service packet used to implement a certain service pass through in the NFV system are the same.
  • the first service packet is any service packet that implements the certain service.
  • the second service packet is the same as the first service packet, and the second service packet is different from the first service packet. Business message.
  • FIG. 3 is a flowchart of a method for detecting a fault in an NFV system according to Embodiment 1 of the present application.
  • the detection proxy device can be located at the virtualization layer, operating system layer, or hardware layer.
  • the method provided in the first embodiment of the present application is described in which the detection proxy device is located in the VNF, and the detection control device is independent of the server.
  • the method shown in FIG. 3 can be applied to the NFV system shown in FIG. 2.
  • the detection control device can communicate with the detection proxy device, and specifically adopts protocols such as SNMP, NETCONF, SOAP, MTOSI, REST, and RESTCONT.
  • the method provided in Embodiment 1 of the present application is a path detection method.
  • the method for detecting a path is a method for capturing a service packet forwarded on the service path shown in FIG. 2 to obtain information for locating a fault.
  • a method for detecting a fault in an NFV system according to Embodiment 1 of the present application will be described below with reference to FIG. 2 and FIG. 3.
  • the detection control device obtains location information of the monitoring point on the service path and a filtering condition of the monitoring point according to the service model.
  • the method provided by the embodiment of the present application further includes: the detection control apparatus generates a service model.
  • the detecting and controlling device generating the service model includes: the detecting control device determining, according to the service, a head node, a tail node, and L intermediate nodes of the service path, where L is an integer greater than or equal to 0; the detecting control device Obtaining, according to the service path, location information of the first node, location information of the tail node, location information of each intermediate node of the L intermediate nodes, filtering condition of the first node, and a filter condition and a filter condition of each of the L intermediate nodes; the detection control means, according to the position information of the head node, the position information of the tail node, and each of the L intermediate nodes The location information of the node, the filtering condition of the first node, the filtering condition of the tail node, and the filtering condition of each of the L intermediate nodes obtain a service model.
  • the detection control device obtains the location information of the monitoring point on the service path and the filtering condition of the monitoring point from the service model corresponding to the service to be monitored.
  • the service path corresponds to the service.
  • the detection control device may select all or part of the monitoring points from the service model.
  • the selected plurality of monitoring points in FIG. 2 are located at NIC3, vport2, vNIC1, guest OS, pipe OS, vNIC2, vport4, and NIC4, respectively.
  • the service packets that are forwarded along the service path such as the service packets sent by the CPE to the server in FIG. 2, sequentially pass through the plurality of monitoring points in the order indicated by the arrows in FIG.
  • the detection control device may select an ID of a plurality of monitoring points from the service model, and an ID of the monitoring point may identify a relative position of the monitoring point on the service path.
  • the identifier of NIC3 is 1
  • the identifier of vport2 is 2
  • the identifier of vNIC1 is 3
  • the identifier of the guest OS is 4
  • the identifier of the pipeline OS is 5
  • the identifier of VNIC2 is 6
  • the identifier of vport4 is 7, and the identifier of NIC4 is 8. .
  • the identifier of NIC3 is 10
  • the identifier of vport2 is 13
  • the identifier of vNIC1 is 14
  • the identifier of the guest OS is 15
  • the identifier of the pipeline OS is 16
  • the filtering condition provided in the embodiment of the present application may include one or more rules, and any one of the one or more rules is used to obtain a parameter for locating a fault.
  • the information for locating the fault in the embodiment of the present application includes the parameter for locating the fault.
  • the arbitrary rule includes an offset, a length, and a value, which can be expressed as ⁇ offset, length, value>.
  • the value of offset is used to indicate the starting position of the intercepted field.
  • the value of length is used to indicate the length of the intercepted field. Value is used to represent the value to be compared. Any one of the rules indicates that the value of the offset is the starting position and the length is the length from the first byte of the packet header.
  • the data carried in the intercepted field is the value carried in the value, indicating the packet.
  • the filter condition may include one or more of ⁇ 2, 2, 0x5601>, ⁇ 3, 3, 0x604020>, and ⁇ 0, 1, 0x34>.
  • ⁇ 2, 2, 0x5601> The values of offset and length in this rule are 2, and the value of value is 0x5601. ⁇ 3,3, 0x604020>
  • the offset and length values in this rule are 3, and the value of 0 is 0x604020.
  • ⁇ 0,1,0x34> The offset value in this rule is 0, the value of length is 1, and the value of value is 0x34.
  • the any one of the rules may further include a mask, which may be represented as ⁇ offset, length, value, mask>.
  • the filter condition may include one or more of ⁇ 2, 2, 0x5601, 0xff01>, ⁇ 3, 3, 0x604020, 0xf0f0> and ⁇ 0, 1, 0x34, 0xff>.
  • ⁇ 2,2,0x5601,0xff01> The value of the mask in this rule is 0xff01. ⁇ 3,3,0x604020,0xf0f0f0>
  • the value of mask in this rule is 0xf0f0f0.
  • ⁇ 0,1,0x34,0xff> The value of the mask in this rule is 0xff.
  • the detection control device sends the location information of the monitoring point and the filtering condition of the monitoring point to the detection proxy device.
  • the detection control device may further send an identifier (ID) of the service to the detection proxy device when transmitting the location information of the monitoring point and the filtering condition of the monitoring point.
  • ID identifier
  • the detection control device when the detection control device sends the location information of the monitoring point and the filtering condition of the monitoring point to the detection proxy device, or before sending, or after sending, the detection control device may also pass the NETCONF interface.
  • the detection proxy device is triggered to acquire the information for locating the fault.
  • the detecting proxy device sends, according to location information of the monitoring point, a filtering condition of the monitoring point to the monitoring point.
  • the detection proxy device may initiate the process of acquiring the information for locating the fault. After the detection agent device obtains the location information of the monitoring point and the filtering condition of the monitoring point, the location information of the monitoring point may be recorded.
  • the detection proxy device can communicate with the monitoring point using a communication protocol upon which an operating system in the server is based.
  • the communication protocol may be Inter-process communication (IPC) or Transparent Inter-process Communication (TIPC).
  • the detecting proxy device may record location information of the monitoring point and an ID of the service.
  • the detecting proxy device may send the filtering condition of the NIC3 to the NIC3, send the filtering condition of the vport2 to the vport2, send the filtering condition of the vNIC1 to the vNIC1, and send the filtering condition of the guest OS to the Linux, and
  • the filter condition of the pipe OS is sent to the pipe OS
  • the filter condition of the vNIC2 is sent to the vNIC2
  • the filter condition of the vport4 is sent to the vport4
  • the filter condition of the NIC4 is sent to the NIC4.
  • the vNIC 1 and the pipeline OS that are monitoring points can be configured with the same filtering condition. Specifically can be expressed as:
  • the snifferRule represents the filtering condition of the monitoring point; the condition represents any one of the rules.
  • the rule includes 5 rules, that is, 5 conditions.
  • the five rules include a first rule, a second rule, a third rule, a fourth rule, and a fifth rule.
  • the first rule is related to a source IP address.
  • the first rule indicates that the offset is 26, and the field of length 4 carries the source IP address, and the source IP address is 0x0a889d43.
  • the IP address represented by 0x0a889d43 is 10.136.157.67.
  • the second rule is related to the destination IP address.
  • the second rule indicates that the offset is 30, and the field of length 4 carries the destination IP address, and the destination IP address is 0x0a889d42.
  • the IP address represented by 0x0a889d42 is 10.136.157.66.
  • the third rule is related to the protocol number.
  • the third rule indicates that the offset is 23, and the length 1 field carries the protocol number, and the protocol number is 0x11.
  • the 0x11 indicates that the packet is a UDP packet.
  • the fourth rule is related to the source port number.
  • the fourth rule indicates that the offset is 34, and the length 2 field carries the source port number, and the source port number is 0xe518.
  • the fifth rule is related to the destination port number.
  • the fifth rule indicates that the offset is 36, and the field of length 2 carries the destination port number, and the destination port number is 0xbac1.
  • the filtering conditions configured on vNIC2 as a monitoring point can be expressed as:
  • the snifferRule represents the filtering condition of the monitoring point; the condition represents any one of the rules.
  • the rule includes 5 rules, that is, 5 conditions.
  • the five rules include a sixth rule, a seventh rule, an eighth rule, a ninth rule, and a tenth rule.
  • the sixth rule is related to the source IP address.
  • the sixth rule indicates that the offset is 76, and the field of length 4 carries the source IP address, and the source IP address is 0x0a889d43.
  • the IP address represented by 0x0a889d43 is 10.136.157.67.
  • the seventh rule is related to the destination IP address.
  • the seventh rule indicates that the offset is 80, and the field of length 4 carries the destination IP address, and the destination IP address is 0x0a889d42.
  • the IP address represented by 0x0a889d42 is 10.136.157.66.
  • the eighth rule is related to the protocol number.
  • the eighth rule indicates that the offset is 73, and the length 1 field carries the protocol number, and the protocol number is 0x11.
  • the 0x11 indicates that the packet is a UDP packet.
  • the ninth rule is related to the source port number.
  • the ninth rule indicates that the offset is 84, and the field of length 2 carries the source port number, and the source port number is 0xe518.
  • the tenth rule is related to the destination port number.
  • the tenth rule indicates that the offset is 86, and the field of length 2 carries the destination port number, and the destination port number is 0xbac1.
  • the packet received by the vNIC2 is a UDP packet with an IPv4 packet encapsulated in the outer layer.
  • the location information of the quintuple information (source IP address, destination IP address, protocol number, source port, and destination port) in the packet header is changed. .
  • the value of the offset in the filter condition configured on the vNIC2 needs to be adjusted accordingly.
  • the filtering condition of the monitoring point is sent to the monitoring point.
  • the detecting proxy device may be triggered to acquire the information for locating a fault after sending the filtering condition of the monitoring point to the monitoring point;
  • the proxy device may trigger the monitoring point to capture the service packet after being triggered to obtain the information for locating the fault.
  • the monitoring point obtains information for locating the fault from the service packet on the service path according to the filtering condition of the monitoring point.
  • the monitoring point may periodically obtain the information for locating the fault.
  • the monitoring point may obtain the information for locating the fault based on an indication from the detecting proxy device.
  • the indication from the detecting proxy device may be that the detecting proxy device sends a message indicating a point in time of detection or an instruction to start detecting, and no longer describes the possible manners. .
  • vNIC1 detects the received service packet according to the five rules configured in S303. If vNIC1 determines, according to the five rules, that the received service packet includes a source IP address of 0x0a889d43, a destination IP address of 0x0a889d42, a protocol number of 0x11, a source port number of 0xe518, and a destination port number of 0xbac1, then vNIC1 Snapshot the packet header of the received service packet to obtain a snapshot including information for locating the fault.
  • the vNIC1 determines that at least one parameter in the quintuple information included in the received service packet is different from the value in the rule according to the five rules, the vNIC1 discards the packet of the received service packet. Take a snapshot of the header.
  • the method in which the pipe OS and the vNIC 2 as monitoring points obtain a snapshot including information for locating the fault is the same as that of the vNIC 1, and will not be described herein.
  • the monitoring point may capture the The quintuple information in the BGP packet, the quintuple information includes the source IP address, the destination IP address, the protocol number, the source port number, and the destination port number of the BGP packet.
  • the monitoring point can capture the OSPF if the packet forwarded by the service path is an Open Shortest Path First (OSPF) packet encapsulated by an Internet Protocol (IP).
  • OSPF Open Shortest Path First
  • IP Internet Protocol
  • the triplet information in the protocol packet where the triplet information includes a source IP address, a destination IP address, and a protocol number of the OSPF protocol packet.
  • MSTP multiple-spanning tree protocol
  • the monitoring point can capture the destination media access in the MSTP packet. Control (Media Access Control, MAC) address and frame type.
  • MSTP multiple-spanning tree protocol
  • the information about the location fault obtained by the monitoring point may be information obtained by the monitoring point after taking a snapshot of the packet forwarded by the service path according to the filtering condition.
  • the monitoring point sends the information for locating a fault to the detection proxy device.
  • the monitoring point may periodically send the information for locating the fault to the detecting proxy device.
  • the monitoring point may also carry the serial number in the information for locating the fault and send it to the detection proxy device.
  • the sequence number carried in the information for locating the fault is used to identify the sequence in which the monitoring point acquires the information for locating the fault.
  • the monitoring point may obtain the information for locating the fault, and send the information for the positioning to the detecting proxy device. Fault information.
  • the monitoring point may stop according to the indication sent by the detecting proxy device for closing the detection. Detection of business messages.
  • the detection proxy device sends the information for locating the fault to the detection control device.
  • the detecting proxy device may obtain the information for locating the fault from the monitoring point according to the location information of the monitoring point recorded in S303, and use the location information of the monitoring point and the positioning information.
  • the information of the fault is sent to the detection control device, so that the detection control device can know the service model corresponding to the information for locating the fault according to the location information of the monitoring point.
  • the detecting proxy device records the ID of the service in S303, and the detecting proxy device may send the ID of the service and the information for locating the fault to the detecting control device, so that The detection control device can learn the service model corresponding to the information for locating the fault according to the ID of the service.
  • the detecting proxy device may only transmit the information for locating the fault to the detecting control device, so that the detecting control device can
  • the information used to locate the fault is obtained, and the corresponding business model is obtained.
  • the information for locating the fault may include parameters that are capable of uniquely identifying the service path.
  • the detection control apparatus may determine the service model according to the service path.
  • the detection control device can determine the service path in which the monitoring point is located according to the location information of the monitoring point.
  • the detection control device may determine a service path corresponding to the service according to the ID of the service.
  • the detection control device determines, according to the service model and the information for locating a fault, a monitoring point that has a fault.
  • the detecting control device may search for the detection control according to one or more of the information for locating the fault, the ID of the service, and the location information of the monitoring point sent by the proxy device, as described in S306. At least one business model generated by the device obtains the business model corresponding to the service path.
  • the detecting and controlling device determines, according to the service model and the information for locating a fault, that the monitoring point that has a fault includes: the detecting control device obtains N parameters according to the service model corresponding to the service path. a reference value, where the N parameters are parameters carried by the packet forwarded by the service path, where N is an integer greater than or equal to 1, and the reference value is obtained when the service path does not have a fault point.
  • the detection control device obtains the measured value of the N parameters from the information for locating the fault, and the measured value is forwarded from the service path
  • the detection control device compares the reference value of the N parameters with the measured value of the N parameters, and determines the monitoring point with the fault, the presence
  • the monitoring point of the fault is the monitoring point corresponding to the parameter whose measured value is different from the reference value.
  • the estimated value can be regarded as a measured value of a normal state.
  • the filtering condition of the monitoring point may be set to the monitoring point by static configuration.
  • the detection control device may send the location information of the monitoring point to the detection proxy device without transmitting the filtering condition of the monitoring point, and the detection proxy device may not Go to S303.
  • the packet that is forwarded by the service path in the first embodiment of the present application is a service packet from the CPE.
  • the packet forwarded by the service path may also be a detection packet generated by the detection proxy device or the detection control device.
  • the detecting control device transmits the location information of the monitoring point to the detecting proxy device.
  • the monitoring point captures the information carried in the service packet on the service path according to the filtering condition acquired from the detecting proxy device or the filtering condition preset at the monitoring point, to obtain information for locating the fault.
  • the detecting proxy device transmits the information for locating the fault sent by the monitoring point to the detecting control device, so that the detecting control device can analyze the monitoring point that determines that there is a fault to avoid the NFV system
  • the logs are analyzed one by one to locate faults and improve fault location efficiency.
  • the detection control device can set a corresponding monitoring point for the service path corresponding to each service, which can improve the flexibility of fault location.
  • the detection control device can perform fault detection in the process of processing the service message by the NFV system, which helps improve the real-time performance of the fault location.
  • the server shown in FIG. 4 has the same structure as the server shown in FIG. 2.
  • the NFV system on the server shown in FIG. 4 can also implement the function of the NFV system on the server shown in FIG. 2, that is, the service path that the same service packet passes on the server shown in FIG. 4 and the service shown in FIG. The path is the same.
  • the service path shown by the dotted line in FIG. 4 is a part of the service path shown in FIG. 2.
  • the service path identified by the dotted line in Figure 4 is vNIC1->Linux->pipe OS->vBNG->pipe OS->Linux->vNIC2->vport3->vport4->Routing/NAT->NIC4.
  • the detection control device needs to detect and locate the fault in the VNF, and the monitoring points determined by the detection control device are distributed in the VNF.
  • the injection point selected by the detection control device is vNIC1.
  • the detection control device may also select nodes on other service paths as injection points, which are not illustrated one by one.
  • the detecting proxy device injects M detection packets into the vNIC1, and any one of the detection packets may be a general operation, administration, and maintenance (GOAM) message, where the M is an integer greater than or equal to 1.
  • the M detection messages injected into the VNF can be forwarded along the service path indicated by the dotted line in FIG.
  • the second embodiment of the present application will not be described in the same manner as the first embodiment.
  • the method of the second embodiment can be implemented based on the NFV system of FIG. 2 or 4.
  • FIG. 5 is a flowchart of a method for detecting a fault in an NFV system according to Embodiment 2 of the present application.
  • the method provided in the second embodiment of the present application is an active detection method, that is, the detection proxy device injects M GOAM messages into the injection point, and the monitoring point obtains the fault for positioning from the M GOAM messages forwarded on the service path. information.
  • the injection point can be injected into the M GOAM messages, and the information for locating faults can be obtained.
  • only the injection of the M GOAM packets by the injection point is taken as an example for description.
  • the monitoring point is pre-set with filtering conditions by means of static configuration or other manners, and the detecting control device may send the filtering condition of the monitoring point to the monitoring point without using the detecting proxy device.
  • the method provided in the second embodiment of the present application will be described below with reference to FIG. 4 and FIG. 5.
  • the detection control device obtains feature information corresponding to the service path, location information of the monitoring point on the service path, and location information of the injection point according to the service model.
  • the injection point is a node for injecting the detection message into a service path of the NFV system.
  • the detection control device may select an injection point from a node included in the service path according to a requirement of fault location.
  • the detection control device may select one injection point from a plurality of monitoring points included in the service path. For example, if the fault location needs to detect the fault of the VNF, the injection point can be selected from the monitoring points distributed in the VNF.
  • the detection control device can select the vNIC1 as the injection point.
  • the need for the fault location is to detect the fault of the NFVI, and the injection point can be selected from the monitoring points distributed in the NFVI, for example, the detection control device can select the NIC 3 as the injection point.
  • the feature information is information required to generate a detection message.
  • the detection packet is a to-be-obtained packet, such as a GOAM packet, on which the monitoring point obtains information for locating the fault.
  • the feature information corresponding to the service path includes: a first identifier of the packet to be captured and a destination address of the to-be-captured packet.
  • the destination address is the same as the destination address carried in the service packet in the first embodiment of the present application. This ensures that the detection packet injected into the NFV system is the same as the path through which the service packet in the first embodiment passes.
  • the first identifier is an identifier determined by the detection proxy device, the detection control device, and the monitoring point.
  • the first identifier is used to identify that the packet carrying the first identifier is a detection packet.
  • the detection packet may include a GOAM packet and an outer layer encapsulation.
  • the GOAM message may adopt the structure shown in FIG.
  • the outer layer encapsulation includes an IP header, an Internet Control Message Protocol (ICMP) header, or a UDP header.
  • ICMP Internet Control Message Protocol
  • the GOAM packet may be carried in the IP packet.
  • the detection packet is an ICMP packet
  • the GOAM packet may be carried in the data of the ICMP packet.
  • the detection packet is UDP.
  • the message may be carried in the data of the UDP packet, and the sequence field of the GOAM packet may be used to carry the sequence number.
  • the cookie field of the GOAM packet The other identifier may be used to carry the first identifier.
  • the parameter carried in the Identifier field of the GOAM packet may be used to more accurately identify the GOAM packet, that is, when the cookie field carries the same parameter.
  • the first identifier includes a parameter carried by the cookie field and a parameter carried by the Identifier field.
  • the detection control device may generate a service model before S501.
  • the detection control device may further add the first identifier to the service model in the process of generating the service model.
  • the feature information includes a destination address that is location information of a tail node of the service path.
  • the detection control device obtains location information of the tail node from the service model.
  • the detection control device obtains the feature identifier according to the location information of the tail node and the first identifier obtained through negotiation.
  • the first identifier obtained through negotiation is an identifier determined by the detection control device in consultation with the detection proxy device and the monitoring point.
  • the feature information corresponding to the service path further includes a second identifier.
  • the second identifier is used to identify a service or a service path.
  • the second identifier is an identifier assigned by the detection control device or an identifier configured on the detection control device.
  • the detection control device may add the second identifier to the business model when generating the business model. If the detection control device does not add the second identifier to the service model, the detection control device may determine the second identifier according to the location information and the correspondence relationship of the monitoring point.
  • the correspondence relationship includes location information of the monitoring point and the second identifier.
  • the detection control device sends the location information of the monitoring point, the location information of the injection point, and the feature information corresponding to the service path to the detection proxy device.
  • the detection control device may directly notify the detection proxy device that after the injection point is determined The location information of the monitoring point of the injection point is selected without sending the location information of the injection point to the detection proxy device.
  • the communication mode between the detection control device and the detection agent device is the same as that of the first embodiment, and details are not described herein again.
  • the detecting proxy device generates a detection packet carrying a GOAM packet according to the feature information corresponding to the service path.
  • the detection proxy device may be statically configured with a template for detecting a packet, the template of the detection packet includes a GOAM packet and an outer layer encapsulation shown in FIG. 8, and the outer layer encapsulation is performed by the detection packet.
  • the business path passed is determined.
  • the outer package may include: an IP package, an ICMP package, a UDP package, or a tunnel package.
  • the tunnel encapsulation may be an IP tunnel encapsulation or the detection proxy device generates a detection message carrying a GOAM message, and the detection proxy device adds the first identifier and the destination address included in the feature information to
  • the template obtains the detection packet that carries the GOAM packet.
  • the first identifier is added to the Cookie field of FIG. 8, or the first identifier is added to the Cookie field and the Identifier field of FIG.
  • the destination address is added to a destination address field in an outer package included in the message.
  • the feature information further includes the second identifier
  • the template of the detection packet corresponding to different services is statically configured on the detection proxy device.
  • the detecting proxy device generates the detection message that carries the GOAM packet, and the detecting proxy device may obtain the first template according to the second identifier included in the feature information, where the first template is the second identifier a template for detecting the message; the detecting proxy device adds the first identifier and the destination address included in the feature information to the template, and obtains the detection packet that carries the GOAM packet.
  • the detecting proxy device may copy the detection packet by M-1 to obtain M detection packets.
  • Each of the M detection packets carries the GOAM packet.
  • the GOAM also includes a serial number.
  • the sequence number is used to identify the order in which the GOAM message carrying the sequence number is injected into the injection point.
  • the sequence number carried in the first GOAM packet is 1.
  • a sequence number of 1 indicates that the first GOAM packet is a GOAM packet carried by the first detection packet, and the first detection packet is a first detection packet injected into the injection point.
  • the value of the serial number carried in the i-th GOAM message is i, and the i is a value greater than or equal to 2 and less than or equal to M.
  • the sequence number of the value i indicates that the i-th GOAM message is a GOAM message carried in the i-th detection message, and the i-th detection message is an i-th detection message injected into the injection point.
  • the first GOAM message and the ith GOAM message may be the same except that the serial number is different.
  • the detection proxy device sends the detection message to the injection point according to location information of the injection point.
  • the detecting proxy device If the detecting proxy device generates only one detecting message, the detecting proxy device sends the one detecting message to the injection point, for example, the detecting proxy device sends the one detecting message to the vNIC1. If the detecting proxy device generates the M detecting packets, the detecting proxy device may sequentially send the M to the injection point according to the sequence number carried in the M detecting packets according to a preset interval time. Detection messages.
  • the method provided in the second embodiment of the present application is mainly described by the example that the detecting proxy device sends the one detecting packet to the injection point, and the embodiment for injecting multiple detecting packets into the injection point is not performed. Description.
  • the detection packet is sent along the service path according to the destination address included in the detection packet.
  • the injection point may be configured to receive, according to the first identifier carried in the detection packet, the packet carrying the first identifier, before the detecting the packet is sent along the service path. The detection message.
  • the communication mode between the detection proxy device and the injection point is the same as that between the detection proxy device and the monitoring point in the first embodiment, and details are not described herein.
  • the detection proxy device triggers the monitoring point to turn on the detection mode according to the location information of the monitoring point.
  • the method for the detection proxy device to trigger the monitoring point to turn on the detection mode may refer to the corresponding content in the first embodiment.
  • the detecting mode is an operation mode of capturing the detection packet on the service path and obtaining the information for locating the fault.
  • the communication mode between the detection proxy device and the injection point is the same as that in the first embodiment, and details are not described herein again.
  • the detecting proxy device may start the detecting mode without triggering the monitoring point, that is, S505 is optional.
  • the monitoring point obtains information for locating the fault from the detection packet on the service path according to the filtering condition of the monitoring point.
  • the filtering condition of the monitoring point is statically configured.
  • the filtering condition can also be obtained by using the method in the first embodiment, and details are not described herein again.
  • the monitoring point may obtain the information for locating the fault by using the method of Embodiment 1 S304.
  • the monitoring point may obtain the information for locating the fault from the detection message by means of a snapshot according to the filtering condition.
  • the monitoring point may quickly identify the detection packet according to the first identifier carried in the detection packet, and reduce the false recognition rate of the detection packet.
  • the filtering condition configured by the vNIC 1 as a monitoring point includes six rules.
  • the filtration condition can be specifically expressed as:
  • the snifferRule represents the filtering condition of the monitoring point; the condition represents any one of the rules.
  • rule includes 6 rules, that is, 6 conditions.
  • the six rules include a first rule, a second rule, a third rule, a fourth rule, a fifth rule, and a sixth rule.
  • the first rule is associated with a first identity for identifying the GOAM message.
  • the first rule indicates that the offset is 46, and the length is 4, the first identifier is carried in the field, and the first identifier is 0x4a3b2c1d.
  • the offset is 46, and the field of length 4 is a cookie field in the GOAM packet.
  • the second rule is related to a source IP address.
  • the second rule indicates that the offset is 26, and the field of length 4 carries the source IP address, and the source IP address is 0x0a889d43.
  • the IP address represented by 0x0a889d43 is 10.136.157.67.
  • the third rule is related to the destination IP address.
  • the third rule indicates that the offset is 30, and the field of length 4 carries the destination IP address, and the destination IP address is 0x0a889d42.
  • the IP address represented by 0x0a889d42 is 10.136.157.66.
  • the fourth rule is related to the protocol number.
  • the fourth rule indicates that the offset is 23, and the length 1 field carries the protocol number, and the protocol number is 0x11.
  • the 0x11 indicates that the packet is a UDP packet.
  • the fifth rule is related to the source port number.
  • the fifth rule indicates that the offset is 34, and the field of length 2 carries the source port number, and the source port number is 0xe518.
  • the sixth rule is related to the destination port number. The sixth rule indicates that the offset is 36, and the field of length 2 carries the destination port number, and the destination port number is 0xbac1.
  • the UDP packet is forwarded by the vBNG and then enters a virtual extended area network (VXLAN) tunnel
  • the packet forwarded by the vBNG adds an IPv4 encapsulation to the outer layer of the UDP packet.
  • the filtering conditions configured on vNIC2 as a monitoring point include 6 rules. Said as a monitoring point
  • the filter configured on vNIC2 can be expressed as:
  • the snifferRule represents the filtering condition of the monitoring point; the condition represents any one of the rules.
  • rule includes 6 rules, that is, 6 conditions.
  • the six rules include a seventh rule, an eighth rule, a ninth rule, a tenth rule, an eleventh rule, and a twelfth rule.
  • the seventh rule is related to a first identifier for identifying the GOAM message.
  • the seventh rule indicates that the offset is 96, and the first identifier is carried in the field of length 4.
  • the first identifier is 0x4a3b2c1d.
  • the offset is 46, and the field of length 4 is a cookie field in the GOAM packet.
  • the eighth rule is related to the source IP address.
  • the eighth rule indicates that the offset is 76, and the field of length 4 carries the source IP address, and the source IP address is 0x0a889d43.
  • the IP address represented by 0x0a889d43 is 10.136.157.67.
  • the ninth rule is related to the destination IP address.
  • the ninth rule indicates that the offset is 80, and the field of length 4 carries the destination IP address, and the destination IP address is 0x0a889d42.
  • the IP address represented by 0x0a889d42 is 10.136.157.66.
  • the tenth rule is related to the protocol number.
  • the tenth rule indicates that the offset is 73, and the length 1 field carries the protocol number, and the protocol number is 0x11.
  • the 0x11 indicates that the packet is a UDP packet.
  • the eleventh rule is related to a source port.
  • the eleventh rule indicates that the offset is 84, and the field of length 2 carries the source port number, and the source port number is 0xe518.
  • the twelfth rule is related to the destination port.
  • the twelfth rule indicates that the offset is 86, and the field of length 2 carries the destination port number, and the destination port number is 0xbac1.
  • the packet received by the vNIC2 is the UDP packet with the IPv4 outer layer, the location information of the cookie field and the quintuple information (the source IP address, the destination IP address, the protocol number, the source port, and the destination port) in the packet header. A change has occurred. In order to accurately obtain the cookie field and the quintuple information in the packet header, the value of the offset in the filter condition configured on the vNIC2 needs to be adjusted accordingly.
  • the monitoring point sends the information for locating a fault to the detection proxy device.
  • the monitoring point may use the method of S305 in the first embodiment to send the information for locating the fault to the detecting proxy device.
  • the detection proxy device sends the information for locating the fault to the detection control device.
  • the detecting proxy device may adopt the method of S306 in the first embodiment, and send the information for locating the fault to the detecting control device.
  • the detection control device determines, according to the service model and the information for locating a fault, a monitoring point that has a fault.
  • the detection control device may adopt the method of S307 in the first embodiment to determine the monitoring point where the fault exists.
  • the detection control device sends the location information of the monitoring point, the location information of the injection point, and the feature information corresponding to the service path to the detection proxy device.
  • the detecting proxy device may obtain the detection packet according to the feature information corresponding to the service path, and inject the detection packet into the service path by using the injection point.
  • the monitoring point may perform the information carried in the detection packet on the service path according to the configured filtering condition to obtain information for locating the fault.
  • the detecting proxy device transmits the information for locating the fault sent by the monitoring point to the detecting control device, so that the detecting control device can analyze the monitoring point that determines that there is a fault.
  • the method provided in the second embodiment of the present application can actively inject detection packets into the service path, and can perform fault detection and location at any time.
  • FIG. 6 is a schematic diagram of a scenario according to Embodiment 3 of the present application.
  • the scenario provided in the third embodiment of the present application is different from the scenario provided in FIG. 2 or FIG. 4 in that the server includes a first detection proxy device and a second detection proxy device, and the first detection proxy device is disposed in the VNF.
  • the second detection agent device is disposed in the NFVI, and the detection control device can So it is independent of the device outside the server.
  • the first detection proxy device and the second detection proxy device are capable of communicating with the detection control device.
  • the first detection proxy device is capable of communicating with other modules or elements included in the VNF.
  • the second detection proxy device is capable of communicating with other modules or components included in the NFVI.
  • the second detection proxy device may inject a detection packet through the NIC3, and the detection packet may be forwarded along the path identified by the dotted line in FIG. 6.
  • the path identified by the dashed line of Figure 6 is the same as the path identified by the dashed line of Figure 2.
  • FIG. 7 is a flowchart of a method for detecting a fault in an NFV system according to Embodiment 3 of the present application.
  • the method provided in the third embodiment of the present application is an active detection method, that is, the second detection proxy device injects the detection packet generated by the detection control device into the injection point, and the monitoring point obtains the detection packet forwarded from the service path for positioning. Fault information.
  • the injection point is used to inject the detection message.
  • the filtering condition of the monitoring point may be configured at the monitoring point by static configuration, so that the detection control device may send the filtering condition of the monitoring point to the monitoring point without using the detecting proxy device.
  • the method provided in the third embodiment of the present application will be described below with reference to FIG. 6 and FIG. 7.
  • the detection control device obtains location information of the first monitoring point on the service path, location information of the second monitoring point, location information of the injection point, and the detection packet according to the service model.
  • the method for obtaining the location information of the first monitoring point, the location information of the second monitoring point, and the location information of the injection point on the service path according to the service model is the same as that of S501, and details are not described herein again.
  • the method for the detection control device to select the injection point is the same as that of the second embodiment.
  • the injection point is a monitoring point different from the first monitoring point and the second monitoring point.
  • the method for generating the detection message by the detection control device is the same as the method for the detection agent device to generate the detection message in S503, and details are not described herein again.
  • the first detection proxy device is disposed in the VNF, and the first detection proxy device is configured to obtain information for locating the fault from a monitoring point located at the VNF.
  • the first monitoring point is a monitoring point in the VNF, for example, the first monitoring point is located at vNIC1, vNIC2, Linux, pipeline OS or vBNG.
  • the second detection proxy device is disposed in the NFVI, and the second detection proxy device is configured to obtain information for locating the fault from a monitoring point located at the NFVI.
  • the second monitoring point is a monitoring point in the NFVI, for example, the second monitoring point is located at NIC3, NIC4, vport4 or vport2.
  • the detection control device sends the location information of the second monitoring point, the location information of the injection point, and the detection packet to the second detection proxy device.
  • the method of S702 is the same as the method of S502, and details are not described herein again.
  • the detection control device may communicate with the second detection proxy device by using a communication protocol adopted by the detection control device in the first embodiment.
  • the detection control device sends the location information of the first monitoring point to the first detection proxy device.
  • the method of S703 is the same as the method of S502, and details are not described herein again.
  • the detection control device can communicate with the first detection proxy device by using a communication protocol adopted by the control device in the first embodiment.
  • the detection control device may first execute S703, and then execute S702.
  • the detection control device may simultaneously execute S702 and S703.
  • the first detecting proxy device triggers the first monitoring point to turn on the detection mode according to the location information of the first monitoring point.
  • the method of S704 is the same as the method of S505, and details are not described herein again.
  • S704 is executed after S703, and the order of execution of S704 and S702 is not limited.
  • the first detecting proxy device may use the communication protocol used by the detecting proxy device and the monitoring point in the first embodiment to communicate with the first monitoring point.
  • the second detection proxy device sends the detection packet to the injection point according to location information of the injection point.
  • the method of S705 is the same as the method of S504, and details are not described herein again.
  • S705 is executed after S702, and the execution order of S705 and S703 or S704 is not limited.
  • the second detecting proxy device may use the communication protocol used by the detecting proxy device and the monitoring point in the first embodiment to communicate with the injection point.
  • the second detecting proxy device triggers the second monitoring point to turn on the detection mode according to the location information of the second monitoring point.
  • the method of S706 is the same as the method of S505, and details are not described herein again.
  • S706 is executed after S702, and the execution order of S706 and S703, S704 or S705 is not limited.
  • the second detecting proxy device may use the communication protocol used by the detecting proxy device and the monitoring point in the first embodiment to communicate with the second monitoring point.
  • the second monitoring point obtains the second information from the detection message on the service path according to the filtering condition of the second monitoring point.
  • the second information is information obtained by the second monitoring point for locating a fault.
  • the detection message in S707 is the detection message received by the second monitoring point.
  • the method of S707 is the same as the method of S506, and details are not described herein again.
  • the second monitoring point sends the second information to the second detection proxy device.
  • the second detection proxy device sends the second information to the detection control device.
  • the first monitoring point obtains the first information from the detection packet on the service path according to the filtering condition of the first monitoring point.
  • the first information is information obtained by the first monitoring point for locating a fault.
  • the detection packet in S710 is different from the detection packet in S707, that is, the detection packet in S707 is forwarded by the node between the first monitoring point and the second monitoring point, and then in S707.
  • the information carried in the detection message changes.
  • the detection packet in S710 is the detection packet received by the first monitoring point.
  • S710 is the same as the method of S506, and details are not described herein again.
  • S710 is executed after S705 and S704, and the execution order of S710 and S706, S707, S708 or S709 is not limited.
  • the first monitoring point sends the first information to the first detection proxy device.
  • the method of S711 is the same as the method of S507, and details are not described herein again.
  • the first detection proxy device sends the first information to the detection control device.
  • the method of S712 is the same as the method of S508, and details are not described herein again.
  • the detection control device determines, according to the service model, the first information, and the second information, a monitoring point that has a fault.
  • the method of S713 is the same as the method of S509, and details are not described herein again.
  • the first detecting proxy device detects and locates the fault in the VNF
  • the second detecting proxy device detects and locates the fault in the NFVI, which helps to further improve the efficiency of fault location.
  • the GOAM packet can also be used to simulate the packet replacement in other formats of the service packet, and is no longer used for simulating the service packet. Messages in other formats are illustrated one by one.
  • FIG. 9 is a schematic structural diagram of a detection proxy device according to Embodiment 1 of the present application.
  • the detection agent device provided in the first embodiment of the present application is located in the NFV system.
  • the detecting proxy device provided in the first embodiment of the present application may be the above FIG. 2 to FIG. 7
  • the same content can be referred to the corresponding content in FIG. 2 to FIG. 7 , and details are not described in this embodiment.
  • a detection proxy apparatus provided in Embodiment 1 of the present application includes: a first receiving module 901, an obtaining module 902, and a first sending module 903.
  • the obtaining module 902 is capable of communicating with the first receiving module 901 and the first sending module 903.
  • the first receiving module 901 is configured to receive location information of a monitoring point on a service path sent by the detection control apparatus.
  • the obtaining module 902 is configured to obtain information for locating a fault from the monitoring point according to the location information of the monitoring point, where the information for locating the fault is information obtained by the monitoring point according to the filtering condition.
  • the information for locating the fault includes location information of the monitoring point.
  • the first sending module 903 is configured to send the information for locating a fault to the detection control device.
  • the detection proxy device further includes a second receiving module 904 and a second sending module 905.
  • the second receiving module 904 can communicate with the second sending module 905.
  • the second receiving module 904 is configured to receive the detection message sent by the detection control device and the location information of the injection point on the service path, where the detection message is used by the monitoring point to obtain the location fault. The information to be captured based on the information.
  • the second sending module 905 is configured to send the detection packet to the injection point.
  • the detecting proxy device further includes: a third receiving module 906, a generating module 907, and a third sending module 908.
  • the third receiving module 906 is capable of communicating 908 with the generating module 907 and the third transmitting module.
  • the generating module 907 is capable of communicating with the third transmitting module 908.
  • the third receiving module 906 is configured to receive feature information corresponding to the service path and location information of an injection point on the service path that are sent by the detection control device.
  • the generating module 907 is configured to generate M detection packets according to the feature information corresponding to the service path, where the M is an integer greater than or equal to 1, and any one of the M detection packets is detected.
  • the packet is a to-be-obtained packet on which the information for obtaining the fault is obtained by the monitoring point.
  • the third sending module 908 is configured to send the M detection packets to the injection point.
  • the information used for locating the fault is information obtained by the monitoring point after filtering the service packet forwarded along the service path.
  • the information used for locating the fault is information obtained by the monitoring point after filtering the detection packet forwarded along the service path.
  • the detection message may be a message sent by the detection proxy device to the injection point and injected by the injection point.
  • the detecting proxy device further includes a fourth receiving module 909 and a fourth sending module 910.
  • the fourth receiving module 909 can communicate with the fourth sending module 910.
  • the fourth receiving module 909 is configured to receive the filtering condition of the monitoring point that is sent by the detection control device, where the filtering condition is used to obtain the information for locating a fault from a packet to be filtered.
  • the fourth sending module 910 is configured to send, according to location information of the monitoring point, a filtering condition of the monitoring point to the monitoring point.
  • the obtaining module 902 is specifically configured to periodically read the information for locating a fault from the monitoring point, or the obtaining module 902 is specifically configured to receive the periodically sent by the monitoring point. Information for locating faults.
  • the obtaining module 902 includes a first sub-module.
  • the first submodule is configured to periodically read the information for locating a fault from the monitoring point.
  • the obtaining module 902 includes a second submodule.
  • the second submodule is configured to receive the information for locating a fault periodically sent by the monitoring point.
  • FIG. 10 is a schematic structural diagram of a detection proxy device according to Embodiment 2 of the present application.
  • the detection agent device can be located in the NFV system.
  • the detecting proxy device provided in the second embodiment of the present application may be the detecting proxy device in any of the foregoing embodiments corresponding to FIG. 2 to FIG. 7. For the same content, refer to the corresponding content in FIG. 2 to FIG. 7. In this embodiment, Let me repeat.
  • the detection proxy device provided in the second embodiment of the present application may be the same device as the detection proxy device provided in the first embodiment of the present application. It can be considered that FIG. 10 shows the structure included in the detection agent device from a physical point of view, and FIG. 9 shows the structure included in the detection agent device from a logical point of view.
  • the detection proxy device provided in the second embodiment of the present application includes a processor 1001, a memory 1002, and a communication interface 1003.
  • the processor 1001, the memory 1002, and the communication interface 1003 can communicate with each other.
  • the processor 1001, the memory 1002, and the communication interface 1003 may communicate or be connected through the communication bus 1004.
  • the memory 1002 is used to store programs.
  • the processor 1001 may execute executable instructions included in the program or program stored in the memory 1002 to execute the detection proxy device in any of the above embodiments of FIG. 2 to FIG. 5 or the first detection proxy of FIGS. 6 and 7. The method performed by the device.
  • the processor 1001 executes a program stored in the memory 1002 or an executable instruction included in the program, and performs an operation of receiving, by the communication interface 1003, a monitoring point on a service path sent by the detection control device.
  • the location information is obtained, and the information for locating the fault is obtained from the monitoring point according to the location information of the monitoring point, where the information for locating the fault is information obtained by the monitoring point according to the filtering condition, and the
  • the information of the positioning fault includes location information of the monitoring point; and the information for locating the fault is transmitted to the detection control apparatus through the communication interface 1003.
  • the other content of the processor 1001 can be referred to the corresponding content in the foregoing embodiment, and details are not described herein again.
  • FIG. 11 is a schematic structural diagram of a detection control apparatus according to Embodiment 1 of the present application.
  • the detection control device provided in the first embodiment of the present application may be independent of the device outside the server.
  • the detection control device may be located in an NFV Management and Orchestration (MANO) device or a software defined network controller.
  • the SDN controller and the network management device may also be located on a personal computer, a server, a network device, or the like dedicated to locating the fault.
  • the detection control device provided in the first embodiment of the present application may be the detection control device in any of the embodiments corresponding to FIG. 2 to FIG. 7 .
  • For the same content refer to the corresponding content in FIG. 2 to FIG. 7 , and in this embodiment, Let me repeat.
  • the detection control apparatus includes: a first sending module 1101, a receiving module 1102, and a fault determining module 1103.
  • the fault determination module 1103 is capable of communicating with the first transmitting module 1101 and the receiving module 1102.
  • the first sending module 1101 is configured to send location information of a monitoring point on a service path to the detecting proxy device, where the detecting proxy device is located in the NFV system.
  • the receiving module 1102 is configured to receive, by the detecting proxy device, information for locating a fault, where the information for locating the fault is information obtained by the monitoring point according to a filtering condition, and the information used for locating the fault
  • the location information of the monitoring point is included.
  • the fault determining module 1103 is configured to determine, according to the information for locating a fault and a service model corresponding to the service path, a monitoring point that is faulty in the NFV system.
  • the detection control apparatus further includes: a first obtaining module 1104, a message generating module 1105, and a second sending module 1106.
  • the message generating module 1105 is capable of communicating with the first obtaining module 1104 and the second sending module 1106.
  • the second sending module 1106 is capable of communicating with the first obtaining module 1104.
  • the first obtaining module 1104 is configured to obtain, according to the service model, feature information corresponding to the service path and location information of an injection point on the service path, where the feature information is required to generate a detection message. information.
  • the packet generating module 1105 is configured to generate the detection packet according to the feature information, where the detection packet is a to-be-obtained packet according to the monitoring point for obtaining the information for locating the fault.
  • the second sending module 1106 is configured to send the location to the detection proxy device The detection message and the location information of the injection point are described.
  • the detection control device further includes: a second obtaining module 1107 and a third sending module 1108.
  • the second obtaining module 1107 can communicate with the third sending module 1108.
  • the second obtaining module 1107 is configured to obtain, according to the service model, feature information corresponding to the service path and location information of an injection point on the service path, where the feature information is generated by the detection proxy device.
  • the information required for the message, the detection message is the to-be-obtained message on which the monitoring point obtains the information for locating the fault.
  • the third sending module 1108 is configured to send the feature information and location information of the injection point to the detection proxy device.
  • the detection control device further includes: a third obtaining module 1109 and a fourth sending module 1110.
  • the third obtaining module 1109 can communicate with the fourth sending module 1110.
  • the third obtaining module 1109 is configured to obtain, according to the service model, a filtering condition of the monitoring point, where the filtering condition is used to obtain the information for locating a fault from a packet to be filtered.
  • the fourth sending module 1110 is configured to send the filtering condition of the monitoring point to the detecting proxy device.
  • the detection control apparatus further includes: a determining module 1111, a fourth obtaining module 1112, and a model establishing module 1113.
  • the model building module 1113 is capable of communicating with the determining module 1111 and the fourth obtaining module 1112.
  • the determining module 1111 is configured to determine a first node, a tail node, and L intermediate nodes of the service path according to the service, where the L is an integer greater than or equal to 0.
  • the fourth obtaining module 1112 is configured to obtain, according to the service path, location information of the first node, location information of the tail node, location information of each intermediate node of the L intermediate nodes, and the first node.
  • the model establishing module 1113 is configured to use, according to location information of the first node, location information of the tail node, location information of each intermediate node in the L intermediate nodes, filtering conditions of the first node, and the The filtering condition of the tail node and the filtering condition of each of the L intermediate nodes obtain a business model.
  • the model establishing module 1113 is further capable of communicating with one or more of the fault determining module 1103, the third obtaining module 1109, the second obtaining module 1107, and the first obtaining module 1104.
  • the fault determining module 1103 is specifically configured to: obtain a reference value of the N parameters according to the service model corresponding to the service path, where the N parameters are parameters carried by the packet forwarded by the service path, where N is an integer greater than or equal to 1, and the reference value is an estimated value of the N parameters obtained in the case where the service path does not have a fault point; from the information used for locating the fault, Obtaining a measured value of the N parameters, the measured value is an actual value of the N parameters obtained from a message forwarded by the service path; comparing a reference value of the N parameters with the N The measured value of the parameter determines the monitoring point with the fault, and the monitoring point with the fault is the monitoring point corresponding to the parameter whose measured value is different from the reference value.
  • the fault determining module 1103 includes a first obtaining submodule, a second obtaining submodule, and a comparing submodule.
  • the comparison sub-module is capable of communicating with the first obtaining sub-module and the second obtaining sub-module.
  • the first obtaining submodule is configured to obtain a reference value of the N parameters according to a service model corresponding to the service path.
  • the second obtaining submodule is configured to obtain the measured values of the N parameters from the information for locating the fault.
  • the comparison submodule is configured to compare the reference values of the N parameters and the measured values of the N parameters to determine the monitoring point where the fault exists.
  • the detection control device further includes a trigger module.
  • the triggering module is configured to trigger, by using a NETCONF interface, the detection proxy device to obtain the information for locating a fault.
  • FIG. 12 is a schematic structural diagram of a detection control apparatus according to Embodiment 2 of the present application.
  • the detection control device provided in the second embodiment of the present application can be independent of the server.
  • the detection control device provided in the second embodiment of the present application may be the detection control device in any of the embodiments corresponding to FIG. 2 to FIG. 7 .
  • the detection control device provided in the second embodiment of the present application may be the same device as the detection control device provided in the first embodiment of the present application. It can be considered that Fig. 12 shows the structure included in the detecting agent device from a physical point of view, and Fig. 11 shows the structure included in the detecting agent device from a logical point of view.
  • the detection control apparatus includes a processor 1201, a memory 1202, and a communication interface 1203.
  • the processor 1201, the memory 1202, and the communication interface 1203 can communicate with each other.
  • the processor 1201, the memory 1202, and the communication interface 1203 may communicate or be connected through the communication bus 1204.
  • the memory 1202 is used to store programs.
  • the processor 1201 may execute a program stored in the memory 1202 or an executable instruction included in the program, and execute the method performed by the detecting proxy device in any of the foregoing embodiments of FIG. 2 to FIG.
  • the processor 1201 may execute a program in the memory 1202 or an executable instruction included in the program, and perform an operation of transmitting a service to a detection proxy device in the NFV system through the communication interface 1203.
  • Position information of the monitoring point on the path receiving, by the communication interface 1203, information for locating the fault sent by the detecting proxy device, where the information for locating the fault is information obtained by the monitoring point according to the filtering condition
  • the information for locating the fault includes location information of the monitoring point; and determining, according to the information for locating the fault and the service model corresponding to the service path, a monitoring point that is faulty in the NFV system.
  • the other content of the processor 1201 can be referred to the corresponding content in the foregoing embodiment, and details are not described herein again.
  • the embodiment of the present application also provides a system for detecting a fault.
  • the system provided by the embodiment of the present application is for detecting a fault of the NFV system.
  • the system provided by the embodiment of the present application may include the detection agent device shown in FIG. 9 and the detection control device shown in FIG.
  • the system provided by the embodiment of the present application may include the detection proxy device shown in FIG. 10 and the detection control device shown in FIG.
  • the system provided by the embodiment of the present application may include the detection proxy device shown in FIG. 10 and the detection control device shown in FIG.
  • the system provided by the embodiment of the present application may include the detection proxy device shown in FIG. 9 and the detection control device shown in FIG.
  • the structure included in the system provided by the embodiment of the present application refer to the corresponding content in any embodiment corresponding to FIG. 9 to FIG. 12, and details are not described herein again.
  • the above processor may be a microprocessor or the processor may be any conventional processor.
  • the steps of the method disclosed in the embodiment of the present invention may be directly implemented as a hardware processor, or may be performed by a combination of hardware and software modules in the processor.
  • the code implementing the above functions may be stored in a computer readable medium.
  • Computer readable media includes computer storage media.
  • a storage medium may be any available media that can be accessed by a computer.
  • the computer readable medium may be a random access memory (English full name is random access memory, abbreviated as RAM), read-only memory (English full name is read-only memory, English abbreviation for ROM), Electrical erasable programmable read-only memory (English full name electrically erasable programmable read-only memory, abbreviated as EEPROM), read-only optical disc (English full name compact disc read-only memory, English abbreviation for CD-ROM) or other disc
  • RAM random access memory
  • read-only memory English full name is read-only memory, English abbreviation for ROM
  • Electrical erasable programmable read-only memory English full name electrically erasable programmable read-only memory, abbreviated as EEPROM
  • read-only optical disc English full name compact disc read-only memory, English abbreviation for CD-ROM
  • the computer readable medium may be a compact disc (English full name compact disc, abbreviated as CD), a laser disc, a disc, a digital video disc (English full name digital video disc, abbreviated as DVD), a floppy disk or a Blu-ray disc.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • Cardiology (AREA)
  • General Health & Medical Sciences (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Debugging And Monitoring (AREA)
  • Computer And Data Communications (AREA)

Abstract

本申请提供了一种在网络功能虚拟化NFV系统中检测故障的方法,该方法能够有效定位NFV中的故障和提高故障定位效率。该方法中,检测代理装置接收检测控制装置发送的业务路径上的监测点的位置信息,所述检测代理装置位于所述NFV系统中;所述检测代理装置根据所述监测点的位置信息,从所述监测点获得用于定位故障的信息,所述用于定位故障的信息为所述监测点根据过滤条件获得的信息,所述用于定位故障的信息包括所述监测点的位置信息;所述检测代理装置向所述检测控制装置发送所述用于定位故障的信息。所述检测控制装置可根据所述用于定位故障的信息和所述业务路径对应的业务模型,确定存在故障的监测点。

Description

在NFV系统中检测故障的方法、装置和系统
本申请要求于2016年12月2日提交中国专利局、申请号为CN 201611099758.0、发明名称为“在NFV系统中检测故障的方法、装置和系统”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。
技术领域
本申请涉及通信领域,尤其涉及一种在网络功能虚拟化(Network Functions Virtualization,NFV)系统中检测故障的方法、装置和系统。
背景技术
NFV是借助虚拟化技术,采用通用的大容量的服务器和存储器等设备,承载网络软件功能的技术标准。NFV主要是采用通用服务器硬件平台,在服务器之上运行虚拟化软件并生成虚拟机。通常的网元的网络功能可以以软件的形式运行在虚拟机上,形成虚拟网络功能(virtualized network function,VNF)。这样,NFV可屏蔽硬件平台的差异,硬件资源可实现最大化的共享。
但是,NFV需要分层对多个部件进行集成,比如:物理服务器、主机操作系统(Host Operating System,Host OS)、虚拟机监视器(hypervisor)、虚拟交换机(virtual switch,vSwitch)、客户操作系统(guest operating system,guest OS)、VNF和NFV管理协同(NFV Management and Orchestration,MANO)等多个部件集成。NFV的主要功能可通过报文转发和业务处理来实现,而报文在经host OS、hypervisor、vSwitch、guest OS和VNF传输时,会因为故障导致报文丢失,因此需要对NFV系统进行快速和有效的故障定位。
发明内容
本申请实施例提供了一种在NFV系统中检测故障的方法、装置和系统,有助于有效定位NFV中的故障和提高故障定位效率。
第一方面,提供了一种在NFV系统中检测故障的方法。所述方法包括:检测代理装置接收检测控制装置发送的业务路径上的监测点的位置信息,所述检测代理装置位于所述NFV系统中;所述检测代理装置根据所述监测点的位置信息,从所述监测点获得用于定位故障的信息,所述用于定位故障的信息为所述监测点根据过滤条件获得的信息,所述用于定位故障的信息包括所述监测点的位置信息;所述检测代理装置向所述检测控制装置发送所述用于定位故障的信息。
上述方法中,NFV系统中的检测代理装置可根据检测控制装置发送的业务路径上的监测点的位置信息,获得所述监测点转发的报文所携带的用于定位故障的信息。所述检测代理装置可将所述用于定位故障的信息发送给所述检测控制装置,有助于对NFV系统包括的各层之间或NFV系统包括的每层进行监测和故障定位,以避免对所述NFV系统的日志进行逐一分析来定位故障,提高故障定位效率。
可选地,所述检测代理装置根据所述监测点的位置信息,从所述监测点获得用于定位故障的信息之前,所述方法还包括:所述检测代理装置接收所述检测控制装置发送的检测报文和所述业务路径上的注入点的位置信息,所述检测报文为所述监测点获得所述用于定 位故障的信息所依据的待抓取报文;所述检测代理装置向所述注入点发送所述检测报文。
其中,所述注入点为用于将所述检测报文注入所述NFV系统的业务路径上的节点。可选地,所述注入点可从所述业务路径包括的多个监测点中进行选择。
上述方法中,所述检测代理装置可从所述检测控制装置获得对于某一业务的检测报文,向所述注入点所述某一业务的检测报文,以实现向所述某一业务对应的业务路径上注入所述检测报文。所述检测报文沿所述业务路径转发的过程中,所述检测报文中携带的信息,比如所述检测报文的报文头中的五元组信息,可基于转发动作发生改变。所述检测报文的报文头中基于转发动作而改变的信息包括所述用于定位故障的信息。所述检测代理装置可通过所述监测点,获得经所述业务路径转发的所述检测报文中携带的用于定位故障的信息。
可选地,所述检测代理装置根据所述监测点的位置信息,从所述监测点获得用于定位故障的信息之前,所述方法还包括:所述检测代理装置接收所述检测控制装置发送的与所述业务路径对应的特征信息和所述业务路径上的注入点的位置信息;所述检测代理装置根据所述与所述业务路径对应的特征信息,生成M个检测报文,所述M为大于或等于1的整数,所述M个检测报文中的任意一个检测报文为所述监测点获得所述用于定位故障的信息所依据的待抓取报文;所述检测代理装置向所述注入点发送所述M个检测报文。
其中,所述注入点为用于将所述检测报文注入所述NFV系统的业务路径上的节点。可选地,所述注入点可从所述业务路径包括的多个监测点中进行选择。
上述方法中,所述检测代理装置可根据所述检测控制装置发送的用于生成检测报文的特征信息,即与所述业务路径对应的特征信息,生成M个检测报文。在M取值为1时,所述检测代理装置可向所述注入点发送一个检测报文,向所述注入点发送所述一个检测报文,以通过所述注入点注入所述一个检测报文,所述一个检测报文用于检测部署在所述NFV系统中的所述业务路径是否存在故障。在M取值为大于1的整数时,所述检测代理装置可根据所述特征信息获得一个检测报文,并将所述一个检测报文复制M-1份,以获得所述M个检测报文。所述M个检测报文中任意一个检测报文还可携带一个序列号,所述序列号用来标识携带所述序列号的检测报文被注入所述业务路径的顺序。所述检测代理装置可基于所述序列号,向所述注入点发送所述M个检测报文,以实现通过所述注入点向所述业务路径注入所述M个检测报文。由于所述M个检测报文除所述序列号之外携带的特征信息相同,即使所述监测点错过了所述M个检测报文中的某一个检测报文时,所述监测点仍可抓取所述M个检测报文中的其他检测报文,以获得所述用于定位故障的信息,有助于提高故障定位的成功率。
可选地,所述用于定位故障的信息为所述监测点对沿所述业务路径转发的业务报文进行过滤后获得的信息。其中,所述用于定位故障的信息可以是所述监测点根据所述过滤条件,对沿所述业务路径转发的业务报文进行快照获得的信息。
上述方法中,所述检测代理装置可以不向所述业务路径中注入所述检测报文,直接利用沿所述业务路径转发的业务报文进行监测和故障定位。所述检测代理装置从所述监测点获得的用于定位故障的信息来自于所述业务路径转发的业务报文,有助于避免所述检测代理装置或所述检测控制装置生成检测报文。
可选地,所述监测点的位置信息为所述NFV系统的硬件层内或操作系统层内或虚拟化层内。可选地,所述监测点的位置信息可以为所述硬件层与所述操作系统层之间或所述 操作系统层与所述虚拟化层之间。
上述方法中,所述检测代理装置可从所述检测控制装置获得一个或多个监测点的位置信息。任意一个监测点可分布于所述NFV系统的相邻两层之间或所述NFV系统的每层之内。所述一个或多个监测点的分布位置以及数量可根据故障定位的精度等需求来进行设置。
可选地,所述检测代理装置位于所述NFV系统的硬件层内或操作系统层内或虚拟化层内。
上述方法中,位于所述硬件层内的检测代理装置可对所述硬件层内的故障进行定位。位于所述虚拟化层或所述操作系统层内的检测代理装置可对所述硬件层内由vSwitch引起的故障进行检测和定位。位于所述虚拟化层或所述操作系统层内的检测代理装置可对所述虚拟化层内、所述操作系统层内、所述虚拟化层和所述操作系统层间或所述虚拟化层和所述硬件层间的故障进行检测和定位。所述检测代理装置可根据需要进行设置,比如在所述NFV系统中设置一个或多个检测代理装置,以便对所述硬件层、操作系统层和虚拟化层进行全面的检测和故障定位。
可选地,所述过滤条件可以为通过静态配置的方式设置于所述监测点,所述过滤条件用于从待过滤的报文中获得所述用于定位故障的信息。
可选地,所述检测代理装置根据所述监测点的位置信息,从所述监测点获得用于定位故障的信息之前,所述方法还包括:所述检测代理装置接收所述检测控制装置发送的所述监测点的过滤条件,所述过滤条件用于从待过滤的报文中获得所述用于定位故障的信息;所述检测代理装置根据所述监测点的位置信息,向所述监测点发送所述监测点的过滤条件。
上述方法中,所述过滤条件可包括一条或多条过滤规则,所述一条或多条过滤规则中的任一过滤规则包括长度,偏移量和值。所述监测点可利用所述监测点获得的过滤规则包括的长度、偏移量和值,从所述业务路径上转发的业务报文或检测报文中过滤出携带有用于定位故障的信息的报文。
可选地,所述检测代理装置根据所述监测点的位置信息,从所述监测点获得用于定位故障的信息包括:所述检测代理装置周期性从所述监测点读取所述用于定位故障的信息。
可选地,所述检测代理装置根据所述监测点的位置信息,从所述监测点获得用于定位故障的信息包括:所述检测代理装置接收所述监测点周期性发送的所述用于定位故障的信息。
第二方面,提供了一种在NFV系统中检测故障的方法。所述方法包括:检测控制装置向检测代理装置发送业务路径上的监测点的位置信息,所述检测代理装置位于所述NFV系统中;所述检测控制装置接收所述检测代理装置发送的用于定位故障的信息,所述用于定位故障的信息为所述监测点根据过滤条件获得的信息,所述用于定位故障的信息包括所述监测点的位置信息;所述检测控制装置根据所述用于定位故障的信息和所述业务路径对应的业务模型,确定所述NFV系统中存在故障的监测点。
上述方法中,所述检测控制装置将所述业务路径上的监测点的位置信息发送给所述检测代理装置,通过所述检测代理装置,获得所述监测点抓取所述业务路径上的报文所携带的用于定位故障的信息。所述检测控制装置可利用所述用于定位故障的信息确定存在故障的监测点,无需逐层分析所述NFV系统的调试信息、统计信息和日志信息,有助于缩短 故障定位的时间,提高故障定位效率。另外,对于不同的业务路径,所述检测控制装置可设置与所述业务路径对应的监测点,有助于提高灵活性和通用性。
可选地,所述检测控制装置接收所述检测代理装置发送的用于定位故障的信息之前,所述方法还包括:所述检测控制装置根据所述业务模型,获得与所述业务路径对应的特征信息和所述业务路径上的注入点的位置信息,所述特征信息为所述检测代理装置生成检测报文所需的信息,所述检测报文为所述监测点获得所述用于定位故障的信息所依据的待抓取报文;所述检测控制装置向所述检测代理装置发送所述特征信息和所述注入点的位置信息。
可选地,所述检测控制装置接收所述检测代理装置发送的用于定位故障的信息之前,所述方法还包括:所述检测控制装置根据所述业务模型,获得与所述业务路径对应的特征信息和所述业务路径上的注入点的位置信息,所述特征信息为生成检测报文所需的信息;所述检测控制装置根据所述特征信息生成所述检测报文,所述检测报文为所述监测点获得所述用于定位故障的信息所依据的待抓取报文;所述检测控制装置向所述检测代理装置发送所述检测报文和所述注入点的位置信息。
其中,所述注入点为用于将所述检测报文注入所述NFV系统的业务路径上的节点。可选地,所述注入点可从所述业务路径包括的多个监测点中进行选择。
上述方法中,所述检测控制装置可将根据所述特征信息生成的检测报文发送给所述检测代理装置,以避免所述检测代理装置生成所述检测报文,有助于降低所述检测代理装置的负担。
可选地,所述检测控制装置接收所述检测代理装置发送的用于定位故障的信息之前,所述方法还包括:所述检测控制装置根据所述业务模型,获得所述监测点的过滤条件,所述过滤条件用于从待过滤的报文中获得所述用于定位故障的信息;所述检测控制装置向所述检测代理装置发送所述监测点的过滤条件。
可选地,所述检测控制装置向NFV系统中的检测代理装置发送业务路径上的监测点的位置信息之前,所述方法还包括:所述检测控制装置根据业务确定所述业务路径的首节点、尾节点和L个中间节点,所述L为大于或等于0的整数;所述检测控制装置根据所述业务路径获得所述首节点的位置信息、所述尾节点的位置信息、所述L个中间节点中每个中间节点的位置信息、所述首节点的过滤条件、所述尾节点的过滤条件和所述L个中间节点中每个中间节点的过滤条件;所述检测控制装置根据所述首节点的位置信息、所述尾节点的位置信息、所述L个中间节点中每个中间节点的位置信息、所述首节点的过滤条件、所述尾节点的过滤条件和所述L个中间节点中每个中间节点的过滤条件,获得业务模型。所述首节点为所述业务路径包括的处于起始位置的节点。所述尾节点为所述业务路径包括的处于结束位置的节点,即所述业务路径上最后经过的节点。
可选地,所述检测控制装置根据所述用于定位故障的信息和所述业务路径对应的业务模型,确定所述NFV系统中存在故障的监测点包括:所述检测控制装置根据所述业务路径对应的业务模型,获得N个参数的参考值,所述N个参数为经所述业务路径转发的报文携带的参数,所述N为大于或等于1的整数,所述参考值为在所述业务路径不存在故障点时获得的所述N个参数的预估值;所述检测控制装置从所述用于定位故障的信息中,获得所述N个参数的测量值,所述测量值为从经所述业务路径转发的报文中获得的所述N个参数的实际值;所述检测控制装置比较所述N个参数的参考值和所述N个参数的测量值,确 定所述存在故障的监测点,所述存在故障的监测点为测量值与参考值不同的参数所对应的监测点。
可选地,所述检测控制装置接收所述检测代理装置发送的用于定位故障的信息之前,所述方法还包括:所述检测控制装置通过网络配置协议(Network Configuration Protocol,NETCONF)接口,触发所述检测代理装置获取所述用于定位故障的信息。
上述方法中,所述检测控制装置还可通过其他类型的接口,触发所述检测代理装置获取所述用于定位故障的信息。所述其他类型的接口可以为简单网络管理协议(simple network management protocol,SNMP)接口、简单对象访问协议(Simple Object Access Protocol,SOAP)接口、多技术操作系统接口(Multi-Technology Operations System Interface,MTOSI)、表征状态转移(Representational State Transfer,REST)接口或表征状态转移配置协议(Representational State Transfer Configuration Protocol,RESTCONF)接口。
第三方面,提供一种检测代理装置,所述检测代理装置位于NFV系统中,所述检测代理装置包括:第一接收模块、获得模块和第一发送模块。所述获得模块能够与所述第一接收模块和所述第一发送模块通信。所述第一接收模块用于接收检测控制装置发送的业务路径上的监测点的位置信息。所述获得模块用于根据所述监测点的位置信息,从所述监测点获得用于定位故障的信息,所述用于定位故障的信息为所述监测点根据过滤条件获得的信息,所述用于定位故障的信息包括所述监测点的位置信息。所述第一发送模块用于向所述检测控制装置发送所述用于定位故障的信息。
可选地,所述检测代理装置还包括用于执行上述第一方面的任意一种可能的实现方式的一个或多个模块。
可选地,所述获得模块包括第一子模块,所述第一子模块用于周期性从所述监测点读取所述用于定位故障的信息。或者所述获得模块包括第二子模块,所述第二子模块用于接收所述监测点周期性发送的所述用于定位故障的信息。
第四方面,提供一种检测代理装置,所述检测代理装置可位于NFV系统中,所述检测代理装置包括处理器、存储器和通信接口。所述处理器、所述存储器和所述通信接口通过通信总线连接。所述存储器用于存储程序。所述处理器根据从所述存储器中读取的程序所包括的可执行指令,执行上述第一方面或第一方面的任意一种可能的实现方式提供的方法。
第五方面,提供一种检测控制装置,所述检测控制装置包括:第一发送模块、接收模块和故障确定模块。所述故障确定模块能够与所述第一发送模块和所述接收模块通信。所述第一发送模块用于向检测代理装置发送业务路径上的监测点的位置信息,所述检测代理装置位于NFV系统中。所述接收模块用于接收所述检测代理装置发送的用于定位故障的信息,所述用于定位故障的信息为所述监测点根据过滤条件获得的信息,所述用于定位故障的信息包括所述监测点的位置信息。所述故障确定模块用于根据所述用于定位故障的信息和所述业务路径对应的业务模型,确定所述NFV系统中存在故障的监测点。
可选地,所述检测控制装置还包括用于执行上述第二方面的任意一种可能的实现方式的一个或多个模块。
可选地,所述故障确定模块包括第一获得子模块、第二获得子模块和比较子模块。所述比较子模块能够与所述第一获得子模块和所述第二获得子模块通信。所述第一获得子模块用于根据所述业务路径对应的业务模型,获得N个参数的参考值。所述第二获得子模块 用于从所述用于定位故障的信息中,获得所述N个参数的测量值。所述比较子模块用于比较所述N个参数的参考值和所述N个参数的测量值,确定所述存在故障的监测点。其中,所述N个参数的参考值和所述N个参数的测量值可参见第二方面中的相应内容。
第六方面,提供一种检测控制装置,所述检测控制装置包括处理器、存储器和通信接口。所述处理器、所述存储器和所述通信接口通过通信总线连接。所述存储器用于存储程序。所述处理器根据从所述存储器中读取的程序所包括的可执行指令,执行上述第二方面或第二方面的任意一种可能的实现方式提供的方法。
第七方面,提供一种用于进行故障检测的系统,所述系统包括前述第三方面或第三方面的任意一种可能的实现方式提供的检测代理装置和前述第四方面或第四方面的任意一种可能的实现方式提供的检测控制装置;或者
所述系统包括前述第五方面或第五方面的任意一种可能的实现方式提供的检测代理装置和前述第六方面或第六方面的任意一种可能的实现方式提供的检测控制装置。
附图说明
图1为一种可能的应用场景示意图。
图2为本申请实施例一提供的场景示意图。
图3为本申请实施例一提供的在NFV系统中检测故障的方法流程图。
图4为本申请实施例二提供的场景示意图。
图5为本申请实施例二提供的在NFV系统中检测故障的方法流程图。
图6为本申请实施例三提供的场景示意图。
图7为本申请实施例三提供的在NFV系统中检测故障的方法流程图。
图8为本申请实施例提供的GOAM报文的示意图。
图9为本申请实施例一提供的检测代理装置的结构示意图。
图10为本申请实施例二提供的检测代理装置的结构示意图。
图11为本申请实施例一提供的检测控制装置的结构示意图。
图12为本申请实施例二提供的检测控制装置的结构示意图。
具体实施方式
本申请实施例描述的应用场景是为了更加清楚的说明本申请实施例的技术方案,并不构成对于本申请实施例提供的技术方案的限定,本领域普通技术人员可知,随着网络架构的演变和新业务场景的出现,本申请实施例提供的技术方案对于类似的技术问题,同样适用。
如图1所示的场景中,NFV系统设置于图1所示的服务器(server)上。所述NFV系统包括虚拟网络功能(virtualized network function,VNF)和网络功能虚拟化基础设施(network functions virtualization infrastructure,NFVI)。所述VNF包括虚拟宽带网络业务网关(virtual broadband network gateway,vBNG)、操作系统(operating system,OS)和x个虚拟网卡(virtual network interface card,vNIC),x为大于或等于1的整数。所述x个vNIC可以包括图1中的vNIC1和vNIC2。所述OS包括管道OS和客户OS(guest OS)。所述NFVI包括hypervisor和硬件(hardware)层。所述hypervisor包括开源虚拟交换机(open vSwitch,OVS)和路由/网络地址转换(Routing/NAT)模块。所述OVS包括y个虚拟端 口(virtual port,vport),y为大于或等于1的整数。所述y个vport可以包括图1中的vport1、vport2、vport3和vport4。所述hardware层包括z个网卡(network interface card,NIC),z为大于或等于1的整数。所述z个NIC可以包括图1中的NIC3和NIC4。其中,客户OS(guest OS)可以是Linux。Routing/NAT模块用于对收到的报文进行网络地址转换(network address translation,NAT)和路由。
所述server接收用户驻地设备(customer-premises equipment,CPE)发送的业务报文。所述业务报文经所述server的NIC3进入所述server包括的NFV系统。所述业务报文沿所述NFV系统的业务路径转发后,经所述server的NIC4转发至能够和所述server通信的网络。所述NFV系统的业务路径为图1中虚线所示的路径。图1中用虚线标识的业务路径可表示为NIC3->Routing/NAT->vport1->vport2->vNIC1->Linux->管道OS->vBNG->管道OS->Linux->vNIC2->vport3->vport4->Routing/NAT->NIC4。如果所述业务路径包括的节点出现了故障,比如vBNG设置了错误的过滤名单,所述错误的过滤名单包括不允许接入网络的源互联网协议(Internet Protocol,IP)地址,所述不允许接入网络的源IP地址包括所述业务报文的源IP地址,则所述vBNG会丢弃所述业务报文。如果所述vBNG设置了错误的过滤名单,可以在发现所述业务报文丢失后,对所述NFV系统的调试信息和/或日志信息等进行逐层分析,以定位故障发生点在所述vBNG。
为了针对上述问题,本申请实施例提供了能够快速实现故障定位和简化故障检测的方法。根据所述方法,检测代理装置根据检测控制装置发送的监测点的位置信息,从所述监测点获得用于定位故障的信息。所述用于定位故障的信息可以是所述监测点根据过滤条件从业务路径上转发的报文中获取的信息。所述业务路径上转发的报文可以是所述检测代理装置注入的检测报文,还可以是来自CPE的业务报文。所述检测代理装置将所述用于定位故障的信息发送给所述检测控制装置,所述检测控制装置可根据所述用于定位故障的信息和业务模型,确定所述NFV系统中存在故障的监测点。本申请实施例提供的NFV系统中进行故障检测的方法,通过抓取所述业务路径上的报文携带的信息即可实现故障定位,无需在故障发生后分析调试信息和/或日志信息等来推断故障点的位置信息,提高了灵活性、通用性和故障定位效率,降低了故障检测的难度。
图2所示的server与图1所示的server的基本结构类似。图2中,检测代理装置位于所述VNF中,检测控制装置可以是独立于server的设备。所述检测代理装置能够与图2所示的VNF和NFVI中的一个或多个组件通信,比如:所述检测代理装置能与VNF中的管道OS、客户OS、vNIC1和vNIC2通信,所述检测代理装置还能与NFVI中的NIC3、NIC4、OVS包括的vport1和vport4通信。所述检测代理装置还能够与VNF和NFVI包括的其他层或其他模块通信,在此不再逐一举例说明。图2中的hardware属于所述NFV系统的硬件层。图2中的hypervisor、vBNG、VNF包括的vNIC1和vNIC2属于所述NFV系统的虚拟化层。图2中的OS属于所述NFV系统的操作系统层。
图2所示的业务路径与图1所示的业务路径所经过的节点相同。图2中用虚线标识的业务路径为NIC3->Routing/NAT->vport1->vport2->vNIC1->Linux->管道OS->vBNG->管道OS->Linux->vNIC2->vport3->vport4->Routing/NAT->NIC4。本申请实施例中的业务路径与业务对应,即用于实现某一业务的第一业务报文和第二业务报文在NFV系统中经过的业务路径相同。所述第一业务报文为实现所述某一业务的任意一个业务报文。所述第二业务报文与所述第一业务报文实现相同的业务,所述第二业务报文是与所述第一业务报文不同 的业务报文。
图3为本申请实施例一提供的在NFV系统中检测故障的方法流程图。检测代理装置可位于所述虚拟化层、操作系统层或硬件层。本申请实施例一提供的方法以所述检测代理装置位于VNF中,检测控制装置独立于server为例进行说明。图3所示的方法可以应用于图2所示的NFV系统。所述检测控制装置能够与所述检测代理装置通信,具体可采用SNMP、NETCONF、SOAP、MTOSI、REST、RESTCONT等协议。本申请实施例一提供的方法为随路检测方法。所述随路检测方法为对图2所示的业务路径上转发的业务报文进行抓取以获得用于定位故障的信息的方法。下面结合图2和图3,对本申请实施例一提供的在NFV系统中检测故障的方法进行说明。
S301,检测控制装置根据业务模型,获得业务路径上监测点的位置信息和所述监测点的过滤条件。
可选地,在S301之前,本申请实施例提供的方法还包括:所述检测控制装置生成业务模型。所述检测控制装置生成业务模型包括:所述检测控制装置根据业务确定所述业务路径的首节点、尾节点和L个中间节点,所述L为大于或等于0的整数;所述检测控制装置根据所述业务路径获得所述首节点的位置信息、所述尾节点的位置信息、所述L个中间节点中每个中间节点的位置信息、所述首节点的过滤条件、所述尾节点的过滤条件和所述L个中间节点中每个中间节点的过滤条件;所述检测控制装置根据所述首节点的位置信息、所述尾节点的位置信息、所述L个中间节点中每个中间节点的位置信息、所述首节点的过滤条件、所述尾节点的过滤条件和所述L个中间节点中每个中间节点的过滤条件,获得业务模型。
举例说明,所述检测控制装置从需要监测的业务对应的业务模型中,获得所述业务路径上监测点的位置信息和所述监测点的过滤条件。所述业务路径与所述业务对应。所述检测控制装置可从所述业务模型中选取全部或部分监测点,比如图2中被选择的多个监测点分别位于NIC3、vport2、vNIC1、客户OS、管道OS、vNIC2、vport4和NIC4。沿所述业务路径转发的业务报文,比如图2的CPE向server发送的业务报文,按照图2中箭头所示的顺序,依次经过上述多个监测点。所述检测控制装置可从所述业务模型中选择多个监测点的ID,所述监测点的ID可标识所述监测点在所述业务路径上的相对位置。比如NIC3的标识为1,vport2的标识为2,vNIC1的标识为3,客户OS的标识为4,管道OS的标识为5,VNIC2的标识为6,vport4的标识为7,NIC4的标识为8。或者,NIC3的标识为10,vport2的标识为13,vNIC1的标识为14,客户OS的标识为15,管道OS的标识为16,VNIC2的标识为18,vport4的标识为20,NIC4的标识为22。
举例说明,本申请实施例中提供的过滤条件可以包括一条或多条规则,所述一条或多条规则中的任意一条规则用于获取用于定位故障的参数。本申请实施例中的用于定位故障的信息包括所述用于定位故障的参数。所述任意一条规则包括偏移(offset)、长度(length)和值(value),可表示为<offset,length,value>。offset的数值用于表示截取字段的起始位置。length的数值用于表示截取字段的长度。value用于表示待比对的数值。所述任意一条规则表示从报文头第一个字节开始获取offset的值为起始位置、长度为length的字段,所述截取的字段携带的数据为value中携带的数值则表示该报文携带了用于定位故障的参数。比如:过滤条件可以包括<2,2,0x5601>、<3,3,0x604020>和<0,1,0x34>中的一个或多个。<2,2,0x5601>这个规则中的offset和length的值分别为2,value的值为0x5601。<3,3, 0x604020>这个规则中的offset和length的值分别为3,value的值为0x604020。<0,1,0x34>这个规则中的offset的值为0,length的值为1,value的值为0x34。
可选地,所述任意一条规则还可包括掩码(mask),可表示为<offset,length,value,mask>。比如:过滤条件可以包括<2,2,0x5601,0xff01>、<3,3,0x604020,0xf0f0f0>和<0,1,0x34,0xff>中的一个或多个。<2,2,0x5601,0xff01>这个规则中的mask的值为0xff01。<3,3,0x604020,0xf0f0f0>这个规则中的mask的值为0xf0f0f0。<0,1,0x34,0xff>这个规则中的mask的值为0xff。
S302,所述检测控制装置向检测代理装置发送所述监测点的位置信息和所述监测点的过滤条件。
可选地,所述检测控制装置还可在发送监测点的位置信息和所述监测点的过滤条件时,将业务的标识符(identifier,ID)发送至所述检测代理装置。
可选地,所述检测控制装置向检测代理装置发送所述监测点的位置信息和所述监测点的过滤条件时,或发送之前,或发送之后,所述检测控制装置还可通过NETCONF接口,触发所述检测代理装置获取所述用于定位故障的信息。
S303,所述检测代理装置根据所述监测点的位置信息,向所述监测点发送所述监测点的过滤条件。
举例说明,所述检测代理装置在接收到来自的所述检测控制装置的监测点的位置信息时,可启动获取所述用于定位故障的信息的流程。所述检测代理装置获得了所述监测点的位置信息和所述监测点的过滤条件后,可记录所述监测点的位置信息。所述检测代理装置可采用server中的操作系统所基于的通信协议与所述监测点通信。所述通信协议可以是进程间通信(Inter-process communication,IPC)或透明进程间通信(Transparent Inter-process Communication,TIPC)。
可选地,所述检测代理装置从所述检测控制装置获得所述业务的ID后,所述检测代理装置可记录所述监测点的位置信息和所述业务的ID。
如图2所示,所述检测代理装置可将NIC3的过滤条件发送给NIC3,将vport2的过滤条件发送给vport2,将vNIC1的过滤条件发送给vNIC1,将客户OS的过滤条件发送给Linux,将管道OS的过滤条件发送给管道OS,将vNIC2的过滤条件发送给vNIC2,将vport4的过滤条件发送给vport4,将NIC4的过滤条件发送给NIC4。
举例说明,如果经所述业务路径转发的报文为用户数据报协议(User Datagram Protocol,UDP)报文,则作为监测点的vNIC1和所述管道OS可配置相同的过滤条件,所述过滤条件具体可表示为:
Figure PCTCN2017109756-appb-000001
Figure PCTCN2017109756-appb-000002
上述vNIC1和所述管道OS配置的过滤条件中,snifferRule表示监测点的过滤条件;condition表示任意一条规则。以rule1为例,rule包括5条规则,即5条conditions。所述5条规则包括第一规则、第二规则、第三规则、第四规则和第五规则。所述第一规则与源IP地址相关。所述第一规则表示offset为26,长度为4的字段中携带了源IP地址,且该源IP地址为0x0a889d43。其中,0x0a889d43表示的IP地址是10.136.157.67。所述第二规则与目的IP地址相关。所述第二规则表示offset为30,长度为4的字段中携带了目的IP地址,且该目的IP地址为0x0a889d42。其中,0x0a889d42表示的IP地址为10.136.157.66。所述第三规则与协议号相关。所述第三规则表示offset为23,长度为1的字段中携带了协议号,且该协议号为0x11。其中,0x11表示该报文是UDP报文。所述第四规则与源端口号相关。所述第四规则表示offset为34,长度为2的字段中携带了源端口号,且该源端口号为0xe518。所述第五规则与目的端口号相关。所述第五规则表示offset为36,长度为2的字段携带了目的端口号,且该目的端口号为0xbac1。
举例说明,如果所述UDP报文经过vBNG转发后进入了虚拟扩展局域网(Virtual Extensible LAN,VXLAN)隧道,即经vBNG转发后的报文在所述UDP报文的外层增加 了IPv4封装,则作为监测点的vNIC2上配置的过滤条件可表示为:
Figure PCTCN2017109756-appb-000003
上述vNIC2配置的过滤条件中,snifferRule表示监测点的过滤条件;condition表示任意一条规则。以rule1为例,rule包括5条规则,即5条conditions。所述5条规则包括第六规则、第七规则、第八规则、第九规则和第十规则。所述第六规则与源IP地址相关。所述第六规则表示offset为76,长度为4的字段中携带了源IP地址,且该源IP地址为 0x0a889d43。其中,0x0a889d43表示的IP地址是10.136.157.67。所述第七规则与目的IP地址相关。所述第七规则表示offset为80,长度为4的字段中携带了目的IP地址,且该目的IP地址为0x0a889d42。其中,0x0a889d42表示的IP地址为10.136.157.66。所述第八规则与协议号相关。所述第八规则表示offset为73,长度为1的字段中携带了协议号,且该协议号为0x11。其中,0x11表示该报文是UDP报文。所述第九规则与源端口号相关。所述第九规则表示offset为84,长度为2的字段中携带了源端口号,且该源端口号为0xe518。所述第十规则与目的端口号相关。所述第十规则表示offset为86,长度为2的字段携带了目的端口号,且该目的端口号为0xbac1。vNIC2接收到的报文是外层封装有IPv4的UDP报文,五元组信息(源IP地址、目的IP地址、协议号、源端口和目的端口)在报文头中的位置信息发生了改变。为了能够准确获得报文头中的五元组信息,vNIC2上配置的过滤条件中offset的取值需要相应调整。
可选地,所述检测代理装置可通过NETCONF接口被触发获取所述用于定位故障的信息后,向所述监测点发送所述监测点的过滤条件。本申请实施例提供的另一种实现方式中,所述检测代理装置可在向所述监测点发送所述监测点的过滤条件之后,被触发获取所述用于定位故障的信息;所述检测代理装置可在被触发获取所述用于定位故障的信息后,触发所述监测点抓取所述业务报文。
S304,所述监测点根据所述监测点的过滤条件,从所述业务路径上的业务报文获得用于定位故障的信息。
举例说明,所述监测点可周期性地获得所述用于定位故障的信息。或者,所述监测点可根据来自所述检测代理装置的指示获得所述用于定位故障的信息。所述来自所述检测代理装置的指示可以是所述检测代理装置下发一个用来表示检测的时间点的信息或用来表示开始检测的指令,在此不再对可能采用的方式进行逐一说明。
以监测点为vNIC1为例,vNIC1根据S303中配置的5条规则,对接收到的业务报文进行检测。如果vNIC1根据所述5条规则确定所述接收到的业务报文包括的源IP地址为0x0a889d43、目的IP地址为0x0a889d42、协议号为0x11、源端口号为0xe518且目的端口号为0xbac1,则vNIC1对所述接收到的业务报文的报文头进行快照,以获得包括用于定位故障的信息的快照。如果vNIC1根据所述5条规则确定所述接收到的业务报文包括的五元组信息中存在至少一个参数与规则中的value不同,则vNIC1放弃对所述接收到的业务报文的报文头进行快照。作为监测点的管道OS和vNIC2获得包括用于定位故障的信息的快照的方法与vNIC1相同,在此不再赘述。
举例说明,如果经所述业务路径转发的报文为采用传输控制协议(Transmission Control Protocol,TCP)封装的边界网关协议(Border Gateway Protocol,BGP)报文,则所述监测点可抓取所述BGP报文中的五元组信息,所述五元组信息包括所述BGP报文的源IP地址、目的IP地址、协议号、源端口号和目的端口号。如果经所述业务路径转发的报文为采用网络协议(Internet Protocol,IP)封装的开放式最短路径优先(Open Shortest Path First,OSPF)协议报文,则所述监测点可以抓取所述OSPF协议报文中的三元组信息,所述三元组信息包括所述OSPF协议报文的源IP地址、目的IP地址和协议号。如果经所述业务路径转发的报文为采用二层封装的多生成树协议(Multiple Spanning Tree Protocol,MSTP)报文,则所述监测点可抓取所述MSTP报文中的目的媒体接入控制(Media Access Control,MAC)地址和帧类型(frame type)。
可选地,所述监测点获得的所述用于定位故障的信息可以是所述监测点根据所述过滤条件对经所述业务路径转发的报文进行快照后获得的信息。
S305,所述监测点向所述检测代理装置发送所述用于定位故障的信息。
举例说明,在所述监测点周期性抓取所述业务报文时,所述监测点可周期性向所述检测代理装置发送所述用于定位故障的信息。所述监测点还可将序列号携带在所述用于定位故障的信息中,发送给所述检测代理装置。所述携带于所述用于定位故障的信息中的序列号用来标识所述监测点获取所述用于定位故障的信息的先后顺序。在所述监测点根据所述检测代理装置的触发抓取所述业务报文时,所述监测点可获得所述用于定位故障的信息,并向所述检测代理装置发送所述用于定位故障的信息。
可选地,在所述监测点向所述检测代理装置发送所述用于定位故障的信息后,所述监测点可根据所述检测代理装置发送的用于关闭检测的指示,停止对所述业务报文的检测。
S306,所述检测代理装置向所述检测控制装置发送所述用于定位故障的信息。
举例说明,所述检测代理装置可根据S303中记录的监测点的位置信息,从所述监测点获得所述用于定位故障的信息,并将所述监测点的位置信息和所述用于定位故障的信息发送给所述检测控制装置,以便所述检测控制装置能够根据所述监测点的位置信息,获知所述用于定位故障的信息所对应的业务模型。
可选地,所述检测代理装置在S303中记录了所述业务的ID,所述检测代理装置可将所述业务的ID和所述用于定位故障的信息发送给所述检测控制装置,以便所述检测控制装置能够根据所述业务的ID,获知所述用于定位故障的信息所对应的业务模型。
如果所述用于定位故障的信息包括能够唯一标识业务模型的参数,所述检测代理装置可仅发送所述用于定位故障的信息至所述检测控制装置,以便所述检测控制装置能够根据所述用于定位故障的信息,获得相应的业务模型。所述用于定位故障的信息可包括能够唯一标识业务路径的参数。
可选地,本申请实施例提供的另一种实现方式中,所述检测控制装置可根据所述业务路径确定所述业务模型。其中,所述检测控制装置可根据所述监测点的位置信息确定其所在的业务路径。所述检测控制装置可根据所述业务的ID确定所述业务对应的业务路径。
S307,所述检测控制装置根据所述业务模型和所述用于定位故障的信息,确定存在故障的监测点。
所述检测控制装置可根据S306中所述检测代理装置发送的所述用于定位故障的信息、所述业务的ID和所述监测点的位置信息中的一个或多个,查找所述检测控制装置生成的至少一个业务模型,获得与所述业务路径对应的所述业务模型。
举例说明,所述检测控制装置根据所述业务模型和所述用于定位故障的信息,确定存在故障的监测点包括:所述检测控制装置根据所述业务路径对应的业务模型,获得N个参数的参考值,所述N个参数为经所述业务路径转发的报文携带的参数,所述N为大于或等于1的整数,所述参考值为在所述业务路径不存在故障点时获得的所述N个参数的预估值;所述检测控制装置从所述用于定位故障的信息中,获得所述N个参数的测量值,所述测量值为从经所述业务路径转发的报文中获得的所述N个参数的实际值;所述检测控制装置比较所述N个参数的参考值和所述N个参数的测量值,确定所述存在故障的监测点,所述存在故障的监测点为测量值与参考值不同的参数所对应的监测点。其中,所述预估值可以认为是正常状态的测量值。
可选地,所述监测点的过滤条件可以通过静态配置的方式设置于所述监测点。这样,本申请实施例一提供的方法中,S302中,检测控制装置可向所述检测代理装置发送所述监测点的位置信息而不发送所述监测点的过滤条件,所述检测代理装置可不执行S303。
其中,本申请实施例一中经所述业务路径转发的报文为来自CPE的业务报文。可选地,所述经所述业务路径转发的报文还可以是所述检测代理装置或所述检测控制装置生成的检测报文。
本申请实施例一提供的在NFV系统中检测故障的方法中,检测控制装置向检测代理装置发送监测点的位置信息。所述监测点根据从检测代理装置获取的过滤条件或预设在所述监测点的过滤条件,对业务路径上的业务报文所携带的信息进行抓取,以获得用于定位故障的信息。所述检测代理装置将所述监测点发送的所述用于定位故障的信息发送给所述检测控制装置,以便所述检测控制装置能够分析确定存在故障的监测点,以避免对所述NFV系统的日志进行逐一分析来定位故障,提高故障定位效率。本申请实施例一提供的方法,所述检测控制装置可对于每种业务对应的业务路径,设置相应的监测点,能够提高故障定位的灵活性。所述检测控制装置可在所述NFV系统处理业务报文的过程中进行故障检测,有助于提高故障定位的实时性。
图4所示的server和图2所示的server结构相同。图4所示的server上的NFV系统也可实现图2所示的server上的NFV系统的功能,即同一业务报文在图4所示的server上经过的业务路径和图2所示的业务路径相同。图4中虚线所示的业务路径为图2所示的业务路径的一部分。图4中用虚线标识的业务路径为vNIC1->Linux->管道OS->vBNG->管道OS->Linux->vNIC2->vport3->vport4->Routing/NAT->NIC4。本申请实施例二提供的场景中,检测控制装置需要对VNF中的故障进行检测和定位,所述检测控制装置确定的监测点分布在VNF中。所述检测控制装置选择的注入点为vNIC1。所述检测控制装置还可选择其他业务路径上的节点作为注入点,在此不再逐一举例说明。检测代理装置向vNIC1注入M个检测报文,任意一个检测报文可以是通用的运行管理和维护(generic operation,administration,and maintenance,GOAM)报文,所述M为大于或等于1的整数。被注入VNF中的M个检测报文可沿图4中的虚线所示的业务路径进行转发。本申请实施例二不再对与实施例一相同的结构进行说明。实施例二的方法可以基于图2或4的NFV系统来实现。
图5为本申请实施例二提供的在NFV系统中检测故障的方法流程图。本申请实施例二提供的方法为主动检测方法,即检测代理装置向注入点注入M个GOAM报文,监测点从在业务路径上转发的所述M个GOAM报文中获得用于定位故障的信息。所述注入点既可被注入所述M个GOAM报文,又可获得所述用于定位故障的信息。本申请实施例二中仅以所述注入点被注入所述M个GOAM报文为例进行说明。所述监测点上通过静态配置的方式或其他方式预设有过滤条件,检测控制装置可不通过所述检测代理装置向所述监测点发送所述监测点的过滤条件。下面结合图4和图5,对本申请实施例二提供的方法进行说明。
S501,检测控制装置根据业务模型,获得业务路径对应的特征信息、业务路径上监测点的位置信息和注入点的位置信息。
所述检测控制装置获得所述业务路径上的监测点的位置信息的方法可参见S301中的相应内容。
举例说明,所述注入点为用于将所述检测报文注入所述NFV系统的业务路径上的节点。所述检测控制装置可根据故障定位的需求,从所述业务路径包括的节点选择注入点。可选地,所述检测控制装置可从所述业务路径包括的多个监测点中选择一个注入点。比如,所述故障定位的需求为对VNF进行故障检测,则所述注入点可从分布于VNF的监测点中进行选择,例如所述检测控制装置可选择vNIC1作为注入点。所述故障定位的需求为对NFVI进行故障检测,则所述注入点可从分布于NFVI的监测点中进行选择,例如所述检测控制装置可选择NIC3作为注入点。
举例说明,所述特征信息为生成检测报文所需的信息。所述检测报文为所述监测点获得用于定位故障的信息所依据的待抓取报文,比如GOAM报文。所述业务路径对应的特征信息包括:待抓取报文的第一标识和所述待抓取报文的目的地址。所述目的地址与本申请实施例一中的业务报文携带的目的地址相同,这样能够保证注入所述NFV系统的检测报文与实施例一中的业务报文所经过的路径相同。所述第一标识为所述检测代理装置、所述检测控制装置和所述监测点协商确定的标识。所述第一标识用来标识携带所述第一标识的报文为检测报文。可选地,所述检测报文可以包括GOAM报文和外层封装。所述GOAM报文可采用图8所示的结构。所述外层封装包括IP头、互联网控制报文协议((Internet Control Message Protocol,ICMP)头或UDP头。其中,如果所述检测报文为IP报文,则所述GOAM报文可携带于所述IP报文的载荷(payload)。如果所述检测报文为ICMP报文,则所述GOAM报文可携带于所述ICMP报文的数据(data)。如果所述检测报文为UDP报文,则所述GOAM报文可携带于所述UDP报文的data中。所述GOAM报文的Sequence字段可用来携带序列号。在一种实现方式中,所述GOAM报文的Cookie字段可用来携带所述第一标识。在另一种实现方式中,所述GOAM报文的Identifier字段携带的参数可用于更精准地识别所述GOAM报文,即Cookie字段携带的参数相同的情况下进一步通过Identifier字段进行区分不同的GOAM报文。可选地,所述第一标识包括Cookie字段携带的参数和Identifier字段携带的参数。
举例说明,检测控制装置可在S501之前生成业务模型,具体方法可参见实施例一提供的方法。实施例二提供的方法中,所述检测控制装置还可在生成所述业务模型的过程中,将所述第一标识添加至所述业务模型。所述特征信息包括的目的地址为所述业务路径的尾节点的位置信息。在另一种可能的实现方式中,所述检测控制装置从所述业务模型获得所述尾节点的位置信息。所述检测控制装置根据所述尾节点的位置信息和经协商获得的第一标识,获得所述特征标识。所述经协商获得的第一标识为所述检测控制装置与所述检测代理装置和所述监测点协商确定的标识。
可选地,所述业务路径对应的特征信息还包括第二标识。所述第二标识用来标识业务或业务路径。其中,所述第二标识为所述检测控制装置分配的标识,或者为所述检测控制装置上被配置的标识。所述检测控制装置可在生成所述业务模型时,将所述第二标识添加至所述业务模型。如果所述检测控制装置未将所述第二标识添加至所述业务模型,则所述检测控制装置可根据所述监测点的位置信息和对应关系,确定所述第二标识。所述对应关系包括所述监测点的位置信息和所述第二标识。
S502,所述检测控制装置向检测代理装置发送所述监测点的位置信息、所述注入点的位置信息和所述业务路径对应的特征信息。
可选地,所述检测控制装置可在确定了所述注入点后,直接通知所述检测代理装置被 选为所述注入点的监测点的位置信息,而无需向所述检测代理装置发送所述注入点的位置信息。
其中,所述检测控制装置与所述检测代理装置间的通信方式与实施例一相同,在此不再赘述。
S503,所述检测代理装置根据所述业务路径对应的特征信息,生成携带GOAM报文的检测报文。
举例说明,所述检测代理装置可静态配置有检测报文的模板,所述检测报文的模板包括图8所示的GOAM报文和外层封装,所述外层封装由所述检测报文所经过的业务路径确定。所述外层封装可以包括:IP封装、ICMP封装、UDP封装或隧道封装。所述隧道封装可以是IP隧道封装或所述检测代理装置生成携带GOAM报文的检测报文包括:所述检测代理装置将所述特征信息包括的所述第一标识和所述目的地址添加至所述模板,获得携带所述GOAM报文的所述检测报文。其中,所述第一标识被添加至图8的Cookie字段,或者所述第一标识被添加至图8的Cookie字段和Identifier字段。所述目的地址被添加至所述报文包括的外层封装中的目的地址字段。
可选地,所述特征信息还包括所述第二标识,所述检测代理装置上静态配置了对应于不同业务的检测报文的模板。所述检测代理装置生成携带GOAM报文的检测报文包括:所述检测代理装置可根据所述特征信息包括的第二标识,获得第一模板,所述第一模板是与所述第二标识对应的检测报文的模板;所述检测代理装置将所述特征信息包括的所述第一标识和所述目的地址添加至所述模板,获得携带所述GOAM报文的所述检测报文。
可选地,所述检测代理装置可将所述检测报文复制M-1份,获得M个检测报文。所述M个检测报文中的每个检测报文携带所述GOAM报文。所述GOAM还包括序列号。所述序列号用于标识携带所述序列号的GOAM报文注入所述注入点的顺序。比如:第一GOAM报文携带的序列号的数值为1。数值为1的序列号表示所述第一GOAM报文为第一检测报文所携带的GOAM报文,所述第一检测报文为注入所述注入点的首个检测报文。第i GOAM报文携带的序列号的数值为i,所述i为大于或等于2且小于或等于M的数值。数值为i的序列号表示所述第i GOAM报文为第i检测报文携带的GOAM报文,所述第i检测报文为注入所述注入点的第i个检测报文。其中,所述第一GOAM报文和所述第i GOAM报文除了序列号不同之外,其他内容可以相同。
S504,所述检测代理装置根据所述注入点的位置信息,向所述注入点发送所述检测报文。
如果所述检测代理装置只生成一个检测报文,所述检测代理装置向所述注入点发送所述一个检测报文,比如所述检测代理装置向vNIC1发送所述一个检测报文。如果所述检测代理装置生成M个检测报文,所述检测代理装置可根据预设的间隔时间,按照所述M个检测报文中携带的序列号,依次向所述注入点发送所述M个检测报文。
本申请实施例二提供的方法主要以所述检测代理装置向所述注入点发送所述一个检测报文为例进行说明,不再对向所述注入点注入多个检测报文的实施例进行说明。
举例说明,所述注入点接收到所述检测报文后,根据所述检测报文包括的目的地址,沿所述业务路径发送所述检测报文。可选地,所述注入点在沿所述业务路径发送所述检测报文之前,所述注入点可根据所述检测报文携带的第一标识,获知携带所述第一标识的报文为所述检测报文。
其中,所述检测代理装置与所述注入点间的通信方式与实施例一中所述检测代理装置与监测点间的通信方式相同,在此不再赘述。
S505,所述检测代理装置根据所述监测点的位置信息,触发所述监测点开启检测模式。
举例说明,所述检测代理装置触发所述监测点开启检测模式的方法可参照实施例一中相应内容。所述检测模式为抓取所述业务路径上的检测报文并获得所述用于定位故障的信息的工作模式。
其中,所述检测代理装置与所述注入点间的通信方式与实施例一中相同,在此不再赘述。
可选地,如果所述监测点启动后就处于所述检测模式,所述检测代理装置可无需触发所述监测点开启所述检测模式,即S505是可选地。
S506,所述监测点根据所述监测点的过滤条件,从所述业务路径上的检测报文获得用于定位故障的信息。
可选地,所述监测点的过滤条件为静态配置的。所述监测点还可采用实施例一的方式获得所述过滤条件,在此不再赘述。
所述监测点可采用实施例一S304的方法获得所述用于定位故障的信息。其中,所述监测点可根据所述过滤条件,通过快照的方式,从所述检测报文中获得所述用于定位故障的信息。
可选地,所述监测点可根据所述检测报文中携带的所述第一标识,可快速识别出检测报文,降低检测报文的误识别率。
举例说明,如果经所述业务路径转发的报文为UDP报文,则作为监测点的vNIC1配置的过滤条件包括6条规则。所述过滤条件具体可表示为:
Figure PCTCN2017109756-appb-000004
Figure PCTCN2017109756-appb-000005
上述vNIC1配置的过滤条件中,snifferRule表示监测点的过滤条件;condition表示任意一条规则。以rule1为例,rule包括6条规则,即6条conditions。所述6条规则包括第一规则、第二规则、第三规则、第四规则、第五规则和第六规则。所述第一规则与用于识别所述GOAM报文的第一标识相关。所述第一规则表示offset为46,长度为4的字段中携带了所述第一标识,且该第一标识为0x4a3b2c1d。其中,offset为46,长度为4的字段为所述GOAM报文中的Cookie字段。所述第二规则与源IP地址相关。所述第二规则表示offset为26,长度为4的字段中携带了源IP地址,且该源IP地址为0x0a889d43。其中,0x0a889d43表示的IP地址是10.136.157.67。所述第三规则与目的IP地址相关。所述第三规则表示offset为30,长度为4的字段中携带了目的IP地址,且该目的IP地址为0x0a889d42。其中,0x0a889d42表示的IP地址为10.136.157.66。所述第四规则与协议号相关。所述第四规则表示offset为23,长度为1的字段中携带了协议号,且该协议号为0x11。其中,0x11表示该报文是UDP报文。所述第五规则与源端口号相关。所述第五规则表示offset为34,长度为2的字段中携带了源端口号,且该源端口号为0xe518。所述第六规则与目的端口号相关。所述第六规则表示offset为36,长度为2的字段携带了目的端口号,且该目的端口号为0xbac1。
举例说明,如果所述UDP报文经过vBNG转发后进入了虚拟扩展局域网(Virtual Extensible LAN,VXLAN)隧道,即经vBNG转发后的报文在所述UDP报文的外层增加了IPv4封装,则作为监测点的vNIC2上配置的过滤条件包括6条规则。所述作为监测点 的vNIC2上配置的过滤条件可表示为:
Figure PCTCN2017109756-appb-000006
Figure PCTCN2017109756-appb-000007
上述vNIC2配置的过滤条件中,snifferRule表示监测点的过滤条件;condition表示任意一条规则。以rule1为例,rule包括6条规则,即6条conditions。所述6条规则包括第七规则、第八规则、第九规则、第十规则、第十一规则和第十二规则。所述第七规则与用于识别所述GOAM报文的第一标识相关。所述第七规则表示offset为96,长度为4的字段中携带了所述第一标识,且该第一标识为0x4a3b2c1d。其中,offset为46,长度为4的字段为所述GOAM报文中的Cookie字段。所述第八规则与源IP地址相关。所述第八规则表示offset为76,长度为4的字段中携带了源IP地址,且该源IP地址为0x0a889d43。其中,0x0a889d43表示的IP地址是10.136.157.67。所述第九规则与目的IP地址相关。所述第九规则表示offset为80,长度为4的字段中携带了目的IP地址,且该目的IP地址为0x0a889d42。其中,0x0a889d42表示的IP地址为10.136.157.66。所述第十规则与协议号相关。所述第十规则表示offset为73,长度为1的字段中携带了协议号,且该协议号为0x11。其中,0x11表示该报文是UDP报文。所述第十一规则与源端口相关。所述第十一规则表示offset为84,长度为2的字段中携带了源端口号,且该源端口号为0xe518。所述第十二规则与目的端口相关。所述第十二规则表示offset为86,长度为2的字段携带了目的端口号,且该目的端口号为0xbac1。vNIC2接收到的报文是外层封装有IPv4的UDP报文,Cookie字段和五元组信息(源IP地址、目的IP地址、协议号、源端口和目的端口)在报文头中的位置信息发生了改变。为了能够准确获得报文头中的Cookie字段和五元组信息,vNIC2上配置的过滤条件中offset的取值需要相应调整。
S507,所述监测点向所述检测代理装置发送所述用于定位故障的信息。
所述监测点可采用实施例一中的S305的方法,向所述检测代理装置发送所述用于定位故障的信息。
S508,所述检测代理装置向所述检测控制装置发送所述用于定位故障的信息。
所述检测代理装置可采用实施例一中的S306的方法,向所述检测控制装置发送所述用于定位故障的信息。
S509,所述检测控制装置根据所述业务模型和所述用于定位故障的信息,确定存在故障的监测点。
所述检测控制装置可采用实施例一中的S307的方法,确定存在故障的监测点。
根据本申请实施例二提供的在NFV系统中检测故障的方法,检测控制装置向检测代理装置发送监测点的位置信息、注入点的位置信息和业务路径对应的特征信息。所述检测代理装置可根据所述业务路径对应的特征信息获得检测报文,并通过所述注入点,将所述检测报文注入所述业务路径。所述监测点可根据配置的过滤条件,对所述业务路径上的检测报文所携带的信息进行抓取,以获得用于定位故障的信息。所述检测代理装置将所述监测点发送的所述用于定位故障的信息发送给所述检测控制装置,以便所述检测控制装置能够分析确定存在故障的监测点。本申请实施例二提供的方法,可主动向所述业务路径注入检测报文,能够随时进行故障检测和定位。
图6为本申请实施例三提供的一种场景示意图。本申请实施例三提供的场景与图2或图4提供的场景的不同之处在于:server包括第一检测代理装置和第二检测代理装置,所述第一检测代理装置设于VNF中,所述第二检测代理装置设于NFVI中,检测控制装置可 以是独立于server外的设备。所述第一检测代理装置和所述第二检测代理装置能够与检测控制装置通信。所述第一检测代理装置能够与VNF包括的其他模块或元件通信。所述第二检测代理装置能够与NFVI包括的其他模块或元件通信。本申请实施例三提供的场景中,所述第二检测代理装置可通过NIC3注入检测报文,所述检测报文可沿图6的虚线标识的路径转发。图6的虚线标识的路径与图2的虚线标识的路径相同。
图7为本申请实施例三提供的在NFV系统中检测故障的方法流程图。本申请实施例三提供的方法为主动检测方法,即第二检测代理装置向注入点注入检测控制装置生成的检测报文,监测点从业务路径上转发的所述检测报文中获得用于定位故障的信息。所述注入点用于注入所述检测报文。本申请实施例三中仅以主动检测方法为例进行说明。可选地,可以通过静态配置的方式在所述监测点配置该监测点的过滤条件,这样,检测控制装置可以不通过所述检测代理装置向所述监测点发送所述监测点的过滤条件。下面结合图6和图7,对本申请实施例三提供的方法进行说明。
S701,检测控制装置根据业务模型,获得业务路径上第一监测点的位置信息、第二监测点的位置信息、注入点的位置信息和检测报文。
其中,所述检测控制装置根据业务模型,获得业务路径上第一监测点的位置信息、第二监测点的位置信息和注入点的位置信息的方法与S501相同,在此不再赘述。所述检测控制装置选择所述注入点的方法与实施例二相同,可选地,所述注入点是与所述第一监测点和所述第二监测点均不同的监测点。所述检测控制装置生成检测报文的方法与S503中检测代理装置生成检测报文的方法相同,在此不再赘述。
举例说明,第一检测代理装置设于VNF中,且所述第一检测代理装置用于从位于所述VNF的监测点获得用于定位故障的信息。根据所述第一检测代理装置的位置信息,所述第一监测点为处于VNF中的监测点,比如所述第一监测点位于vNIC1、vNIC2、Linux、管道OS或vBNG。所述第二检测代理装置设于NFVI中,且第二检测代理装置用于从位于所述NFVI的监测点获得用于定位故障的信息。根据所述第二检测代理装置的位置信息,所述第二监测点为处于NFVI中的监测点,比如所述第二监测点位于NIC3、NIC4、vport4或vport2。
S702,所述检测控制装置向第二检测代理装置发送所述第二监测点的位置信息、所述注入点的位置信息和所述检测报文。
其中,S702的方法与S502的方法相同,在此不再赘述。所述检测控制装置可采用实施例一中所述检测控制装置采用的通信协议,与所述第二检测代理装置通信。
S703,所述检测控制装置向第一检测代理装置发送所述第一监测点的位置信息。
其中,S703的方法与S502的方法相同,在此不再赘述。所述检测控制装置可采用实施例一中所述控制装置采用的通信协议,与所述第一检测代理装置通信。可选地,所述检测控制装置可以先执行S703,再执行S702。可选地,所述检测控制装置可同时执行S702和S703。
S704,所述第一检测代理装置根据所述第一监测点的位置信息,触发所述第一监测点开启检测模式。
其中,S704的方法与S505的方法相同,在此不再赘述。S704在S703之后执行,S704与S702的执行顺序不限定。所述第一检测代理装置可采用实施例一中检测代理装置与监测点采用的通信协议,与所述第一监测点通信。
S705,所述第二检测代理装置根据所述注入点的位置信息,向所述注入点发送所述检测报文。
其中,S705的方法与S504的方法相同,在此不再赘述。S705在S702之后执行,S705与S703或S704的执行顺序不限定。所述第二检测代理装置可采用实施例一中检测代理装置与监测点采用的通信协议,与所述注入点通信。
S706,所述第二检测代理装置根据所述第二监测点的位置信息,触发所述第二监测点开启检测模式。
其中,S706的方法与S505的方法相同,在此不再赘述。S706在S702之后执行,S706与S703、S704或S705的执行顺序不限定。所述第二检测代理装置可采用实施例一中检测代理装置与监测点采用的通信协议,与所述第二监测点通信。
S707,所述第二监测点根据所述第二监测点的过滤条件,从所述业务路径上的检测报文获得第二信息。
其中,所述第二信息为所述第二监测点获得的用于定位故障的信息。S707中的检测报文为所述第二监测点接收到的检测报文。S707的方法与S506的方法相同,在此不再赘述。
S708,所述第二监测点向所述第二检测代理装置发送所述第二信息。
其中,S708的方法与S507的方法相同,在此不再赘述。
S709,所述第二检测代理装置向所述检测控制装置发送所述第二信息。
其中,S709的方法与S508的方法相同,在此不再赘述。
S710,所述第一监测点根据所述第一监测点的过滤条件,从所述业务路径上的检测报文获得第一信息。
其中,所述第一信息为所述第一监测点获得的用于定位故障的信息。S710中的检测报文与S707中的检测报文为不同的检测报文,即S707中的检测报文经过所述第一监测点和所述第二监测点之间的节点转发后,S707中的检测报文所携带的信息发生改变。S710中的检测报文为所述第一监测点接收到的检测报文。
其中,S710的方法与S506的方法相同,在此不再赘述。S710在S705和S704之后执行,S710与S706、S707、S708或S709的执行顺序不限。
S711,所述第一监测点向所述第一检测代理装置发送所述第一信息。
其中,S711的方法与S507的方法相同,在此不再赘述。
S712,所述第一检测代理装置向所述检测控制装置发送所述第一信息。
其中,S712的方法与S508的方法相同,在此不再赘述。
S713,所述检测控制装置根据所述业务模型、所述第一信息和所述第二信息,确定存在故障的监测点。
其中,S713的方法与S509的方法相同,在此不再赘述。
本申请实施例三提供的方法中,第一检测代理装置对VNF内的故障进行检测和定位,第二检测代理装置对NFVI内的故障进行检测和定位,有助于进一步提高故障定位的效率。
本申请实施例一至实施例三的任一实施例提供的方法中,GOAM报文也可被用于模拟业务报文的其他格式的报文替换,在此不再对用于模拟业务报文的其他格式的报文进行逐一举例说明。
图9为本申请实施例一提供的检测代理装置的结构示意图。本申请实施例一提供的检测代理装置位于NFV系统中。本申请实施例一提供的检测代理装置可以是上述图2至图7 对应的任一实施例中的检测代理装置,相同的内容可参见图2至图7的相应内容,在该实施例中不再赘述。
本申请实施例一提供的一种检测代理装置包括:第一接收模块901、获得模块902和第一发送模块903。所述获得模块902能够与所述第一接收模块901和所述第一发送模块903通信。
所述第一接收模块901用于接收检测控制装置发送的业务路径上的监测点的位置信息。所述获得模块902用于根据所述监测点的位置信息,从所述监测点获得用于定位故障的信息,所述用于定位故障的信息为所述监测点根据过滤条件获得的信息,所述用于定位故障的信息包括所述监测点的位置信息。所述第一发送模块903用于向所述检测控制装置发送所述用于定位故障的信息。
可选地,所述检测代理装置还包括第二接收模块904和第二发送模块905。所述第二接收模块904能够与所述第二发送模块905通信。所述第二接收模块904用于接收所述检测控制装置发送的检测报文和所述业务路径上的注入点的位置信息,所述检测报文为所述监测点获得所述用于定位故障的信息所依据的待抓取报文。所述第二发送模块905用于向所述注入点发送所述检测报文。
可选地,所述检测代理装置还包括:第三接收模块906、生成模块907和第三发送模块908。所述第三接收模块906能够与所述生成模块907和所述第三发送模块通信908。所述生成模块907能够与所述第三发送模块908通信。所述第三接收模块906用于接收所述检测控制装置发送的与所述业务路径对应的特征信息和所述业务路径上的注入点的位置信息。所述生成模块907用于根据所述与所述业务路径对应的特征信息,生成M个检测报文,所述M为大于或等于1的整数,所述M个检测报文中的任意一个检测报文为所述监测点获得所述用于定位故障的信息所依据的待抓取报文。所述第三发送模块908用于向所述注入点发送所述M个检测报文。
可选地,所述用于定位故障的信息为所述监测点对沿所述业务路径转发的业务报文进行过滤后获得的信息。或者所述用于定位故障的信息为所述监测点对沿所述业务路径转发的检测报文进行过滤后获得的信息。所述检测报文可以是所述检测代理装置向注入点发送的并由所述注入点注入的报文。
可选地,所述检测代理装置还包括第四接收模块909和第四发送模块910。所述第四接收模块909能够与所述第四发送模块通信910。所述第四接收模块909用于接收所述检测控制装置发送的所述监测点的过滤条件,所述过滤条件用于从待过滤的报文中获得所述用于定位故障的信息。所述第四发送模块910用于根据所述监测点的位置信息,向所述监测点发送所述监测点的过滤条件。
举例说明,所述获得模块902具体用于周期性从所述监测点读取所述用于定位故障的信息,或者所述获得模块902具体用于接收所述监测点周期性发送的所述用于定位故障的信息。
可选地,所述获得模块902包括第一子模块。所述第一子模块用于周期性从所述监测点读取所述用于定位故障的信息。
可选地,所述获得模块902包括第二子模块。所述第二子模块用于接收所述监测点周期性发送的所述用于定位故障的信息。
图10为本申请实施例二提供的检测代理装置的结构示意图。本申请实施例二提供的 检测代理装置可以位于NFV系统中。本申请实施例二提供的检测代理装置可以是上述图2至图7对应的任一实施例中的检测代理装置,相同的内容可参见图2至图7的相应内容,在该实施例中不再赘述。本申请实施例二提供的检测代理装置与本申请实施例一提供的检测代理装置可以是同一个装置。可以认为,图10从物理的角度显示了检测代理装置包括的结构,图9从逻辑的角度显示了检测代理装置包括的结构。
本申请实施例二提供的检测代理装置包括处理器1001、存储器1002和通信接口1003。所述处理器1001、所述存储器1002和所述通信接口1003之间可以通信。可选地,所述处理器1001、所述存储器1002和所述通信接口1003之间可以通过通信总线1004通信或连接。所述存储器1002用于存储程序。所述处理器1001可以执行所述存储器1002中存储的程序或程序中所包括的可执行指令,执行上述图2至图5任一实施例中检测代理装置或图6和7的第一检测代理装置执行的方法。
举例说明,所述处理器1001执行所述存储器1002中存储的程序或该程序所包括的可执行指令,执行以下操作:通过所述通信接口1003,接收检测控制装置发送的业务路径上的监测点的位置信息;根据所述监测点的位置信息,从所述监测点获得用于定位故障的信息,所述用于定位故障的信息为所述监测点根据过滤条件获得的信息,所述用于定位故障的信息包括所述监测点的位置信息;通过所述通信接口1003,向所述检测控制装置发送所述用于定位故障的信息。
所述处理器1001所执行的其他内容可参见上述实施例中的相应内容,在此不再赘述。
图11为本申请实施例一提供的检测控制装置的结构示意图。本申请实施例一提供的检测控制装置可是独立于server外的设备,比如所述检测控制装装置可位于NFV管理协同(NFV Management and Orchestration,MANO)设备、软件定义网络控制器(software defined networking controller,SDN controller)、网管设备上,所述检测控制装装置也可以位于专用于定位故障的个人计算机(personal computer)、服务器、网络设备等设备上。本申请实施例一提供的检测控制装置可以是上述图2至图7对应的任一实施例中的检测控制装置,相同的内容可参见图2至图7的相应内容,在该实施例中不再赘述。
本申请实施例一提供的检测控制装置包括:第一发送模块1101、接收模块1102和故障确定模块1103。所述故障确定模块1103能够与所述第一发送模块1101和所述接收模块1102通信。所述第一发送模块1101用于向检测代理装置发送业务路径上的监测点的位置信息,所述检测代理装置位于NFV系统中。所述接收模块1102用于接收所述检测代理装置发送的用于定位故障的信息,所述用于定位故障的信息为所述监测点根据过滤条件获得的信息,所述用于定位故障的信息包括所述监测点的位置信息。所述故障确定模块1103用于根据所述用于定位故障的信息和所述业务路径对应的业务模型,确定所述NFV系统中存在故障的监测点。
可选地,所述检测控制装置还包括:第一获得模块1104、报文生成模块1105和第二发送模块1106。所述报文生成模块1105能够与所述第一获得模块1104和所述第二发送模块1106通信。所述第二发送模块1106能够与所述第一获得模块1104通信。所述第一获得模块1104用于根据所述业务模型,获得与所述业务路径对应的特征信息和所述业务路径上的注入点的位置信息,所述特征信息为生成检测报文所需的信息。所述报文生成模块1105用于根据所述特征信息生成所述检测报文,所述检测报文为所述监测点获得所述用于定位故障的信息所依据的待抓取报文。所述第二发送模块1106用于向所述检测代理装置发送所 述检测报文和所述注入点的位置信息。
可选地,所述检测控制装置还包括:第二获得模块1107和第三发送模块1108。所述第二获得模块1107能够与所述第三发送模块1108通信。所述第二获得模块1107用于根据所述业务模型,获得与所述业务路径对应的特征信息和所述业务路径上的注入点的位置信息,所述特征信息为所述检测代理装置生成检测报文所需的信息,所述检测报文为所述监测点获得所述用于定位故障的信息所依据的待抓取报文。所述第三发送模块1108用于向所述检测代理装置发送所述特征信息和所述注入点的位置信息。
可选地,所述检测控制装置还包括:第三获得模块1109和第四发送模块1110。所述第三获得模块1109能够与所述第四发送模块1110通信。所述第三获得模块1109用于根据所述业务模型,获得所述监测点的过滤条件,所述过滤条件用于从待过滤的报文中获得所述用于定位故障的信息。所述第四发送模块1110用于向所述检测代理装置发送所述监测点的过滤条件。
可选地,所述检测控制装置还包括:确定模块1111、第四获得模块1112和模型建立模块1113。所述模型建立模块1113能够与所述确定模块1111和所述第四获得模块1112通信。所述确定模块1111用于根据业务确定所述业务路径的首节点、尾节点和L个中间节点,所述L为大于或等于0的整数。所述第四获得模块1112用于根据所述业务路径获得所述首节点的位置信息、所述尾节点的位置信息、所述L个中间节点中每个中间节点的位置信息、所述首节点的过滤条件、所述尾节点的过滤条件和所述L个中间节点中每个中间节点的过滤条件。所述模型建立模块1113用于根据所述首节点的位置信息、所述尾节点的位置信息、所述L个中间节点中每个中间节点的位置信息、所述首节点的过滤条件、所述尾节点的过滤条件和所述L个中间节点中每个中间节点的过滤条件,获得业务模型。
可选地,所述模型建立模块1113还能够与所述故障确定模块1103、所述第三获得模块1109、第二获得模块1107和第一获得模块1104中的一个或多个通信。
其中,所述故障确定模块1103具体用于:根据所述业务路径对应的业务模型,获得N个参数的参考值,所述N个参数为经所述业务路径转发的报文携带的参数,所述N为大于或等于1的整数,所述参考值为在所述业务路径不存在故障点的情况下获得的所述N个参数的预估值;从所述用于定位故障的信息中,获得所述N个参数的测量值,所述测量值为从经所述业务路径转发的报文中获得的所述N个参数的实际值;比较所述N个参数的参考值和所述N个参数的测量值,确定所述存在故障的监测点,所述存在故障的监测点为测量值与参考值不同的参数所对应的监测点。
可选地,所述故障确定模块1103包括第一获得子模块、第二获得子模块和比较子模块。所述比较子模块能够与所述第一获得子模块和所述第二获得子模块通信。所述第一获得子模块用于根据所述业务路径对应的业务模型,获得所述N个参数的参考值。所述第二获得子模块用于从所述用于定位故障的信息中,获得所述N个参数的测量值。所述比较子模块用于比较所述N个参数的参考值和所述N个参数的测量值,确定所述存在故障的监测点。
可选地,所述检测控制装置还包括触发模块。所述触发模块用于通过NETCONF接口,触发所述检测代理装置获取所述用于定位故障的信息。
图12为本申请实施例二提供的检测控制装置的结构示意图。本申请实施例二提供的检测控制装置可独立于server。本申请实施例二提供的检测控制装置可以是上述图2至图7对应的任一实施例中的检测控制装置,相同的内容可参见图2至图7的相应内容,在该实 施例中不再赘述。本申请实施例二提供的检测控制装置与本申请实施例一提供的检测控制装置可以是同一个装置。可以认为,图12从物理的角度显示了检测代理装置包括的结构,图11从逻辑的角度显示了检测代理装置包括的结构。
本申请实施例二提供的检测控制装置包括处理器1201、存储器1202和通信接口1203。所述处理器1201、所述存储器1202和所述通信接口1203之间可以通信。可选地,所述处理器1201、所述存储器1202和所述通信接口1203之间可以通过通信总线1204通信或连接。所述存储器1202用于存储程序。所述处理器1201可以执行所述存储器1202中存储的程序或该程序所包括的可执行指令,执行上述图2至图7任一实施例中检测代理装置执行的方法。
举例说明,所述处理器1201可以执行所述存储器1202中的程序或该程序所包括的可执行指令,执行以下操作:通过所述通信接口1203,向所述NFV系统中的检测代理装置发送业务路径上的监测点的位置信息;通过所述通信接口1203,接收所述检测代理装置发送的用于定位故障的信息,所述用于定位故障的信息为所述监测点根据过滤条件获得的信息,所述用于定位故障的信息包括所述监测点的位置信息;根据所述用于定位故障的信息和所述业务路径对应的业务模型,确定所述NFV系统中存在故障的监测点。
所述处理器1201所执行的其他内容可参见上述实施例中的相应内容,在此不再赘述。
本申请实施例还提供了一种检测故障的系统。本申请实施例提供的系统用于检测NFV系统的故障。本申请实施例提供的系统可以包括图9所示的检测代理装置和图11所示的检测控制装置。或者本申请实施例提供的系统可以包括图10所示的检测代理装置和图12所示的检测控制装置。或者本申请实施例提供的系统可以包括图10所示的检测代理装置和图11所示的检测控制装置。或者本申请实施例提供的系统可以包括图9所示的检测代理装置和图12所示的检测控制装置。本申请实施例提供的系统所包括的结构可参见图9至图12对应的任一实施例中的相应内容,在此不再赘述。
上述处理器可以是微处理器或者该处理器也可以是任何常规的处理器。结合本发明实施例所公开的方法的步骤,可以直接体现为硬件处理器执行完成,或者用处理器中的硬件及软件模块组合执行完成。当使用软件实现时,可以将实现上述功能的代码存储在计算机可读介质中。计算机可读介质包括计算机存储介质。存储介质可以是计算机能够存取的任何可用介质。以此为例但不限于:计算机可读介质可以是随机存取存储器(英文全称为random access memory,英文缩写为RAM)、只读存储器(英文全称为read-only memory,英文缩写为ROM)、电可擦可编程只读存储器(英文全称为electrically erasable programmable read-only memory,英文缩写为EEPROM)、只读光盘(英文全称为compact disc read-only memory,英文缩写为CD-ROM)或其他光盘存储、磁盘存储介质或者其他磁存储设备、或者能够用于携带或存储具有指令或数据结构形式的程序代码并能够由计算机存取的任何其他介质。计算机可读介质可以是压缩光碟(英文全称为compact disc,英文缩写为CD)、激光碟、光碟、数字视频光碟(英文全称为digital video disc,英文缩写为DVD)、软盘或者蓝光光碟。
本领域普通技术人员可以理解:实现上述方法实施例的全部或部分步骤可以通过程序指令相关的硬件来完成,前述程序可以存储于一计算机可读取存储介质中,该程序在执行时,执行包括上述方法实施例的步骤;而前述的存储介质可以是下述介质中的至少一种:ROM、RAM、磁碟或者光盘等各种可以存储程序代码的介质。
本说明书中的各个实施例均采用递进的方式描述,各个实施例之间相同相似的部分互相参见即可,每个实施例重点说明的都是与其他实施例的不同之处。尤其,对于系统实施例而言,由于其基本相似于方法实施例,所以描述的比较简单,相关之处参见方法实施例的部分说明即可。
显然,本领域的技术人员可以对本申请进行各种改动和变型而不脱离本申请的范围。这样,倘若本申请的这些修改和变型属于本申请权利要求及其等同技术的范围之内,则本申请也意图包含这些改动和变型在内。

Claims (32)

  1. 一种在网络功能虚拟化NFV系统中检测故障的方法,其特征在于,包括:
    检测代理装置接收检测控制装置发送的业务路径上的监测点的位置信息,所述检测代理装置位于所述NFV系统中;
    所述检测代理装置根据所述监测点的位置信息,从所述监测点获得用于定位故障的信息,所述用于定位故障的信息为所述监测点根据过滤条件获得的信息,所述用于定位故障的信息包括所述监测点的位置信息;
    所述检测代理装置向所述检测控制装置发送所述用于定位故障的信息。
  2. 根据权利要求1所述的方法,其特征在于,所述检测代理装置根据所述监测点的位置信息,从所述监测点获得用于定位故障的信息之前,所述方法还包括:
    所述检测代理装置接收所述检测控制装置发送的检测报文和所述业务路径上的注入点的位置信息,所述检测报文为所述监测点获得所述用于定位故障的信息所依据的待抓取报文;
    所述检测代理装置向所述注入点发送所述检测报文。
  3. 根据权利要求1所述的方法,其特征在于,所述检测代理装置根据所述监测点的位置信息,从所述监测点获得用于定位故障的信息之前,所述方法还包括:
    所述检测代理装置接收所述检测控制装置发送的与所述业务路径对应的特征信息和所述业务路径上的注入点的位置信息;
    所述检测代理装置根据所述与所述业务路径对应的特征信息,生成M个检测报文,所述M为大于或等于1的整数,所述M个检测报文中的任意一个检测报文为所述监测点获得所述用于定位故障的信息所依据的待抓取报文;
    所述检测代理装置向所述注入点发送所述M个检测报文。
  4. 根据权利要求1所述的方法,其特征在于,所述用于定位故障的信息为所述监测点对沿所述业务路径转发的业务报文进行过滤后获得的信息。
  5. 根据权利要求1至4任一所述的方法,其特征在于,所述监测点的位置信息为:所述NFV系统的硬件层内,操作系统层内,虚拟化层内,所述硬件层与所述操作系统层之间,和所述操作系统层与所述虚拟化层之间中的任意一个。
  6. 根据权利要求1至5任一所述的方法,其特征在于,所述检测代理装置位于所述NFV系统的硬件层内或操作系统层内或虚拟化层内。
  7. 根据权利要求1至6任一所述的方法,其特征在于,所述过滤条件通过静态配置的方式设置于所述监测点,所述过滤条件用于从待过滤的报文中获得所述用于定位故障的信息。
  8. 根据权利要求1至6任一所述的方法,其特征在于,所述检测代理装置根据所述监测点的位置信息,从所述监测点获得用于定位故障的信息之前,所述方法还包括:
    所述检测代理装置接收所述检测控制装置发送的所述监测点的过滤条件,所述过滤条件用于从待过滤的报文中获得所述用于定位故障的信息;
    所述检测代理装置根据所述监测点的位置信息,向所述监测点发送所述监测点的过滤条件。
  9. 根据权利要求1至8任一所述的方法,其特征在于,所述检测代理装置根据所述监测点的位置信息,从所述监测点获得用于定位故障的信息包括:
    所述检测代理装置周期性从所述监测点读取所述用于定位故障的信息,或者
    所述检测代理装置接收所述监测点周期性发送的所述用于定位故障的信息。
  10. 一种在网络功能虚拟化NFV系统中检测故障的方法,其特征在于,包括:
    检测控制装置向检测代理装置发送业务路径上的监测点的位置信息,所述检测代理装置位于所述NFV系统中;
    所述检测控制装置接收所述检测代理装置发送的用于定位故障的信息,所述用于定位故障的信息为所述监测点根据过滤条件获得的信息,所述用于定位故障的信息包括所述监测点的位置信息;
    所述检测控制装置根据所述用于定位故障的信息和所述业务路径对应的业务模型,确定所述NFV系统中存在故障的监测点。
  11. 根据权利要求10所述的方法,其特征在于,所述检测控制装置接收所述检测代理装置发送的用于定位故障的信息之前,所述方法还包括:
    所述检测控制装置根据所述业务模型,获得与所述业务路径对应的特征信息和所述业务路径上的注入点的位置信息,所述特征信息为生成检测报文所需的信息;
    所述检测控制装置根据所述特征信息生成所述检测报文,所述检测报文为所述监测点获得所述用于定位故障的信息所依据的待抓取报文;
    所述检测控制装置向所述检测代理装置发送所述检测报文和所述注入点的位置信息。
  12. 根据权利要求10所述的方法,其特征在于,所述检测控制装置接收所述检测代理装置发送的用于定位故障的信息之前,所述方法还包括:
    所述检测控制装置根据所述业务模型,获得与所述业务路径对应的特征信息和所述业务路径上的注入点的位置信息,所述特征信息为所述检测代理装置生成检测报文所需的信息,所述检测报文为所述监测点获得所述用于定位故障的信息所依据的待抓取报文;
    所述检测控制装置向所述检测代理装置发送所述特征信息和所述注入点的位置信息。
  13. 根据权利要求10至12任一所述的方法,其特征在于,所述检测控制装置接收所述检测代理装置发送的用于定位故障的信息之前,所述方法还包括:
    所述检测控制装置根据所述业务模型,获得所述监测点的过滤条件,所述过滤条件用于从待过滤的报文中获得所述用于定位故障的信息;
    所述检测控制装置向所述检测代理装置发送所述监测点的过滤条件。
  14. 根据权利要求10至13任一所述的方法,其特征在于,所述监测点的位置信息为:所述NFV系统的硬件层内,操作系统层内,虚拟化层内,所述硬件层与所述操作系统层之间,和所述操作系统层与所述虚拟化层之间中的任意一个。
  15. 根据权利要求10至14任一所述的方法,其特征在于,所述检测控制装置向所述NFV系统中的检测代理装置发送业务路径上的监测点的位置信息之前,所述方法还包括:
    所述检测控制装置根据业务确定所述业务路径的首节点、尾节点和L个中间节点,所述L为大于或等于0的整数;
    所述检测控制装置根据所述业务路径获得所述首节点的位置信息、所述尾节点的位置信息、所述L个中间节点中每个中间节点的位置信息、所述首节点的过滤条件、所述尾节点的过滤条件和所述L个中间节点中每个中间节点的过滤条件;
    所述检测控制装置根据所述首节点的位置信息、所述尾节点的位置信息、所述L个中间节点中每个中间节点的位置信息、所述首节点的过滤条件、所述尾节点的过滤条件和所 述L个中间节点中每个中间节点的过滤条件,获得业务模型。
  16. 根据权利要求10至15任一所述的方法,其特征在于,所述检测控制装置根据所述用于定位故障的信息和所述业务路径对应的业务模型,确定所述NFV系统中存在故障的监测点包括:
    所述检测控制装置根据所述业务路径对应的业务模型,获得N个参数的参考值,所述N个参数为经所述业务路径转发的报文携带的参数,所述N为大于或等于1的整数,所述参考值为在所述业务路径不存在故障点时获得的所述N个参数的预估值;
    所述检测控制装置从所述用于定位故障的信息中,获得所述N个参数的测量值,所述测量值为从经所述业务路径转发的报文中获得的所述N个参数的实际值;
    所述检测控制装置比较所述N个参数的参考值和所述N个参数的测量值,确定所述存在故障的监测点,所述存在故障的监测点为测量值与参考值不同的参数所对应的监测点。
  17. 根据权利要10至16任一所述的方法,其特征在于,所述检测控制装置接收所述检测代理装置发送的用于定位故障的信息之前,所述方法还包括:
    所述检测控制装置通过网络配置协议NETCONF接口,触发所述检测代理装置获取所述用于定位故障的信息。
  18. 一种检测代理装置,其特征在于,所述检测代理装置位于网络功能虚拟化NFV系统中,所述检测代理装置包括:
    第一接收模块,用于接收检测控制装置发送的业务路径上的监测点的位置信息;
    获得模块,用于根据所述监测点的位置信息,从所述监测点获得用于定位故障的信息,所述用于定位故障的信息为所述监测点根据过滤条件获得的信息,所述用于定位故障的信息包括所述监测点的位置信息;
    第一发送模块,用于向所述检测控制装置发送所述用于定位故障的信息。
  19. 根据权利要求18所述的检测代理装置,其特征在于,还包括:
    第二接收模块,用于接收所述检测控制装置发送的检测报文和所述业务路径上的注入点的位置信息,所述检测报文为所述监测点获得所述用于定位故障的信息所依据的待抓取报文;
    第二发送模块,用于向所述注入点发送所述检测报文。
  20. 根据权利要求18所述的检测代理装置,其特征在于,所述检测代理装置还包括:
    第三接收模块,用于接收所述检测控制装置发送的与所述业务路径对应的特征信息和所述业务路径上的注入点的位置信息;
    生成模块,用于根据所述与所述业务路径对应的特征信息,生成M个检测报文,所述M为大于或等于1的整数,所述M个检测报文中的任意一个检测报文为所述监测点获得所述用于定位故障的信息所依据的待抓取报文;
    第三发送模块,用于向所述注入点发送所述M个检测报文。
  21. 根据权利要求18所述的检测代理装置,其特征在于,所述用于定位故障的信息为所述监测点对沿所述业务路径转发的业务报文进行过滤后获得的信息。
  22. 根据权利要求18至21任一所述的检测代理装置,其特征在于,所述检测代理装置位于所述NFV系统的硬件层内或操作系统层内或虚拟化层内。
  23. 根据权利要求18至22任一所述的检测代理装置,其特征在于,所述检测代理装置还包括:
    第四接收模块,用于接收所述检测控制装置发送的所述监测点的过滤条件,所述过滤条件用于从待过滤的报文中获得所述用于定位故障的信息;
    第四发送模块,用于根据所述监测点的位置信息,向所述监测点发送所述监测点的过滤条件。
  24. 根据权利要求18至23任一所述的检测代理装置,其特征在于,所述获得模块具体用于:
    周期性从所述监测点读取所述用于定位故障的信息,或者
    接收所述监测点周期性发送的所述用于定位故障的信息。
  25. 一种检测控制装置,其特征在于,包括:
    第一发送模块,用于向检测代理装置发送业务路径上的监测点的位置信息,所述检测代理装置位于网络功能虚拟化NFV系统中;
    接收模块,用于接收所述检测代理装置发送的用于定位故障的信息,所述用于定位故障的信息为所述监测点根据过滤条件获得的信息,所述用于定位故障的信息包括所述监测点的位置信息;
    故障确定模块,用于根据所述用于定位故障的信息和所述业务路径对应的业务模型,确定所述NFV系统中存在故障的监测点。
  26. 根据权利要求25所述的检测控制装置,其特征在于,还包括:
    第一获得模块,用于根据所述业务模型,获得与所述业务路径对应的特征信息和所述业务路径上的注入点的位置信息,所述特征信息为生成检测报文所需的信息;
    报文生成模块,用于根据所述特征信息生成所述检测报文,所述检测报文为所述监测点获得所述用于定位故障的信息所依据的待抓取报文;
    第二发送模块,用于向所述检测代理装置发送所述检测报文和所述注入点的位置信息。
  27. 根据权利要求25所述的检测控制装置,其特征在于,还包括:
    第二获得模块,用于根据所述业务模型,获得与所述业务路径对应的特征信息和所述业务路径上的注入点的位置信息,所述特征信息为所述检测代理装置生成检测报文所需的信息,所述检测报文为所述监测点获得所述用于定位故障的信息所依据的待抓取报文;
    第三发送模块,用于向所述检测代理装置发送所述特征信息和所述注入点的位置信息。
  28. 根据权利要求25至27任一所述的检测控制装置,其特征在于,还包括:
    第三获得模块,用于根据所述业务模型,获得所述监测点的过滤条件,所述过滤条件用于从待过滤的报文中获得所述用于定位故障的信息;
    第四发送模块,用于向所述检测代理装置发送所述监测点的过滤条件。
  29. 根据权利要求25至28任一所述的检测控制装置,其特征在于,还包括:
    确定模块,用于根据业务确定所述业务路径的首节点、尾节点和L个中间节点,所述L为大于或等于0的整数;
    第四获得模块,用于根据所述业务路径获得所述首节点的位置信息、所述尾节点的位置信息、所述L个中间节点中每个中间节点的位置信息、所述首节点的过滤条件、所述尾节点的过滤条件和所述L个中间节点中每个中间节点的过滤条件;
    模型建立模块,用于根据所述首节点的位置信息、所述尾节点的位置信息、所述L个 中间节点中每个中间节点的位置信息、所述首节点的过滤条件、所述尾节点的过滤条件和所述L个中间节点中每个中间节点的过滤条件,获得业务模型。
  30. 根据权利要求25至29任一所述的检测控制装置,其特征在于,所述故障确定模块具体用于:
    根据所述业务路径对应的业务模型,获得N个参数的参考值,所述N个参数为经所述业务路径转发的报文携带的参数,所述N为大于或等于1的整数,所述参考值为在所述业务路径不存在故障点时获得的所述N个参数的预估值;
    从所述用于定位故障的信息中,获得所述N个参数的测量值,所述测量值为从经所述业务路径转发的报文中获得的所述N个参数的实际值;
    比较所述N个参数的参考值和所述N个参数的测量值,确定所述存在故障的监测点,所述存在故障的监测点为测量值与参考值不同的参数所对应的监测点。
  31. 根据权利要25至30任一所述的检测控制装置,其特征在于,还包括:
    触发模块,用于通过网络配置协议NETCONF接口,触发所述检测代理装置获取所述用于定位故障的信息。
  32. 一种用于进行故障检测的系统,其特征在于,所述系统包括权利要求18至24任一所述的检测代理装置和权利要求25至31任一所述的检测控制装置。
PCT/CN2017/109756 2016-12-02 2017-11-07 在nfv系统中检测故障的方法、装置和系统 WO2018099249A1 (zh)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP17875587.2A EP3541014B1 (en) 2016-12-02 2017-11-07 Method, device and system for detecting fault in nfv system
US16/429,059 US10999129B2 (en) 2016-12-02 2019-06-02 Fault detection method, apparatus, and system in NFV system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201611099758.0 2016-12-02
CN201611099758.0A CN106452925B (zh) 2016-12-02 2016-12-02 在nfv系统中检测故障的方法、装置和系统

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US16/429,059 Continuation US10999129B2 (en) 2016-12-02 2019-06-02 Fault detection method, apparatus, and system in NFV system

Publications (1)

Publication Number Publication Date
WO2018099249A1 true WO2018099249A1 (zh) 2018-06-07

Family

ID=58223091

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/109756 WO2018099249A1 (zh) 2016-12-02 2017-11-07 在nfv系统中检测故障的方法、装置和系统

Country Status (4)

Country Link
US (1) US10999129B2 (zh)
EP (1) EP3541014B1 (zh)
CN (1) CN106452925B (zh)
WO (1) WO2018099249A1 (zh)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20220150107A1 (en) * 2019-07-25 2022-05-12 Huawei Technologies Co., Ltd. Packet loss positioning method, apparatus, and system, and computer storage medium

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106452925B (zh) * 2016-12-02 2021-01-05 华为技术有限公司 在nfv系统中检测故障的方法、装置和系统
US10511523B1 (en) 2017-05-15 2019-12-17 Barefoot Networks, Inc. Network forwarding element with data plane packet snapshotting capabilities
CN108965934B (zh) * 2017-05-27 2021-01-29 华为技术有限公司 一种故障检测方法、监控设备及网络设备
CN109218059B (zh) * 2017-07-06 2021-09-14 华为技术有限公司 一种实现故障检测的方法、设备和系统
CN107623596A (zh) * 2017-09-15 2018-01-23 郑州云海信息技术有限公司 一种nfv平台中启动测试网元定位排查故障的方法
CN110545195A (zh) * 2018-05-29 2019-12-06 华为技术有限公司 网络故障分析方法及装置
CN108833310B (zh) * 2018-06-12 2020-11-13 国网江苏省电力有限公司无锡供电分公司 具备人工智能分析的交换机
CN109491889B (zh) * 2018-10-10 2021-09-24 中国联合网络通信集团有限公司 Nfv中自动化测试的方法和装置
US10992515B1 (en) * 2019-06-10 2021-04-27 Cisco Technology, Inc. Link state tracking for virtual interfaces
CN112434819B (zh) * 2019-08-09 2023-09-05 中国移动通信集团浙江有限公司 业务保障方法及装置
CN111130953B (zh) * 2019-12-31 2022-04-15 奇安信科技集团股份有限公司 Vnf可用性监测方法、设备及介质
CN113326159B (zh) * 2020-02-29 2023-02-03 华为技术有限公司 用于故障注入的方法、装置、系统及计算机可读存储介质
CN111565131B (zh) * 2020-04-22 2022-04-08 烽火通信科技股份有限公司 一种家庭网关cpu测速方法及系统
CN112367196B (zh) * 2020-10-30 2023-03-21 锐捷网络股份有限公司 一种检测网络通信故障的方法、装置及电子设备
CN114598596B (zh) * 2020-12-04 2024-08-09 华为技术有限公司 管理隧道的方法、装置及系统
CN115514508A (zh) * 2021-06-21 2022-12-23 中兴通讯股份有限公司 数据包过滤方法和装置、电子设备、计算机可读存储介质
CN113596891B (zh) * 2021-07-28 2023-07-14 中国联合网络通信集团有限公司 故障定位方法、装置、服务器、存储介质及系统

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015106822A1 (en) * 2014-01-17 2015-07-23 Nokia Solutions And Networks Management International Gmbh Controlling of communication network comprising virtualized network functions
CN105049293A (zh) * 2015-08-21 2015-11-11 中国联合网络通信集团有限公司 监控的方法及装置
CN105760214A (zh) * 2016-04-19 2016-07-13 华为技术有限公司 一种设备状态及资源信息监测方法、相关设备及系统
CN106452925A (zh) * 2016-12-02 2017-02-22 华为技术有限公司 在nfv系统中检测故障的方法、装置和系统
CN106489260A (zh) * 2014-05-12 2017-03-08 诺基亚通信管理国际两合公司 包括虚拟化网络功能的通信网络的控制

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100438423C (zh) * 2002-08-06 2008-11-26 华为技术有限公司 电信设备故障信息管理方法
CN1863173A (zh) * 2006-01-05 2006-11-15 华为技术有限公司 获取设备输出信息的实现方法及装置
CN101201788A (zh) * 2006-12-15 2008-06-18 中兴通讯股份有限公司 定位检测项的系统
US8693981B1 (en) * 2011-06-17 2014-04-08 Cellco Partnership Monitoring persistent client connection status in a distributed server environment
US9838483B2 (en) * 2013-11-21 2017-12-05 Oracle International Corporation Methods, systems, and computer readable media for a network function virtualization information concentrator
EP3222004B1 (en) * 2014-11-19 2018-09-19 British Telecommunications public limited company Diagnostic testing in networks
CN105830394B (zh) * 2014-11-27 2019-05-21 华为技术有限公司 虚拟网络策略的配置方法、系统及其虚拟网元和网管系统
JPWO2016157864A1 (ja) * 2015-03-31 2018-01-25 日本電気株式会社 ネットワークシステム、ネットワーク制御方法および制御装置
EP3300298B1 (en) * 2015-06-30 2020-11-25 Huawei Technologies Co., Ltd. Method and apparatus for switching vnf
JP2018517345A (ja) * 2015-07-30 2018-06-28 ホアウェイ・テクノロジーズ・カンパニー・リミテッド 可用性カウント装置および方法
EP3154225B1 (en) * 2015-10-08 2018-12-26 ADVA Optical Networking SE System and method of assessing latency of forwarding data packets in virtual environment
US10193741B2 (en) * 2016-04-18 2019-01-29 Nyansa, Inc. System and method for network incident identification and analysis

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015106822A1 (en) * 2014-01-17 2015-07-23 Nokia Solutions And Networks Management International Gmbh Controlling of communication network comprising virtualized network functions
CN106489260A (zh) * 2014-05-12 2017-03-08 诺基亚通信管理国际两合公司 包括虚拟化网络功能的通信网络的控制
CN105049293A (zh) * 2015-08-21 2015-11-11 中国联合网络通信集团有限公司 监控的方法及装置
CN105760214A (zh) * 2016-04-19 2016-07-13 华为技术有限公司 一种设备状态及资源信息监测方法、相关设备及系统
CN106452925A (zh) * 2016-12-02 2017-02-22 华为技术有限公司 在nfv系统中检测故障的方法、装置和系统

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP3541014A4

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20220150107A1 (en) * 2019-07-25 2022-05-12 Huawei Technologies Co., Ltd. Packet loss positioning method, apparatus, and system, and computer storage medium

Also Published As

Publication number Publication date
US20190288905A1 (en) 2019-09-19
EP3541014B1 (en) 2021-10-13
US10999129B2 (en) 2021-05-04
EP3541014A1 (en) 2019-09-18
CN106452925A (zh) 2017-02-22
CN106452925B (zh) 2021-01-05
EP3541014A4 (en) 2019-09-18

Similar Documents

Publication Publication Date Title
WO2018099249A1 (zh) 在nfv系统中检测故障的方法、装置和系统
US9699064B2 (en) Method and an apparatus for network state re-construction in software defined networking
CN110178342B (zh) Sdn网络的可扩缩应用级别监视
US8958318B1 (en) Event-based capture of packets from a network flow
EP3240235A1 (en) Method, system and apparatus for debugging networking malfunctions within networking nodes
CN111614505B (zh) 报文处理的方法和网关设备
WO2017000802A1 (zh) 一种业务故障定位方法及装置
WO2018128889A1 (en) Detecting and mitigating loops
CN110971540B (zh) 一种数据信息的传输方法、装置、交换机及控制器
EP2858302A1 (en) Connectivity check method of service stream link, related apparatus and system
US20210203695A1 (en) Anti-spoofing attack check method, device, and system
CN113630301A (zh) 基于智能决策的数据传输方法、装置、设备及存储介质
CN110581792B (zh) 一种报文传输方法及装置
CN111262782B (zh) 一种报文处理方法、装置及设备
CN105763347B (zh) 用于获取参数的方法、网络设备及系统
CN107612848B (zh) 一种调试方法及装置、以及计算机可读存储介质
US10904123B2 (en) Trace routing in virtual networks
JP4167866B2 (ja) データ伝送方法、データ伝送システム及びデータ伝送装置
US20240179178A1 (en) Control method and apparatus, computing device, and computer-readable storage medium
CN116319260B (zh) 一种网络故障诊断方法、装置、设备及存储介质
WO2024199223A1 (zh) 设备接入位置的获取方法及装置
JP5579637B2 (ja) 通信システム、通信装置および接続状態検出方法
CN115604150A (zh) 一种基于标记位的数据包转发一致性检测系统和检测方法
CN114221808A (zh) 安全策略部署方法、装置、计算机设备及可读存储介质
CN117527543A (zh) 网络故障定位方法及计算设备

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17875587

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2017875587

Country of ref document: EP

Effective date: 20190612