WO2018121397A1 - Procédé de commande de trafic de réseau et dispositif de commutation - Google Patents

Procédé de commande de trafic de réseau et dispositif de commutation Download PDF

Info

Publication number
WO2018121397A1
WO2018121397A1 PCT/CN2017/117705 CN2017117705W WO2018121397A1 WO 2018121397 A1 WO2018121397 A1 WO 2018121397A1 CN 2017117705 W CN2017117705 W CN 2017117705W WO 2018121397 A1 WO2018121397 A1 WO 2018121397A1
Authority
WO
WIPO (PCT)
Prior art keywords
traffic
mirrored
encapsulated
network
routed
Prior art date
Application number
PCT/CN2017/117705
Other languages
English (en)
Chinese (zh)
Inventor
周雍恺
陈华俊
袁航
刘国宝
严峻岭
Original Assignee
中国银联股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中国银联股份有限公司 filed Critical 中国银联股份有限公司
Publication of WO2018121397A1 publication Critical patent/WO2018121397A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/20Support for services
    • H04L49/208Port mirroring
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control

Definitions

  • the present invention generally relates to the field of network operation and maintenance technologies, and in particular, to a network traffic control scheme.
  • the monitoring of network traffic has become an important part of network operation and maintenance.
  • the commonly used method is port mirroring of the switch, that is, completely copying the traffic actually transmitted in the switch link to a destination, and then managing by the network.
  • the analyst analyzes the mirror traffic to find out the cause of the network problem, including analyzing the data flow direction, throughput performance, troubleshooting, and security anomalies in the network.
  • the current port mirroring analysis involves routing the mirrored traffic to a remote location.
  • the encapsulated mirrored traffic shares the same link resources as the normal traffic, which affects the traffic normally forwarded in the network.
  • the present invention provides a network flow control scheme that can improve the above problems.
  • the present invention provides a network traffic control method, including: mirroring a packet transmitted in a network; routing and encapsulating the mirrored traffic of the packet; and locally exporting the mirrored encapsulated mirrored traffic.
  • locally routing the routed encapsulated mirrored traffic comprises reserving a port for the routed encapsulated mirrored traffic on the local device and deriving the routed encapsulated mirrored traffic from the reserved port.
  • deriving the routed encapsulated mirrored traffic from the reserved port comprises statically binding an IP address to the reserved port, and using the IP address bound to the reserved port as the The destination address of the mirrored traffic that is encapsulated.
  • the local device is a Layer 3 switch.
  • locally routing the routed encapsulated mirrored traffic includes locally transmitting the routed encapsulated mirrored traffic to the traffic aggregation device, wherein the traffic aggregation device is in communication with the network analysis device.
  • route encapsulation comprises an index of descriptive information for the message.
  • route encapsulation adopts a form of encapsulating a remote port mirroring ERSPAN message, and using a session identification field in the ERSPAN packet as the index.
  • the present invention further provides a switch device, including: a mirroring module, configured to mirror a message transmitted in a network; and an encapsulating module, configured to perform routing and encapsulation on the mirrored traffic of the packet;
  • the export module is used to locally export the mirrored encapsulated mirrored traffic.
  • FIG. 1 is a schematic flow chart of a network flow control method according to an example of the present invention.
  • FIG. 2 is a schematic application scenario of a network traffic control method according to another example of the present invention.
  • FIG. 3 is a schematic block diagram of a switch device in accordance with one example of the present invention.
  • FIG. 1 is a schematic flow chart of a network flow control method according to an example of the present invention.
  • the method shown in Figure 1 can be implemented, for example, in a switch device.
  • the message transmitted in the network is first mirrored in step 11.
  • this may, for example, employ a port mirroring process of the switch, ie, completely copying the traffic of the source port of the switch.
  • the main purpose of generating a mirror is to enable the network administrator to analyze the packet mirror to find out the cause of the network problem.
  • the message that generates the image can be specified, for example, by a network administrator, or automatically generated by a switch or a processing system communicatively coupled to the switch in accordance with pre-set conditions.
  • step 13 the generated mirrored traffic is route encapsulated so that the mirrored traffic can be routed to the remote network analysis device in the network.
  • various descriptions related to the original message or indexes containing the description information may be included in the headers of these route encapsulations, which is especially useful for cloud network environments.
  • a cloud network is a network that hosts cloud platform virtualization applications. Cloud network traffic is characterized by virtualization and dynamization. Virtualization refers to the existence of logical access traffic and actual physical traffic. Each physical port may carry traffic of multiple virtual hosts. Dynamicization means that virtual hosts can be dynamically migrated, so their network traffic is also migrated and is not fixed to a physical port.
  • the network administrator can analyze the network traffic situation more accurately and efficiently.
  • the description information of the packet may include, for example, one or more of message and user information, path information, virtual network group information, and the like.
  • the packet mirroring may be encapsulated in the form of an encapsulated remote port mirroring ERSPAN packet.
  • the session identifier field in the ERSPAN packet may be used as the index.
  • the session identifier (in the session_id field) in the ERSPAN header is stored together with the description information of the packet as an association table. Therefore, after receiving the ERSPAN message, the network analysis device can extract the description information according to the session identifier thereof for the network administrator to use in the analysis process.
  • step 15 includes locally routing the mirrored encapsulated mirrored traffic.
  • the port may be reserved for routed encapsulated mirrored traffic on the local switch device and the routed encapsulated mirrored traffic may be derived from the reserved port.
  • the IP address can be statically bound to the reserved port, and the IP address bound to the reserved port is used as the destination address of the mirrored encapsulated traffic.
  • the local device can be, for example, a Layer 3 switch, so routing traffic can be routed.
  • routing traffic can be routed.
  • all mirrored traffic that is to be routed to the remote network analysis device is all locally exported, thereby avoiding the impact of the mirrored traffic on the normal traffic in the switch link.
  • Mirrored traffic only occupies the reserved interface bandwidth, and the excess can be directly discarded, so that it does not overflow or encroach on other link resources.
  • the routing encapsulation can be used to enable the mirroring traffic to carry the description information related to the packet, so that it has better flexibility and relevance than the general local traffic mirroring, which is especially applicable in the cloud network scenario.
  • the routed encapsulated mirrored traffic may be locally transmitted from the locally encapsulated mirrored traffic to a traffic aggregation device (such as a TAP device), which in turn is in communication with the network analysis device.
  • a traffic aggregation device such as a TAP device
  • the deepened portion in the switch shown in Figure 2 represents a reserved port.
  • Mirror traffic from different switches can be aggregated through the TAP device and finally imported into the network analysis device for traffic analysis.
  • the network traffic control scheme provided by the present invention can improve the controllability of the impact on the mirrored traffic, especially the packets such as ERSPAN encapsulation.
  • the mirrored traffic of the route encapsulation will be restricted to the local exchange to avoid occupying the uplink bandwidth, and by preserving a fixed port channel for the mirrored traffic, the mirrored traffic can be limited to a controllable range.
  • the method of the present invention can provide administrators with more traffic for the traffic while limiting the impact of the ERSPAN mode mirrored traffic on the network link while utilizing its flexibility and relevance to the local mirrored traffic. Analyze useful information and improve the efficiency of network traffic monitoring. As mentioned above, this is especially true in cloud network scenarios.
  • the switch device 300 includes a mirroring module 31, a packaging module 33, and an exporting module 35.
  • the mirroring module is configured to mirror the packets transmitted in the network;
  • the encapsulating module 33 is configured to route the encapsulated traffic of the packet;
  • the exporting module 35 is configured to derive the routing encapsulation from the local Mirror traffic.

Abstract

L'invention concerne un procédé de commande de trafic de réseau. Le procédé comprend : l'écriture miroir d'un message transmis dans un réseau ; la réalisation d'une encapsulation de routage sur un trafic en miroir du message ; et l'exportation du trafic en miroir ayant subi l'encapsulation de routage à partir de la localité. L'invention concerne également un dispositif de commutation. Le dispositif de commutation comprend : un module d'écriture miroir, permettant l'écriture miroir d'un message transmis dans un réseau ; un module d'encapsulation, permettant la réalisation d'une encapsulation de routage sur un trafic en miroir du message ; et un module d'exportation, permettant l'exportation du trafic en miroir ayant subi l'encapsulation de routage à partir de la localité.
PCT/CN2017/117705 2016-12-30 2017-12-21 Procédé de commande de trafic de réseau et dispositif de commutation WO2018121397A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201611257763.X 2016-12-30
CN201611257763.XA CN106982179A (zh) 2016-12-30 2016-12-30 一种网络流量控制方法以及交换机设备

Publications (1)

Publication Number Publication Date
WO2018121397A1 true WO2018121397A1 (fr) 2018-07-05

Family

ID=59340949

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/117705 WO2018121397A1 (fr) 2016-12-30 2017-12-21 Procédé de commande de trafic de réseau et dispositif de commutation

Country Status (2)

Country Link
CN (1) CN106982179A (fr)
WO (1) WO2018121397A1 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110891047A (zh) * 2019-10-08 2020-03-17 中国信息通信研究院 智能音箱数据流处理方法及系统
CN112202646A (zh) * 2020-12-03 2021-01-08 观脉科技(北京)有限公司 一种流量分析方法和系统
CN112653628A (zh) * 2020-12-23 2021-04-13 新华三技术有限公司 一种erspan的方法和网络设备

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106982179A (zh) * 2016-12-30 2017-07-25 中国银联股份有限公司 一种网络流量控制方法以及交换机设备
CN107770098A (zh) * 2017-09-05 2018-03-06 全球能源互联网研究院有限公司 一种基于sdn的变电站站内通信引流方法及系统
CN108092845A (zh) * 2017-11-06 2018-05-29 中国银联股份有限公司 镜像流量的区分和定位
CN108270699B (zh) * 2017-12-14 2020-11-24 中国银联股份有限公司 报文处理方法、分流交换机及聚合网络
CN109120554B (zh) * 2018-09-25 2021-08-24 杭州迪普科技股份有限公司 一种基于true镜像的流镜像方法和交换设备
US10999366B2 (en) * 2019-03-10 2021-05-04 Mellanox Technologies Tlv Ltd. Mirroring dropped packets
CN111478862B (zh) * 2020-03-09 2022-02-22 邦彦技术股份有限公司 远程数据镜像处理系统和方法

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101155081A (zh) * 2006-09-29 2008-04-02 中兴通讯股份有限公司 基于网络处理器的ip dslam业务故障诊断方法
CN101193002A (zh) * 2006-11-20 2008-06-04 中兴通讯股份有限公司 一种宽带接入业务故障诊断及报警方法
CN105357075A (zh) * 2015-11-20 2016-02-24 武汉邮电科学研究院 基于软件定义网络的流量监测系统和方法
US20160182336A1 (en) * 2014-12-22 2016-06-23 Vmware, Inc. Hybrid cloud network monitoring system for tenant use
CN105978852A (zh) * 2016-04-14 2016-09-28 北京北信源软件股份有限公司 一种网络设备访问历史信息的确定方法、设备及交换机
US20160294647A1 (en) * 2013-09-24 2016-10-06 International Business Machines Corporation Determining Sampling Rate from Randomly Sampled Events
CN106982179A (zh) * 2016-12-30 2017-07-25 中国银联股份有限公司 一种网络流量控制方法以及交换机设备

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101155081A (zh) * 2006-09-29 2008-04-02 中兴通讯股份有限公司 基于网络处理器的ip dslam业务故障诊断方法
CN101193002A (zh) * 2006-11-20 2008-06-04 中兴通讯股份有限公司 一种宽带接入业务故障诊断及报警方法
US20160294647A1 (en) * 2013-09-24 2016-10-06 International Business Machines Corporation Determining Sampling Rate from Randomly Sampled Events
US20160182336A1 (en) * 2014-12-22 2016-06-23 Vmware, Inc. Hybrid cloud network monitoring system for tenant use
CN105357075A (zh) * 2015-11-20 2016-02-24 武汉邮电科学研究院 基于软件定义网络的流量监测系统和方法
CN105978852A (zh) * 2016-04-14 2016-09-28 北京北信源软件股份有限公司 一种网络设备访问历史信息的确定方法、设备及交换机
CN106982179A (zh) * 2016-12-30 2017-07-25 中国银联股份有限公司 一种网络流量控制方法以及交换机设备

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110891047A (zh) * 2019-10-08 2020-03-17 中国信息通信研究院 智能音箱数据流处理方法及系统
CN112202646A (zh) * 2020-12-03 2021-01-08 观脉科技(北京)有限公司 一种流量分析方法和系统
CN112202646B (zh) * 2020-12-03 2021-02-26 观脉科技(北京)有限公司 一种流量分析方法和系统
CN112653628A (zh) * 2020-12-23 2021-04-13 新华三技术有限公司 一种erspan的方法和网络设备
CN112653628B (zh) * 2020-12-23 2022-07-12 新华三技术有限公司 一种erspan的方法和网络设备

Also Published As

Publication number Publication date
CN106982179A (zh) 2017-07-25

Similar Documents

Publication Publication Date Title
WO2018121397A1 (fr) Procédé de commande de trafic de réseau et dispositif de commutation
US11792046B2 (en) Method for generating forwarding information, controller, and service forwarding entity
US11411770B2 (en) Virtual port channel bounce in overlay network
US10237230B2 (en) Method and system for inspecting network traffic between end points of a zone
US7738457B2 (en) Method and system for virtual routing using containers
RU2651143C1 (ru) Способ, устройство и система для конфигурирования записей потоков
EP3044914B1 (fr) Virtualisation de réseau améliorée au moyen de métadonnées d'un en-tête d'encapsulation
US10992709B2 (en) Efficient use of IPsec tunnels in multi-path environment
US9225656B2 (en) Quality of service in a heterogeneous network
US20220078114A1 (en) Method and Apparatus for Providing Service for Traffic Flow
US7835285B2 (en) Quality of service, policy enhanced hierarchical disruption tolerant networking system and method
JP6162337B2 (ja) アプリケーションアウェアネットワーク管理
US9356844B2 (en) Efficient application recognition in network traffic
US9712649B2 (en) CCN fragmentation gateway
WO2012106869A1 (fr) Procédé de traitement de messages et dispositif associé
US9800551B2 (en) AVC Bi-directional correlation using an overlay fabric header
EP3574617B1 (fr) Procédé et appareil de gestion d'interruptions de routage dans un réseau informatique
WO2015070755A1 (fr) Procédé et dispositif de sécurité de réseau
CN113395212A (zh) 网络装置及其操作方法和非暂时性计算机可读介质
CN112637237B (zh) 基于SRoU的业务加密方法、系统、设备及存储介质
US20170244622A1 (en) In-band, health-based assessments of service function paths
US9749236B2 (en) Increased network scalability by router aware switches
US11956160B2 (en) End-to-end flow control with intermediate media access control security devices
US11722525B2 (en) IPsec processing of packets in SoCs

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17889473

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17889473

Country of ref document: EP

Kind code of ref document: A1