[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN116436790A - Scene target drone network topology detection method and system in network target range - Google Patents

Scene target drone network topology detection method and system in network target range Download PDF

Info

Publication number
CN116436790A
CN116436790A CN202310213744.0A CN202310213744A CN116436790A CN 116436790 A CN116436790 A CN 116436790A CN 202310213744 A CN202310213744 A CN 202310213744A CN 116436790 A CN116436790 A CN 116436790A
Authority
CN
China
Prior art keywords
network
virtual machine
scene
topology
list
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310213744.0A
Other languages
Chinese (zh)
Inventor
万先华
谢峥
高庆官
王鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing Cyber Peace Technology Co Ltd
Original Assignee
Nanjing Cyber Peace Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing Cyber Peace Technology Co Ltd filed Critical Nanjing Cyber Peace Technology Co Ltd
Priority to CN202310213744.0A priority Critical patent/CN116436790A/en
Publication of CN116436790A publication Critical patent/CN116436790A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/12Discovery or management of network topologies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0866Checking the configuration
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0895Configuration of virtualised networks or elements, e.g. virtualised network function or OpenFlow elements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0805Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
    • H04L43/0811Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking connectivity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/10Active monitoring, e.g. heartbeat, ping or trace-route
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Environmental & Geological Engineering (AREA)
  • Health & Medical Sciences (AREA)
  • Cardiology (AREA)
  • General Health & Medical Sciences (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a method and a system for detecting network topology of a scene target drone in a network target range, wherein virtual machines, networks and routes to be detected are obtained by analyzing scene data of the network target range; for the virtual machine, in a network naming space where the virtual machine is located on the control node, the IP address of the virtual machine is arping, the mac address of the reply packet is obtained, and the mac address is compared with the allocated mac address to judge whether the configuration of the virtual machine is normal or not; for a network, dispatching to a computing node where a virtual machine in the network is located through rpc, accessing the virtual machine through a serial port, and pinging a gateway address on the virtual machine to judge whether network configuration is normal; for routing, the routing is dispatched to a computing node where a virtual machine in one network is located, the virtual machine is accessed through a serial port, an IP address in the other network is ping on the virtual machine, and whether routing configuration is normal or not is judged. The invention is helpful for network topology verification and network connectivity problem positioning, and greatly improves the working efficiency.

Description

一种网络靶场中场景靶机网络拓扑检测方法与系统A network topology detection method and system for a target machine in a network shooting range

技术领域technical field

本发明涉及一种网络靶场中场景靶机网络拓扑检测方法与系统,属于计算机软件、网络安全领域。The invention relates to a network topology detection method and system for a scene target machine in a network shooting range, belonging to the fields of computer software and network security.

背景技术Background technique

在网络靶场基于网络拓扑图启动场景时,会根据场景配置数据进行网络、虚拟机终端、交换机、路由器的实例化。目前场景实例化后会针对一些特殊应用(例如一些服务的端口是否能够连接)判断场景是否初始化完成,但是并不清楚实际启动的场景是否与网络拓扑图配置的一致,整个拓扑网络是否真的能够连通,需要手动对拓扑中靶机进行检测。并且在网络拓扑的连通性出现问题时,问题排查复杂繁琐。When starting the scene based on the network topology map in the network shooting range, the network, virtual machine terminal, switch, and router will be instantiated according to the scene configuration data. At present, after the scene is instantiated, it will judge whether the scene is initialized for some special applications (such as whether the ports of some services can be connected), but it is not clear whether the actual startup scene is consistent with the configuration of the network topology diagram, and whether the entire topology network can really Connectivity, you need to manually detect the target drone in the topology. And when there is a problem with the connectivity of the network topology, troubleshooting is complicated and cumbersome.

发明内容Contents of the invention

发明目的:针对上述现有技术存在的问题,本发明目的在于提供一种网络靶场中场景靶机网络拓扑检测方法与系统,能够自动分析网络场景拓扑,获取网络链路状态,展示网络拓扑变化状态,提高检测效率。Purpose of the invention: In view of the problems existing in the above-mentioned prior art, the purpose of the present invention is to provide a network topology detection method and system for a target machine in a network shooting range, which can automatically analyze the network scene topology, obtain the network link status, and display the network topology change status , improve detection efficiency.

技术方案:为实现上述发明目的,本发明采用如下技术方案:Technical solution: In order to achieve the above-mentioned purpose of the invention, the present invention adopts the following technical solution:

一种网络靶场中场景靶机网络拓扑检测方法,包括如下步骤:A network topology detection method for a scene target machine in a network shooting range, comprising the following steps:

获取网络靶场场景数据,解析得到需要检测的虚拟机列表、网络列表和路由列表;其中虚拟机列表中包含了场景拓扑中所有的虚拟机,网络列表中包含了场景拓扑中所有的网络以及网络内的虚拟机,路由列表中包含了场景拓扑中通过路由器相连的两个不同的网络以及网络内的虚拟机;Obtain the scene data of the network shooting range, analyze and obtain the list of virtual machines, network lists and routing lists that need to be detected; the list of virtual machines contains all the virtual machines in the scene topology, and the list of networks contains all the networks in the scene topology and the The routing list contains two different networks connected by routers in the scene topology and the virtual machines in the network;

遍历虚拟机列表中的每个待检测的虚拟机,在网络靶场控制节点上虚拟机所在的网络命名空间内,arping虚拟机IP地址,获取回复包的mac地址,并与虚拟机创建时分配的mac地址进行对比以判断虚拟机配置是否正常;Traverse each virtual machine to be detected in the virtual machine list, arping the IP address of the virtual machine in the network namespace where the virtual machine is located on the network range control node, obtain the mac address of the reply packet, and match it with the virtual machine assigned when it was created The mac address is compared to determine whether the virtual machine configuration is normal;

遍历网络列表中的每个待检测的网络,通过rpc调度至网络内虚拟机所在的计算节点,通过串口接入虚拟机,在虚拟机上ping网络的网关地址,根据是否ping通判断网络配置是否正常;Traverse each network to be detected in the network list, dispatch to the computing node where the virtual machine in the network is located through rpc, access the virtual machine through the serial port, ping the gateway address of the network on the virtual machine, and judge whether the network configuration is normal;

遍历路由列表中的每个待检测的路由,通过rpc调度至其中一个网络内虚拟机所在的计算节点,通过串口接入虚拟机,在虚拟机上ping另一个网络内虚拟机的IP地址,根据是否ping通判断路由配置是否正常。Traverse each route to be detected in the routing list, dispatch to the computing node where the virtual machine in one of the networks is located through rpc, access the virtual machine through the serial port, and ping the IP address of the virtual machine in the other network on the virtual machine, according to Whether the ping is successful determines whether the routing configuration is normal.

作为优选,在检测网络或路由时,在网络内的虚拟机中随机选择一台虚拟机进行检测。Preferably, when detecting a network or a route, a virtual machine is randomly selected from the virtual machines in the network for detection.

作为优选,虚拟机创建时分配的mac地址获取方式:通过rpc调度虚拟机所在的计算节点查询虚拟机配置文件,获取配置文件中虚拟机mac地址。Preferably, the mac address allocated when the virtual machine is created is obtained in a manner: the virtual machine configuration file is queried by the computing node where the virtual machine is scheduled by rpc, and the virtual machine mac address in the configuration file is obtained.

进一步地,所述方法还包括,在检测过程中根据实时检测的结果,展示场景拓扑的网络链路状态。Further, the method further includes, during the detection process, displaying the network link status of the scene topology according to the real-time detection result.

一种网络靶场中场景靶机网络拓扑检测系统,包括:A network topology detection system for a scene target machine in a network shooting range, comprising:

任务解析模块,用于获取网络靶场场景数据,解析得到需要检测的虚拟机列表、网络列表和路由列表;其中虚拟机列表中包含了场景拓扑中所有的虚拟机,网络列表中包含了场景拓扑中所有的网络以及网络内的虚拟机,路由列表中包含了场景拓扑中通过路由器相连的两个不同的网络以及网络内的虚拟机;The task parsing module is used to obtain the scene data of the network shooting range, and parse to obtain the virtual machine list, network list and routing list to be detected; the virtual machine list includes all the virtual machines in the scene topology, and the network list contains all the virtual machines in the scene topology. For all networks and virtual machines in the network, the routing list contains two different networks connected by routers in the scene topology and virtual machines in the network;

终端检测模块,用于遍历虚拟机列表中的每个待检测的虚拟机,在网络靶场控制节点上虚拟机所在的网络命名空间内,arping虚拟机IP地址,获取回复包的mac地址,并与虚拟机创建时分配的mac地址进行对比以判断虚拟机配置是否正常;The terminal detection module is used to traverse each virtual machine to be detected in the virtual machine list, arping the IP address of the virtual machine in the network namespace where the virtual machine is located on the control node of the network shooting range, obtain the mac address of the reply packet, and communicate with Compare the mac address assigned when the virtual machine is created to determine whether the virtual machine configuration is normal;

网络检测模块,用于遍历网络列表中的每个待检测的网络,通过rpc调度至网络内虚拟机所在的计算节点,通过串口接入虚拟机,在虚拟机上ping网络的网关地址,根据是否ping通判断网络配置是否正常;The network detection module is used to traverse each network to be detected in the network list, dispatch to the computing node where the virtual machine in the network is located through rpc, access the virtual machine through the serial port, and ping the gateway address of the network on the virtual machine, according to whether Ping through to determine whether the network configuration is normal;

路由检测模块,用于遍历路由列表中的每个待检测的路由,通过rpc调度至其中一个网络内虚拟机所在的计算节点,通过串口接入虚拟机,在虚拟机上ping另一个网络内虚拟机的IP地址,根据是否ping通判断路由配置是否正常。The route detection module is used to traverse each route to be detected in the route list, dispatch to the computing node where the virtual machine in one of the networks is located through rpc, access the virtual machine through the serial port, and ping the virtual machine in another network on the virtual machine Check whether the routing configuration is normal based on whether the ping is successful.

作为优选,网络检测模块或路由检测模块,在检测网络或路由时,在网络内的虚拟机中随机选择一台虚拟机进行检测。Preferably, the network detection module or the route detection module randomly selects a virtual machine among the virtual machines in the network for detection when detecting the network or the route.

作为优选,所述终端检测模块,虚拟机创建时分配的mac地址获取方式:通过rpc调度虚拟机所在的计算节点查询虚拟机配置文件,获取配置文件中虚拟机mac地址。Preferably, in the terminal detection module, the mac address assigned when the virtual machine is created is obtained in a manner: through RPC scheduling, the computing node where the virtual machine is located queries the configuration file of the virtual machine, and obtains the mac address of the virtual machine in the configuration file.

进一步地,所述系统还包括,结果展示模块,用于在检测过程中根据实时检测的结果,展示场景拓扑的网络链路状态。Further, the system further includes a result display module, configured to display the network link status of the scene topology according to the real-time detection results during the detection process.

一种计算机系统,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,所述计算机程序被加载至处理器时实现所述的网络靶场中场景靶机网络拓扑检测方法的步骤。A computer system, comprising a memory, a processor, and a computer program stored on the memory and operable on the processor, when the computer program is loaded into the processor, the method for detecting network topology of a scene target machine in a network shooting range is realized A step of.

一种计算机可读存储介质,所述计算机可读存储介质存储有计算机程序,所述计算机程序被处理器执行时实现所述的网络靶场中场景靶机网络拓扑检测方法的步骤。A computer-readable storage medium, the computer-readable storage medium stores a computer program, and when the computer program is executed by a processor, the steps of the network topology detection method for a scene target machine in a network shooting range are realized.

有益效果:与现有技术相比,本发明具有如下优点:本发明通过自动分析场景网络拓扑,进行终端、网络、路由的分类检测,能获取到整个网络拓扑链路状态,保证实际启动场景的拓扑与配置一致,有助于网络拓扑验证和网络连通性问题定位,极大地提高了工作效率。本发明通过网络链路自动检测,能够获取并展示整个网络拓扑变化情况。Beneficial effects: compared with the prior art, the present invention has the following advantages: the present invention can automatically analyze the network topology of the scene, perform classification detection of terminals, networks, and routes, and can obtain the link status of the entire network topology, ensuring that the actual start-up scene The topology is consistent with the configuration, which is helpful for network topology verification and network connectivity problem location, which greatly improves work efficiency. The present invention can acquire and display the change of the whole network topology through the automatic detection of the network link.

附图说明Description of drawings

图1为本发明实施例的总体流程图。Fig. 1 is an overall flow chart of the embodiment of the present invention.

图2为靶场场景网络拓扑示意图。Figure 2 is a schematic diagram of the network topology of the shooting range scene.

图3为本发明实施例中虚拟机终端检测示意图。FIG. 3 is a schematic diagram of virtual machine terminal detection in an embodiment of the present invention.

图4为本发明实施例中网络检测示意图。FIG. 4 is a schematic diagram of network detection in an embodiment of the present invention.

图5为本发明实施例中路由检测示意图。FIG. 5 is a schematic diagram of route detection in an embodiment of the present invention.

具体实施方式Detailed ways

下面将结合附图和具体实施例,对本发明的技术方案进行清楚、完整的描述。The technical solutions of the present invention will be clearly and completely described below in conjunction with the accompanying drawings and specific embodiments.

如图1所示,本发明实施例公开的一种网络靶场中场景靶机网络拓扑检测方法,主要包括任务解析、虚拟机终端检测、网络检测和路由检测几个步骤。用于在通过靶场管理平台前端启动场景后,平台将场景启动数据通过接口传输给自动分析检测网络链路服务,通过服务对场景数据分析,先分类出,需要终端检测,网络检测,路由检测的类型,进行优化检测。对场景数据进行解析后得到需要检测的虚拟机列表、网络列表和路由列表;其中虚拟机列表中包含了场景拓扑中所有的虚拟机,网络列表中包含了场景拓扑中所有的网络以及网络内的虚拟机,路由列表中包含了场景拓扑中通过路由器相连的两个不同的网络以及网络内的虚拟机。As shown in FIG. 1 , a network topology detection method for a scene target machine in a network shooting range disclosed by an embodiment of the present invention mainly includes several steps of task analysis, virtual machine terminal detection, network detection, and routing detection. After starting the scene through the front end of the shooting range management platform, the platform transmits the scene start data to the automatic analysis and detection network link service through the interface, and analyzes the scene data through the service, and first classifies it, which requires terminal detection, network detection, and routing detection. Type for optimized detection. After parsing the scene data, the virtual machine list, network list and route list to be detected are obtained; the virtual machine list contains all the virtual machines in the scene topology, and the network list contains all the networks in the scene topology and the networks in the network. For virtual machines, the route list includes two different networks connected by routers in the scene topology and the virtual machines in the networks.

具体场景数据可以是xml文件或数据库文件传入到自动检测服务,具体解析时可以以路由器为第一类标签并且记录其下网络信息,网络交换机为第二类标签并且记录其下虚拟机,虚拟机终端为第三类,由第二类网络交换机可知其网络下的虚拟机终端,也可知网络连接的路由,即先确定网络,检测每个网络下虚拟机终端,接着检测对其下虚拟机检测网络,再检测与之相连的路由器下不同网段的网络的路由。The specific scene data can be imported into the automatic detection service as an xml file or a database file. For specific analysis, routers can be used as the first type of label and the network information under it can be recorded, and network switches can be used as the second type of label and the virtual machine under it can be recorded. The machine terminal is the third type. The second type of network switch can know the virtual machine terminal under the network, and also know the route of the network connection, that is, first determine the network, detect the virtual machine terminal under each network, and then detect the virtual machine under the corresponding network. Detect the network, and then detect the routes of the networks of different network segments under the router connected to it.

此外,也可通过优化检测,提高效率,图2所示场景vm1、vm2与交换机s1相连,vm2、vm3、vm4与交换机s2相连,通过终端检测方法检测vm1、vm2得知检测后,进行网络检测只需要检测其中一台终端节点就好,在vm1上进行网络检测,其结果就是vm2的结果,同理vm3、vm4、vm5也只需在其中一台虚拟机上进行网络检测,检测路由也只需通过vm1与vm3进行路由检测,得出与两个交换机相连的路由器是否正常。这样对所有机器不需要进行过多的网络检测与路由检测,大大提高的检测效率。因为是实时上报的所以每次在检测时,在检测网络或者路由时,随机选择其中虚拟机进行检测。In addition, the efficiency can also be improved by optimizing the detection. In the scenario shown in Figure 2, vm1 and vm2 are connected to the switch s1, and vm2, vm3, and vm4 are connected to the switch s2. After detecting vm1 and vm2 through the terminal detection method, network detection is performed. It is only necessary to detect one of the terminal nodes. The network detection is performed on vm1, and the result is the result of vm2. Similarly, vm3, vm4, and vm5 only need to perform network detection on one of the virtual machines, and the detection route only needs to It is necessary to perform routing detection through vm1 and vm3 to find out whether the router connected to the two switches is normal. In this way, there is no need to perform too much network detection and routing detection for all machines, which greatly improves the detection efficiency. Because it is reported in real time, each time when detecting, when detecting the network or routing, a virtual machine is randomly selected among them for detection.

在所有类型网络场景中,除虚拟机需要实时检测外;一台交换机连接多个虚拟机,只需要对其中一台虚拟机进行网络检测;两台交换机通过路由器相连,也只需要通过对其中一台虚拟机进行路由检测。下面具体解释虚拟机终端、网络及路由的具体检测方法。In all types of network scenarios, except that virtual machines need to be detected in real time; when a switch is connected to multiple virtual machines, only one of the virtual machines needs to be detected; when two switches are connected through a router, only one of them needs to be detected. Virtual machine for routing detection. The specific detection methods of the virtual machine terminal, network and routing are explained in detail below.

1.终端检测方法1. Terminal detection method

创建虚拟机时如分配新网络时,都会在网络靶场控制节点(即OpenStack控制节点)创建对应网络的命名空间,并配置网络的dhcp服务,即通过服务对虚拟机所在的网络命名空间内,arping各自虚拟机IP地址,获取回包的mac地址与虚拟机创建时分配的mac地址对比来检测虚拟机网络是否正常,如图3所示。When creating a virtual machine, if a new network is allocated, a namespace corresponding to the network will be created on the network range control node (that is, the OpenStack control node), and the dhcp service of the network will be configured, that is, arping to the network namespace where the virtual machine is located through the service Compare the IP address of each virtual machine and the mac address obtained in the return packet with the mac address assigned when the virtual machine was created to check whether the virtual machine network is normal, as shown in Figure 3.

通过命名空间arping虚拟机IP:Arping virtual machine IP through namespace:

ip netns exec qdhcp-f46b1cf0-7d9c-49e3-b8ea-4048ded3566b arping192.168.1.147ip netns exec qdhcp-f46b1cf0-7d9c-49e3-b8ea-4048ded3566b arping192.168.1.147

ARPING 192.168.1.147 from 192.168.1.1 tap75f58168-e4ARPING 192.168.1.147 from 192.168.1.1 tap75f58168-e4

Unicast reply from 192.168.1.147 [FA:16:3E:FD:B4:D9] 1.047msUnicast reply from 192.168.1.147 [FA:16:3E:FD:B4:D9] 1.047ms

Unicast reply from 192.168.1.147 [FA:16:3E:FD:B4:D9] 0.876msUnicast reply from 192.168.1.147 [FA:16:3E:FD:B4:D9] 0.876ms

通过rpc调度至虚拟机所在节点查询虚拟机的配置文件mac信息,与上述所得的mac地址进行校验,得出结果。配置文件网络接口部分示例:Query the configuration file mac information of the virtual machine through rpc scheduling to the node where the virtual machine is located, and verify it with the mac address obtained above to obtain the result. Example of a network interface section of a configuration file:

<interface type='bridge'><interface type='bridge'>

<mac address='fa:16:3e:fd:b4:d9'/><mac address='fa:16:3e:fd:b4:d9'/>

<source bridge='qbr9a7743eb-ad'/><source bridge='qbr9a7743eb-ad'/>

<target dev='tap9a7743eb-ad'/><target dev='tap9a7743eb-ad'/>

<model type='virtio'/><model type='virtio'/>

<mtu size='1500'/><mtu size='1500'/>

<alias name='net0'/><alias name='net0'/>

<address type='pci' domain='0x0000' bus='0x00' slot='0x03'function='0x0'/><address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>

</interface></interface>

解析出两者的mac地址是否相同从而得知检测结果。Analyze whether the mac addresses of the two are the same to know the detection result.

2.网络检测方法2. Network detection method

如图4所示,通过服务rpc调用到虚拟机所在主机,通过串口连接虚拟机,在虚拟机上ping一下网关地址,如能正常ping通则说明网络是通的,反之亦然。As shown in Figure 4, call the host where the virtual machine is located through the service rpc, connect the virtual machine through the serial port, and ping the gateway address on the virtual machine. If the ping is successful, it means that the network is connected, and vice versa.

3.路由检测方法3. Routing detection method

如图5所示,通过串口连接虚拟机,在虚拟机上ping一下跨网段的地址。As shown in Figure 5, connect the virtual machine through the serial port, and ping the address across the network segment on the virtual machine.

网络靶场创建虚拟机时都会创建一个tcp类型的console设备,并将目标指向虚拟机的serial设备。When creating a virtual machine in the network shooting range, a console device of type tcp will be created, and the target will be pointed to the serial device of the virtual machine.

即串口设备配置示例;That is, an example of serial device configuration;

<console type='tcp'><console type='tcp'>

<source mode='bind' host='0.0.0.0' service='15913' tls='no'/><source mode='bind' host='0.0.0.0' service='15913' tls='no'/>

<protocol type='telnet'/><protocol type='telnet'/>

<logfile='/var/lib/nova/instances/f3279ec8-388d-4ebb-904a-61a320f13ba1/console.log' append= 'off'/><logfile='/var/lib/nova/instances/f3279ec8-388d-4ebb-904a-61a320f13ba1/console.log' append='off'/>

<target type='serial' port='0'/><target type='serial' port='0'/>

<alias name='serial0'/><alias name='serial0'/>

</console></console>

通过间隔时间,及实时获取当前网络链路状态,通过websocket及时推送给前端页面,前端将结果展示出来。Through the interval time and real-time acquisition of the current network link status, it will be pushed to the front-end page in time through websocket, and the front-end will display the results.

基于相同的发明构思,本发明实施例公开的一种网络靶场中场景靶机网络拓扑检测系统,包括:任务解析模块,用于获取网络靶场场景数据,解析得到需要检测的虚拟机列表、网络列表和路由列表;终端检测模块,用于遍历虚拟机列表中的每个待检测的虚拟机,在网络靶场控制节点上虚拟机所在的网络命名空间内,arping虚拟机IP地址,获取回复包的mac地址,并与虚拟机所在计算节点上的配置文件中的mac地址进行对比以判断虚拟机配置是否正常;网络检测模块,用于遍历网络列表中的每个待检测的网络,通过rpc调度至网络内虚拟机所在的计算节点,通过串口接入虚拟机,在虚拟机上ping网络的网关地址,根据是否ping通判断网络配置是否正常;路由检测模块,用于遍历路由列表中的每个待检测的路由,通过rpc调度至其中一个网络内虚拟机所在的计算节点,通过串口接入虚拟机,在虚拟机上ping另一个网络内虚拟机的IP地址,根据是否ping通判断路由配置是否正常。Based on the same inventive concept, the embodiment of the present invention discloses a target machine network topology detection system in a network shooting range, including: a task analysis module, which is used to obtain the scene data of the network shooting range, and analyze to obtain a list of virtual machines and a network list that need to be detected and routing list; the terminal detection module is used to traverse each virtual machine to be detected in the virtual machine list, arping the IP address of the virtual machine in the network namespace where the virtual machine is located on the network range control node, and obtain the mac of the reply packet address, and compare it with the mac address in the configuration file on the computing node where the virtual machine is located to determine whether the virtual machine configuration is normal; the network detection module is used to traverse each network to be detected in the network list, and dispatch to the network through rpc The computing node where the internal virtual machine is located accesses the virtual machine through a serial port, pings the gateway address of the network on the virtual machine, and judges whether the network configuration is normal according to whether the ping is successful; the routing detection module is used to traverse each to-be-detected node in the routing list The route is dispatched to the computing node where the virtual machine in one of the networks is located through rpc, connected to the virtual machine through the serial port, and pings the IP address of the virtual machine in the other network on the virtual machine, and judges whether the routing configuration is normal according to whether the ping is successful.

基于相同的发明构思,本发明实施例公开的一种计算机系统,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,所述计算机程序被加载至处理器时实现所述的网络靶场中场景靶机网络拓扑检测方法的步骤。Based on the same inventive concept, a computer system disclosed in an embodiment of the present invention includes a memory, a processor, and a computer program stored in the memory and operable on the processor. When the computer program is loaded into the processor, the The steps of the network topology detection method for the scene target machine in the network shooting range described above.

基于相同的发明构思,本发明实施例公开的一种计算机可读存储介质,所述计算机可读存储介质存储有计算机程序,所述计算机程序被处理器执行时实现所述的网络靶场中场景靶机网络拓扑检测方法的步骤。Based on the same inventive concept, an embodiment of the present invention discloses a computer-readable storage medium, the computer-readable storage medium stores a computer program, and when the computer program is executed by a processor, the scene target in the network shooting range is realized. The steps of the computer network topology detection method.

Claims (10)

1. A method for detecting the network topology of a scene target drone in a network target range is characterized by comprising the following steps:
acquiring network target range scene data, and analyzing to obtain a virtual machine list, a network list and a routing list which need to be detected; the virtual machine list comprises all virtual machines in the scene topology, the network list comprises all networks in the scene topology and virtual machines in the networks, and the route list comprises two different networks connected through a router in the scene topology and virtual machines in the networks;
traversing each virtual machine to be detected in the virtual machine list, in a network naming space where the virtual machine is located on a network shooting range control node, arping the IP address of the virtual machine, acquiring the mac address of a reply packet, and comparing the mac address with the mac address allocated when the virtual machine is created to judge whether the configuration of the virtual machine is normal or not;
traversing each network to be detected in the network list, dispatching to a computing node where a virtual machine in the network is located through rpc, accessing the virtual machine through a serial port, pinging a gateway address of the network on the virtual machine, and judging whether the network configuration is normal according to whether ping is conducted;
traversing each route to be detected in the route list, dispatching the routes to a computing node where a virtual machine in one network is located through rpc, accessing the virtual machine through a serial port, pinging the IP address of the virtual machine in the other network on the virtual machine, and judging whether the configuration of the open circuit is normal according to whether the ping is conducted.
2. The method for detecting the network topology of a scene target in a network target range according to claim 1, wherein when detecting a network or a route, one virtual machine is randomly selected from virtual machines in the network for detection.
3. The method for detecting a scene drone network topology in a network range according to claim 1, wherein the mac address obtaining mode allocated when the virtual machine is created is as follows: and inquiring a virtual machine configuration file through a computing node where the rpc dispatching virtual machine is located, and obtaining a mac address of the virtual machine in the configuration file.
4. The method of claim 1, further comprising displaying network link states of the scene topology during the detecting based on the real-time detection result.
5. A system for detecting a network topology of a scene target drone in a network target range, comprising:
the task analysis module is used for acquiring the network shooting range scene data and analyzing to obtain a virtual machine list, a network list and a routing list which need to be detected; the virtual machine list comprises all virtual machines in the scene topology, the network list comprises all networks in the scene topology and virtual machines in the networks, and the route list comprises two different networks connected through a router in the scene topology and virtual machines in the networks;
the terminal detection module is used for traversing each virtual machine to be detected in the virtual machine list, and in a network naming space where the virtual machine is located on the network shooting range control node, the IP address of the virtual machine is arping, the mac address of the reply packet is obtained, and the mac address is compared with the mac address allocated when the virtual machine is created to judge whether the configuration of the virtual machine is normal or not;
the network detection module is used for traversing each network to be detected in the network list, scheduling the network to a computing node where a virtual machine in the network is located through rpc, accessing the virtual machine through a serial port, and pinging a gateway address of the network on the virtual machine, and judging whether the network configuration is normal according to whether ping is conducted;
the route detection module is used for traversing each route to be detected in the route list, dispatching the routes to a computing node where a virtual machine in one network is located through rpc, accessing the virtual machine through a serial port, pinging the IP address of the virtual machine in the other network on the virtual machine, and judging whether the configuration of the open circuit route is normal according to whether the ping is conducted.
6. The system of claim 5, wherein the network detection module or the route detection module, when detecting the network or the route, randomly selects one virtual machine from the virtual machines in the network for detection.
7. The network topology detection system of a scene drone in a network range according to claim 5, wherein the terminal detection module obtains a mac address allocated during creation of a virtual machine by: and inquiring a virtual machine configuration file through a computing node where the rpc dispatching virtual machine is located, and obtaining a mac address of the virtual machine in the configuration file.
8. The system for detecting network topology of a scene drone in a network range of claim 5, further comprising a result display module for displaying network link states of the scene topology according to results of the real-time detection during the detection.
9. A computer system comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the computer program when loaded onto the processor implements the steps of the method for detecting a network topology of a scene drone in a network range according to any one of claims 1 to 4.
10. A computer readable storage medium storing a computer program, characterized in that the computer program when executed by a processor implements the steps of the method for detecting a network topology of a scene drone in a network range according to any one of claims 1-4.
CN202310213744.0A 2023-03-08 2023-03-08 Scene target drone network topology detection method and system in network target range Pending CN116436790A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310213744.0A CN116436790A (en) 2023-03-08 2023-03-08 Scene target drone network topology detection method and system in network target range

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310213744.0A CN116436790A (en) 2023-03-08 2023-03-08 Scene target drone network topology detection method and system in network target range

Publications (1)

Publication Number Publication Date
CN116436790A true CN116436790A (en) 2023-07-14

Family

ID=87093370

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310213744.0A Pending CN116436790A (en) 2023-03-08 2023-03-08 Scene target drone network topology detection method and system in network target range

Country Status (1)

Country Link
CN (1) CN116436790A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117331758A (en) * 2023-11-29 2024-01-02 博智安全科技股份有限公司 Verification method and device for target virtual machine mirror image, electronic equipment and storage medium

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117331758A (en) * 2023-11-29 2024-01-02 博智安全科技股份有限公司 Verification method and device for target virtual machine mirror image, electronic equipment and storage medium
CN117331758B (en) * 2023-11-29 2024-02-23 博智安全科技股份有限公司 Verification method and device for target virtual machine mirror image, electronic equipment and storage medium

Similar Documents

Publication Publication Date Title
CN110661669B (en) Network topology automatic discovery method of network equipment based on ICMP, TCP and UDP protocols
WO2020135575A1 (en) System and method for obtaining network topology, and server
US9882808B2 (en) Packet processing method and apparatus
CN104753697B (en) A kind of method, equipment and system controlling the automatic beginning of the network equipment
US10447793B2 (en) Detecting shared access
CN102082690A (en) Passive finding equipment and method of network topology
US11032186B2 (en) First hop router identification in distributed virtualized networks
WO2016044990A1 (en) Method and apparatus for determining network topology, and centralized network state information storage device
CN116436790A (en) Scene target drone network topology detection method and system in network target range
CN107979619B (en) TWAMP session negotiation method, client and server
US11032184B2 (en) Method and device for collecting traffic flow value of BGP community attribute or BGP extended community attribute
CN107070719A (en) A kind of device management method and device
CN114915561A (en) Network topological graph generation method and device
US12160431B2 (en) Monitoring of abnormal host
CN112565053A (en) Method, device, service system and storage medium for identifying private network user
CN109151086B (en) Message forwarding method and network equipment
CN107612848B (en) Debugging method and device and computer readable storage medium
CN114844845B (en) Virtual-real combined network target range wireless real equipment access device, method and system
CN114143244B (en) Message processing method and device, storage medium and gateway equipment
CN116193172B (en) Unicast traffic unloading acceleration method, device, system, equipment and medium
CN115529245A (en) Stream information completion method and device, cloud host equipment and computer storage medium
CN118740603A (en) Method and device for obtaining device access location
CN116827837A (en) Method, apparatus, device and computer readable storage medium for detecting network performance
CN116233176A (en) Cooperative linkage method for automatic equipment identification based on edge controller
CN116566917A (en) Business service request processing method and device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination