[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

WO2024199223A1 - 设备接入位置的获取方法及装置 - Google Patents

设备接入位置的获取方法及装置 Download PDF

Info

Publication number
WO2024199223A1
WO2024199223A1 PCT/CN2024/083830 CN2024083830W WO2024199223A1 WO 2024199223 A1 WO2024199223 A1 WO 2024199223A1 CN 2024083830 W CN2024083830 W CN 2024083830W WO 2024199223 A1 WO2024199223 A1 WO 2024199223A1
Authority
WO
WIPO (PCT)
Prior art keywords
port
message
identifier
network device
information
Prior art date
Application number
PCT/CN2024/083830
Other languages
English (en)
French (fr)
Inventor
施大年
谢于明
张亮
王俊
杜冬军
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2024199223A1 publication Critical patent/WO2024199223A1/zh

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0677Localisation of faults
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/20Support for services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/20Support for services
    • H04L49/208Port mirroring

Definitions

  • the present application relates to the field of communications, and in particular to a method and apparatus for acquiring a device access location.
  • the management personnel need to locate the fault point and troubleshoot the fault.
  • the management personnel need to obtain the access location of each user device in the network, and further determine the transmission path of the application data flow based on the network topology and access location.
  • the management personnel can implement traffic monitoring at key locations on the transmission path of the application data flow to obtain some specified parameters, and further locate the fault based on the obtained specified parameters. Therefore, how to accurately obtain the access location of the user device in the network is one of the key points.
  • the present application provides a method and apparatus for obtaining a device access location, which can accurately locate a user device in a network to obtain the access location of the user device.
  • the present application provides a method for obtaining a device access location.
  • the method includes: a device receives a mirror message sent by a network device.
  • the mirror message sent by the network device is generated by the network device based on a received data message.
  • the mirror message sent by the network device includes the data message or part of the content of the data message, as well as an identifier and a receiving port identifier of the network device.
  • the receiving port identifier carried in the mirror message is used to indicate the receiving port of the network device receiving the data message, and the data message in the mirror message or part of the content of the data message in the mirror message includes an identifier of the sender of the data message.
  • the device determines whether the sender of the data message is a user device based on the received mirror message. If the sender is determined to be a user device, the device obtains the access location information of the user device in the network.
  • the access location information includes the identifier of the sender, the identifier of the network device, and the receiving port identifier.
  • the present application uses a mirror message to obtain the access location of the user device, so that the system can obtain the access location of the user device in real time when the user device interacts with the device in the system, which can improve the real-time acquisition of the access location of the user device.
  • the present application provides a highly versatile access location acquisition method that can be applied to various networking scenarios to meet the requirements of different networking scenarios for the real-time and accuracy of access location acquisition. For example, in terminal device migration scenarios, the present application can update the access location of the device in a timely manner to ensure the real-time access location of the acquired user device.
  • the present application only relies on the network device to transmit the mirror message to obtain the access location of the user device, without the need to transmit a large amount of interface data, etc., which can effectively reduce the communication overhead within the system and reduce bandwidth occupancy.
  • data exchange is performed between the network device and the sender of the data message based on a wired connection.
  • the receiving port of the data message may also be understood as a connection port with the sending end of the data message.
  • judging whether the sender of the data message is a user device includes: the device judging whether the sender of the data message is a user device based on the receiving port identifier in the mirror message.
  • the present application can make the mirror message carry the receiving port identifier by extending the mirror message. Accordingly, the device can determine whether the sender connected to the corresponding receiving port is a user device through the receiving port identifier carried by the mirror message, thereby providing an access location acquisition solution suitable for the scenarios of layer 2 and layer 3 data message forwarding, which can realize the accurate positioning of the access device of the user device, and then obtain the access location of the user device.
  • judging whether the sender of the data message is a user device based on the mirror message includes: the device judging whether the sender of the data message is a user device based on the identifier of the sender in the mirror message.
  • the present application utilizes the characteristics of the mirror message and can judge the device type of the sender (i.e., user device or non-user device) based on the identifier of the sender carried in the mirror message, so as to further obtain the access point of the user device when it is determined that the sender is a user device.
  • the port type of the receiving port is a user-side port type.
  • the network device with a port of the user-side port type will trigger the mirror message sending process only when the receiving port based on the user-side port type receives a data message.
  • the other network devices that do not have a port of the user-side port type, and the network devices that have a port of the user-side port type but receive a data message based on a receiving port of a non-user-side port type will not trigger the sending of the mirror message, thereby effectively reducing the number of mirror message interactions, reducing the pressure on network devices, and further reducing communication overhead.
  • determining whether the sender of the data message is a user device includes: the device responds to the received mirror message and determines that the sender of the data message is a user device.
  • the device responds to the received mirror message and determines that the sender of the data message is a user device.
  • the method before receiving the mirror message sent by the network device, the method also includes: the device determines at least one network device in the network based on the first information.
  • the first information includes the port identifier and the corresponding port type of the port of each network device in the network
  • the port type includes the user side port type and the network device side port type
  • each network device in at least one network device includes a port of the user side port type.
  • the device sends indication information to at least one network device, wherein the indication information is used to indicate that each network device in at least one network device generates a mirror message based on the data message received by the port of the user side interface type of each network device.
  • the present application can predetermine some ports of the user side port type in the network, and indicate the network devices to which these ports belong as the sender of the mirror message, so that these network devices receive data messages based on the ports of the user side port type, and then trigger the sending process of the mirror message.
  • the present application can predetermine some ports of the user side port type in the network, and indicate the network devices to which these ports belong as the sender of the mirror message, so that these network devices receive data messages based on the ports of the user side port type, and then trigger the sending process of the mirror message.
  • the device determines the port type of the receiving port based on the first information and the receiving port identifier, the first information includes the port identifier and the corresponding port type of the port of each network device in the network, and the port type includes the user side port type and the network device side port type. If the port type of the receiving port is the user side port type, the device determines that the sender is a user device. If the port type of the receiving port is the network device side port type, the device determines that the sender is a non-user device.
  • the present application classifies the ports in advance to determine the port type corresponding to the port receiving the data message when the network device receives the data message.
  • the pre-classification can be understood as preliminary screening.
  • the port of the network device side port type can be determined, and the device connected to the port of the user side port type may be a user device, or it may be a non-user device (for example, a network device not within the observation range), or the port of the user side port type may also be an empty port.
  • the device can further determine which specific neighbor device connected to the user-side port is the user device based on the received mirror message, thereby accurately locating the user device and further obtaining the corresponding access location.
  • the method before receiving the mirror message sent by the network device, the method also includes: the device obtains the second information, and the second information includes the identification of multiple network devices in the network. Then, the device obtains the neighbor information of each network device in the multiple network devices, and each neighbor information includes the identification of the source network device, the source network device port identification and the identification of the neighbor device.
  • the source network device is a device that sends neighbor information
  • the neighbor device is a device that is physically connected to the source network device.
  • the source network device port identification is used to indicate the port of the source network device connected to the neighbor device. Subsequently, the device determines the port type of the port of each network device based on the second information and the neighbor information.
  • the identification of the neighbor device connected to the port whose port type is the network device side port type is included in the second information, and the identification of the neighbor device connected to the port whose port type is the user side port type is not included in the second information.
  • the present application can determine whether the device type of the neighbor device to which the network device is connected is a network device type or a non-network device type based on the preset network device identification.
  • the non-network device may include user devices or other devices (such as network devices not within the observation range). Based on the received mirror message, the device can further determine which specific port in the user-side port is connected to a neighboring device that is the user device, thereby accurately locating the user device and further obtaining the corresponding access location.
  • receiving a mirror message sent by a network device includes: a device receives multiple mirror messages; the multiple mirror messages come from one or more network devices.
  • the identifier of the sender includes the IP address of the sender and the MAC address of the sender.
  • the sender of the data message is a user device, including: if the IP addresses of the senders carried by N mirror messages in the multiple mirror messages are the same, and the MAC addresses of the senders carried by the N mirror messages are not included in the second information, and the identifiers of the network devices carried by the N mirror messages indicate the same network device, it is determined that the sender is a user device, and the second information includes the identifiers of multiple network devices in the network.
  • the senders of multiple messages are non-network devices and the corresponding mirror messages come from the same network device, it can be determined that the corresponding sender is a user device.
  • multiple mirrored messages may be sent by the same network device. Multiple mirrored messages may be generated based on multiple data messages sent by a user device connected to the network device, or multiple mirrored messages may be generated based on multiple messages sent by multiple user devices connected to the network device.
  • the present application can effectively improve the accuracy of the positioning of the user device by combining two different judgment methods to avoid the problem of inaccurate fault positioning caused by misjudgment.
  • the method further includes: the device queries the user equipment access information based on the identifier of the sending end, and the user equipment access information includes the access location information of at least one user equipment. If the user equipment access information already contains the access location information of the user equipment corresponding to the identifier of the sending end, and the saved access location information is inconsistent with the currently acquired access location information, the device updates the access location information of the user equipment corresponding to the identifier of the sending end in the user equipment access information. In this way, the present application can record the update status of the access location of the user equipment, so that when locating the fault, the operation and maintenance personnel can obtain more fault information to improve the accuracy of fault location.
  • the device when the device saves the access location information of the user equipment, it can also save the access location acquisition time accordingly.
  • the acquisition time can be the time when the access location is acquired, or the time when the access location is saved.
  • judging whether the sender of the data message is a user device includes: the device judges whether the sender of the data message is a user device based on the receiving port identifier and the sender identifier in the mirror message. If the judgment result based on the receiving port identifier indicates that the sender is a user device, and the judgment result based on the sender identifier indicates that the sender is not a user device, the sender is determined to be a non-user device. In this way, the present application can effectively improve the accuracy of positioning the user device by combining two different judgment methods, so as to avoid the problem of inaccurate fault positioning caused by misjudgment.
  • the data message carries transport layer control information or application layer control information.
  • the network device in the present application triggers the mirror message sending process based on a special (or specified) data message, thereby effectively reducing the number of mirror message sending times to reduce network overhead.
  • corresponding control information will be sent, and the network device will trigger the mirror message sending process accordingly.
  • the device can obtain the access location of the user device, thereby reducing network overhead while ensuring the real-time acquisition of the user device access location.
  • the data message is a tunnel message
  • the identifier of the sender is carried in the inner message of the tunnel message.
  • the present application can be applied to the transmission scenario of the tunnel data message, that is, corresponding to the user equipment such as virtual machines that access the system through the tunnel protocol, and can also accurately locate it.
  • the user device is a server, a terminal device, or a virtual machine.
  • the mirrored message is an encapsulated remote port mirroring ERPAN message.
  • the present application provides a device for acquiring the access location of a device.
  • the device includes: a receiving unit and an access location acquisition unit.
  • the receiving unit is used to receive a mirror message sent by a network device.
  • the mirror message is generated by the network device based on the received data message, and the mirror message includes the data message or part of the data message, as well as the identifier of the network device and the receiving port identifier.
  • the data message in the mirror message or the part of the data message in the mirror message includes the identifier of the sender of the data message, and the receiving port identifier is used to indicate the receiving port of the network device for receiving the data message.
  • the access location acquisition unit is used to determine whether the sender of the data message is a user device based on the mirror message.
  • the access location acquisition unit is used to obtain the access location information of the user device if it is determined that the sender is a user device, and the access location information includes the identifier of the sender, the identifier of the network device and the receiving port identifier.
  • the access location acquisition unit is specifically configured to determine whether a sender of the data message is a user equipment based on a receiving port identifier in the mirror message.
  • the access location acquisition unit is specifically configured to determine whether the sender of the data message is a user equipment based on an identifier of the sender in the mirror message.
  • the port type of the receiving port is a user-side port type.
  • the access location acquisition unit is specifically configured to determine, in response to a received mirror message, that a sender of the data message is a user equipment.
  • the device further includes an analyzing unit, which is used to: determine at least one network in the network based on the first information;
  • the method comprises the following steps: a first information comprising a port identifier and a corresponding port type of a port of each network device in the network, wherein the port type comprises a user-side port type and a network device-side port type, and each network device in at least one network device comprises a port of the user-side port type; and an indication information is sent to at least one network device, wherein the indication information is used to instruct each network device in the at least one network device to generate a mirror message based on a data message received by a port of the user-side interface type of each network device.
  • the access location acquisition unit is specifically used to: determine the port type of the receiving port based on the first information and the receiving port identifier, the first information includes the port identifier and the corresponding port type of the port of each network device in the network, and the port type includes the user side port type and the network device side port type; if the port type of the receiving port is the user side port type, determine that the sending end is a user device; if the port type of the receiving port is the network device side port type, determine that the sending end is a non-user device.
  • the device also includes an analysis unit, which is specifically used to: obtain second information, the second information includes identifiers of multiple network devices in the network; obtain neighbor information of each network device in the multiple network devices, each neighbor information includes an identifier of a source network device, a source network device port identifier and an identifier of a neighbor device, the source network device is a device that sends neighbor information, the neighbor device is a device that is physically connected to the source network device, and the source network device port identifier is used to indicate the port of the source network device connected to the neighbor device; based on the second information and the neighbor information, determine the port type of the port of each network device, the identifier of the neighbor device connected to the port whose port type is a network device side port type is included in the second information, and the identifier of the neighbor device connected to the port whose port type is a user side port type is not included in the second information.
  • an analysis unit which is specifically used to: obtain second information, the second information includes identifiers of multiple network devices in the
  • the receiving unit is specifically used to: receive multiple mirror messages; the multiple mirror messages come from one or more network devices; the identifier of the sender includes the IP address of the sender and the MAC address of the sender, and the analyzing unit is specifically used to: if the IP address of the sender carried by N mirror messages in the multiple mirror messages is the same, and the MAC address of the sender carried by the N mirror messages is not included in the second information, and the identifiers of the network devices carried by the N mirror messages indicate the same network device, determine that the sender is a user device, and the second information includes the identifiers of multiple network devices in the network.
  • the access location acquisition unit is specifically used to: if the IP addresses of the senders carried by M mirror messages among multiple mirror messages are the same, and the MAC addresses of the senders carried by the M mirror messages are not included in the second information, and the identifiers of the network devices carried by the M mirror messages indicate two or more network devices, based on the receiving port identifier in the mirror message, determine whether the sender of the data message is a user device.
  • the access location acquisition unit is specifically used to: determine whether the sender of the data message is a user device based on the receiving port identifier and the sender identifier in the mirror message; if the judgment result based on the receiving port identifier indicates that the sender is a user device, and the judgment result based on the sender identifier indicates that the sender is a non-user device, determine that the sender is a non-user device.
  • the device also includes: an access location storage unit, which is used to query user equipment access information based on the identifier of the sending end, the user equipment access information includes access location information of at least one user equipment; the access location storage unit is also used to update the access location information of the user equipment corresponding to the identifier of the sending end in the user equipment access information if the user equipment access information already includes the access location information of the user equipment corresponding to the identifier of the sending end, and the saved access location information is inconsistent with the access location information currently obtained.
  • an access location storage unit which is used to query user equipment access information based on the identifier of the sending end, the user equipment access information includes access location information of at least one user equipment
  • the access location storage unit is also used to update the access location information of the user equipment corresponding to the identifier of the sending end in the user equipment access information if the user equipment access information already includes the access location information of the user equipment corresponding to the identifier of the sending end, and the saved access location information is inconsistent with the access location information currently obtained.
  • the data message carries transport layer control information or application layer control information.
  • the data message is a tunnel message
  • the identifier of the sender is carried in an inner message of the tunnel message
  • the user device is a server, a terminal device, or a virtual machine.
  • the mirrored message is an encapsulated remote port mirroring ERPAN message.
  • the second aspect and any implementation of the second aspect correspond to the first aspect and any implementation of the first aspect respectively.
  • the technical effects corresponding to the second aspect and any implementation of the second aspect can refer to the technical effects corresponding to the first aspect and any implementation of the first aspect, which will not be repeated here.
  • the present application provides a computer-readable medium for storing a computer program, wherein the computer program includes instructions for executing the method in the first aspect or any possible implementation of the first aspect.
  • the present application provides a computer program, comprising instructions for executing the method in the first aspect or any possible implementation of the first aspect.
  • the present application provides a chip, the chip comprising a processing circuit and a transceiver pin.
  • the transceiver pin and the processing circuit communicate with each other through an internal connection path, and the processing circuit performs the first aspect or any possible implementation of the first aspect.
  • FIG1 is a schematic diagram showing the structure of a communication system
  • FIG2 is a schematic diagram of an exemplary virtual environment message transmission
  • FIG3 is a schematic flow chart of an exemplary method for obtaining a device access location
  • FIG4 is a schematic diagram showing the structure of a communication system
  • FIG5a is a schematic diagram showing the structure of a data message
  • FIG5b is a schematic diagram showing the structure of a mirrored message
  • FIG6a is a schematic diagram showing the structure of a data message
  • FIG6b is a schematic diagram showing the structure of a mirrored message
  • FIG7 is a schematic diagram of an exemplary application scenario
  • FIG8 is a schematic diagram showing an exemplary process of a method for obtaining a device access location
  • FIG9a is a schematic diagram of an exemplary message processing
  • FIG9b is a schematic diagram showing an exemplary message processing
  • FIG9c is a schematic diagram showing an exemplary message processing
  • FIG10 is a schematic diagram showing an exemplary message processing
  • FIG11 is a schematic diagram showing an exemplary process of a method for obtaining a device access location
  • FIG12 is a schematic diagram showing an exemplary mirror message transmission process
  • FIG13 is a schematic diagram showing an exemplary message processing
  • FIG14 is a schematic diagram showing the structure of a mirrored message
  • FIG15 is a schematic diagram showing an exemplary application scenario
  • FIG16 is a schematic diagram showing an exemplary application scenario
  • FIG17 is a schematic diagram showing the structure of an exemplary device
  • FIG. 18 is a schematic diagram showing the structure of an exemplary device.
  • the communication system of the embodiment of the present application is exemplarily described in combination with the structural diagram of the communication system (which may also be referred to as a communication network, etc., which is not limited in the present application) shown in FIG1.
  • the communication system includes but is not limited to: Spine1, Spine2, Leaf1, Leaf2, Leaf3, and multiple user devices.
  • Spine (including Spine1 and Spine2) can be network devices such as switches and routers.
  • Leaf (including Leaf1, Leaf2 and Leaf3) can be network devices such as switches and routers.
  • each network device may provide one or more interfaces (also referred to as ports or transceiver interfaces, etc., which are not limited in the present application).
  • the interfaces of the network devices may be used to connect (referring to physical connections, i.e., connections through physical links. Unless otherwise specified, the connection relationships described in the embodiments of the present application refer to physical direct connections, which will not be repeated below) other devices.
  • devices that are interconnected (referring to direct connections) in the system can be referred to as neighbor devices.
  • the connection relationship between the devices includes but is not limited to: Spine1 connects Leaf1, Leaf2, and Leaf3.
  • Spine2 connects Leaf1, Leaf2, and Leaf3.
  • Leaf1 connects server 11 to server 1n
  • Leaf2 connects server 21 to server 2n
  • Leaf3 connects server 31 to server 3n.
  • the neighbor devices of Leaf1 include but are not limited to: server 11 to server 1n and Spine1.
  • the neighbor devices of Spine1 include but are not limited to: Leaf1, Leaf2, and Leaf3.
  • the neighbor devices of Leaf1 include but are not limited to: Spine1, Spin2, and server 11 to server 1n.
  • the neighbor devices of other devices can refer to the above description, and will not be illustrated one by one here.
  • the communication system shown in Figure 1 may be located in a data center. In other embodiments, the communication system shown in Figure 1 may also be located in application scenarios such as parks, supermarkets, large enterprises, and operators, which is not limited in the present application.
  • leaf-spine network architecture also represented as Spine-Leaf
  • the solutions in the embodiments of the present application can also be applied to any network architecture such as the traditional network architecture, and the present application does not limit it.
  • connection relationship between the devices shown in Figure 1 is also a schematic example. In actual applications, the connection relationship can be set according to scenario requirements, and this application does not limit it.
  • the device types in the communication system may include, but are not limited to: network devices (also referred to as network device types) and user devices (also referred to as user device types).
  • network devices can be understood as a general term for all devices on the network side, and network devices can be used to provide network functions such as data forwarding.
  • devices such as Spine1, Spine2, Leaf1, Leaf2, and Leaf3 in Figure 1 are network devices.
  • User devices can be understood as a general term for all devices on the user side, and user devices can provide users with functions such as application services, such as servers 11 to 1n, servers 21 to 2n, etc. in Figure 1.
  • the user device is taken as a server as an example for explanation.
  • the user device can also be a terminal device (such as a computer, a tablet, a mobile phone, a wearable device, a smart home device, a car device, etc.), a virtual terminal (such as a virtual machine), etc., which can be connected to the system through a wired connection.
  • a terminal device such as a computer, a tablet, a mobile phone, a wearable device, a smart home device, a car device, etc.
  • a virtual terminal such as a virtual machine
  • a network device for connecting a user device may also be referred to as a boundary device, or an access point of a user device.
  • a user device accesses a network through an access point to interact with other devices in the network.
  • an access point of a user device may be understood as a network device that is closest to the user device (which may be understood as the distance of a physical connection path, or may be understood as a communication distance or a transmission path distance, etc.) among the known network devices in the system.
  • Leaf1 is the access point of server 11. Accordingly, server 11 accesses the communication system by accessing Leaf1, thereby interacting with other devices in the communication system.
  • the "known network devices” mentioned above can also be referred to as network devices within the observation range, that is, network devices pre-configured in the network, and can also be understood as the above devices known to the management personnel as network devices, and can also be understood as manageable network devices, which will not be repeated below.
  • network devices can be understood as non-system configured network devices, and can also be understood as unmanageable network devices. The specific scenarios will be described in detail below.
  • an operating system may be deployed in a user device, and one or more applications or modules may be deployed on the operating system.
  • the application in the user device may generate a data message (also referred to as a data packet) in response to a user operation (or a locally stored instruction).
  • the application data is carried in the data message.
  • the user device also referred to as the initial sending end in the embodiment of the present application
  • the access point may forward the data message to transmit the data message to a target device (also referred to as the end receiving end in the embodiment of the present application).
  • the transmission path of the data message may also include one or more other network devices.
  • the terminal access network authentication mechanism is usually applied in the communication system, and the access point identifies the identity information of the user device and sends the identity information to the authentication server for identity authentication. Only when the identity authentication is successful can the user device access the network. In this example, the access information of the user device can be obtained from each access point.
  • an authentication system is usually not deployed. Therefore, in an application scenario where an authentication system is not deployed, the access location of the user device cannot be obtained by the above method.
  • the prior art also proposes a method for obtaining the access location.
  • IPv4 In Internet Protocol version 4 (IPv4), when any user device needs to communicate with other user devices, it must first obtain the link layer address of the destination device through the Address Resolution Protocol (ARP). In Internet Protocol version 6 (IPv6), it is necessary to obtain the link layer address through the Neighbor Discovery Protocol (NDP). Accordingly, in this example, the system can collect ARP table items or ND (Neighbor Discovery) table items on the edge switch regularly (or periodically) to obtain the access location of the user device. Taking the ARP table items as an example, the ARP table items include but are not limited to: the Internet Protocol (IP) address of the device interface, the IP address of the connected user device, the Medium Access Control (MAC) address of the device interface, and the MAC address of the connected user device.
  • IP Internet Protocol
  • MAC Medium Access Control
  • a virtual machine is deployed in a user device (such as a server), and the VM generates a data message and sends the data message to an open virtual switch (OVS).
  • OVS encapsulates the data message sent by the VM to generate a tunnel message.
  • the tunnel message can follow the Virtual eXtensible Local Area Network (VXLAN) protocol (it can also be other tunnel protocols, which are not covered in this application).
  • VXLAN Virtual eXtensible Local Area Network
  • OVS sends the tunnel message to Leaf.
  • Leaf can only obtain the IP address and MAC address of the tunnel between the server and the server. Since it does not directly interact with the VM through the protocol, it cannot obtain the ARP table or ND table related to the VM, and thus cannot accurately obtain the access location of the VM.
  • the number of ARP table entries or ND table entries obtained is equal to the number of user devices included in the system. If the method of periodically obtaining ARP table entries or ND table entries to determine the access location is adopted, if the collection cycle duration is set to a small value, the communication burden and processing burden (such as processor burden) of each device will be increased. If the cycle duration is set to a large value, it may not respond to changing scenarios such as user device migration in the system in a timely manner, resulting in the acquisition of the wrong access location.
  • the prior art also provides a method for obtaining access locations, which can obtain the attachment relationship between the VM and the physical machine (such as the server in Figure 2) through the cloud platform, so that when the access location of the server is obtained on the Leaf, the access location of the VM in the communication system can be further obtained based on the obtained attachment relationship.
  • this method relies on the cloud platform to call the interface for obtaining the attachment relationship to obtain the attachment relationship.
  • VMs there are many ways to implement VMs. For example, some VMs are based on the openstack architecture, and some VMs are based on the cloudstack architecture. This requires the cloud platform to carry out customized development for each VM implementation to support different interfaces for obtaining attachment relationships, and its implementation cost is relatively high.
  • an embodiment of the present application provides a method for obtaining a device access location.
  • the system locates the user device through a mirror message to obtain the access location of the user device, thereby realizing a method for obtaining an access location that is simple to implement and highly real-time.
  • an analysis unit, an access location acquisition unit, and an access location storage unit are deployed in a communication system.
  • the analysis unit, the access location acquisition unit, and the access location storage unit can be deployed on the same device (such as a server) or on different devices, which is not limited in this application.
  • the servers deployed with the above units can communicate with each other (which can be directly connected or indirectly connected, which is not limited in this application) to achieve the interaction of access location related information between the units.
  • the device (such as a server) to which the analysis unit, the access location acquisition unit, and the access location storage unit belong can also be deployed outside the communication system (such as the communication system shown in Figure 1).
  • the communication system such as the communication system shown in Figure 1.
  • one or more devices deployed with the analysis unit, the access location acquisition unit, and the access location storage unit communicate with each other, and can communicate with each device in the communication system.
  • the analysis unit, the access location acquisition unit, and the access location storage unit are deployed on the same server (eg, server 22).
  • one or more servers that deploy the analysis unit, the access location acquisition unit, and the access location storage unit are connected to the Leaf to access the communication system, thereby interacting with other devices.
  • the Leaf to which the one or more servers that deploy the analysis unit, the access location acquisition unit, and the access location storage unit are connected can be any Leaf in the system.
  • the Leaf to which the one or more servers that deploy the analysis unit, the access location acquisition unit, and the access location storage unit are connected can also be a dedicated Leaf for such servers.
  • the dedicated Leaf is used to forward the messages of the analysis unit, the access location acquisition unit, and the access location storage unit without transmitting other application messages, thereby improving the interaction rate of various information (or parameters) in the access location acquisition process, so as to further improve the efficiency of access location acquisition and storage.
  • the analysis unit can be used to obtain device information in the communication system, and can also be understood as being used to obtain relevant parameters required for analyzing the access location of the user device.
  • relevant parameters required for analyzing the access location of the user device For example, including but not limited to: an identifier of a network device, an interface identifier of a network device, etc.
  • the identifier of a network device includes but is not limited to one of the following: an ID of a network device, a MAC address of a network device, an IP address of a network device, etc.
  • the analysis unit performs analysis and processing based on the acquired device information to determine the device type of the device in the system, wherein the device type includes a network device type and a non-network device type (also referred to as a user device type).
  • the analysis unit transmits the analysis result to the access location acquisition unit.
  • the access location acquisition unit can further parse the received mirror message based on the analysis result of the analysis unit to locate the user device in the non-network device indicated in the analysis result, and further obtain the access location of the user device, and save the access location of the user device to the access location storage unit.
  • the analysis unit can perform preliminary screening based on the device information to exclude network devices, that is, to screen out non-network devices (specifically, network devices that are not within the observation range).
  • non-network devices may include user devices, and may also include some unknown devices, that is, the initial screening does not determine the exact type of the device.
  • the access location acquisition unit can perform further fine screening based on the analysis result of the analysis unit to obtain an accurate positioning result of the user device.
  • the analyzing unit outputs the acquired device information to the access location acquiring unit.
  • the access location acquiring unit may acquire the access location of the user device based on the received mirror message and the acquired device information. Stored to the access location storage unit.
  • the access location storage unit is used to store the access location of each user device input by the access location acquisition unit.
  • the access location storage unit stores the access location of each user device in a list form.
  • the access location information received by the access location storage unit includes but is not limited to: an identifier of the user device and an access location of the user device.
  • the identifier of the user device is optionally an IP address of the user device
  • the access location of the user device includes but is not limited to at least one of the following: an identifier of a network device to which the user device is connected, and a port identifier of a port of the network device to which the user device is connected, etc.
  • the user device and the access point may be physically directly connected.
  • the VM and the network device it accesses are not directly connected, and the server to which the VM belongs and the access point are directly connected.
  • the user device may also connect to known network devices in the system through some private routers (which may be referred to as unknown network devices or network devices not within the observation range in the embodiment of the present application) and other devices.
  • the device type of the unknown network device is also a network device, it is a network device not within the observation range in the system of the embodiment of the present application, and the access points in the embodiment of the present application are all network devices within the observation range, that is, the access point can be further understood as a network device within the observation range that is closest to the user device.
  • Figure 3 is a flow chart of a method for obtaining the device access location provided in the embodiment of the present application. Please refer to Figure 3, the specific steps are not limited to steps S301 to S303.
  • At least one network device in the system can be configured with a mirror message, so that after receiving a data message, at least one network device generates a mirror message based on the data message, and sends the generated mirror message to the device to which the analysis unit belongs.
  • the at least one network device for sending the mirror message can be referred to as a mirror message sender in the embodiment of the present application.
  • At least one network device serving as a mirror message sender may be all network devices with a message mirroring function known in the system.
  • the known network devices may also be referred to as network devices within the observation range.
  • a network device with a message mirroring function refers to a network device that can encapsulate data messages based on a mirror message protocol. For example, taking Figure 1 as an example, Spine1, Spine2, Leaf1, Leaf2, and Leaf3 in Figure 1 are all pre-configured network devices.
  • the administrator can connect to the management interface provided by each network device through a management device (such as a computer, tablet, or other terminal device) to implement the message mirroring function configuration for each network device, so that the above-mentioned network device serves as a mirror message sender.
  • a management device such as a computer, tablet, or other terminal device
  • the administrator can connect to the management interface provided by each network device through a management device (such as a computer, tablet, or other terminal device) to implement the message mirroring function configuration for each network device, so that the above-mentioned network device serves as a mirror message sender.
  • a management device such as a computer, tablet, or other terminal device
  • Leaf4 is connected to Spine1, Spine2 and the firewall (other network devices can be connected to the other side of the firewall), Router X is connected to Leaf3, and Router X is connected to multiple servers (for example, server 41 to server 4n) (the description of other devices can refer to Figure 1, which will not be repeated here).
  • the firewall and Router X are both network devices that are not within the observation range. It can be understood that the operation and maintenance personnel cannot manage and configure Router X and the firewall.
  • Router X can also be called a network device on the user side. Since Router X is an unknown network device (that is, a network device that is not within the observation range), the management personnel have not configured the message mirroring function for it. Accordingly, Router X will not generate a mirror message after receiving the data message.
  • mirror message described in the embodiment of the present application refers to a mirror message having the specified characteristics described in the embodiment of the present application.
  • router X may also perform mirror message configuration, but the mirror message it sends is a mirror message that meets the requirements of other scenarios, not the mirror message described in the embodiment of the present application (it can also be understood as a mirror message that can be used to locate the user device).
  • the "non-network device" described in the embodiment of the present application can be understood as a network device that is not within the observation range.
  • the device may be a user device or an unknown network device.
  • At least one network device serving as a mirror message sender may be a designated network device in the system.
  • the designated network device may be a network device having a port of a user-side port type.
  • the ports of the network device may be divided into a user-side port type and a network-side port type.
  • the neighboring device connected to the port of the network-side port type is the network device within the observation range described above.
  • the neighboring device connected to the port of the user-side port type is a device not within the observation range.
  • the device not within the observation range may be a user device, or may be a network device not within the observation range, such as the firewall and router X in FIG. 4, which are network devices not within the observation range, and may also be referred to as unknown network devices. That is, in this example, the network device having a port of the user-side port type is configured as a mirror message sender.
  • the analysis unit can obtain the identification of each network device within the observation range of the system.
  • the identification of the network device includes but is not limited to at least one of the following: the ID of the network device, the MAC address of the network device, the IP address of the network device, the The management address of the device, etc., are not limited in this application.
  • the identification of each network device obtained by the analysis unit can be pre-configured by the management personnel. For example, taking Figure 1 as an example, the analysis unit pre-saves a list of network device identifications (in the embodiment of the present application, the list is used as an example, and in other embodiments, it can also be other forms, which are not limited in this application).
  • the list includes the identifications of all known network devices in the system.
  • the network device identification list includes but is not limited to: Spine1 identification, Spine2 identification, Leaf1 identification, Leaf2 identification and Leaf3 identification. That is, Spine1, Spine2, Leaf1, Leaf2 and Leaf3 have all confirmed that their device types are network devices, that is, network devices within the observation range.
  • the analysis unit may collect neighbor information from each network device within the observation range. Specifically, each network device obtains its own LLDP information based on the Link Layer Discovery Protocol (LLDP).
  • the LLDP information includes but is not limited to: the local port identifier (i.e., the port identifier of the port used by the network device to connect to the neighbor device), the peer device identifier (i.e., the identifier of the neighbor device connected to the network device) and the peer device port identifier (i.e., the interface identifier of the neighbor device connected to the network device), etc.
  • each network device may periodically send LLDP messages to neighboring devices.
  • the LLDP message includes, but is not limited to: the device identifier, port identifier (i.e., the identifier of the port that sends the LLDP message), and message type, etc.
  • Each network device may update the LLDP information stored on the local end based on the received LLDP message.
  • the sending of LLDP messages will also be triggered to notify neighboring devices of the changes in the local configuration.
  • Leaf1 can receive LLDP messages sent by each neighbor device (including but not limited to server 11 to server 1n, Spine1 and Spine2 in Figure 4).
  • the LLDP messages sent by each neighbor device include but are not limited to: source address, destination address, message type and other information.
  • the source address includes but is not limited to the MAC address of the source device (i.e., the LLDP message sender) and the MAC address of the source port (i.e., the port that sends the LLDP message).
  • Leaf1 receives an LLDP message sent by Spine1 from port 13.
  • the LLDP message includes but is not limited to: source MAC address (i.e., the MAC address of Spine1 and the MAC address of the port where Spine1 and Leaf1 are connected (for example, port 31)), destination address (i.e., multicast address), etc.
  • Leaf1 parses the LLDP message and obtains information such as the neighbor device identifier (i.e., the MAC address of Spine1) and the neighbor device interface identifier (for example, the MAC address of port 31 of Spine1).
  • Leaf1 only obtains the relevant identifiers of the neighbor device (including device identifiers and interface identifiers, etc.) through the LLDP message, and it cannot confirm the specific objects to which these identifiers correspond in the communication system.
  • Leaf1 stores LLDP information corresponding to port 13, and the LLDP information includes but is not limited to: the MAC address of Spine1 (i.e., the identifier of the neighboring device), the MAC address of port 13 of Leaf1 (i.e., the port identifier of the network device), and the MAC address of port 31 of Spine1 (i.e., the port identifier of the neighboring device), etc.
  • the LLDP information is used to indicate that the neighboring device connected to port 13 of Leaf1 is port 31 of Spine1.
  • the port identifier is taken as an example to illustrate.
  • the port identifier can also be a port identifier (Identifier, ID), etc.
  • the port of a network device may not have a MAC address, but a corresponding port ID. Accordingly, the port identifier carried in the LLDP message sent by the network device is the port ID.
  • the analysis unit sends a neighbor information request to each network device within the observation range during the initialization phase (for example, after the device is powered on) to request neighbor information.
  • the analysis unit communicates with other devices in the system based on the Simple Network Management Protocol (SNMP) or the Telecommunication Network Protocol (Telnet) to obtain neighbor information.
  • SNMP Simple Network Management Protocol
  • Telnet Telecommunication Network Protocol
  • each network device within the observation range sends a response message to the analysis unit to feedback the neighbor information.
  • the response message includes, but is not limited to: the identifier of the network device (i.e., the sender of the neighbor information response) and the latest LLDP information obtained by the network device.
  • the LLDP information includes, but is not limited to: the port identifier of the network device, the identifier of the neighbor device, the port identifier of the neighbor device, etc.
  • the analyzing unit updates the locally stored neighbor information of each network device in response to the neighbor information response message received from each network device.
  • the neighbor information includes but is not limited to: the identifier of the network device, the port identifier of the network device, the identifier of the neighbor device, and the port identifier of the neighbor device.
  • the analysis unit may periodically (the periodicity may be set according to actual needs and is not limited in this application) send a message to each network device.
  • each network device may trigger the sending of LLDP messages when the local configuration changes.
  • a neighbor information update indication may be sent to the analysis unit.
  • the indication may include the identifier of the network device, the port identifier of the network device, the identifier of the neighbor device, the port identifier of the neighbor device, etc.
  • the analysis unit may update the neighbor information of the corresponding network device based on the received neighbor information update indication.
  • Leaf1 sends a neighbor information update indication to the analysis unit, and the update indication includes the identifier of Leaf1 (i.e., the MAC address of Leaf1) and the identifier of port 13 (e.g., the MAC address of port 13), which is used to indicate that port 13 of Leaf1 is an empty port, that is, no neighbor device is connected.
  • the analysis unit can find the neighbor information corresponding to Leaf1 based on the MAC address of Leaf1, and match it in the neighbor information corresponding to Leaf1 based on the MAC address of port 13.
  • Analysis unit 1 updates the neighbor information corresponding to the MAC address of port 13 that has been successfully matched. For example, the identifier of the neighbor device corresponding to the MAC address of the original port 13 (for example, the MAC address of Spine1) is deleted to indicate that port 13 is currently an empty port and is not connected to any neighbor device.
  • the neighbor information update indication may also include current neighbor information of all ports or ports connected to neighbor devices.
  • the analysis unit maintains a list of network device identifiers.
  • the network device identifier list (in the embodiment of the present application, the list is used as an example, and in other embodiments, it may be in other forms, which is not limited in the present application) stores the identifiers of all network devices within the observation range, and the identifiers of the network devices include but are not limited to: the IP address of the network device, the MAC address of the network device, the management address of the network device, etc.
  • the analysis unit determines the port type of the port of each network device based on the obtained neighbor information of each network device and the network device identifier list. Among them, the port type includes the user-side port type and the network device-side port type.
  • the type of the neighbor device to which the port of the network device is connected is a non-network device, for example, it can be a user device, or it can be an unknown network device (i.e., a network device not within the observation range).
  • the port type of the port is a user-side port type.
  • the type of a port that is not connected to any device (which can be referred to as an empty port) can also be classified as a user-side port type.
  • the analysis unit determines it as a user-side port.
  • some user devices do not have the function of sending LLDP messages, and accordingly, the network device will not receive the LLDP messages sent by this type of user device, and accordingly, the LLDP information maintained by the network device does not include the relevant information corresponding to the port, similar to the empty port in the above text, and this type of port is also classified as a user-side port type. That is to say, in an embodiment of the present application, the identifier of the neighbor device to which the port is connected is included in the network device identifier list, and the corresponding port type is a network device.
  • the port types in other situations are all user-side ports.
  • the analysis unit may further determine the network devices including ports of the user-side port type based on the port type of each network device.
  • the analysis unit may specify this type of network device as the mirror message sender. Accordingly, this type of network device may generate a mirror message when receiving a data message, and transmit the mirror message to the device to which the access location acquisition unit belongs, thereby reducing the number of mirror message interactions in the system to reduce the communication overhead within the system.
  • this type of network device may also generate a mirror message when receiving a data message through a port of the user-side port type, and transmit the mirror message to the device to which the access location acquisition unit belongs, thereby further reducing the number of mirror message interactions in the system to reduce the communication overhead within the system.
  • At least one network device serving as a mirror message sender copies the data packet, encapsulates the copied data packet into a mirror message, and sends the mirror message to the access location acquisition unit.
  • the network device forwards the data packet to send the data packet to the next device on the transmission path.
  • the network device on the transmission path only performs transparent transmission (i.e., does not change the data packet) for forwarding the data packet.
  • some network devices on the transmission path decapsulate and recapsulate the data packet before forwarding it (for example, changing the MAC address in the data packet).
  • the content of the data message carried by the mirror message may include only part of the content of the original data message.
  • it can be the first 64 bytes or the first 128 bytes of the original data message, etc., which can be set according to actual needs and is not limited in this application.
  • the network device after the network device receives the data message, it can copy part of the content of the data message and encapsulate the copied part of the data message into a mirror message.
  • the application layer control information includes but is not limited to: Packet messages in Quick UDP Internet Connections (QUIC), etc., which are not limited in this application.
  • the data messages of the specified type described above are only illustrative examples and can be set according to actual needs, which are not limited in this application.
  • Fig. 5a is a schematic diagram of the structure of a data message.
  • the data message includes but is not limited to: an Ethernet Header field, an IP Header field, a data field, and other fields.
  • the IP Header fields include but are not limited to: the destination address field and the source address field.
  • the destination address field is used to carry the IP address of the destination device (referred to as the destination IP address)
  • the source address field is used to carry the IP address of the source device (referred to as the source IP address).
  • the data field is used to carry data, such as application data or other control information.
  • the sending end of the data message is optionally the previous device on the transmission path of the data message.
  • device A for example, a user device
  • device B forwards the data message to device C.
  • device B device A is the sending end of the data message.
  • device C device B is the sending end of the data message.
  • the sending end of the data message described in the embodiments below refers to each sending end on the transmission path (including the initial sending end, that is, the device indicated by the source IP address in the data message).
  • the receiving end of the data message is optionally the next device on the transmission path of the data message.
  • the destination MAC address in the Ethernet Header field is always the MAC address of the last receiving end of the data message, and the source MAC address is always the MAC address of the initial sending end that generates the data message.
  • the destination IP in the IP Header field is always the IP address of the last receiving end, and the source IP address is always the IP address of the initial sending end.
  • device A for example, a user device
  • the addresses (including IP addresses and MAC addresses) in the Ethernet Header field and IP Header field of the data message sent or received by each device remain unchanged, the destination address is the MAC address and IP address of device C, and the source address is the MAC address and IP address of device A.
  • the network device on the transmission path decapsulates and recapsulates the data message, for example, re-encapsulates the Layer 2 frame, and accordingly, the source MAC address and the destination MAC address in the Layer 2 frame header (i.e., the Ethernet Header field) are updated accordingly. That is, the source MAC address in the Ethernet Header field of the re-encapsulated data message indicates the network device that currently forwards the data message, and the destination MAC address indicates the next Layer 3 device on the transmission path that receives the data message.
  • the destination IP address in the IP Header field in the data message is always the IP address of the last receiving end, and the source IP address is always the IP address of the initial sending end.
  • the sender and receiver of the data message are divided into two levels, one level is the actual transmission path level, that is, on the actual transmission path, the sender of the data message described in the embodiment of the present application is the previous device on the data message transmission path, and the receiver of the data message is the next device on the data message transmission path.
  • the other level is the level based on the MAC address indication in the data message.
  • the device indicated by the MAC address (including the source MAC address and the destination MAC address) in the data message is the same as the device indicated by the IP address, that is, the sender indicated by it is the initial sender, and the receiver is the last receiver.
  • the device indicated by the MAC address in the data message is different from the device indicated by the IP address, and the device indicated by the MAC address is the same as the sender and receiver on the actual transmission path.
  • the mirror message is taken as a three-layer remote mirror (Encapsulated Remote Switched Port Analyzer, ERSPAN) message for example.
  • the mirror message can also be other protocol messages that can realize the mirror message function in the embodiment of the present application, and the present application does not limit it.
  • the encapsulation of the ERSPAN message can optionally be a general routing encapsulation (General Routing Encapsulation, GRE), the principle of which is to copy the source port message and send it to the destination device through GRE encapsulation.
  • GRE General Routing Encapsulation
  • Figure 5b is a schematic diagram of the structure of the mirror message shown as an example. Please refer to Figure 5b, the mirror message includes but is not limited to: IP Header field, GRE Header field, ERSPAN Header field and data field.
  • the IP Header field is used to carry the identifier of the sender and the identifier of the receiver of the mirror message.
  • the identifier of the sender can be the IP address of the network device that sends the mirror message.
  • the identifier of the receiver can be the IP address of the device to which the access location acquisition unit belongs.
  • the GRE Header field is used to carry information such as version number and flag bit.
  • the ERSPAN Header field includes, but is not limited to, a Header field and a SubHeader field.
  • the length of the Header field is 12 bytes, including, but not limited to, a Session ID field, a VLAN field, etc.
  • the length of the SubHeader field is optionally 8 bytes, including, but not limited to, a Platf ID field and a Platform Specific Info field, etc.
  • the Platform Specific Info field is used to carry a receiving port identifier.
  • the receiving port identifier is an identifier of a port at which a network device that sends a mirror message receives a data message.
  • Leaf 1 receives a data message sent by server 11 through port 11, and the receiving port identifier in the mirror message sent by Leaf 1 is the port identifier of port 11, such as the MAC address of port 11.
  • the receiving port identifier may also be a port number, etc., which is not limited in this application.
  • the receiving port identifier carried in the Platform Specific Info field is taken as an example of the MAC address of the port.
  • the receiving port identifier may be the INDEX (index) information corresponding to the port.
  • the access location acquisition unit and the analysis unit can maintain the correspondence between the INDEX information and the MAC address of the port, so that the MAC address of the corresponding port can be queried through the INDEX information.
  • the data field is used to carry data messages.
  • the original data message is encapsulated in this field.
  • the encapsulated mirror message includes an outer message and an inner message.
  • the outer message is the packet header on the tunnel protocol encapsulation that complies with the mirror message, including but not limited to: IP Header field, GRE Header field and ERSPAN Header field, etc.
  • the inner message includes a data field, that is, the inner message is the original data message.
  • FIG6a is a schematic diagram of the structure of another data message exemplarily shown.
  • the data message may be referred to as a tunnel message.
  • the tunnel message may comply with the VXLAN protocol.
  • the tunnel message may comply with other tunnel protocols, which is not limited in the present application.
  • the tunnel message may include a tunnel outer message (also referred to as a tunnel message header) and a tunnel inner message (also referred to as an original data message).
  • the inner layer message of the tunnel is the original data message carrying application data (or other control information) sent by the user device (such as VM), including but not limited to: Ethernet Header field, IP Header field, data field and other fields.
  • the Ethernet Header field of the inner layer message of the tunnel includes but is not limited to: the destination address field and the source address field.
  • the destination address field is used to carry the MAC address of the destination device (i.e., the receiving end of the data message) (referred to as the destination MAC address), and the source address field is used to carry the MAC address of the source device (i.e., the sending end of the data message) (referred to as the source MAC address).
  • the IP Header fields of the inner layer message of the tunnel include but are not limited to: the destination address field and the source address field.
  • the destination address field is used to carry the IP address of the destination device (referred to as the destination IP address)
  • the source address field is used to carry the IP address of the source device (referred to as the source IP address).
  • the data field is used to carry data, such as application data or other control information.
  • the outer layer message of the tunnel is encapsulated in accordance with the VXLAN tunnel protocol, which includes but is not limited to: Ethernet Header field, IP Header field and tunnel header field, etc.
  • the Ethernet Header field of the tunnel outer message includes: the source MAC address of the tunnel and the destination MAC address of the tunnel. Specifically, during the tunnel message forwarding process, the network device re-encapsulates the tunnel message and updates the Ethernet Header field of the tunnel outer message.
  • the IP Header fields of the tunnel outer message include but are not limited to: the source IP address of the tunnel and the destination IP address of the tunnel.
  • the tunnel header field includes but is not limited to some tunnel information, such as a tunnel identifier and the like.
  • FIG6b is a schematic diagram of the structure of a mirror message.
  • the mirror message includes but is not limited to: an IP Header field, a GRE Header field, an ERSPAN Header field, and a data field.
  • the data message is carried in the data field of the mirror message.
  • the description of other fields of the mirror message can be referred to FIG5b, which will not be repeated here.
  • the mirrored message is an ERSPAN Type III message as an example for explanation. It may also be other protocol messages that can realize the mirror message function in the embodiment of the present application, that is, messages that can encapsulate the original data message and carry interface information, which is not limited in the present application.
  • the access location acquisition unit receives a mirror message sent by at least one network device.
  • the device to which the access location acquisition unit belongs determines that the receiving end of the mirror message is the device based on the destination address field in the IP Header field in the mirror message.
  • the device obtains the mirror message and transmits the mirror message to the access location acquisition unit for further processing.
  • the access location acquisition unit obtains information carried by the IP Header field, the GRE Header field, and the ERSPAN Header field in the message.
  • the access location acquisition unit can determine that the Platform Specific info field carries interface information, that is, the port identifier corresponding to the port at which the mirrored message sender receives the data message.
  • the access location acquisition unit acquires the interface information and executes S302.
  • the mirror message may be a mirror message required for other scenarios and can be processed in other ways, which is not limited by this application.
  • S302 Based on the mirror message, determine whether the sender of the data message is a user device.
  • the access location acquisition unit can determine whether the sender of the data message is a user device based on the receiving port identifier (i.e., interface information) in the mirror message.
  • the access location acquisition unit can determine whether the sender of the data message is a user device based on the identifier of the sender in the mirrored message (i.e., the source MAC address in the data message).
  • the access location acquisition unit determines the port type of the receiving port indicated by the receiving port identifier carried in the mirror message based on the correspondence between the port identifier and the port type acquired in advance. Exemplarily, if the access location acquisition unit determines that the port type of the receiving port is a user-side port type, it can be determined that the sending end corresponding to the data message received based on the receiving port is a user device (which can also be understood as a user device type).
  • the analysis unit can obtain the neighbor information of each network device.
  • the analysis unit can determine the port type of the port in each network device based on the neighbor information.
  • the port type includes: a user-side port type and a network device-side port type.
  • the type of the neighbor device connected to the port is a network device (also referred to as a network device type), which can also be understood as the neighbor device connected to the port is a network device within the observation range, and accordingly, the port type of the port is a network device-side port type. If the neighbor device connected to the port is a network device not within the observation range, the port type of the port is a user-side port type.
  • the type of a port that is not connected to any device can also be classified as a user-side port type.
  • the way in which the analysis unit determines the port type can refer to the relevant description in S301, which will not be repeated here.
  • the analysis unit may send the analysis result to the access location acquisition unit.
  • the analysis result includes, but is not limited to: the identifier of the port of the user-side port type and the identifier of the corresponding network device.
  • the identifier of the network device may optionally be the IP address of the network device
  • the port identifier may optionally be the MAC address of the port (it may also be the port ID, which is not limited in this application).
  • the access location acquisition unit maintains a correspondence table between network device ports and port types (a list is used as an example in the embodiment of this application, and other forms may also be used in other embodiments, which are not limited in this application).
  • the access location acquisition unit may write the obtained identifier of the network device and the port identifier of the corresponding port into the list. That is to say, in this example, each network device identified in the list is a network device with a port of the user-side port type, and the type of each port in the list is a port of the user-side port type.
  • Table 1 is one form of a correspondence table between network device ports and port types:
  • network device 1 network device 2
  • network device 3 are all network devices with ports of user-side port type.
  • the ports of the user-side port type of network device 1 include port 1 and port 2
  • the ports of the user-side port type of network device 2 include port 3 and port 4
  • the ports of the user-side port type of network device 3 include port 9 to port 11.
  • the above correspondence is only an illustrative example and is not limited in this application.
  • the analysis results include but are not limited to: the identification of all network devices within the observation range of the system, the port identification of the ports of each network device, and the port type corresponding to each port.
  • the access location acquisition unit can write the received network device identification and the corresponding port identification and port type into the network device port and port type correspondence table.
  • Table 2 is one form of the network device port and port type correspondence table:
  • the network device identifiers are all IP addresses of each network device, and the port identifiers are the MAC addresses corresponding to the ports.
  • port 1 and port 2 of network device 1 are both ports of the user side port type.
  • Port 3 and port 4 of network device 1 are both ports of the network device side port type.
  • Port 1 and port 2 of network device 2 are both ports of the user side port type.
  • Port 3 of network device 2 is a port of the network device side port type.
  • the operation and maintenance personnel can connect to the interface provided by the analysis unit through a terminal (such as a computer, tablet or mobile phone or other terminal device), and configure the network device port and port type correspondence table for the analysis unit through the terminal.
  • the analysis unit can obtain the network device port and port type correspondence table configured by the operation and maintenance personnel.
  • the access location acquisition unit receives the mirror message and decapsulates the mirror message to obtain the information (or parameters) carried by the outer message of the mirror message. Specifically, the access location acquisition unit reads the identifier of the mirror message sender in the IP Header field, and the interface information (i.e., the receiving port identifier) carried in the ERSPAN Header, which is used to indicate the port at which the network device serving as the sender of the mirror message receives the data message.
  • the interface information i.e., the receiving port identifier
  • the use of the information in the GRE Header field can refer to the existing technical embodiments, and this application will not elaborate on it.
  • the access location acquisition unit queries the network device port and port type correspondence table based on the mirror message sender identifier and the receiving port identifier in the mirror message to determine the port type corresponding to the receiving port.
  • the access location acquisition unit detects that the receiving port identifier carried by the mirrored message is not included in the network device port and port type correspondence table based on the identifier of the mirrored message sending end and the receiving port identifier, and it can be determined that the port indicated by the receiving port identifier is a port of the network device side port type, that is, a port of a non-user side port type.
  • the access location acquisition unit detects that the receiving port identifier carried by the mirrored message is included in the network device port and port type correspondence table based on the identifier of the mirrored message sending end and the receiving port identifier, and it can be determined that the port indicated by the receiving port identifier is a port of the user side port type, that is, a port of the network device side port type.
  • the network device port and port type correspondence table is in the form shown in Table 2, that is, it includes relevant information of the port of the user side port type and relevant information of the port of the network device side port type.
  • the access location acquisition unit matches each table item (including the network device identifier and the port identifier) in the network device port and port type correspondence table based on the identifier of the mirror message sender and the receiving port identifier, and obtains the port type corresponding to the receiving port identifier that successfully matches, so as to determine the port type corresponding to the port indicated by the receiving port identifier.
  • the access location unit may further determine, based on the port type of the receiving port, whether a sending end corresponding to a data message received on the receiving port is a user equipment.
  • the access location acquisition unit determines that the port indicated by the receiving port identifier is a port of the user side port type, then it can be further determined that the sender corresponding to the data message received by the port indicated by the receiving port identifier is a user device, which can also be understood as the type of the device is a user device type, or a non-network device type.
  • the access location acquisition unit determines that the port indicated by the receiving port identifier is a port of the network device side port type, then it can be further determined that the sending end corresponding to the data packet received by the port indicated by the receiving port identifier is a network device, which can also be understood as the type of device is a network device type, or a non-user device type.
  • At least one network device as the sender of the mirror message is a designated network device in the system, that is, the analysis unit can designate at least one network device with a port of the user-side port type as the sender of the mirror message. That is to say, in this example, only the network device with a port of the user-side port type will send the mirror message to the access location acquisition unit after receiving the data message through the port of the user-side port type. Accordingly, after receiving the mirror message, the access location acquisition unit can determine that the sender corresponding to the data message in the mirror message is a user device, that is, the type of the device is a user device type.
  • At least one network device as the mirror message sender can also be configured to receive data messages through any port, and in this example, it can be executed according to method 1. That is, it is still necessary to first determine the type of the receiving port receiving the data message, and then further identify whether it is a user device.
  • the access location acquisition unit periodically executes the process shown in FIG3 , for example, the periodic duration is 1 second, which can be set according to actual needs and is not limited in this application. That is, the access location acquisition unit receives one or more mirror messages within 1 second, and can execute S302 and S303 on the received mirror messages.
  • the mirror message can carry the receiving port identifier, and the device can determine whether the sending end connected to the receiving port is a user device through the receiving port.
  • An identification solution suitable for the scenario of layer 2 and layer 3 data message forwarding is provided, which can realize the accurate positioning of the access device of the user device, and then obtain the access position of the user device.
  • the access location acquisition unit receives multiple mirror messages.
  • the mirror message may come from one or more network devices.
  • multiple mirror messages may be sent by network device A, wherein the sending end corresponding to the data message in each mirror message may be the same or different, that is, network device A may be multiple mirror messages generated based on data messages sent by one or more devices.
  • Network device A may also be multiple mirror messages generated based on multiple data messages sent by one device.
  • multiple mirror messages come from network device A and network device B respectively.
  • the mirror message sent by network device A may be generated based on data messages sent by one or more devices.
  • Network device B is similar and will not be repeated here.
  • the access location acquisition unit may periodically process the received multiple mirror messages.
  • the cycle duration may be 1 second, which may be set according to actual needs and is not limited in this application.
  • the access location acquisition unit groups multiple mirror messages based on the sender identifier carried in each mirror message. Among them, mirror messages with the same sender identifier are divided into the same group. Specifically, the access location acquisition unit reads the source IP address of the IP Header field in the inner message (i.e., data message) in each mirror message, and divides the mirror messages with the same source IP address into the same group. It can be understood that the inner message (i.e., data message) of the mirror message in each group comes from the same initial sender (i.e., the device identified by the source IP address).
  • the access location acquisition unit filters the mirrored messages of each group based on the sender identifier of the inner message of the mirrored message. Specifically, the access location acquisition unit reads the source MAC address in the Ethernet Header field in the data message of each mirrored message in the group, and the access location acquisition unit matches the source MAC address in each mirrored message with the network device identifier list (the list includes the identifiers of all network devices within the observation range). The access location acquisition unit filters out the mirrored messages that successfully match. In other words, if the source MAC address in the mirrored message is in the network device identifier list, that is, the sender of the inner message (that is, the data message) in these mirrored messages is The access location acquisition unit filters out such mirrored messages. The access location acquisition unit processes the mirrored messages whose source MAC addresses in the group do not belong to the network device identification list, that is, the mirrored messages whose senders of the inner messages are network devices not within the observation range.
  • the access location acquisition unit reads the network device identifier of each mirror message after filtering to determine whether each mirror message comes from the same network device. Specifically, the access location acquisition unit reads the source IP address in the IP Header field of the outer message of each mirror message after filtering. As described above, the source IP address is used to indicate the sender of the mirror message (the sender is a network device within the observation range). The access location acquisition unit detects whether the source IP addresses in the outer messages of each mirror message are the same.
  • the access location acquisition unit can determine that these mirror messages (i.e., one or more mirror messages after filtering) are from the same sender (i.e., the same network device). Accordingly, the access location acquisition unit determines that the sender corresponding to the data message of the filtered mirror message is the user device, and the sender of these mirror messages is the access point of the user device. In this way, the characteristics of the mirror message can be used in the embodiment of the present application to obtain the actual sender of the data message, and further determine the type of the sender based on the identifier of the sender.
  • two judgment methods namely "judging whether the sender is a user device based on the receiving port identifier" and “judging whether the sender is a user device based on the identifier of the sender of the data message" can be selected and executed independently to determine the role type of the sender of the data message (i.e., user device or network device).
  • the two judgment methods described above namely, “judging whether the sender is a user device based on the receiving port identifier" and “judging whether the sender is a user device based on the identifier of the sender of the data message”
  • the access location acquisition unit can execute the above two judgment methods in parallel for multiple mirror messages acquired in this cycle at the triggering moment of each cycle (for example, 1s).
  • the access location acquisition unit can determine that the sender of the data message is a network device.
  • the access location acquisition unit can further combine the judgment result of the method of "determining whether the sender is a user device based on the identifier of the sender of the data message" to determine the access location of the user device.
  • the access location acquisition unit determines that the sender of the data message is the user equipment, it can determine that the sender of the mirror message to which the data message belongs is the access point of the user equipment, and the connection interface between the access point and the user equipment is the access port of the user equipment.
  • the access location acquisition unit determines the access point, it reads the mirror message from the access point (specifically, the mirror message involved in the S302 determination step) to obtain the access location information of the user device.
  • the access location information includes, but is not limited to: the user device identifier, the access point identifier, and the access point identifier (i.e., the connection interface between the access point and the user device).
  • the access location acquisition unit reads the source IP address in the IP Header field of the outer message of the mirror message (mirror message from the access point), and the IP address is the identifier of the network device accessed by the user device, which can also be understood as the identifier of the access point of the user device.
  • the access location acquisition unit reads the source IP address in the IP Header field of the inner message of the mirror message, and the IP address is the identifier of the user device.
  • the access location acquisition unit reads the interface information (i.e., the receiving port identifier) in the ERSPAN Header field of the outer message of the mirror message, which is the access point identifier.
  • the access location acquisition unit saves the access location information of the user equipment to the access location storage unit.
  • the access location storage unit can maintain an access location information list (it can also be other storage forms, which are not limited in this application), the list includes one or more table items, each table item is used to store the access location information of the user equipment, and the table items include but are not limited to: the identifier of the user equipment, the access point identifier, and the access port identifier.
  • the access location acquisition unit queries the access location information list based on the identifier of the user device.
  • the access location acquisition unit detects that the identifier of the user device exists in the access location information list, and the access location acquisition unit further detects whether the saved access location information of the user device (including the access point identifier and the access portal identifier, etc.) is consistent with the access location information of the user device currently acquired. In one example, if the two are consistent, there is no need to write the currently acquired access location information of the user device into the list. In another example, if the two are inconsistent, the access location acquisition unit writes the currently acquired access location information of the user device into the access location information list to update the access location information of the user device. In another possible implementation, the access location acquisition unit detects that the identifier of the user device does not exist in the access location information list, and the access location acquisition unit writes the currently acquired access location information of the user device into the access location information list.
  • the access location acquisition unit may also write the acquisition time of the currently acquired access location of the user device in the table entry, wherein the acquisition time may be the time when the access location is acquired, or the time when the access location information is saved, which is not limited in this application.
  • the operation and maintenance personnel or management personnel may perform fault location and troubleshooting operations based on the changes in the access location of the same user device (including changes in location and time points).
  • the change in the access location of the user device may be the migration of the access location of the user device, for example, the user device previously accessed network device A and then migrated to network device B (i.e., after disconnecting from network device A, it accessed network device B).
  • FIG7 is a schematic diagram of an exemplary application scenario.
  • the system includes but is not limited to: Spine1, Leaf1, Leaf2, and multiple user devices.
  • the user devices include but are not limited to: server 11, server 12, server 21, and server 22.
  • port 11 of Leaf1 is connected to port A of server 11
  • port 12 of Leaf1 is connected to port B of server 12, and port 13 of Leaf1 is connected to port 31 of Spine1.
  • Port 21 of Leaf2 is connected to port C of server 21
  • port 22 of Leaf2 is connected to port D of server 22, and port 23 of Leaf2 is connected to port 32 of Spine1.
  • virtual machines such as VM1 and VM2 are deployed on server 12.
  • an analysis unit, an access location acquisition unit, and an access location storage unit are deployed on server 22.
  • the analysis unit maintains a list of network device identifications, which stores the identifications of all network devices within the observation range (for example, the MAC addresses of network devices) in the network device identification list (in the embodiment of the present application, a list is used as an example, and in other embodiments, it may also be in other forms, which is not limited by the present application).
  • device identification A is the MAC address and IP address of Spine1
  • device identification B is the MAC address and IP address of Leaf1
  • device identification C is the MAC address and IP address of Leaf2.
  • device identification including MAC address and IP address is used as an example for explanation.
  • other identifications such as management address and device name may also be included, which is not limited in the present application.
  • FIG8 is a schematic diagram of a method for obtaining a device access location. Referring to FIG8 , the method specifically includes but is not limited to the following steps:
  • the analyzing unit obtains neighbor information of a network device.
  • Leaf1, Leaf2, and Spine1 periodically obtain LLDP information.
  • the LLDP information of Leaf1 includes but is not limited to:
  • the identifier of port 11 is the MAC address of port 11 of Leaf 1
  • the device identifier 11 is the MAC address of server 11
  • the identifier of port A is the MAC address of port A of server 11.
  • the corresponding LLDP information indicates that the neighbor device connected to port 11 of Leaf 1 is the device indicated by device identifier 11, and the connected port is port A of the neighbor device.
  • the identifier of port 12 is the MAC address of port 12 of Leaf 1
  • the device identifier 12 is the MAC address of server 12
  • the identifier of port B is the MAC address of port B of server 12.
  • the corresponding LLDP information indicates that the neighbor device connected to port 12 of Leaf 1 is the device indicated by device identifier 12, and the connected port is port B of the neighbor device.
  • the identifier of port 13 is the MAC address of port 13 of Leaf1
  • the device identifier A is the MAC address of Spine1
  • the identifier of port 31 is the MAC address of port 31 of Spine1.
  • the corresponding LLDP information indicates that the neighbor device connected to port 13 of Leaf1 is the device indicated by device identifier A, and the connected port is port 31 of the neighbor device.
  • the LLDP information of Leaf2 includes but is not limited to the following:
  • Leaf2's LLDP information can be found in Leaf1's description, which is not repeated here.
  • Spine1's LLDP information includes but is not limited to:
  • the identifier of port 31 is the MAC address of port 31 of Spine1
  • the device identifier B is the MAC address of Leaf1
  • the identifier of port 13 is the MAC address of port 13 of Leaf1.
  • the corresponding LLDP information indicates that the neighbor device connected to port 31 of Spine1 is the device indicated by device identifier B, and the connected port is port 13 of the neighbor device.
  • the identifier of port 32 is the MAC address of port 32 of Spine1
  • the device identifier C is the MAC address of Leaf2
  • the identifier of port 23 is the MAC address of port 23 of Leaf2.
  • the corresponding LLDP information indicates that the neighbor device connected to port 32 of Spine1 is the device indicated by device identifier C, and the connected port is port 23 of the neighbor device.
  • the analysis unit sends a neighbor information request message to each network device in the system to instruct feedback of neighbor information.
  • the analysis unit may receive neighbor information 1 fed back by Leaf1, neighbor information 2 fed back by Leaf2, and neighbor information 3 fed back by Spine1.
  • neighbor information 1 includes but is not limited to: the identifier of Leaf1 (i.e. the MAC address of Leaf1) and the LLDP information of Leaf1.
  • Neighbor information 2 includes but is not limited to: the identifier of Leaf2 (i.e. the MAC address of Leaf2) and the LLDP information of Leaf2.
  • Neighbor information 3 includes but is not limited to: the identifier of Spin1 (i.e. the MAC address of Spin1) and the LLDP information of Spine1.
  • the analyzing unit determines the interface role based on the neighbor information.
  • the analyzing unit identifies the port type (ie, interface role) of each port of the network device based on the network device identification list and the received neighbor information.
  • the analysis unit queries the network device identification list (such as shown in Table 3) based on the neighbor information corresponding to Leaf1.
  • the analysis unit detects that the identification of the neighbor device connected to port 11 of Leaf1 (i.e., device identification 11) and the identification of the neighbor device connected to port 12 of Leaf1 (i.e., device identification 12) are not included in the network device identification list.
  • the analysis unit determines that the devices connected to port 11 and port 12 of Leaf1 are network devices that are not within the observation range, and accordingly, the analysis unit determines that the port types of port 11 and port 12 of Leaf1 are user-side type ports.
  • the analysis unit detects that the identification of the neighbor device connected to port 13 of Leaf1 (i.e., device identification A) is included in the network device identification list.
  • the analysis unit determines that the device connected to port 13 of Leaf1 is a network device within the observation range, and further determines that port 13 of Leaf1 is a network device side type port.
  • the analysis unit obtains the interface roles of the ports of Leaf2 and Spine1 respectively.
  • Port 21 and Port 22 of Leaf2 are ports of the user side port type
  • Port 23 of Leaf2 is a port of the network device side port type
  • Port 31 and Port 32 of Spine1 are ports of the network device side port type.
  • the specific identification method can refer to the processing of Leaf1, which will not be repeated here.
  • the analysis unit sends the port identifier of the user side port type and the corresponding network device identifier to the access location acquisition unit.
  • the access location acquisition unit maintains a correspondence table between network device ports and port types, and updates the received network device identifier and port identifier to the correspondence table between network device ports and port types.
  • the identification of the network device maintained by the analysis unit may include but is not limited to the IP address of the network device, the MAC address of the network device, and the management address of the network device.
  • the analysis unit may send the identification required by the access location acquisition unit to the access location unit.
  • the device identification sent by the analysis unit to the access location acquisition unit is the IP address of the network device.
  • the analysis unit After the analysis unit determines that the network device has a port of the user-side port type, it can search for the IP address corresponding to the network device in the network device identification list, and send the IP address of the network device found and the identification of the port of the corresponding user-side port type (for example, the MAC address of the port) to the access location acquisition unit.
  • the interface information carried by the mirror message may be the INDEX information of the receiving port.
  • the analysis unit may also obtain the INDEX information corresponding to each port, and send the INDEX information and MAC address of the port to the access location acquisition unit.
  • the INDEX information may be requested by the analysis unit to the network device, or may be configured by the management personnel, and this application does not limit it.
  • the INDEX information can also be obtained by the access location acquisition unit sending a request message to the network device indicated by the source IP address of the outer message of the mirror message after receiving the mirror message and reading the INDEX information in the interface information, and based on the response message fed back by the network device (the response message carries the MAC address of the port corresponding to the INDEX information).
  • the access location acquisition unit sending a request message to the network device indicated by the source IP address of the outer message of the mirror message after receiving the mirror message and reading the INDEX information in the interface information, and based on the response message fed back by the network device (the response message carries the MAC address of the port corresponding to the INDEX information).
  • the access location acquisition unit writes the acquired network device identifier and port identifier into the network device port and port type correspondence table, such as shown in Table 4:
  • the device identifier B in Table 4 is the IP address of Leaf1
  • the device identifier C is the IP address of Leaf2.
  • Item 1 i.e., serial number 1 in the relationship table is used to indicate that port 11 of the network device indicated by device identifier B is a user-side port type.
  • Item 2 is used to indicate that port 12 of the network device indicated by device identifier B is a user-side port type.
  • Item 3 is used to indicate that port 21 of the network device indicated by device identifier C is a user-side port type.
  • Item 4 is used to indicate that port 22 of the network device indicated by device identifier C is a user-side port type.
  • the network device port and port type correspondence table can also be in the form of Table 2, which is not limited in this application.
  • the access location acquisition unit acquires a mirrored message.
  • FIG9a is a schematic diagram of an exemplary mirror message transmission process. Please refer to FIG9a.
  • server 11 sends a data message to Leaf1 through port A.
  • Leaf1 receives the data message through port 11 and forwards the data message to Spine1 through port 13.
  • Spine1 receives the data message through port 31 and forwards the data message to Leaf2 through port 32.
  • Leaf2 receives the data message through port 23 and sends the data message to server 21 through port 21.
  • Server 21 receives the data message through port C.
  • Figure 9b is an exemplary diagram of mirror message transmission. Please refer to Figure 9b.
  • all network devices within the observation range including Leaf1, Spine1 and Leaf2 have completed the message mirroring function configuration.
  • Leaf1, Spine1 and Leaf2 receive data messages, they generate mirror messages based on the data messages and send the mirror messages to the access location acquisition unit.
  • the mirror message is an ERSPAN message.
  • the transmission path of the mirror message of Leaf1 can be optionally: Port 13 of Leaf1-Port 31 of Spine1-Port 32 of Spine1-Port 23 of Leaf2-Port 22 of Leaf2-Port D of server 22. The paths of other devices will not be repeated one by one.
  • FIG. 9c is an exemplary diagram of message processing.
  • the Ethernet Header field in the data message sent by the server 11 carries the destination MAC address (i.e., the MAC address of the server 12) and the source MAC address (i.e., the MAC address of the server 11)
  • the IP Header field carries the destination IP address (i.e., the IP address of the server 21) and the source IP address (i.e., the IP address of the server 11)
  • the data field carries data.
  • the server 11 is the initial sender of the data message.
  • Leaf1 receives the data message through port 11.
  • Leaf1 re-encapsulates the data message and forwards the re-encapsulated data message to Spine1 through port 13, and
  • Leaf1 generates a mirror message based on the data message.
  • the Ethernet Header field of the re-encapsulated data message carries the destination MAC address (i.e., the MAC address of Spine1) and the source MAC address (i.e., the MAC address of Leaf1).
  • the IP Header field carries the destination IP address (i.e., the IP address of server 21) and the source IP address (i.e., the IP address of server 11).
  • server 11 is the sender of the data message.
  • the mirror message of Leaf1 includes an outer message and an inner message.
  • the outer message includes, but is not limited to, an IP Header field, a GRE Header field, and an ERSPAN Header field.
  • the IP Header field of the outer message includes a destination IP address (i.e., the IP address of server 22) and a source IP address (i.e., the IP address of Leaf1).
  • the ERSPAN Header includes, but is not limited to, a Header field and a Subheader field.
  • the Platform ID field in the Subheader field carries specified information (i.e., 0x7 or 0x0), and the Platform Specific Info field carries the identifier of port 11 (i.e., the MAC address of port 11 of Leaf1, or a port ID, etc., which is not limited in this application), which is used to indicate that the mirror message is generated by Leaf1 based on the data message received by port 11.
  • the inner message is the data field, which carries the data message received by Leaf1.
  • Spine1 receives data packets through port 31.
  • Spine1 re-encapsulates the data packets and forwards the re-encapsulated data packets to Leaf2 through port 32, and Spine1 generates a mirrored packet based on the data packets.
  • the Ethernet Header field of the re-encapsulated data packet carries the destination MAC address (i.e., the MAC address of Leaf2) and the source MAC address (i.e., the MAC address of Spine1).
  • the IP Header field carries the destination IP address (i.e., the IP address of server 21) and the source IP address (i.e., the IP address of server 11).
  • Leaf1 is the sender of the data packet.
  • the mirrored message of Spine1 includes an outer message and an inner message.
  • the outer message includes, but is not limited to, an IP Header field, a GRE Header field, and an ERSPAN Header field.
  • the IP Header field of the outer message includes the destination IP address (i.e., the IP address of server 22) and the source IP address (i.e., the IP address of Spine1).
  • the ERSPAN Header includes, but is not limited to, the Header field and Subheader field. Among them, the Platf ID field in the Subheader field carries specified information (i.e. 0x7 or 0x0), and the Platform Specific Info field carries the identifier of port 31 (i.e.
  • the inner message is the data field, which carries the data message received by Spine1.
  • Leaf2 receives the data message through port 23.
  • Leaf2 re-encapsulates the data message and forwards the re-encapsulated data message to server 21 through port 21, and
  • Leaf2 generates a mirror message based on the data message.
  • the Ethernet Header field of the re-encapsulated data message carries the destination MAC address (i.e., the MAC address of server 21) and the source MAC address (i.e., the MAC address of Leaf2).
  • the IP Header field carries the destination IP address (i.e., the IP address of server 21) and the source IP address (i.e., the IP address of server 11).
  • Spine1 is the sender of the data message.
  • the mirror message of Leaf2 includes an outer message and an inner message.
  • the outer message includes, but is not limited to, an IP Header field, a GRE Header field, and an ERSPAN Header field.
  • the IP Header field of the outer message includes a destination IP address (i.e., the IP address of server 22) and a source IP address (i.e., the IP address of Leaf2).
  • the ERSPAN Header includes, but is not limited to, a Header field and a Subheader field.
  • the Platform ID field in the Subheader field carries specified information (i.e., 0x7 or 0x0), and the Platform Specific Info field carries the identifier of port 23 (i.e., the MAC address of port 23 of Leaf2, or a port ID, etc., which is not limited in this application), which is used to indicate that the mirror message is generated by Leaf2 based on the data message received by port 23.
  • the inner message is the data field, which carries the data message received by Leaf2.
  • the access location acquisition unit receives mirror messages sent by multiple network devices, including the mirror message of Leaf1, the mirror message of Spine1, and the mirror message of Leaf2.
  • the access location acquisition unit acquires the access location of the user equipment based on the mirrored message and the interface role.
  • the access location acquisition unit maintains a correspondence table between network device ports and port types, wherein the correspondence table records the port identifier of the port of the user-side port type and the identifier of the corresponding network device.
  • the access location acquisition unit queries the correspondence table between network device ports and port types based on the network device identifier and interface information in the mirror message to detect whether the receiving port identifier in the interface information is included in the correspondence table between network device ports and port types, so as to determine whether the sending end corresponding to the data message of the single mirror message is a user device.
  • the access location acquisition unit acquires the source IP address in the IP Header field of the mirror message of Leaf1 (i.e., the IP address of Leaf1), and the interface information in the Platform Specific Info field (i.e., the MAC address of port 11).
  • the access location acquisition unit matches each entry in the correspondence table between the network device port and the port type based on the IP address of Leaf1 and the MAC address of port 11. In this example, the IP address of Leaf1 and the MAC address of port 11 are successfully matched, and the access location acquisition unit determines that port 11 of Leaf1 is a port of the user-side port type.
  • the access location acquisition unit can determine that the neighbor device connected to port 11 of Leaf1 (i.e., the device connected to port 11) is a user device, that is, the sending end corresponding to the data message received by Leaf1 from port 11 is the user device.
  • the access location acquisition unit determines that Leaf1 is the access point of the user device.
  • the access location acquisition unit acquires the source IP address (i.e., the IP address of server 11) in the IP Header field in the inner layer message of Leaf1's mirror message, that is, the identifier of the sender corresponding to the data message received by Leaf1.
  • the access location acquires the access location information corresponding to server 11, including but not limited to: the IP address of server 11, the identifier of the access point (i.e., the IP address of Leaf1), and the receiving port identifier (i.e., the MAC address of port 11).
  • the access location information is used to indicate that server 11, as a user device, is connected to port 11 of Leaf1.
  • the access location acquisition unit obtains the source IP address in the IP Header field of the mirror message of Spine1 (i.e., the IP address of Spine1), and the interface information in the Platform Specific Info field (i.e., the MAC address of port 31).
  • the access location acquisition unit matches each entry in the correspondence table between the network device port and the port type based on the IP address of Spine1 and the MAC address of port 31.
  • the IP address of Spine1 fails to match the MAC address of port 31, and the access location acquisition unit determines that port 31 of Spine1 is a port of the network device side port type. Further, the access location acquisition unit can determine that the sending end (i.e., the device connected to port 31) corresponding to the data packet received by Spine1 from port 31 is a network device.
  • the access location acquisition unit obtains the source IP address in the IP Header field of the mirror message of Leaf2 (i.e., the IP address of Leaf2), and the interface information in the Platform Specific Info field (i.e., the MAC address of port 23).
  • the access location acquisition unit matches each entry in the correspondence table between the network device port and the port type based on the IP address of Leaf2 and the MAC address of port 23.
  • the IP address of Leaf2 fails to match the MAC address of port 23, and the access location acquisition unit determines that port 23 of Leaf2 is a port of the network device side port type. Further, the access location acquisition unit can determine that the sending end (i.e., the device connected to port 23) corresponding to the data message received by Leaf2 from port 23 is a network device.
  • the access location acquisition unit may also first identify the access point based on the received mirror message. After the access point is determined, the relevant fields of the mirror message (referring to the mirror message in which the port indicated by the carried interface information is a user-side port type) from the access point are read to obtain the access position.
  • the access location storage unit stores the access location information of the user equipment.
  • the access location acquisition unit saves the access location information of the server 11 to the access location storage unit.
  • the access location storage unit maintains an access location information list (it may also be other storage forms, which are not limited in this application), the list includes one or more table items, each of which is used to store the access location information of the user equipment, and the table items include but are not limited to: the identifier of the user equipment, the access point identifier and the receiving port identifier (i.e., the access port identifier), etc.
  • the access location acquisition unit queries the access location information list based on the identifier of server 11 (i.e., the IP address of server 11). In one example, if the access location information list does not include the identifier of server 11, that is, the access location information corresponding to server 11 is not saved. Then, the access location acquisition unit saves the access location information of server 11 (including but not limited to: the IP address of server 11, the identifier of the access point (i.e., the IP address of Leaf1) and the receiving port identifier (i.e., the MAC address of port 11)) to the access location information list.
  • the access location information list including but not limited to: the IP address of server 11, the identifier of the access point (i.e., the IP address of Leaf1) and the receiving port identifier (i.e., the MAC address of port 11)
  • the access location acquisition unit detects whether the saved access location information is consistent with the currently acquired access location information. If they are consistent, no update is performed. If they are inconsistent, the access location acquisition unit saves the access location information of server 11 (including but not limited to: the IP address of server 11, the identifier of the access point (i.e., the IP address of Leaf1) and the receiving port identifier (i.e., the MAC address of port 11)) to the access location information list.
  • the access location acquisition unit writes the acquisition time of the access location information (e.g., the time saved in the access location information list) into the access location information.
  • a layer 2 forwarding scenario is taken as an example for description.
  • the analysis unit and the access location acquisition unit execute S801 to S802, and the specific details can be referred to above, which will not be repeated here.
  • FIG10 is a schematic diagram of message processing.
  • the Ethernet Header field in the data message sent by the server 11 carries the destination MAC address (i.e., the MAC address of the server 12) and the source MAC address (i.e., the MAC address of the server 11), the IP Header field carries the destination IP address (i.e., the IP address of the server 21) and the source IP address (i.e., the IP address of the server 11), and the data field carries data.
  • the server 11 is the initial sender of the data message.
  • Leaf1 receives the data message through port 11.
  • Leaf1 forwards the data message to Spine1 through port 13 (also called transparent transmission), and
  • Leaf1 generates a mirror message based on the data message.
  • the data message forwarded by Leaf1 is the same as the received data message (i.e., the data message sent by server 11).
  • the received data message i.e., the data message sent by server 11.
  • the mirror message of Leaf1 includes an outer message and an inner message.
  • the outer message includes but is not limited to: IP Header field, GRE Header field and ERSPAN Header field.
  • the IP Header field of the outer message includes the destination IP address (i.e., the IP address of server 22) and the source IP address (i.e., the IP address of Leaf1).
  • ERSPAN Header includes but is not limited to: Header field and Subheader field.
  • the Platf ID field in the Subheader field carries the specified information (i.e., 0x7 or 0x0), and the Platform Specific Info field carries the identifier of port 11 (i.e., the MAC address of port 11 of Leaf1, or the port ID, etc., which is not limited in this application), which is used to indicate that the mirror message is generated by Leaf1 based on the data message received by port 11.
  • the inner message is the data field, which carries the data message received by Leaf1.
  • server 11 is the sender of the data message.
  • Spine1 receives the data packet through port 31.
  • Spine1 forwards the data packet to Leaf2 through port 32 (also called transparent transmission), and Spine1 generates a mirrored message based on the data packet.
  • the data packet forwarded by Spine1 is the same as the received data packet (i.e., the data packet sent by Leaf1).
  • the data packet sent by Leaf1 For a specific description, please refer to the above related description, which will not be repeated here.
  • the mirror message of Spine1 includes an outer message and an inner message.
  • the outer message includes but is not limited to: IP Header field, GRE Header field and ERSPAN Header field.
  • the IP Header field of the outer message includes the destination IP address (i.e., the IP address of server 22) and the source IP address (i.e., the IP address of Spine1).
  • ERSPAN Header includes but is not limited to: Header field and Subheader field.
  • the Platf ID field in the Subheader field carries the specified information (i.e., 0x7 or 0x0), and the Platform Specific Info field carries the identifier of port 31 (i.e., the MAC address of port 31 of Spine1, or the port ID, etc., which is not limited in this application), which is used to indicate that the mirror message is generated by Spine1 based on the data message received by port 31.
  • the inner message is the data field, which carries the data message received by Spine1.
  • Leaf1 is the sender of the data message.
  • Leaf2 receives the data message through port 23.
  • Leaf1 forwards the data message to server 21 through port 21 (also called transparent transmission), and
  • Leaf2 generates a mirror message based on the data message.
  • the data packets sent by Spine1 are the same. For specific descriptions, please refer to the relevant descriptions above and will not be repeated here.
  • the mirror message of Leaf2 includes an outer message and an inner message.
  • the outer message includes but is not limited to: IP Header field, GRE Header field and ERSPAN Header field.
  • the IP Header field of the outer message includes the destination IP address (i.e., the IP address of server 22) and the source IP address (i.e., the IP address of Leaf2).
  • ERSPAN Header includes but is not limited to: Header field and Subheader field.
  • the Platf ID field in the Subheader field carries the specified information (i.e., 0x7 or 0x0), and the Platform Specific Info field carries the identifier of port 23 (i.e., the MAC address of port 23 of Leaf2, or the port ID, etc., which is not limited in this application), which is used to indicate that the mirror message is generated by Leaf2 based on the data message received by port 23.
  • the inner message is the data field, and the data field carries the data message received by Leaf2.
  • Spine1 is the sender of the data message.
  • the access location acquisition unit receives mirror messages sent by multiple network devices, including the mirror message of Leaf1, the mirror message of Spine1, and the mirror message of Leaf2.
  • the mirrored messages of Leaf1, Spine1, and Leaf2 received by the access location acquisition unit execute processing of S803 to S804.
  • the specific details are the same as those in scenario 1 and are not repeated here.
  • the analysis unit executes S801 and S802.
  • S801 can refer to the relevant content in scenario 1, which will not be repeated here.
  • the analysis unit may send indication information to the network devices having ports of the user-side port type (e.g., Leaf1 and Leaf2), to instruct Leaf1 to generate a mirror message after receiving a data message through a port of the user-side port type (i.e., port 11 and port), and send the mirror message to the access location acquisition unit, and to instruct Leaf2 to generate a mirror message after receiving a data message through a port of the user-side port type (i.e., port 21 and port 22), and send the mirror message to the access location acquisition unit.
  • the user-side port type e.g., Leaf1 and Leaf2
  • Leaf1 and Leaf2 receive data packets through ports of the user side port type, corresponding mirror packets are generated.
  • FIG. 9c as an example, in this example, unlike the scenario shown in FIG. 9c, Leaf1 sends a mirror packet to the access location acquisition unit, and both Spine1 and Leaf2 receive data packets through ports of the network device side port type, so there is no need to generate a mirror packet.
  • the access location acquisition unit receives the mirror message sent by Leaf1, and can determine that the sender (i.e., server 11) of the inner message (i.e., data message) of the mirror message sent by Leaf1 is the user device, and accordingly, Leaf1 is the access point of the user device. Further, the access location acquisition unit reads the mirror message of Leaf1 to obtain the access location information of server 11, and saves it to the access location storage unit. For details not described, please refer to the relevant content above, and will not be repeated here.
  • FIG11 is a schematic diagram of a method for obtaining a device access location. Referring to FIG11 , the method specifically includes but is not limited to the following steps:
  • the analysis unit obtains the MAC address of the network device.
  • the analysis unit may obtain the identification of each network device in the system, such as the MAC address and IP address of each network device, etc.
  • the MAC address may be obtained by the analysis unit.
  • the analysis unit may periodically and automatically collect the MAC address of each network device in the system, and/or the management personnel (or operation and maintenance personnel) may configure the MAC address of each network device in the system for the analysis unit through a user interface provided by the analysis unit.
  • the MAC address of the network device obtained by the analysis unit includes the MAC address of the network device within the observation range, and also includes the MAC address of the network device outside the observation range.
  • the firewall is a network device outside the observation range, but the analysis unit can communicate with the network device to obtain the MAC address corresponding to the firewall.
  • the MAC address of the firewall can also be configured by the administrator, and this application does not limit it.
  • the analysis unit may maintain a list of network device identifiers.
  • the list can refer to Table 3, and the related description can refer to the related content above, which will not be repeated here.
  • the analysis unit sends the acquired MAC address of the network device to the access location acquisition unit.
  • the network device identifier in the network device identifier list may include, but is not limited to: the MAC address of the network device, the IP address of the network device, and the management address of the network device (wherein the list may not include the management address of network devices such as firewalls that are not within the observation range), etc.
  • the analysis unit may only send the MAC address to the access location acquisition unit, and of course, other types of identifiers may also be sent, which is not limited in this application.
  • the access location acquisition unit acquires a mirrored message.
  • FIG12 is a schematic diagram of an exemplary mirror message transmission process. Please refer to FIG12.
  • server 11 sends data message 1 to Leaf 1 through port A.
  • Leaf 1 receives data message 1 through port 11 and forwards data message 1 to Spine 1 through port 13.
  • Spine 1 receives data message 1 through port 31 and forwards data message 1 to Leaf 2 through port 32.
  • Leaf 2 receives data message 1 through port 23 and sends data message 1 to server 21 through port 21.
  • Server 21 receives data message 1 through port C.
  • server 12 sends data packet 2 to Leaf 1 through port A.
  • Leaf 1 receives data packet 2 through port 12 and forwards data packet 2 to Spine 1 through port 13.
  • Spine 1 receives data packet 2 through port 31 and forwards data packet 2 to Leaf 2 through port 32.
  • Leaf 2 receives data packet 2 through port 23 and sends data packet 2 to server 21 through port 21.
  • Server 21 receives data packet 2 through port C.
  • Figure 13 is an exemplary diagram of message processing. Please refer to Figure 13.
  • the Ethernet Hear field in the data message 1 sent by the server 11 carries the destination MAC address (i.e., the MAC address of Leaf1) and the source MAC address (i.e., the MAC address of server 11), the IP Header field carries the destination IP address (i.e., the IP address of server 21) and the source IP address (i.e., the IP address of server 11), and the data field carries data.
  • server 11 is the initial sender of data message 1.
  • Figure 12 illustrates the information carried by some fields, and other fields can refer to the relevant description in Figure 9c, which will not be repeated here and will not be repeated below.
  • Leaf1 receives data message 1 through port 11.
  • Leaf1 re-encapsulates data message 1 and forwards the re-encapsulated data message 1 to Spine1 through port 13, and
  • Leaf1 generates mirror message 1 based on data message 1.
  • the Ethernet Header field of the re-encapsulated data message 1 carries the destination MAC address (i.e., the MAC address of Spine1) and the source MAC address (i.e., the MAC address of Leaf1).
  • the IP Header field carries the destination IP address (i.e., the IP address of server 21) and the source IP address (i.e., the IP address of server 11).
  • the mirror message 1 of Leaf1 includes an outer message and an inner message.
  • the outer message includes, but is not limited to, an IP Header field, a GRE Header field, and an ERSPAN Header field.
  • the IP Header field of the outer message includes a destination IP address (i.e., the IP address of server 22) and a source IP address (i.e., the IP address of Leaf1).
  • the ERSPAN Header includes, but is not limited to, a Header field and a Subheader field.
  • the Platform ID field in the Subheader field carries specified information (i.e., 0x7 or 0x0), and the Platform Specific Info field carries the identifier of port 11 (i.e., the MAC address of port 11 of Leaf1, or a port ID, etc., which is not limited in this application), which is used to indicate that the mirror message is generated by Leaf1 based on the data message received by port 11.
  • the inner message is the data field, which carries the data message 1 received by Leaf1.
  • server 11 is the sender of data message 1.
  • Spine1 receives datagram 1 through port 31.
  • Spine1 re-encapsulates datagram 1 and forwards the re-encapsulated datagram 1 to Leaf2 through port 32, and Spine1 generates mirrored message 3 based on datagram 1.
  • the Ethernet Header field of the re-encapsulated datagram 1 carries the destination MAC address (i.e., the MAC address of Leaf2) and the source MAC address (i.e., the MAC address of Spine1).
  • the IP Header field carries the destination IP address (i.e., the IP address of server 21) and the source IP address (i.e., the IP address of server 11).
  • the mirror message 3 of Spine1 includes an outer message and an inner message.
  • the outer message includes, but is not limited to, an IP Header field, a GRE Header field, and an ERSPAN Header field.
  • the IP Header field of the outer message includes a destination IP address (i.e., the IP address of server 22) and a source IP address (i.e., the IP address of Spine1).
  • the ERSPAN Header includes, but is not limited to, a Header field and a Subheader field.
  • the Platf ID field in the Subheader field carries specified information (i.e., 0x7 or 0x0), and the Platform Specific Info field carries the identifier of port 31 (i.e., the MAC address of port 31 of Spine1, or a port ID, etc., which is not limited in this application), which is used to indicate that the mirror message is generated by Spine1 based on the data message received by port 31.
  • the inner message is the data field, which carries the data message 1 received by Spine1.
  • Leaf1 is the sender of data message 1.
  • Leaf2 receives data message 1 through port 23.
  • Leaf2 re-encapsulates data message 1 and forwards the re-encapsulated data message 1 to server 21 through port 21, and
  • Leaf2 generates mirror message 5 based on data message 1.
  • the Ethernet Header field of the re-encapsulated data message 1 carries the destination MAC address (i.e., the MAC address of server 21) and the source MAC address (i.e., the MAC address of Leaf2).
  • the IP Header field carries the destination IP address (i.e., the IP address of server 21) and the source IP address (i.e., the IP address of server 11).
  • Spine1 is the sender of data message 1.
  • the mirror message 5 of Leaf2 includes an outer message and an inner message.
  • the outer message includes but is not limited to: an IP Header field, a GRE Header field, and an ERSPAN Header field.
  • the IP Header field of the outer message includes the destination IP address (i.e., the IP address of server 22) and the source IP address (i.e., the IP address of Leaf2).
  • the ERSPAN Header includes but is not limited to: a Header field and Subheader field.
  • the Platf ID field in the Subheader field carries the specified information (i.e., 0x7 or 0x0), and the Platform Specific Info field carries the identifier of port 23 (i.e., the MAC address of port 23 of Leaf2, or the port ID, etc., which is not limited in this application), which is used to indicate that the mirror message is generated by Leaf2 based on the data message 1 received by port 23.
  • the inner message is the data field, which carries the data message 1 received by Leaf2.
  • the Ethernet Hear field in the data message 2 sent by the server 12 carries the destination MAC address (i.e., the MAC address of the server Leaf1) and the source MAC address (i.e., the MAC address of the server 12), the IP Header field carries the destination IP address (i.e., the IP address of the server 21) and the source IP address (i.e., the IP address of the server 12), and the data field carries the data.
  • the server 12 is the initial sender of the data message 2. It should be noted that FIG. 12 illustrates the information carried by some fields, and the other fields can refer to the relevant description in FIG. 9c , which will not be repeated here and will not be repeated below.
  • Leaf1 receives data packet 2 through port 12.
  • Leaf1 re-encapsulates data packet 2 and forwards the re-encapsulated data packet 2 to Spine1 through port 13, and
  • Leaf1 generates mirrored message 2 based on data packet 2.
  • the Ethernet Header field of the re-encapsulated data packet 2 carries the destination MAC address (i.e., the MAC address of Spine1) and the source MAC address (i.e., the MAC address of Leaf1).
  • the IP Header field carries the destination IP address (i.e., the IP address of server 21) and the source IP address (i.e., the IP address of server 11).
  • server 12 is the sender of data packet 2.
  • the mirror message 2 of Leaf1 includes an outer message and an inner message.
  • the outer message includes, but is not limited to, an IP Header field, a GRE Header field, and an ERSPAN Header field.
  • the IP Header field of the outer message includes a destination IP address (i.e., the IP address of server 22) and a source IP address (i.e., the IP address of Leaf1).
  • the ERSPAN Header includes, but is not limited to, a Header field and a Subheader field.
  • the Platform ID field in the Subheader field carries specified information (i.e., 0x7 or 0x0), and the Platform Specific Info field carries the identifier of port 11 (i.e., the MAC address of port 12 of Leaf1, or a port ID, etc., which is not limited in this application), which is used to indicate that the mirror message is generated by Leaf1 based on the data message 2 received by port 12.
  • the inner message is the data field, which carries the data message 2 received by Leaf1.
  • Spine1 receives datagram 2 through port 31.
  • Spine1 re-encapsulates datagram 2 and forwards the re-encapsulated datagram 2 to Leaf2 through port 32, and Spine1 generates mirrored message 4 based on datagram 2.
  • the Ethernet Header field of the re-encapsulated datagram 2 carries the destination MAC address (i.e., the MAC address of Leaf2) and the source MAC address (i.e., the MAC address of Spine1).
  • the IP Header field carries the destination IP address (i.e., the IP address of server 21) and the source IP address (i.e., the IP address of server 12).
  • the mirror message 4 of Spine1 includes an outer message and an inner message.
  • the outer message includes, but is not limited to, an IP Header field, a GRE Header field, and an ERSPAN Header field.
  • the IP Header field of the outer message includes a destination IP address (i.e., the IP address of server 22) and a source IP address (i.e., the IP address of Spine1).
  • the ERSPAN Header includes, but is not limited to, a Header field and a Subheader field.
  • the Platf ID field in the Subheader field carries specified information (i.e., 0x7 or 0x0), and the Platform Specific Info field carries the identifier of port 31 (i.e., the MAC address of port 31 of Spine1, or a port ID, etc., which is not limited in this application), which is used to indicate that the mirror message is generated by Spine1 based on the data message 2 received by port 31.
  • the inner message is the data field, which carries the data message 2 received by Spine1.
  • Leaf1 is the sender of data message 2.
  • Leaf2 receives data message 2 through port 23.
  • Leaf2 re-encapsulates data message 2 and forwards the re-encapsulated data message 2 to server 21 through port 21, and
  • Leaf2 generates mirror message 6 based on data message 2.
  • the Ethernet Header field of the re-encapsulated data message 2 carries the destination MAC address (i.e., the MAC address of server 21) and the source MAC address (i.e., the MAC address of Leaf2).
  • the IP Header field carries the destination IP address (i.e., the IP address of server 21) and the source IP address (i.e., the IP address of server 12).
  • the mirror message 6 of Leaf2 includes an outer message and an inner message.
  • the outer message includes, but is not limited to, an IP Header field, a GRE Header field, and an ERSPAN Header field.
  • the IP Header field of the outer message includes a destination IP address (i.e., the IP address of server 22) and a source IP address (i.e., the IP address of Leaf2).
  • the ERSPAN Header includes, but is not limited to, a Header field and a Subheader field.
  • the Platform ID field in the Subheader field carries specified information (i.e., 0x7 or 0x0), and the Platform Specific Info field carries the identifier of port 23 (i.e., the MAC address of port 23 of Leaf2, or a port ID, etc., which is not limited in this application), which is used to indicate that the mirror message is generated by Leaf2 based on the data message 2 received by port 23.
  • the inner message is the data field, which carries the data message 2 received by Leaf2.
  • Spine1 is the sender of data message 2.
  • the access location acquisition unit receives mirror messages sent by multiple network devices, including mirror messages 1 and 2 of Leaf1, mirror messages 3 and 4 of Spine1, and mirror messages 5 and 5 of Leaf2.
  • the access location acquisition unit can be based on the above Multiple mirror messages are used to determine whether the sender of each data message is a user device.
  • the access location acquisition unit groups the mirrored messages based on the IP addresses of the inner messages.
  • the access location acquisition unit reads the source IP address in the IP address field of the inner message of each mirror message obtained in this period, that is, the identifier of the initial sender of the data message.
  • the access location acquisition unit groups the mirrored messages based on the source IP addresses of the inner messages of each mirrored message, wherein the mirrored messages with the same source IP addresses are grouped together.
  • mirror message 1, mirror message 3 and mirror message 5 are all generated based on the same data message (i.e., data message 1), and accordingly, the source IP addresses of the inner messages of mirror message 1, mirror message 3 and mirror message 5 are the same, i.e., they are all the IP address of server 11.
  • the access location acquisition unit divides mirror message 1, mirror message 3 and mirror message 5 into the same group (e.g., mirror message group 1).
  • mirror message 2, mirror message 4 and mirror message 5 are all generated based on the same data message (i.e., data message 2), and accordingly, the source IP addresses of the inner messages of mirror message 2, mirror message 4 and mirror message 6 are the same, i.e., they are all the IP addresses of server 12.
  • the access location acquisition unit divides mirror message 2, mirror message 4 and mirror message 6 into the same group (e.g., mirror message group 2).
  • the access location acquisition unit determines the access location of the user device based on the mirrored message in the group and the MAC address of the network device.
  • the access location acquisition unit reads the source MAC address (i.e., the identifier of the sender of the data message) in the Ethernet Header field of the mirror message in the same group, and matches the read source MAC address with the MAC address of the network device in the system pre-acquired by the access location acquisition unit.
  • the access location acquisition unit filters out the mirror messages corresponding to the source MAC addresses that successfully match.
  • the senders corresponding to the data messages of the filtered mirror messages are all network devices. Still taking the scenario in FIG.
  • the access location acquisition unit processes the mirror message group 1 (including mirror message 1, mirror message 3, and mirror message 5), and the access location acquisition unit reads the source MAC address (i.e., the MAC address of server 11) in the Ethernet Header field of mirror message 1, the source MAC address (i.e., the MAC address of Leaf1) in the Ethernet Header field of mirror message 3, and the source MAC address (i.e., the MAC address of Spine1) in the Ethernet Header field of mirror message 5.
  • the source MAC address i.e., the MAC address of server 11
  • the source MAC address i.e., the MAC address of Leaf1
  • the source MAC address i.e., the MAC address of Spine1
  • the access location acquisition unit matches the read source MAC address with the MAC address of the network device in the system (as shown in Table 3) obtained in advance, so as to filter out the mirror message whose source MAC address is the MAC address of the network device (including the network device in the observation range and the network device outside the observation range).
  • the source MAC address in the Ethernet Header field of mirror message 3 and the source MAC address in the Ethernet Header field of mirror message 5 match successfully, and the access location acquisition unit filters out mirror message 3 and mirror message 5. If the source MAC address in the Ethernet Header field of mirror message 1 fails to match, the remaining mirror message after filtering of mirror message group 1 is mirror message 1.
  • the access location acquisition unit reads the sender identifier of each mirror message after filtering in the group (i.e., the remaining mirror messages in the group), i.e., the source IP address in the IP Header field of the outer message of the mirror message.
  • the access location acquisition unit detects whether the source IP addresses of each mirror message after filtering in the group are the same, i.e., detects whether the filtered mirror messages are all sent by the same network device (i.e., the sender).
  • the access location acquisition unit reads the relevant fields of the mirrored message to obtain the access location information of the user device. Specifically, the access location acquisition unit reads the source IP address of the inner message of any mirrored message after filtering (that is, the IP address of the sender of the data message (that is, the user device)), the interface information in the ERSPAN Header field of the outer message of the mirrored message (that is, the receiving port identifier of the access point), and the source IP address of the IP Header field of the outer message of the mirrored message (that is, the identifier of the access point).
  • the above information is the access location information of the user device.
  • the mirrored message after filtering of mirrored message group 1 is mirrored message 1.
  • the access location acquisition unit reads the source IP address of the outer message of mirrored message 1 and determines that it comes from the same network device (that is, Leaf1).
  • the access location acquisition unit reads the source IP address of the inner message of the mirror message 1 (i.e., the IP address of server 11) to obtain the identification of the user device, and reads the interface information in the ERSPAN Header field of the outer message of the mirror message 1 (i.e., the MAC address of port 11 of Leaf11) to obtain the receiving port identification of the access point (also known as the access point identification), and reads the source IP address of the IP Header field of the outer message of the mirror message 1 (i.e., the IP address of Leaf1) to obtain the access point identification.
  • the source IP address of the inner message of the mirror message 1 i.e., the IP address of server 11
  • the interface information in the ERSPAN Header field of the outer message of the mirror message 1 i.e., the MAC address of port 11 of Leaf11
  • the receiving port identification of the access point also known as the access point identification
  • the source IP address of the IP Header field of the outer message of the mirror message 1 i.e., the
  • the following scenario describes an example in which the source IP addresses of the mirrored packets after filtering within the group are different.
  • the access location acquisition unit can determine that the sender of the mirror message 1 is the access point, and the sender of the data message of the mirror message 1 is the user device. Accordingly, the access location acquisition unit reads the relevant fields of the mirror message 1 to obtain the access location information of the user device (i.e., server 11). The specific details can be referred to above and will not be repeated here.
  • the access location acquisition unit performs the same processing on the mirror message group 2.
  • the specific processing flow can refer to the processing of the mirror message group 1.
  • the access location acquisition unit can obtain that the sender of the data message received by Leaf1 (i.e., server 12) is a user device.
  • the access location acquisition unit obtains the access location information of server 12 by reading the mirror message 2 of Leaf1, including but not limited to: the MAC address of server 12 (i.e., the user device identifier), the IP address of Leaf1 (i.e., the access point identifier), and the MAC address of port 12 of Leaf1 (i.e., the access port identifier).
  • the access location storing unit stores the access location of the user equipment.
  • the access location storage unit can store the access location information of the server 11 and the access location information of the server 12.
  • the access location storage unit can store the access location information of the server 11 and the access location information of the server 12.
  • the access location acquisition unit when executing S1104, divides the mirror messages with the same source IP address of the inner message into one group, for example, the mirror messages carrying the IP address of server 11 are all divided into the same group.
  • the access location acquisition unit detects the identifier of the sender of the data message of each mirror message in the group, that is, the source MAC address in the Ethernet Header field of the inner message does not belong to any network device in the system, and it can be determined that the sender of the data message is a non-network device.
  • the access location acquisition unit reads the source IP address of the outer message of each mirror message in the group, and detects that the source IP addresses of each mirror message are different, that is, they point to multiple network devices (including Leaf1, Spine1 and Leaf2). Then the access location acquisition unit cannot determine which network device is the access point, nor can it determine which specific data message sender is the user device.
  • the analysis unit and the access location acquisition unit may asynchronously execute the access location acquisition process in Figure 8 (eg, the process described in scenario 2). Accordingly, the access location may identify the user equipment and the corresponding access location in the layer 2 forwarding scenario shown in Figure 10 .
  • the same user device may also be connected to two or more network devices.
  • server 12 is connected to port 12 of Leaf1 and port 24 of Leaf2.
  • Other connection relationships can be referred to Figure 12, which will not be repeated here.
  • server 11 sends data message 1, and its transmission method can be referred to the description in FIG. 14, which will not be repeated here.
  • Server 12 sends data message 2, and its transmission method can be referred to the description in FIG. 14, which will not be repeated here.
  • server 12 sends data message 3. Specifically, server 12 sends data message 3 to Leaf 2 through port E, Leaf 2 receives data message 3 through port 24, and sends data message 3 to server 21 through port 21. Server 21 receives data message 3 through port C.
  • the Ethernet Hear field in the data message 3 sent by the server 12 carries the destination MAC address (i.e., the MAC address of Leaf 2) and the source MAC address (i.e., the MAC address of the server 12), the IP Header field carries the destination IP address (i.e., the IP address of the server 21) and the source IP address (i.e., the IP address of the server 12), and the data field carries the data.
  • the server 12 is the initial sender of the data message 3.
  • Leaf2 receives data message 3 through port 24.
  • Leaf2 re-encapsulates data message 3 and forwards the re-encapsulated data message 3 to server 21 through port 21, and
  • Leaf2 generates mirror message 7 based on data message 3.
  • the Ethernet Header field of the re-encapsulated data message 3 carries the destination MAC address (i.e., the MAC address of server 21) and the source MAC address (i.e., the MAC address of Leaf2).
  • the IP Header field carries the destination IP address (i.e., the IP address of server 21) and the source IP address (i.e., the IP address of server 12).
  • the mirror message 7 of Leaf2 includes an outer message and an inner message.
  • the outer message includes but is not limited to: IP Header field, GRE Header field and ERSPAN Header field.
  • the IP Header field of the outer message includes the destination IP address (i.e., the IP address of server 22) and the source IP address (i.e., the IP address of Leaf2).
  • the ERSPAN Header includes but is not limited to: Header field and Subheader field.
  • the Platf ID field in the Subheader field carries specified information (i.e., 0x7 or 0x0), and the Platform Specific Info field carries the identifier of port 24 (i.e., the MAC address of port 24 of Leaf2, or it can be a port ID, etc., which is not limited in this application), which is used to indicate that the mirror message is generated by Leaf2 based on the data message 3 received by port 24.
  • the inner message is
  • the data field carries the data message 3 received by Leaf 2.
  • the server 12 is the sender of the data message 3.
  • the access location acquisition unit may independently execute the access location acquisition process shown in Figure 8 or Figure 11, or asynchronously execute the access location acquisition process shown in Figure 8 or Figure 11.
  • asynchronous execution of two processes is used as an example for description.
  • the access location acquisition unit executes the process shown in FIG8 and can identify that server 11 is a user device, and its access location is port 11 of Leaf1. For specific details, please refer to the above text and will not be repeated here. Based on the interface information carried by the mirror message of Leaf1, the access location acquisition unit can determine that Leaf1 receives a data message from a user-side type port (i.e., port 12). Accordingly, it can be determined that the sender of data message 2 (i.e., server 12) is a user device, and the corresponding access location is port 12 of Leaf1.
  • a user-side type port i.e., port 12
  • the access location acquisition unit can determine that Leaf2 receives a data message from a user-side type port (i.e., port 24). Accordingly, it can be determined that the sender of data message 3 (i.e., server 12) is a user device, and the corresponding access location is port 24 of Leaf2. In other words, the access location acquisition acquisition unit can identify the two access locations of server 12 in the system.
  • a user-side type port i.e., port 24
  • the access location acquisition unit executes the process shown in FIG11.
  • the access location acquisition unit can obtain the access location information of the server 11.
  • the acquisition method can refer to the above and will not be repeated here.
  • the access location acquisition unit identifies that the source IP addresses of the inner messages of the mirror message 2, the mirror message 4, the mirror message 6 and the mirror message 7 are the same, that is, they are all the IP addresses of the server 12.
  • the access location acquisition unit divides the mirror message 2, the mirror message 4, the mirror message 6 and the mirror message 7 into the same group.
  • the access location acquisition unit filters the mirror message based on the MAC address of the inner message.
  • the source MAC addresses of the inner messages of the mirror message 2 (for a specific description, refer to the relevant content of FIG13) and the mirror message 7 are both the MAC address of the server 12, that is, the source MAC addresses of the inner messages of the mirror message 2 (for a specific description, refer to the relevant content of FIG13) and the mirror message 7 are both indicated as non-network devices.
  • the access location acquisition unit identifies the source IP address of the outer layer message of each filtered mirror message (i.e., mirror message 2 and mirror message 7).
  • the access location acquisition unit detects that the source IP address of mirror message 2 points to Leaf1 (i.e., the IP address of Leaf1), and the source IP address of mirror message 7 points to Leaf2 (i.e., the IP address of Leaf2), that is, the source IP addresses of mirror message 2 and mirror message 7 point to different network devices, that is, mirror message 2 and mirror message 7 come from different sending ends, and the access location acquisition unit determines that there are multiple access points corresponding to server 12.
  • the access location acquisition unit can further determine the specific access location of server 12 based on the results obtained in the process of FIG. 8.
  • the access location acquisition unit may compare the result obtained in FIG. 8 with the result obtained in FIG. 11. For example, in the scenario shown in FIG. 15, the access location acquisition unit can obtain the access location of server 11 through the processes shown in FIG. 11 and FIG. 8, and the obtained results are the same, then the access location acquisition unit can determine that the access location of server 11 is interface 11 of Leaf1. As for the access location of server 12, the result obtained in FIG. 8 is inconsistent with the result obtained in FIG. 11. In the embodiment of the present application, the case where the results obtained by the processes of FIG. 8 and FIG. 11 are inconsistent may include the case in FIG. 15, that is, when the process shown in FIG.
  • the access location of the user device may be further obtained in combination with the process shown in FIG. 8.
  • the case where the results obtained by the processes of FIG. 8 and FIG. 11 are inconsistent may also include the case where FIG. 8 determines that the sender of the data message is a user device, while FIG. 11 determines that the sender of the data message is a non-user device (i.e., a network device).
  • FIG. 8 determines that the sender of the data message is a user device
  • FIG. 11 determines that the sender of the data message is a non-user device (i.e., a network device).
  • scenario seven please refer to scenario seven.
  • FIG16 is a schematic diagram of an exemplary application scenario. Please refer to FIG16 and combine it with the scenario shown in FIG13.
  • a firewall is set between Spine1 and Leaf2.
  • the data message sent by server 11 is sent to the firewall through Spine 1.
  • the firewall performs security verification and other processing on the data message, and then sends the data message to Leaf2.
  • the firewall forwards the data message in a transparent transmission mode, that is, does not change the MAC address in the data message.
  • the firewall can also re-encapsulate the data message, which is not limited in the present application.
  • the analyzing unit and the access location acquiring unit may execute the access location acquiring method in FIG. 8 and/or FIG. 11 .
  • the neighbor information of Spine1 obtained by the analysis unit includes but is not limited to:
  • the analysis unit determines that port 32 is an empty port based on the neighbor information of Spine1, or determines that the neighbor device connected to port 32 is a network device that is not within the observation range.
  • the identifier of the neighbor device connected to the port does not belong to the port of the network device within the observation range, and its port type is the user-side port type.
  • the analysis unit determines that port 32 of Spine1 is a port of the user-side port type.
  • port 23 of Leaf2 is also determined to be a port of the user-side port type.
  • the access location acquisition unit may receive the mirroring messages sent by Leaf1, Spine1, and Leaf2.
  • the access location acquisition unit may receive the mirroring messages sent by Leaf1, Spine1, and Leaf2.
  • the firewall is the sender of the data packets received by it.
  • the access location acquisition unit can determine that Leaf1 is the access point of server 11, and obtain the access location information of server 11. The specific details can be referred to above and will not be repeated here.
  • the access location acquisition unit determines that port 23 is a port of the user-side port type based on the interface information carried by the mirror message of Leaf2. Accordingly, the access location acquisition unit can determine that the neighbor device connected to port 23 is a user device, that is, the sender corresponding to the data message received by Leaf2 through port 23 is a user device.
  • the access location acquisition unit reads the mirror message of Leaf2, obtains the user device identifier (the source IP address carried by the inner message of the mirror message, that is, the IP address of server 11), the access point identifier (that is, the source IP address carried by the outer message of the mirror message, that is, the IP address of Leaf2), and the receiving port identifier (that is, the interface information carried by the outer message of the mirror message, that is, the MAC address of port 23). That is, the access location of server 11 is port 23 of Leaf2.
  • the user device identifier the source IP address carried by the inner message of the mirror message, that is, the IP address of server 11
  • the access point identifier that is, the source IP address carried by the outer message of the mirror message, that is, the IP address of Leaf2
  • the receiving port identifier that is, the interface information carried by the outer message of the mirror message, that is, the MAC address of port 23. That is, the access location of server 11 is port 23 of Leaf2.
  • the access location acquisition unit detects that the sending end corresponding to the data message received by Leaf1 from port 11 is a user device by executing the process shown in FIG8, and the sending end corresponding to the data message received by Leaf2 from port 23 is also a user device.
  • the analysis unit and the access location acquisition unit execute the process shown in FIG11.
  • the access location acquisition unit performs the grouping operation (the specific details can be referred to above and will not be repeated here)
  • the access location acquisition unit performs the grouping operation (the specific details can be referred to above and will not be repeated here)
  • the access location acquisition unit performs the grouping operation (i.e., the MAC address of Spine1)
  • the sender of the data message received by Leaf2 is a network device within the observation range, that is, the source MAC address carried by the inner message in the mirror message of Leaf2 is included in the MAC address of the network device in the system pre-acquired by the access location acquisition unit.
  • the access location acquisition unit can determine that the sender corresponding to the data message received by Leaf2 from port 23 is a non-user device. This result is inconsistent with the result after the execution of FIG8. Then, the access location acquisition unit shall be based on the result of the execution of FIG11, that is, it is determined that the sender corresponding to the data message received by Leaf2 from port 23 (i.e., the firewall) is a non-user device.
  • the access location acquisition method in the embodiment of the present application can also be used in the migration scenario of the user equipment. Still taking the scenario shown in FIG. 7 as an example, illustratively, it is assumed that the server 11 migrates from port 11 of Leaf 1 to port 25 of Leaf 2, that is, the server 11 accesses the system through port 25 of Leaf 2 to communicate with other devices in the system.
  • Leaf 1 after server 11 is disconnected from Leaf 1, Leaf 1 sends LLDP information to each network device in the system, and the LLDP information is used to indicate that port 11 of Leaf 1 is an empty port.
  • Leaf 2 After server 11 is connected to port 25 of Leaf 2, Leaf 2 can send LLDP information to each network device in the system, and the LLDP information is used to indicate that port 25 of Leaf 2 is connected to server 11.
  • the analysis unit executes the process in Figure 8.
  • Leaf1 and Leaf2 detect an LLDP information update and can send neighbor information update information to the analysis unit.
  • the neighbor information update information of Leaf1 is used to indicate that port 11 is an empty port.
  • the neighbor information update information of Leaf2 includes but is not limited to: the identifier of port 25 (i.e., the MAC address of port 25), the neighbor device identifier (i.e., the MAC address of server 11), and the port identifier of the neighbor device (i.e., port A of server 11).
  • the neighbor information update information of Leaf2 is used to indicate port A of server 11 to which port 25 of Leaf2 is connected.
  • the analysis unit can update the locally stored neighbor information.
  • the analysis unit can also request neighbor information from each network device in the system at the periodic triggering moment.
  • the analysis unit can update the locally stored neighbor information based on the neighbor information fed back by Leaf1 and Leaf2.
  • the analysis unit may execute S802 to S805 based on the new neighbor information.
  • the data message of server 11 will be sent to Leaf2.
  • Leaf2 receives the data message sent by server 11 through port 25, forwards the data message, and generates and sends the corresponding mirror message based on the data message.
  • the access location acquisition unit executes S804, it can obtain that the access location of server 11 is port 25 of Leaf2.
  • the access location acquisition unit can detect that the identifier of server 11 already exists in the access location information list based on the identifier of server 11, and the access location information corresponding to the saved server 11 is different from the currently acquired access location information.
  • the access location acquisition unit can write the newly acquired access location information of server 11 into the access location information list, and write the current time (i.e., the writing time of the access location information) accordingly.
  • the administrator can obtain the migration status of server 11 (including the migrated access point and the corresponding time).
  • the analysis unit and the access location unit execute the process in FIG. 11.
  • the MAC address of the network device within the observation range maintained by the analysis unit remains unchanged.
  • the access location acquisition unit executes S1104, it can determine the access location of the server 11 based on the multiple mirror messages corresponding to the data message sent by the server 11. For specific implementation details, see As described in FIG. 11 , details will not be repeated here.
  • the access location acquisition method in the embodiment of the present application can also be applied to the scenario where the user device is a virtual machine.
  • VM1 in server 12 sends an original data message, and the format of the original data message can be referred to the tunnel inner message in Figure 6a.
  • the OVS in server 12 re-encapsulates the original data message of VM1, and the format of the re-encapsulated data message (also referred to as a tunnel message) can be referred to Figure 6a.
  • the network device within the observation range on the transmission path sends a mirror message to the access location acquisition unit, and the format of the mirror message can be referred to Figure 6b.
  • the access location acquisition unit executes S804 in FIG. 8 in response to the received mirror message (S801 to S803 can be referred to above and will not be described again here).
  • the access location acquisition unit determines whether the sender of the data message is a user device based on the interface information of the mirror message. The specific details are the same as S804 and will not be described again here.
  • the access location acquisition unit determines that the sender corresponding to the data message received by Leaf1 is a user device, and can obtain the access location information corresponding to the user device.
  • the access location acquisition unit reads the source IP address (i.e., the user device identifier) carried by the inner layer message of the tunnel (i.e., the tunnel message) of the mirror message of Leaf1, and the source IP address (i.e., the identifier of Leaf1) and the interface information (i.e., the receiving port identifier) carried by the outer layer message of the mirror message to obtain the access location information corresponding to the corresponding server 11.
  • the source IP address i.e., the user device identifier
  • the interface information i.e., the receiving port identifier
  • the access location acquisition unit executes S1104 in FIG. 11 in response to the received mirror message (S1101 to S1103 are the same as in FIG. 11 and are not described again here).
  • the access location acquisition unit groups the mirror messages based on the source IP address carried by the inner message of the tunnel message of the inner message (i.e., tunnel message or data message) of each mirror message, that is, the mirror messages whose source IP address is the IP address of VM1 are divided into the same group.
  • each network device updates the Ethernet Header in the outer message of the tunnel.
  • the access location acquisition unit can filter the mirror message based on the source MAC address (i.e., the sender identifier of the data message) carried by the outer message of the tunnel in the inner message of the mirror message.
  • the specific filtering method can be referred to above and will not be described again here.
  • the access location acquisition unit determines the access location of the user equipment based on the source IP address of the outer layer message of the filtered mirror message (ie, the IP address of the sender of the mirror message). Specific details can be found in the description of FIG. 11 and will not be repeated here.
  • the access location acquisition method in the embodiment of the present application can be applied to the transmission scenario of tunnel data packets, that is, user devices such as virtual machines that access the system through tunnel protocols can also be accurately located.
  • router X is a network device that is not within the observation range, that is, a router deployed on the user side.
  • the analysis unit obtains the neighbor information of Leaf3, and detects that the identifier of router X does not belong to the network device within the observation range, then it can be determined that the port of Leaf3 connected to router X is a user-side port type.
  • server 41 sends a data message to router X, and router X forwards the data message to Leaf3.
  • Leaf3 forwards the received data message, and generates and sends a mirror message at the same time.
  • the access location acquisition unit can determine that the sender of the data message received by Leaf3 (here refers to router X) is a user device based on the mirror message of Leaf3. That is, the receiving port corresponding to the data message of the mirror message of Leaf3 is a user-side port type, and accordingly, the neighbor device connected to the receiving port, that is, the sender of the data message is the user device.
  • the access location reads the source IP address carried in the inner layer message of Leaf3's mirror message, where the source IP address is the IP address of server 41.
  • the access location of the user device obtained by reading the relevant fields of the mirror message is the access location of server 41.
  • the access location information of server 41 includes but is not limited to: the identifier of server 41, the identifier of Leaf3 (i.e., the access point identifier), and the receiving port identifier (i.e., the identifier of the connection port between Leaf3 and router X).
  • the access locations of servers 41 to 4n are the same, and the access points are all Leaf3, and the corresponding access ports are all the connection ports between Leaf3 and router X.
  • router X belongs to the user side device for the network side, and accordingly, the access locations of servers 41 to 4n can also be understood as the access locations of router X in the system.
  • the data packet sent by the server 41 is still taken as an example.
  • the access location acquisition unit divides the mirrored messages carrying the IP address of the server 41 in the mirrored messages into the same group. Then, the access location acquisition unit filters the mirrored messages based on the source MAC address carried by the inner layer messages of the mirrored messages in the group. Among them, the source MAC address carried by the inner layer message of the mirrored message of Leaf3 is the MAC address of router X, and the MAC address does not belong to the network device on the network side.
  • the access location acquisition unit can perform subsequent steps on the mirrored message corresponding to the MAC address of router X.
  • the access location acquisition unit can determine that Leaf3 is the access point of the user device, and obtain the access location information of the user device by reading the relevant fields of the mirror message of Leaf3.
  • the access location information of the user device obtained by the access location refers to the access location information corresponding to the server 41 (the specific details can be referred to above, which will not be repeated here).
  • the device includes hardware structures and/or software modules corresponding to the execution of each function.
  • the embodiments of the present application can be implemented in the form of hardware or a combination of hardware and computer software. Whether a function is executed in the form of hardware or computer software driving hardware depends on the specific application and design constraints of the technical solution. Professional and technical personnel can use different methods to implement the described functions for each specific application, but such implementation should not be considered to exceed the scope of this application.
  • the embodiment of the present application can divide the functional modules of the device according to the above method example.
  • each functional module can be divided according to each function, or two or more functions can be integrated into one processing module.
  • the above integrated module can be implemented in the form of hardware or in the form of software functional modules. It should be noted that the division of modules in the embodiment of the present application is schematic and is only a logical function division. There may be other division methods in actual implementation.
  • FIG. 17 shows a possible structural diagram of the device 1700 involved in the above embodiment.
  • the device 1700 includes but is not limited to: a receiving unit 1701 and an access location acquisition unit 1702.
  • the receiving unit 1701 is used to receive a mirror message sent by a network device.
  • the mirror message is generated by the network device based on the received data message.
  • the mirror message includes the identifier of the network device, the receiving port identifier and the data message.
  • the data message includes the identifier of the sender of the data message.
  • the receiving port identifier is used to indicate the receiving port of the network device for receiving the data message.
  • the access location acquisition unit 1702 is used to determine whether the sender of the data message is a user device based on the mirror message. The access location acquisition unit 1702 is also used to obtain the access location information of the user device if the sender is determined to be a user device.
  • the access location information includes the identifier of the sender, the identifier of the network device and the receiving port identifier.
  • the access location acquisition unit 1702 is specifically configured to determine whether the sender of the data message is a user equipment based on the receiving port identifier in the mirror message.
  • the access location acquiring unit 1702 is specifically configured to determine whether the sender of the data message is a user equipment based on the identifier of the sender in the mirror message.
  • the port type of the receiving port is a user-side port type.
  • the access location acquiring unit 1702 is specifically configured to determine, in response to a received mirrored message, that a sender of the data message is a user equipment.
  • the device also includes an analysis unit 1703, which is used to: determine at least one network device in the network based on first information, the first information including port identifiers and corresponding port types of ports of each network device in the network, the port types including user-side port types and network device-side port types, and each network device in at least one network device includes a port of a user-side port type; send indication information to at least one network device, the indication information is used to instruct each network device in at least one network device to generate a mirror message based on a data message received by a port of a user-side interface type of each network device.
  • an analysis unit 1703 is used to: determine at least one network device in the network based on first information, the first information including port identifiers and corresponding port types of ports of each network device in the network, the port types including user-side port types and network device-side port types, and each network device in at least one network device includes a port of a user-side port type; send indication information to at least one network device, the indication information
  • the access location acquisition unit 1702 is specifically used to: determine the port type of the receiving port based on the first information and the receiving port identifier, the first information including the port identifier and the corresponding port type of the port of each network device in the network, the port type including the user side port type and the network device side port type; if the port type of the receiving port is the user side port type, determine that the sending end is a user device; if the port type of the receiving port is the network device side port type, determine that the sending end is a non-user device.
  • the device also includes an analysis unit 1703, which is specifically used to: obtain second information, the second information includes identifiers of multiple network devices in the network; obtain neighbor information of each network device in the multiple network devices, each neighbor information includes an identifier of a source network device, a source network device port identifier and an identifier of a neighbor device, the source network device is a device that sends neighbor information, the neighbor device is a device that is physically connected to the source network device, and the source network device port identifier is used to indicate the port of the source network device connected to the neighbor device; based on the second information and the neighbor information, determine the port type of the port of each network device, the identifier of the neighbor device connected to the port whose port type is a network device side port type is included in the second information, and the identifier of the neighbor device connected to the port whose port type is a user side port type is not included in the second information.
  • an analysis unit 1703 which is specifically used to: obtain second information, the second information includes identifiers of multiple
  • the receiving unit 1701 is specifically used to: receive multiple mirror messages; the multiple mirror messages come from one or more network devices; the identifier of the sender includes the IP address of the sender and the MAC address of the sender, and the access location acquisition unit 1702 is specifically used to: if the IP addresses of the senders carried by N mirror messages in the multiple mirror messages are the same, and the N mirror messages carry The MAC address of the sender is not included in the second information, and the identifiers of the network devices carried by the N mirror messages indicate the same network device.
  • the sender is determined to be a user device, and the second information includes identifiers of multiple network devices in the network.
  • the access location acquisition unit 1702 is specifically used to: if the IP addresses of the senders carried by M of the multiple mirror messages are the same, and the MAC addresses of the senders carried by the M mirror messages are not included in the second information, and the identifiers of the network devices carried by the M mirror messages indicate two or more network devices, based on the receiving port identifier in the mirror message, determine whether the sender of the data message is a user device.
  • the access location acquisition unit 1702 is specifically used to: determine whether the sender of the data message is a user device based on the receiving port identifier and the sender identifier in the mirror message; if the judgment result based on the receiving port identifier indicates that the sender is a user device, and the judgment result based on the sender identifier indicates that the sender is not a user device, determine that the sender is a non-user device.
  • the device also includes: an access location storage unit 1704, which is used to query user equipment access information based on the identifier of the sending end, the user equipment access information including access location information of at least one user equipment; the access location storage unit 1704 is also used to update the access location information of the user equipment corresponding to the identifier of the sending end in the user equipment access information if the user equipment access information already includes the access location information of the user equipment corresponding to the identifier of the sending end, and the saved access location information is inconsistent with the access location information currently obtained.
  • an access location storage unit 1704 which is used to query user equipment access information based on the identifier of the sending end, the user equipment access information including access location information of at least one user equipment
  • the access location storage unit 1704 is also used to update the access location information of the user equipment corresponding to the identifier of the sending end in the user equipment access information if the user equipment access information already includes the access location information of the user equipment corresponding to the identifier of the sending end, and the saved access location information is inconsistent with
  • FIG18 shows a schematic block diagram of a device 1800 according to an embodiment of the present application.
  • the device 1800 may include: a processor 1801 and a transceiver/transceiver pin 1802, and optionally, a memory 1803.
  • the processor 1801 may be used to execute the steps performed by the analysis unit, the access location acquisition unit, and the access location storage unit in the methods of the aforementioned embodiments, and control the receiving pin to receive a signal, and control the sending pin to send a signal.
  • bus 1804 The components of the device 1800 are coupled together via a bus 1804, wherein the bus system 1804 includes a power bus, a control bus, and a status signal bus in addition to a data bus.
  • bus system 1804 includes a power bus, a control bus, and a status signal bus in addition to a data bus.
  • various buses are labeled as the bus system 1804 in the figure.
  • the memory 1803 may be used to store instructions in the aforementioned method embodiment.
  • the device 1800 may correspond to the analysis unit, the access location acquisition unit, the access location storage unit and the corresponding server in the various methods of the aforementioned embodiments, and the above-mentioned and other management operations and/or functions of each element in the device 1800 are respectively for implementing the corresponding steps of the aforementioned methods. For the sake of brevity, they will not be repeated here.
  • an embodiment of the present application also provides a computer-readable storage medium, which stores a computer program.
  • the computer program includes at least one code segment, and the at least one code segment can be executed by a computer to control the computer to implement the above method embodiment.
  • the embodiment of the present application also provides a computer program, which is used to implement the above method embodiment when executed by a computer.
  • the program may be stored in whole or in part on a storage medium packaged together with the processor, or may be stored in whole or in part on a memory not packaged together with the processor.
  • the embodiment of the present application further provides a processor, which is used to implement the above method embodiment.
  • the above processor can be a chip.
  • the steps of the method or algorithm described in conjunction with the disclosed content of the embodiments of the present application can be implemented in hardware or by executing software instructions by a processor.
  • the software instructions can be composed of corresponding software modules, and the software modules can be stored in random access memory (Random Access Memory, RAM), flash memory, read-only memory (Read Only Memory, ROM), erasable programmable read-only memory (Erasable Programmable ROM, EPROM), electrically erasable programmable read-only memory (Electrically EPROM, EEPROM), registers, hard disks, mobile hard disks, read-only compact disks (CD-ROMs) or any other form of storage medium known in the art.
  • An exemplary storage medium is coupled to a processor so that the processor can read information from the storage medium and write information to the storage medium.
  • the storage medium can also be a component of the processor.
  • the processor and the storage medium can be located in an ASIC.
  • Computer-readable media include computer storage media and communication media, wherein the communication media include any media that facilitates the transmission of a computer program from one place to another.
  • the storage medium can be any available medium that a general or special-purpose computer can access.
  • a and/or B in this article is merely a description of the association relationship of associated objects, indicating that three relationships may exist.
  • a and/or B can mean: A exists alone, A and B exist at the same time, and B exists alone.
  • first and second in the description and claims of the embodiments of the present application are used to distinguish different objects rather than to describe a specific order of objects.
  • a first target object and a second target object are used to distinguish different target objects rather than to describe a specific order of target objects.
  • words such as “exemplary” or “for example” are used to indicate examples, illustrations or descriptions. Any embodiment or design described as “exemplary” or “for example” in the embodiments of the present application should not be interpreted as being more preferred or more advantageous than other embodiments or designs. Specifically, the use of words such as “exemplary” or “for example” is intended to present related concepts in a specific way.
  • multiple refers to two or more than two.
  • multiple processing units refer to two or more processing units; multiple systems refer to two or more systems.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

本申请提供了一种设备接入位置的获取方法及装置,涉及通信领域,该方法包括:接收网络设备发送的镜像报文,基于镜像报文判断数据报文的发送端是否为用户设备,并且在判定数据报文的发送端为用户设备的情况下,获取该用户设备在网络中的接入位置信息。其中,镜像报文是基于网络设备接收到的数据报文生成的,数据报文中携带数据报文的发送端的标识,镜像报文中携带数据报文或者数据报文的部分内容,以及,网络设备的标识和接收端口标识,接入位置信息包括发送端的标识、网络设备的标识和接收端口标识。本申请基于镜像报文对网络中的用户设备进行准确定位,以获取到用户设备的接入位置。

Description

设备接入位置的获取方法及装置
本申请要求于2023年03月30日提交中国国家知识产权局、申请号为202310371599.9、申请名称为“设备接入位置的获取方法及装置”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。
技术领域
本申请涉及通信领域,尤其涉及一种设备接入位置的获取方法及装置。
背景技术
在大型的通信系统中,若系统中的应用数据传输出现异常,则可能是由于网络原因引起的。因此,管理人员需对故障点进行定位,并排除故障。在故障定位过程中,管理人员需获取到各用户设备在网络中的接入位置,并进一步基于网络拓扑和接入位置确定应用数据流的传输路径。管理人员可在应用数据流的传输路径上的关键位置实施流量监控,以获取一些指定参数,并进一步基于获取到的指定参数进行故障定位。因此,如何准确的获取到用户设备在网络中的接入位置为关键点之一。
发明内容
本申请提供一种设备接入位置的获取方法及装置,可对网络中的用户设备进行准确定位,以获取到用户设备的接入位置。
第一方面,本申请提供一种设备接入位置的获取方法。该方法包括:装置接收网络设备发送的镜像报文。其中,网络设备所发送的镜像报文是该网络设备基于接收到的数据报文生成的。并且,网络设备所发送的镜像报文中包括所述数据报文或者所述数据报文的部分内容,以及,该网络设备的标识和接收端口标识。其中,镜像报文中携带的接收端口标识用于指示网络设备接收数据报文的接收端口,所述镜像报文中的数据报文或者所述镜像报文中的数据报文的部分内容中包括所述数据报文的发送端的标识。接着,装置基于接收到的镜像报文,判断数据报文的发送端是否为用户设备。若判定发送端为用户设备,则装置获取用户设备在网络中的接入位置信息。其中,接入位置信息包括发送端的标识、网络设备的标识和接收端口标识。
这样,本申请基于镜像报文以获取用户设备的接入位置的方式,可使得系统在用户设备与系统中的设备有数据交互时,即可实时的获取到用户设备的接入位置,可提高用户设备的接入位置获取的实时性。并且,本申请提供一种通用性强的接入位置获取方法,可应用于各种组网场景,满足不同组网场景对接入位置获取的实时性和准确性的需求。例如,在终端设备迁移场景等中,本申请可及时更新设备的接入位置,以保证获取到的用户设备的接入位置的实时性。并且,本申请仅依赖于网络设备传输镜像报文,即可获取到用户设备的接入位置,无需传输大量的接口数据等,可有效降低系统内的通信开销,减少带宽占用。
示例性的,网络设备与数据报文的发送端之间基于有线连接进行数据交互。
示例性的,数据报文的接收端口也可以理解为是与数据报文的发送端之间的连接端口。
在一种可能的实现方式中,基于镜像报文,判断数据报文的发送端是否为用户设备,包括:装置基于镜像报文中的接收端口标识,判断数据报文的发送端是否为用户设备。这样,本申请通过扩展镜像报文,可使得镜像报文携带接收端口标识。相应的,装置通过镜像报文携带的接收端口标识,可判定对应的接收端口所连接的发送端是否为用户设备,从而提供一种适用于二层和三层数据报文转发的场景的接入位置获取方案,可实现对用户设备的接入设备的准确定位,进而得到用户设备的接入位置。
在一种可能的实现方式中,基于镜像报文,判断数据报文的发送端是否为用户设备,包括:装置基于镜像报文中的发送端的标识,判断数据报文的发送端是否为用户设备。这样,本申请利用镜像报文的特性,可基于镜像报文中携带的发送端的标识以判断发送端的设备类型(即用户设备或非用户设备),以在确定发送端为用户设备的情况下,进一步获取到用户设备的接入点。
在一种可能的实现方式中,接收端口的端口类型为用户侧端口类型。这样,本申请中具备用户侧端 口类型的端口的网络设备,在基于用户侧端口类型的接收端口接收到数据报文的情况下,才触发镜像报文发送流程。其余不具备用户侧端口类型的端口的网络设备,以及具备用户侧端口类型的端口的网络设备但是基于非用户侧端口类型的接收端口接收到数据报文的情况下,不会触发镜像报文的发送,从而可有效降低镜像报文的交互次数,降低网络设备的压力的同时,进一步降低通信开销。
在一种可能的实现方式中,基于镜像报文,判断数据报文的发送端是否为用户设备,包括:装置响应于接收到的镜像报文,判定数据报文的发送端为用户设备。这样,本申请中具备用户侧端口类型的端口的网络设备,在基于用户侧端口类型的接收端口接收到数据报文的情况下,才触发镜像报文发送流程的场景中,装置接收到镜像报文,即可确定镜像报文的发送端即为用户设备的接入点,从而有效提高接入点的定位效率,
在一种可能的实现方式中,接收网络设备发送的镜像报文之前,方法还包括:装置基于第一信息,确定网络中的至少一个网络设备。其中,第一信息中包括网络中各网络设备的端口的端口标识和对应的端口类型,端口类型包括用户侧端口类型和网络设备侧端口类型,至少一个网络设备中的每个网络设备包括用户侧端口类型的端口。接着,装置向至少一个网络设备发送指示信息,其中,该指示信息用于指示至少一个网络设备中的每个网络设备基于每个网络设备的用户侧接口类型的端口接收到的数据报文生成镜像报文。这样,本申请可预先确定网络中的一些用户侧端口类型的端口,并指示这些端口所属的网络设备作为镜像报文的发送端,使得这些网络设备基于用户侧端口类型的端口接收到数据报文,才触发镜像报文的发送流程。从而有效降低镜像报文的交互次数,降低网络设备的压力的同时,进一步降低通信开销。
在一种可能的实现方式中,基于镜像报文中的接收端口标识,判断数据报文的发送端是否为用户设备,包括:装置基于第一信息和接收端口标识,确定接收端口的端口类型,第一信息包括网络中各网络设备的端口的端口标识和对应的端口类型,端口类型包括用户侧端口类型和网络设备侧端口类型。若接收端口的端口类型为用户侧端口类型,装置判定发送端为用户设备。若接收端口的端口类型为网络设备侧端口类型,装置判定发送端为非用户设备。这样,本申请通过对端口预先进行分类,以在网络设备接收到数据报文时,判断接收数据报文的端口所对应的端口类型。其中,预先分类可以理解为是初步筛选。在初步筛选阶段,网络设备侧端口类型的端口是可以确定的,而用户侧端口类型的端口所连接的设备可能是用户设备,也可能是非用户设备(例如非观测范围内的网络设备),或者,用户侧端口类型的端口还可能是空端口。相应的,装置可基于接收到的镜像报文,进一步判断用户侧端口中具体哪个端口连接的邻居设备为用户设备,从而实现对用户设备的准确定位,进一步获取到对应的接入位置。
在一种可能的实现方式中,接收网络设备发送的镜像报文之前,方法还包括:装置获取第二信息,第二信息包括网络中多个网络设备的标识。接着,装置获取多个网络设备中的每个网络设备的邻居信息,每个邻居信息包括源网络设备的标识、源网络设备端口标识和邻居设备的标识,源网络设备为发送邻居信息的设备,邻居设备为与源网络设备物理连接的设备,源网络设备端口标识用于指示源网络设备连接邻居设备的端口。随后,装置基于第二信息和邻居信息,确定每个网络设备的端口的端口类型,端口类型为网络设备侧端口类型的端口连接的邻居设备的标识包含于第二信息中,端口类型为用户侧端口类型的端口连接的邻居设备的标识未包含于第二信息中。这样,本申请基于预设的网络设备标识,可判断出网络设备所连接的邻居设备的设备类型为网络设备类型或非网络设备类型。其中,非网络设备中可能包括用户设备也可能是其它设备(例如非观测范围内的网络设备)。装置可基于接收到的镜像报文,进一步判断用户侧端口中具体哪个端口连接的邻居设备为用户设备,从而实现对用户设备的准确定位,进一步获取到对应的接入位置。
在一种可能的实现方式中,接收网络设备发送的镜像报文,包括:装置接收多个镜像报文;多个镜像报文来自一个或多个网络设备。发送端的标识包括发送端的IP地址和发送端的MAC地址,基于镜像报文中的发送端的标识,判断数据报文的发送端是否为用户设备,包括:若多个镜像报文中的N个镜像报文携带的发送端的IP地址相同,并且,N个镜像报文携带的发送端的MAC地址未包含于第二信息中,以及N个镜像报文携带的网络设备的标识指示的是同一个网络设备,判定发送端为用户设备,第二信息包括网络中多个网络设备的标识。这样,本申请在三层转发场景中,如果多个报文的发送端是非网络设备,且对应的镜像报文来自同一个网络设备,则可确定对应的发送端是用户设备。本申请通过结合发送端的标识以及镜像报文的分布,可准确定位出网络中的用户设备的接入点,进而获取到用户设备所对应的接入位置信息。
示例性的,多个镜像报文可能是同一个网络设备发送的。多个镜像报文可能是基于与该网络设备连接的一个用户设备发送的多个数据报文生成,多个镜像报文也可能是基于与该网络设备连接的多个用户设备发送的多个报文生成的。
在一种可能的实现方式中,基于镜像报文中的发送端的标识,判断数据报文的发送端是否为用户设备,还包括:若多个镜像报文中的M个镜像报文携带的发送端的IP地址相同,并且,M个镜像报文携带的发送端的MAC地址未包含于第二信息中,以及,M个镜像报文携带的网络设备的标识指示的是两个或两个以上网络设备,基于镜像报文中的接收端口标识,判断数据报文的发送端是否为用户设备。这样,本申请通过将两种不同的判断方式结合,可有效提高用户设备的定位的准确性,以避免误判所造成的故障定位不准确的问题发生。
在一种可能的实现方式中,方法还包括:装置基于发送端的标识,查询用户设备接入信息,用户设备接入信息中包括至少一个用户设备的接入位置信息。若用户设备接入信息中已包含发送端的标识对应的用户设备的接入位置信息,且已保存的接入位置信息与当前获取到的接入位置信息不一致,装置更新用户设备接入信息中发送端的标识对应的用户设备的接入位置信息。这样,本申请可记录用户设备的接入位置的更新状态,从而在故障定位时,使得运维人员获取到更多的故障信息,以提高故障定位的准确性。
示例性的,装置保存用户设备的接入位置信息时,还可以对应保存接入位置获取时间。其中,获取时间可以是获取到接入位置的时间,也可以是保存接入位置的时间。
在一种可能的实现方式中,基于镜像报文,判断数据报文的发送端是否为用户设备,包括:装置基于镜像报文中的接收端口标识和发送端的标识,判断数据报文的发送端是否为用户设备。若基于接收端口标识的判断结果指示发送端为用户设备,而基于发送端的标识的判断结果指示发送端为非用户设备,判定发送端为非用户设备。这样,本申请通过将两种不同的判断方式结合,可有效提高用户设备的定位的准确性,以避免误判所造成的故障定位不准确的问题发生。
在一种可能的实现方式中,数据报文携带传输层控制信息或应用层控制信息。这样,本申请中的网络设备基于特殊(或指定的)数据报文触发镜像报文的发送流程,从而可有效降低镜像报文的发送次数,以降低网络开销。并且,用户设备迁移或新接入场景下,均会发送相应的控制信息,网络设备对应触发镜像报文的发送流程,装置即可获取到用户设备的接入位置,从而在减少网络开销的同时,保证用户设备接入位置获取的实时性。
在一种可能的实现方式中,数据报文为隧道报文,且发送端的标识承载于隧道报文的内层报文。这样,本申请可应用于隧道数据报文的传输场景,即,对应于虚拟机等通过隧道协议接入系统的用户设备,同样可对其进行准确定位。
在一种可能的实现方式中,用户设备为服务器、终端设备或虚拟机。
在一种可能的实现方式中,镜像报文为封装远程端口镜像ERPAN报文。
第二方面,本申请提供一种设备接入位置的获取装置。该装置包括:接收单元和接入位置获取单元。接收单元,用于接收网络设备发送的镜像报文。其中,镜像报文为网络设备基于接收到的数据报文生成的,镜像报文中包括数据报文或者数据报文的部分内容,以及,网络设备的标识和接收端口标识,镜像报文中的数据报文或者镜像报文中的数据报文的部分内容中包括数据报文的发送端的标识,接收端口标识用于指示网络设备接收数据报文的接收端口。接入位置获取单元,用于基于镜像报文,判断数据报文的发送端是否为用户设备。接入位置获取单元,用于若判定发送端为用户设备,获取用户设备的接入位置信息,接入位置信息包括发送端的标识、网络设备的标识和接收端口标识。
在一种可能的实现方式中,接入位置获取单元,具体用于基于镜像报文中的接收端口标识,判断数据报文的发送端是否为用户设备。
在一种可能的实现方式中,接入位置获取单元,具体用于基于镜像报文中的发送端的标识,判断数据报文的发送端是否为用户设备。
在一种可能的实现方式中,接收端口的端口类型为用户侧端口类型。
在一种可能的实现方式中,接入位置获取单元,具体用于响应于接收到的镜像报文,判定数据报文的发送端为用户设备。
在一种可能的实现方式中,装置还包括分析单元,用于:基于第一信息,确定网络中的至少一个网 络设备,第一信息中包括网络中各网络设备的端口的端口标识和对应的端口类型,端口类型包括用户侧端口类型和网络设备侧端口类型,至少一个网络设备中的每个网络设备包括用户侧端口类型的端口;向至少一个网络设备发送指示信息,指示信息用于指示至少一个网络设备中的每个网络设备基于每个网络设备的用户侧接口类型的端口接收到的数据报文生成镜像报文。
在一种可能的实现方式中,接入位置获取单元,具体用于:基于第一信息和接收端口标识,确定接收端口的端口类型,第一信息包括网络中各网络设备的端口的端口标识和对应的端口类型,端口类型包括用户侧端口类型和网络设备侧端口类型;若接收端口的端口类型为用户侧端口类型,判定发送端为用户设备;若接收端口的端口类型为网络设备侧端口类型,判定发送端为非用户设备。
在一种可能的实现方式中,装置还包括分析单元,具体用于:获取第二信息,第二信息包括网络中多个网络设备的标识;获取多个网络设备中的每个网络设备的邻居信息,每个邻居信息包括源网络设备的标识、源网络设备端口标识和邻居设备的标识,源网络设备为发送邻居信息的设备,邻居设备为与源网络设备物理连接的设备,源网络设备端口标识用于指示源网络设备连接邻居设备的端口;基于第二信息和邻居信息,确定每个网络设备的端口的端口类型,端口类型为网络设备侧端口类型的端口连接的邻居设备的标识包含于第二信息中,端口类型为用户侧端口类型的端口连接的邻居设备的标识未包含于第二信息中。
在一种可能的实现方式中,接收单元,具体用于:接收多个镜像报文;多个镜像报文来自一个或多个网络设备;发送端的标识包括发送端的IP地址和发送端的MAC地址,分析单元,具体用于:若多个镜像报文中的N个镜像报文携带的发送端的IP地址相同,并且,N个镜像报文携带的发送端的MAC地址未包含于第二信息中,以及N个镜像报文携带的网络设备的标识指示的是同一个网络设备,判定发送端为用户设备,第二信息包括网络中多个网络设备的标识。
在一种可能的实现方式中,接入位置获取单元,具体用于:若多个镜像报文中的M个镜像报文携带的发送端的IP地址相同,并且,M个镜像报文携带的发送端的MAC地址未包含于第二信息中,以及,M个镜像报文携带的网络设备的标识指示的是两个或两个以上网络设备,基于镜像报文中的接收端口标识,判断数据报文的发送端是否为用户设备。
在一种可能的实现方式中,接入位置获取单元具体用于:基于镜像报文中的接收端口标识和发送端的标识,判断数据报文的发送端是否为用户设备;若基于接收端口标识的判断结果指示发送端为用户设备,而基于发送端的标识的判断结果指示发送端为非用户设备,判定发送端为非用户设备。
在一种可能的实现方式中,装置还包括:接入位置存储单元,用于基于发送端的标识,查询用户设备接入信息,用户设备接入信息中包括至少一个用户设备的接入位置信息;接入位置存储单元,还用于若用户设备接入信息中已包含发送端的标识对应的用户设备的接入位置信息,且已保存的接入位置信息与当前获取到的接入位置信息不一致,更新用户设备接入信息中发送端的标识对应的用户设备的接入位置信息。
在一种可能的实现方式中,数据报文携带传输层控制信息或应用层控制信息。
在一种可能的实现方式中,数据报文为隧道报文,且发送端的标识承载于隧道报文的内层报文。
在一种可能的实现方式中,用户设备为服务器、终端设备或虚拟机。
在一种可能的实现方式中,镜像报文为封装远程端口镜像ERPAN报文。
第二方面以及第二方面的任意一种实现方式分别与第一方面以及第一方面的任意一种实现方式相对应。第二方面以及第二方面的任意一种实现方式所对应的技术效果可参见上述第一方面以及第一方面的任意一种实现方式所对应的技术效果,此处不再赘述。
第三方面,本申请提供了一种计算机可读介质,用于存储计算机程序,该计算机程序包括用于执行第一方面或第一方面的任意可能的实现方式中的方法的指令。
第四方面,本申请提供了一种计算机程序,该计算机程序包括用于执行第一方面或第一方面的任意可能的实现方式中的方法的指令。
第五方面,本申请提供了一种芯片,该芯片包括处理电路、收发管脚。其中,该收发管脚、和该处理电路通过内部连接通路互相通信,该处理电路执行第一方面或第一方面的任一种可能的实现方式中的 方法,以控制接收管脚接收信号,以控制发送管脚发送信号。
附图说明
图1为示例性示出的通信系统的结构示意图;
图2为示例性示出的虚拟环境报文传输示意图;
图3为示例性示出的设备接入位置的获取方法的流程示意图;
图4为示例性示出的通信系统的结构示意图;
图5a为示例性示出的数据报文的结构示意图;
图5b为示例性示出的镜像报文的结构示意图;
图6a为示例性示出的数据报文的结构示意图;
图6b为示例性示出的镜像报文的结构示意图;
图7为示例性示出的应用场景示意图;
图8为示例性示出的设备接入位置的获取方法流程示意图;
图9a为示例性示出的报文处理示意图;
图9b为示例性示出的报文处理示意图;
图9c为示例性示出的报文处理示意图;
图10为示例性示出的报文处理示意图;
图11为示例性示出的设备接入位置的获取方法流程示意图;
图12为示例性示出的镜像报文传输流程示意图;
图13为示例性示出的报文处理示意图;
图14为示例性示出的镜像报文的结构示意图;
图15为示例性示出的应用场景示意图;
图16为示例性示出的应用场景示意图;
图17为示例性示出的装置的结构示意图;
图18为示例性示出的装置的结构示意图。
具体实施方式
下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行清楚、完整地描述。
首先,在说明本申请实施例的技术方案之间,结合图1所示的通信系统(也可以称为通信网络等,本申请不做限定)的结构示意图,对本申请实施例的通信系统进行示例性的说明。请参照图1,通信系统包括但不限于:Spine1(脊)、Spine2、Leaf1(叶子)、Leaf2、Leaf3以及多个用户设备。
其中,Spine(包括Spine1和Spine2)可以为交换机、路由器等网络设备。Leaf(包括Leaf1、Leaf2和Leaf3)可以为交换机、路由器等网络设备。
在本申请实施例中,各网络设备(包括Spine和Leaf)可提供一个或多个接口(也可以称为端口或收发接口等,本申请不做限定)。网络设备的接口可用于连接(指物理连接,即通过物理链路连接,本申请实施例中所述的连接关系如无特殊说明,均是指物理的直接连接,下文中不再重复说明)其它设备。
示例性的,系统中互相连接(指直接连接)的设备可以称为邻居设备。例如,在图1所示的通信系统中,各设备的连接关系包括但不限于:Spine1连接Leaf1、Leaf2和Leaf3。Spine2连接Leaf1、Leaf2和Lea3。Leaf1连接服务器11~服务器1n,Leaf2连接服务器21~服务器2n,Leaf3连接服务器31~服务器3n。相应的,Leaf1的邻居设备包括但不限于:服务器11~服务器1n以及Spine1。在该场景中,Spine1的邻居设备包括但不限于:Leaf1、Leaf2和Leaf3。Leaf1的邻居设备包括但不限于:Spine1、Spin2以及服务器11~服务器1n。其他设备的邻居设备可参照上文描述,此处不再逐一举例说明。
在图1中,虽然服务器11与Spine1之间存在通信连接(即,服务器11与Spine1之间存在通信链路可以用于数据交互),并可通过该通信连接进行数据交互。但由于服务器11与Spine1之间非物理直连,所以两个设备之间非邻居设备。
在本申请实施例中,图1所示的通信系统可以位于数据中心。在其他实施例中,图1所示的通信系统还可以位于园区、商超、大型企业、运营商等应用场景中,本申请不做限定。
需要说明的是,本申请实施例中以图1中的叶脊网络架构(也可以表示为Spine-Leaf)为例进行说明。在其他实施例中,本申请实施例中的方案还可以应用于传统网络架构等任意网络架构中,本申请不做限定。
进一步需要说明的是,图1中所示的系统中的设备数量仅为示意性举例,在实际应用中可以包括更少或更多的设备,本申请不做限定。
进一步需要说明的是,图1中所示的各设备之间的连接关系同样为示意性举例,在实际应用中,可根据场景需求设置连接关系,本申请不做限定。
在本申请实施例中,通信系统中的设备类型可以包括但不限于:网络设备(也可以称为网络设备类型)和用户设备(也可以称为用户设备类型)。可选地,网络设备可以理解为是网络侧所有设备的统称,网络设备可用于提供数据转发等网络功能。例如图1中的Spine1、Spine2、Leaf1、Leaf2和Leaf3等设备即为网络设备。用户设备可以理解为是用户侧所有设备的统称,用户设备可为用户提供应用服务等功能,例如图1中的服务器11~服务器1n、服务器21~服务器2n等。
本申请实施例中以用户设备为服务器为例进行说明,在其他实施例中,用户设备还可以是终端设备(例如电脑、平板、手机、可穿戴设备、智能家居设备、车载设备等)、虚拟终端(例如虚拟机)等可通过有线连接接入系统的设备,本申请不做限定。
在本申请实施例中,用于连接用户设备的网络设备也可以称为边界设备,或者是称为用户设备的接入点。示例性的,用户设备通过接入点接入网络,以与网络中的其它设备进行数据交互。本申请实施例中,用户设备的接入点可以理解为是系统中已知的网络设备中,与用户设备距离(可以理解为是物理连接路径的距离、也可以理解为是通信距离或传输路径距离等)最近的网络设备。例如,仍参照图1,Leaf1即为服务器11的接入点。相应的,服务器11通过接入Leaf1,以接入通信系统,从而与通信系统中的其它设备进行数据交互。
其中,上文所述的“已知的网络设备”也可以称为观测范围内的网络设备,即网络中预先配置的网络设备,也可以理解为管理人员已知上述设备均为网络设备,还可以理解为是可以管理的网络设备,下文中不再重复说明。与之对应的,本申请实施例中还存在一些“未知的网络设备”,该类网络设备可以理解为非系统配置的网络设备,也可以理解为是不可管理的网络设备。具体场景将在下文中详细说明。
示例性的,用户设备中可部署操作系统,在操作系统上可部署一个或多个应用或模块。用户设备中的应用可响应于用户操作(也可以是本地存储的指令),生成数据报文(也可以称为数据包)。其中,应用数据承载于数据报文中。用户设备(在本申请实施例中也可以称为初始发送端)将数据报文发送到作为其接入点的网络设备(以下简称接入点)。接入点可对数据报文进行转发,以将数据报文传输到目标设备(在本申请实施例中也可以称为末尾接收端)。其中,数据报文的传输路径上还可以包括其它一个或多个网络设备。
在已有技术中,以园区场景为例,通信系统中通常会应用终端接入网认证机制,接入点识别用户设备的身份信息,并将身份信息发送给认证服务器进行身份认证。在身份认证成功的情况下,用户设备才能接入网络。在该示例中,用户设备的接入信息均可从各接入点获取到。但是,在相对封闭的网络,例如数据中心网络中,通常不会部署认证系统。因此,在未部署认证系统的应用场景中,则无法通过上述方式获取到用户设备的接入位置。为准确获取到用户设备的接入位置,已有技术还提出一种接入位置的获取方法。在网际协议版本4(Internet Protocol version 4,IPv4)中,当任一用户设备需要与其它用户设备进行通信时,必须先通过地址解析协议(Address Resolution Protocol,ARP)获取到目的设备的链路层地址。在网际协议版本6(Internet Protocol version 6,Ipv6)中,则需要通过邻居发现协议(Neighbor Discovery Protocol,NDP)获取链路层地址。相应的,在该示例中,系统可在边缘交换机上定时(或周期性地)地采集ARP表项或ND(Neighbor Discovery)表项,以获取到用户设备的接入位置。以ARP表项为例,示例性的,ARP表项中包括但不限于:本设备接口的互联网协议(Internet Protocol,IP)地址、接入的用户设备的IP地址、本设备接口的介质访问地址(Medium Access Control,MAC)地址、以及接入的用户设备的MAC地址等。
然而,上述方式的应用场景受限。举例说明,如图2所示,在该场景中,用户设备(例如服务器)中部署有虚拟机(Virtual Machine,VM),VM生成数据报文,并将数据报文发送给开放虚拟交换机(Open virtural Switch,OVS)。OVS将VM发送的数据报文进行封装,生成隧道报文。其中,隧道报文可遵循虚拟扩展局域网(Virtual eXtensible Local Area Network,VXLAN)协议(也可以是其他隧道协议,本申请不 做限定)。OVS将隧道报文发送给Leaf。对于Leaf,其只能获取到与服务器之间的隧道的IP地址和MAC地址,而由于其未直接与VM进行协议交互,则无法获取到与VM相关的ARP表项或ND表项,进而无法准确获取到VM的接入位置。
此外,基于ARP表项或ND表项获取用户设备的接入位置的方式,在获取接入位置时,其获取到的ARP表项或ND表项的数量与系统中所包括的用户设备的数量是相等的。若采用周期性获取ARP表项或ND表项以确定接入位置的方式,其采集周期时长如果设置的较小,则会增加各设备的通信负担和处理负担(例如处理器负担)。若将周期时长设置的较大,则可能对系统中的用户设备迁移等变化场景响应不及时,导致获取到错误的接入位置。
对于存在VM的应用场景,已有技术还提供一种接入位置的获取方式,可通过云平台获取VM与物理机(例如图2中的服务器)的附着关系,以在Leaf上获取到服务器的接入位置的情况下,可基于以获取到的附着关系,进一步获取到VM在通信系统中的接入位置。然而,该方法依赖于云平台调用获取附着关系的接口以获取附着关系,然而VM有多种实现方式,例如,有的VM基于openstack架构,有的VM基于cloudstack架构,这导致云平台需要针对每种VM实现方式进行定制化开发以支持不同的用于获取附着关系的接口,其实施成本较高。
鉴于此,本申请实施例提供一种设备接入位置的获取方法。在该方法中,系统通过镜像报文,对用户设备进行定位,以获取到用户设备的接入位置。从而实现一种实现简单,且实时性强的接入位置获取方法。
在本申请实施例中,通信系统中部署有分析单元、接入位置获取单元以及接入位置存储单元。其中,分析单元、接入位置获取单元以及接入位置存储单元可以部署在同一个设备(例如服务器)上,也可以部署在不同的设备上,本申请不做限定。其中,分析单元、接入位置获取单元以及接入位置存储单元部署在不同的设备上,则部署有上述单元的服务器之间可相同通信(可以是直连的,也可以是非直连的,本申请不做限定),以实现各单元之间的接入位置相关信息的交互。可选地,分析单元、接入位置获取单元以及接入位置存储单元所属的设备(例如服务器)也可以部署在通信系统(例如图1所示的通信系统)之外,在该场景中,部署有分析单元、接入位置获取单元以及接入位置存储单元的一个或多个设备之间的相互通信,且与通信系统内的各设备可相互通信。
本申请实施例中以分析单元、接入位置获取单元以及接入位置存储单元部署在同一个服务器上(例如服务器22)为例进行说明。
在一种可能的实现方式中,部署分析单元、接入位置获取单元以及接入位置存储单元的一个或多个服务器连接Leaf,以接入通信系统,从而与其它设备进行数据交互。可选地,部署分析单元、接入位置获取单元以及接入位置存储单元的一个或多个服务器连接的Leaf可以是系统中的任意Leaf。可选地,部署分析单元、接入位置获取单元以及接入位置存储单元的一个或多个服务器连接的Leaf也可以为该类服务器的专属Leaf,可以理解为,该专属Leaf用于转发分析分析单元、接入位置获取单元以及接入位置存储单元的报文,而无需传输其它应用报文,从而提升接入位置获取过程中的各信息(或参数)的交互速率,以进一步提升接入位置获取与存储的效率。
示例性的,分析单元可用于获取通信系统中的设备信息,也可以理解为是用于获取分析用户设备的接入位置所需的相关参数。例如包括但不限于:网络设备的标识,网络设备的接口标识等。可选地,网络设备的标识包括但不限于以下之一:网络设备的ID、网络设备的MAC地址、网络设备的IP地址等。
一个示例中,分析单元基于获取到的设备信息进行分析处理,以确定系统中的设备的设备类型,其中,设备类型包括网络设备类型以及非网络设备类型(也可以称为用户设备类型)。分析单元将分析结果传输至接入位置获取单元,相应的,接入位置获取单元可进一步基于分析单元的分析结果,对接收到的镜像报文进行解析,以对分析结果中指示的非网络设备中的用户设备进行定位,并进一步获取用户设备的接入位置,以及,将用户设备的接入位置保存至接入位置存储单元。可以理解为,在该示例中,分析单元可基于设备信息进行初步筛选,以排除网络设备,即筛选出非网络设备(具体是指非观测范围内的网络设备)的设备。在该示例中,非网络设备可能包括用户设备,也可能包括一些未知设备,即初步筛选暂不确定设备的准确类型。接入位置获取单元则可基于分析单元的分析结果进行进一步的精细筛选,以得到用户设备的精准定位结果。
另一个示例中,分析单元将获取到的设备信息输出至接入位置获取单元。接入位置获取单元可基于接收到的镜像报文以及获取到的设备信息,获取用户设备的接入位置。以及,将用户设备的接入位置保 存至接入位置存储单元。
示例性的,接入位置保存单元用于保存接入位置获取单元输入的各用户设备的接入位置。可选地,接入位置保存单元以列表形式保存各用户设备的接入位置。例如,接入位置保存单元接收到的接入位置信息包括但不限于:用户设备的标识和用户设备的接入位置。其中,用户设备的标识可选地为用户设备的IP地址,用户设备的接入位置包括但不限于以下至少之一:该用户设备接入的网络设备的标识,和该用户设备接入的网络设备的端口的端口标识等。
在本申请实施例中,用户设备与接入点之间可以是物理直连的。在一些示例中,用户设备与接入点之间也可能存在其它设备,例如,VM与其接入的网络设备(例如Leaf)之间为非直连的,VM所属的服务器与接入点之间是直连的。再例如,用户设备也可能通过一些私有路由器(在本申请实施例中可称为未知网络设备或非观测范围内的网络设备)等设备连接系统中的已知网络设备。也就是说,虽然未知网络设备的设备类型同样为网络设备,但其在本申请实施例的系统中非观测范围内的网络设备,本申请实施例中的接入点均为观测范围内的网络设备,即,接入点可以进一步理解为是距离用户设备最近的观测范围内的网络设备。
下面结合附图对本申请实施例中的设备接入位置的获取方法进行详细说明。图3为本申请实施例提供的一种设备接入位置的获取方法的流程示意图。请参照图3,具体步骤包括但不限于步骤S301至S303。
S301,接收网络设备发送的镜像报文。其中,镜像报文为网络设备基于接收到的数据报文生成的。
在本申请实施例中,系统中的至少一个网络设备可进行镜像报文配置,以使得至少一个网络设备在接收到数据报文后,基于数据报文生成镜像报文,并将生成的镜像报文发送给分析单元所属设备。上述用于发送镜像报文的至少一个网络设备在本申请实施例中可以称为镜像报文发送端。
在一种可能的实现方式中,作为镜像报文发送端的至少一个网络设备可以是系统中已知的所有具有报文镜像功能的网络设备。在本申请实施例中,已知的网络设备也可以称为观测范围内的网络设备。并且,具有报文镜像功能的网络设备是指可以基于镜像报文协议对数据报文进行封装的网络设备。举例说明,以图1为例,图1中的Spine1、Spine2、Leaf1、Leaf2和Leaf3均为预先配置的网络设备。在该场景中,管理人员可通过管理设备(例如电脑、平板等终端设备)连接各网络设备提供的管理接口,以对各网络设备实施报文镜像功能配置,使得上述网络设备作为镜像报文发送端。再举例说明,如上文所述,至少一个网络设备是系统中已知的所有网络设备,而系统中还可能包括一些私有的,也可以理解为是非观测范围内的网络设备。以图4所示的系统的结构示意图为例,在图4中,Leaf4连接Spine1、Spine2和防火墙(防火墙另一侧可连接其他网络设备),路由器X连接Leaf3,且路由器X连接多个服务器(例如服务器41~服务器4n)(其它设备的描述可参照图1,此处不再赘述)。在该示例中,防火墙和路由器X均为非观测范围内的网络设备,可以理解为,运维人员无法对路由器X和防火墙进行管理和配置。可选地,路由器X也可以称为是用户侧的网络设备。由于路由器X是未知网络设备(即非观测范围内的网络设备),管理人员未对其进行报文镜像功能配置,相应的,路由器X在接收到数据报文后,不会生成镜像报文。
需要说明的是,本申请实施例中所述的镜像报文是指具有本申请实施例中所描述的指定特性的镜像报文。在其他实施例中,路由器X可能也执行了镜像报文配置,但其发送的镜像报文是满足其它场景需求的镜像报文,非本申请实施例中所述的镜像报文(也可以理解为是可用于对用户设备进行定位的镜像报文)。
进一步需要说明的是,如上文所述,由于网络中可能存在一些未知的网络设备,本申请实施例中所述的“非网络设备”可以理解为是非观测范围内的网络设备。例如,设备可能是用户设备,也可能是未知网络设备。
在另一种可能的实现方式中,作为镜像报文发送端的至少一个网络设备可以是系统中的指定网络设备。可选地,指定网络设备可以是具有用户侧端口类型的端口的网络设备。在本申请实施例中,网络设备的端口可分为用户侧端口类型和网络侧端口类型。其中,网络侧端口类型的端口连接的邻居设备为上文所述的观测范围内的网络设备。用户侧端口类型的端口连接的邻居设备则为非观测范围内的设备。其中,非观测范围内的设备可能是用户设备,还可能是非观测范围内的网络设备,例如图4中的防火墙和路由器X,即为非观测范围内的网络设备,也可以简称为未知网络设备。也就是说,在该示例中,具有用户侧端口类型的端口的网络设备被配置为镜像报文发送端。
具体的,在本申请实施例中,分析单元可获取到系统的观测范围内的各网络设备的标识。网络设备的标识包括但不限于以下至少之一:网络设备的ID,网络设备的MAC地址,网络设备的IP地址,网络 设备的管理地址等,本申请不做限定。分析单元所获取到的各网络设备的标识可以是管理人员预先配置的。例如,以图1为例,分析单元预先保存有网络设备标识列表(在本申请实施例中以列表方式为例,在其他实施例中也可以是其它形式,本申请不做限定),列表中包括系统中所有已知的网络设备的标识,例如网络设备标识列表中包括但不限于:Spine1的标识、Spine2的标识、Leaf1的标识、Leaf2的标识和Leaf3的标识。即,Spine1、Spine2、Leaf1、Leaf2和Leaf3均已确认其设备类型为网络设备,即为观测范围内的网络设备。
示例性的,分析单元可从各观测范围内的网络设备端采集邻居信息。具体的,各网络设备基于链路层发现协议(Link Layer Discovery Protocol,LLDP),获取各自的LLDP信息。LLDP信息中包括但不限于:本端端口标识(即本网络设备用于连接邻居设备的端口的端口标识)、对端设备标识(即本网络设备连接的邻居设备的标识)和对端设备端口标识(即邻居设备连接本网络设备的接口标识)等。
可选地,各网络设备可周期性地向邻居设备发送LLDP报文。LLDP报文中包括但不限于:本设备的标识,端口标识(即发送LLDP报文的端口的标识)以及报文类型等。各网络设备可基于接收到的LLDP报文,更新本端保存的LLDP信息。
可选地,在网络设备的本地配置(例如端口连接的设备断开,或者端口接入新的设备等)发生变化的情况下,同样会触发发送LLDP报文,以将本地配置的变化情况的通知给邻居设备。
举例说明,以图4中的Leaf1为例,Leaf1可接收到各邻居设备(包括但不限于图4中的服务器11~服务器1n,Spine1和Spine2)发送的LLDP报文。其中,各邻居设备发送的LLDP报文中包括但不限于:源地址、目的地址、报文类型等信息。其中,源地址包括但不限于源设备(即LLDP报文发送端)的MAC地址和源端口(即发送LLDP报文的端口)的MAC地址。
假设Leaf1从端口13接收到Spine1发送的LLDP报文。该LLDP报文中包括但不限于:源MAC地址(即Spine1的MAC地址和Spine1与Leaf1连接的端口(例如为端口31)的MAC地址)、目的地址(即组播地址)等。Leaf1对LLDP报文进行解析,获取到邻居设备标识(即Spine1的MAC地址)和邻居设备接口标识(例如为Spine1的端口31的MAC地址)等信息。需要说明的是,对于Leaf1而言,其通过LLDP报文仅获取到邻居设备的相关标识(包括设备标识和接口标识等),其并不能确认这些标识在通信系统中所对应的具体对象。
示例性的,Leaf1保存对应于端口13的LLDP信息,该LLDP信息包括但不限于:Spine1的MAC地址(即邻居设备的标识)、Leaf1的端口13的MAC地址(即网络设备的端口标识)以及Spine1的端口31的MAC地址(即邻居设备的端口标识)等,该LLDP信息用于指示Leaf1的端口13连接的邻居设备为Spine1的端口31。本申请实施例中以端口的标识为MAC地址为例进行说明,在其他实施例中,端口的标识还可以是端口标识(Identifier,ID)等,本申请不做限定,下文中不再重复说明。例如,在一些示例中,网络设备的端口可能不具备MAC地址,而对应有端口ID。相应的,该网络设备发送的LLDP报文中携带的端口标识即为端口ID。
示例性的,分析单元在初始化阶段(例如设备上电之后)向观测范围内的各网络设备发送邻居信息请求,用于请求邻居信息。可选地,分析单元基于简单网络管理协议(Simple Network Management Protocol,SNMP)或者电信网络协议(Telecommunication Network Protocol,Telnet)与系统中的其他设备进行通信,以获取邻居信息。各观测范围内的网络设备响应于接收到的邻居信息请求,向分析单元发送响应消息以反馈邻居信息。响应消息中包括但不限于:本网络设备(即邻居信息响应的发送端)的标识和本网络设备最新获取到的LLDP信息。其中,LLDP信息包括但不限于:本网络设备的端口标识、邻居设备的标识、邻居设备的端口标识等。
分析单元响应于接收到的各网络设备发送的邻居信息响应消息,更新本地保存的各网络设备的邻居信息。邻居信息包括但不限于:网络设备的标识、网络设备的端口标识、邻居设备的标识以及邻居设备的端口标识等。
可选地,各网络设备所保存的LLDP信息中,可以包括所有端口(包括空端口,即未连接邻居设备)所对应的LLDP信息。可选地,各网络设备所保存的LLDP信息中也可以只包括连接有邻居设备的端口所对应的LLDP信息,即不包括空端口的MAC地址等LLDP信息。相应的,分析单元所获取到的邻居信息,可以包括网络设备的所有端口的邻居信息,也可以是仅包括连接有邻居设备的端口对应的邻居信息,本申请不做限定。
可选地,分析单元可周期性地(周期时长可根据实际需求设置,本申请不做限定)向各网络设备发 送邻居请求,以获取到各网络设备的邻居信息。可选地,如上文所述,各网络设备可在本地配置发生变化的情况下,触发LLDP报文的发送。相应的,在网络设备检测到本地LLDP信息变化的情况下,可向分析单元发送邻居信息更新指示。该指示中可包括本网络设备的标识、本网络设备的端口标识、邻居设备的标识、邻居设备的端口标识等。分析单元可基于接收到的邻居信息更新指示,更新对应的网络设备的邻居信息。
可选地,设备(包括网络设备和用户设备)在检测到LLDP信息变化的情况下,发送的邻居信息更新指示中可以只包括变化的端口和/或邻居设备所对应的邻居信息。举例说明,若Leaf1检测到端口13的邻居设备断开,Leaf1更新本地LLDP信息,其中,LLDP信息中的端口13为空端口,即未连接任何邻居设备。Leaf1向分析单元发送邻居信息更新指示,更新指示中包括Leaf1的标识(即Leaf1的MAC地址)以及端口13的标识(例如端口13的MAC地址),用于指示Leaf1的端口13为空端口,即未连接任何邻居设备。分析单元可基于Leaf1的MAC地址查找到Leaf1对应的邻居信息,并基于端口13的MAC地址在Leaf1对应的邻居信息中进行匹配。分析单元1更新匹配成功的端口13的MAC地址所对应的邻居信息。例如,将原端口13的MAC地址所对应的邻居设备的标识(例如为Spine1的MAC地址)删除,以表示端口13当前为空端口,未连接任何邻居设备。
可选地,邻居信息更新指示中也可以包括所有端口或连接有邻居设备的端口当前的邻居信息。
在一种可能的实现方式中,系统中的用户设备可以具备发送LLDP报文以及维护LLDP信息的功能,也可以不具备发送LLDP报文和维护LLDP信息的功能,本申请不做限定。
在本申请实施例中,如上文所述,分析单元维护有网络设备标识列表。网络设备标识列表(在本申请实施例中以列表方式为例,在其他实施例中也可以是其它形式,本申请不做限定)中保存有观测范围内的所有网络设备的标识,网络设备的标识包括但不限于:网络设备的IP地址、网络设备的MAC地址、网络设备的管理地址等。分析单元基于获取到的各网络设备的邻居信息以及网络设备标识列表,确定各网络设备的端口的端口类型。其中,端口类型包括用户侧端口类型和网络设备侧端口类型。
一个示例中,若网络设备的端口所连接的邻居设备的标识在网络设备标识列表中的,即,该端口所连接的邻居设备的类型为网络设备(也可以称为网络设备类型),也可以理解为该端口所连接的邻居设备为观测范围内的网络设备,相应的,该端口的端口类型为网络设备侧端口类型。
另一个示例中,若网络设备的端口所连接的邻居设备的标识未包含于网络设备标识列表中的,即,该端口所连接的邻居设备的类型为非网络设备,例如可以是用户设备,也可以是未知网络设备(即非观测范围内的网络设备)。相应的,该端口的端口类型为用户侧端口类型。可选地,未连接任何设备的端口(可以简称为空端口)的类型也可以划分为用户侧端口类型。也就是说,如果邻居信息中还包括未连接邻居设备的端口的标识,则分析单元将其确定为用户侧端口。可选地,如上文所述,一些用户设备不具备发送LLDP报文的功能,相应的,网络设备将不会接收到该类用户设备发送的LLDP报文,相应的,网络设备所维护的LLDP信息中不包括该端口对应的相关信息,与上文中的空端口类似,该类端口同样划分为用户侧端口类型。也就是说,在本申请实施例中,端口所连接的邻居设备的标识包含于网络设备标识列表中,其对应的端口类型为网络设备,其它情况(包括空端口,邻居设备不在观测范围内,或未能获取到LLDP报文)下的端口类型均为用户侧端口。
示例性的,分析单元可基于各网络设备的端口类型,进一步确定包含用户侧端口类型的端口的网络设备。分析单元可指定该类网络设备作为镜像报文发送端。相应的,该类网络设备可以在接收到数据报文的情况下,生成镜像报文,并将镜像报文传输至接入位置获取单元所属设备,从而减少系统中的镜像报文交互数量,以降低系统内的通信开销。另一个示例中,该类网络设备也可以在通过用户侧端口类型的端口接收到数据报文的情况下,生成镜像报文,并将镜像报文传输至接入位置获取单元所属设备,从而进一步减少系统中的镜像报文的交互数量,以降低系统内的通信开销。
在本申请实施例中,作为镜像报文发送端的至少一个网络设备接收到数据报文后,将数据报文进行复制,并将复制后的数据报文封装为镜像报文,将镜像报文发送给接入位置获取单元。该网络设备对数据报文进行转发,以将数据报文发送到传输路径上的下一个设备。一个示例中,在二层转发场景中,传输路径上的网络设备对数据报文的转发仅做透传(即不更改数据报文)。另一个示例中,在三层转发场景中,传输路径上的部分网络设备对数据报文进行解封装以及重新封装等处理后,再进行转发(例如,更改数据报文中的MAC地址)。
在一种可能的实现方式中,镜像报文所携带的数据报文的内容可以仅包括原始数据报文的部分内容, 例如可以是原始数据报文的前64个字节,或前128个字节等,可根据实际需求设置,本申请不做限定。也就是说,网络设备接收到数据报文之后,可对数据报文的部分内容进行复制,并将复制后的部分数据报文封装为镜像报文。
在一种可能的实现方式中,作为镜像报文发送端的至少一个网络设备的报文镜像功能配置中可以包括数据报文类型配置,该数据报文类型配置用于指示网络设备在接收到指定类型的数据报文的情况下,生成镜像报文,从而可以有效降低镜像报文的传输频率,减少通信开销。可选地,指定类型的数据报文可以是携带传输层控制信息或应用层控制信息的数据报文。举例说明,传输层控制信息可以包括但不限于:传输控制协议(Transmission Control Protocol,TCP)中的紧急(urgent,URG)、确认(acknowledgement,ACK)、传送(push,PSH)、同步(synchronous,SYN)、结束(finish,FIN)、重置(reset,RST)等标识位。应用层控制信息包括但不限于:快速UDP互联网连接(Quick UDP Internet Connections,QUIC)中的Packet报文等,本申请不做限定。上文所述的指定类型的数据报文仅为示意性举例,可根据实际需求设置,本申请不做限定。
图5a为示例性示出的数据报文的结构示意图。请参照图5a,数据报文包括但不限于:以太网头部(Ethernet Header)字段、IP头部(IP Header)字段、数据字段等字段。
其中,Ethernet Header字段中包括但不限于:目的地址字段和源地址字段。目的地址字段用于承载目的设备(即数据报文的接收端)的MAC地址(简称为目的MAC地址),源地址字段用于承载源设备(即数据报文的发送端)的MAC地址(简称为源MAC地址)。
IP Header字段包括但不限于:目的地址字段和源地址字段。其中,目的地址字段用于承载目的设备的IP地址(简称为目的IP地址),源地址字段用于承载源设备的IP地址(简称为源IP地址)。
数据字段,用于承载数据,例如为应用数据或其它控制信息。
在本申请实施例中,对于各网络设备而言,数据报文的发送端可选地为数据报文的传输路径上的上一个设备。举例说明,设备A(例如为用户设备)生成数据报文,并将数据报文发送给设备B,设备B将数据报文转发给设备C。对于设备B而言,设备A即为数据报文的发送端。对于设备C而言,设备B即为数据报文的发送端。如无特殊说明,下文实施例中所述的数据报文的发送端均是指传输路径上的各发送端(包括初始发送端,即数据报文中的源IP地址指示的设备)。相应的,数据报文的接收端可选地为数据报文的传输路径上的下一个设备。举例说明,设备A(例如为用户设备)生成数据报文,并将数据报文发送给设备B,设备B将数据报文转发给设备C。对于设备A而言,设备B即为数据报文的接收端。对于设备B而言,设备C即为数据报文的接收端。如图特殊说明,下文实施例中所述的数据报文的接收端均是指传输路径上的各接收端(包括末尾接收端,即数据报文中的目的IP地址指示的设备)。
在一种可能的实现方式中,在二层转发场景中,Ethernet Header字段中的目的MAC地址始终为数据报文的末尾接收端的MAC地址,源MAC地址始终为生成数据报文的初始发送端的MAC地址。同样的,IP Header字段中的目的IP始终为末尾接收端的IP地址,源IP地址始终为初始发送端的IP地址。举例说明,设备A(例如为用户设备)生成数据报文通过设备B发送给设备C。在数据报文转发的过程中,各设备发送或者接收到的数据报文的Ethernet Header字段与IP Header字段中的地址(包括IP地址和MAC地址)始终不变,目的地址均为设备C的MAC地址和IP地址,源地址均为设备A的MAC地址和IP地址。
在另一种可能的实现方式中,在三层转发场景中,传输路径上的网络设备对数据报文进行解封装以及重新封装,例如,重新进行二层封装,相应的,二层帧头(即Ethernet Header字段)中的源MAC地址和目的MAC地址对应更新。也就是说,重新封装后的数据报文的Ethernet Header字段中的源MAC地址指示当前对数据报文进行转发的网络设备,目的MAC地址指示传输路径上的下一个接收该数据报文的三层设备。而数据报文中的IP Header字段中的目的IP地址始终为末尾接收端的IP地址,源IP地址始终为初始发送端的IP地址。
也就是说,在本申请实施例中,数据报文的发送端和接收端分为两个层面,一个层面为实际传输路径层面,即,在实际传输路径上,本申请实施例中所述的数据报文的发送端即为数据报文传输路径上的上一个设备,数据报文的接收端即为数据报文传输路径上的下一个设备。另一个层面为基于数据报文中的MAC地址指示的层面。可选地,在二层转发场景中,数据报文中的MAC地址(包括源MAC地址和目的MAC地址)指示的设备与IP地址所指示的设备是相同的,即其所指示的发送端即为初始发送端,接收端即为末尾接收端。而三层转发场景中,数据报文中的MAC地址指示的设备与IP地址指示的设备是不相同的,MAC地址所指示的设备是与实际传输路径上的发送端和接收端相同的。
在本申请实施例中,以镜像报文为三层远程镜像(Encapsulated Remote Switched Port Analyzer,ERSPAN)报文为例进行说明。在其他实施例中,镜像报文也可以是其它可实现本申请实施例中的镜像报文功能的其它协议报文,本申请不做限定。示例性的,ERSPAN报文的封装可选地为通用路由封装(General Routing Encapsulation,GRE),其原理为将源端口报文复制一份,并通过GRE封装发送到目的设备。图5b为示例性示出的镜像报文的结构示意图。请参照图5b,镜像报文包括但不限于:IP Header字段、GRE Header字段、ERSPAN Header字段以及数据字段。
其中,IP Header字段用于承载镜像报文的发送端的标识和接收端的标识。其中,发送端的标识可选地为发送镜像报文的网络设备的IP地址。接收端的标识可选地为接入位置获取单元所属设备的IP地址。
GRE Header字段,用于承载版本号、标志位等信息。
ERSPAN Header字段,包括但不限于:Header字段和SubHeader(子头部)字段。其中,Header字段的长度为12字节,包括但不限于:Session ID字段、VLAN字段等。SubHeader字段的长度可选地为8字节,包括但不限于:Platf ID(平台标识)字段和Platform Specific Info(平台特殊信息)字段等。在本申请实施例中,当Plaft ID字段中的数值为预设数值时,Platform Specific Info字段用于携带接收端口标识。其中,接收端口标识为发送镜像报文的网络设备接收到数据报文的端口的标识。举例说明,Leaf1通过端口11接收到服务器11发送的数据报文,则Leaf1所发送的镜像报文中的接收端口标识即为端口11的端口标识,例如为端口11的MAC地址。在其他实施例中,接收端口标识也可能是端口号等,本申请不做限定。在本申请实施例中,以Platform Specific Info字段中携带的接收端口标识为端口的MAC地址为例。在其他实施例中,由于Platform Specific Info字段的长度有限,接收端口标识可能是端口所对应的INDEX(索引)信息,在该示例中,接入位置获取单元和分析单元均可维护有INDEX信息与端口的MAC地址之间的对应关系,从而可通过INDEX信息查询到对应的端口的MAC地址。
数据字段,用于承载数据报文。也就是说,原数据报文封装于该字段中。
在本申请实施例中,封装后的镜像报文包括外层报文和内层报文。其中,外层报文即为遵循镜像报文的隧道协议封装上的包头,包括但不限于:IP Header字段、GRE Header字段以及ERSPAN Hearder字段等。内层报文包括数据字段,也就是说,内层报文即为原数据报文。
图6a为示例性示出的另一种数据报文的结构示意图。请参照图6a,该数据报文可以称为隧道报文。本申请实施例中,隧道报文可遵循VXLAN协议,在其他实施例中,隧道报文可遵循其它隧道协议,本申请不做限定。示例性的,隧道报文可包括隧道外层报文(也可以称为隧道报文包头)和隧道内层报文(也可以称为原始数据报文)。
示例性的,隧道内层报文为用户设备(例如VM)发送的承载应用数据(或其它控制信息)的原始数据报文,包括但不限于:Ethernet Header字段、IP Header字段、数据字段等字段。
其中,隧道内层报文的Ethernet Header字段中包括但不限于:目的地址字段和源地址字段。目的地址字段用于承载目的设备(即数据报文的接收端)的MAC地址(简称为目的MAC地址),源地址字段用于承载源设备(即数据报文的发送端)的MAC地址(简称为源MAC地址)。
隧道内层报文的IP Header字段包括但不限于:目的地址字段和源地址字段。其中,目的地址字段用于承载目的设备的IP地址(简称为目的IP地址),源地址字段用于承载源设备的IP地址(简称为源IP地址)。
数据字段,用于承载数据,例如为应用数据或其它控制信息。
仍参照图6a,示例性的,隧道外层报文是遵循VXLAN隧道协议封装的,其包括但不限于:Ethernet Header字段、IP Header字段和隧道头字段等。
其中,隧道外层报文的Ethernet Header字段包括:隧道的源MAC地址和隧道的目的MAC地址。具体地,在隧道报文转发过程中,网络设备对隧道报文进行重新封装,更新隧道外层报文的Ethernet Header字段。
隧道外层报文的IP Header字段包括但不限于:隧道的源IP地址和隧道的目的IP地址。
隧道头字段包括但不限于一些隧道信息,例如隧道标识等。
图6b为示例性示出的镜像报文的结构示意图。请参照图6b,镜像报文包括但不限于:IP Header字段、GRE Header字段、ERSPAN Header字段以及数据字段。其中,数据报文承载于镜像报文的数据字段中。镜像报文的其它字段描述可参照图5b,此处不再赘述。
在本申请实施例中,以镜像报文为ERSPAN TypeⅢ报文为例进行说明。在其他实施例中,镜像报文 也可以是其它可实现本申请实施例中的镜像报文功能的其它协议报文,即,可实现对原始数据报文进行封装,并携带接口信息的报文类型。本申请不做限定。
示例性的,接入位置获取单元接收到至少一个网络设备发送的镜像报文。接入位置获取单元所属设备基于镜像报文中的IP Header字段中的目的地址字段,确定镜像报文的接收端为本设备。设备获取镜像报文,并将镜像报文传输给接入位置获取单元进行进一步处理。接入位置获取单元基于镜像报文,获取到报文中的IP Header字段、GRE Header字段以及ERSPAN Header字段所携带的信息。
一个示例中,若ERSPAN Header中的SubHeader字段中的Platf ID字段所携带的信息为预设数值(例如0x7,或0x0,可根据实际需求设置,本申请不做限定),接入位置获取单元可确定Platform Specific info字段中携带的是接口信息,即镜像报文发送端接收到数据报文的端口所对应的端口标识。接入位置获取单元获取接口信息,并执行S302。
另一个示例中,若ERSPAN Header中的SubHeader字段中的Platf ID字段所携带的信息为非预设数值(例如0x7,或0x0,可根据实际需求设置,本申请不做限定),则该镜像报文可能是其它场景所需的镜像报文,可作其它处理,本申请不做限定。
S302,基于镜像报文,判断数据报文的发送端是否为用户设备。
一个示例中,接入位置获取单元接收到一个或网络设备发送的镜像报文,并从镜像报文中获取到接口信息之后,接入位置单元可基于镜像报文中的接收端口标识(即接口信息),判断数据报文的发送端是否为用户设备。
另一个示例中,接入位置获取单元接收到至少一个网络设备发送的镜像报文,并从镜像报文中获取到接口信息之后,接入位置单元可基于镜像报文中的发送端的标识(即数据报文中的源MAC地址),判断数据报文的发送端是否为用户设备。
下面对上述两种判断方式进行详细说明。
1.基于接收端口标识,判断发送端是否为用户设备。
方式一:
接入位置获取单元基于预先获取到的端口标识与端口类型的对应关系,确定镜像报文中携带的接收端口标识所指示的接收端口的端口类型。示例性的,若接入位置获取单元确定接收端口的端口类型为用户侧端口类型,则可确定基于该接收端口接收到的数据报文所对应的发送端为用户设备(也可以理解为是用户设备类型)。
具体的,在该示例中,分析单元可获取到各网络设备的邻居信息。分析单元可基于邻居信息,确定各网络设备中的端口的端口类型。示例性的,端口类型包括:用户侧端口类型和网络设备侧端口类型。其中,端口连接的邻居设备的类型为网络设备(也可以称为网络设备类型),也可以理解为该端口所连接的邻居设备为观测范围内的网络设备,相应的,该端口的端口类型为网络设备侧端口类型。端口所连接的邻居设备为非观测范围内的网络设备,则该端口的端口类型为用户侧端口类型。可选地,未连接任何设备的端口(可以简称为空端口)的类型也可以划分为用户侧端口类型。分析单元确定端口类型的方式可参照S301中的相关描述,此处不再赘述。
分析单元可将分析结果,发送给接入位置获取单元。一个示例中,分析结果包括但不限于:用户侧端口类型的端口的标识和对应的网络设备的标识。其中,网络设备的标识可选地为网络设备的IP地址,端口标识可选地为端口的MAC地址(也可以是端口ID,本申请不做限定)。相应的,接入位置获取单元维护有网络设备端口与端口类型对应关系表(在本申请实施例中以列表方式为例,在其他实施例中也可以是其它形式,本申请不做限定),接入位置获取单元可将获取到的网络设备的标识以及对应的端口的端口标识对应写入到列表中,也就是说,在该示例中,列表中标识的各网络设备均是具有用户侧端口类型的端口的网络设备,且列表中的各端口的类型均为用户侧端口类型的端口。举例说明,表1为网络设备端口与端口类型对应关系表的一种形式之一:
表1

参照表1,在该表中,网络设备标识均为各网络设备的IP地址,端口标识为端口对应的MAC地址。在该示例中,网络设备1、网络设备2和网络设备3均为具有用户侧端口类型的端口的网络设备。其中,网络设备1的用户侧端口类型的端口包括端口1和端口2,网络设备2的用户侧端口类型的端口包括端口3和端口4,网络设备3的用户侧端口类型的端口包括端口9~端口11。上述对应关系仅为示意性举例,本申请不做限定。
另一个示例中,分析结果包括但不限于:系统中观测范围内的所有网络设备的标识、各网络设备的端口的端口标识以及每个端口对应的端口类型。接入位置获取单元可将接收到的网络设备的标识以及对应的端口标识和端口类型对应写入到网络设备端口与端口类型对应关系表中。举例说明,表2为网络设备端口与端口类型对应关系表的一种形式之一:
表2
参照表2,在该表中,网络设备标识均为各网络设备的IP地址,端口标识为端口对应的MAC地址。在该示例中,网络设备1的端口1和端口2均为用户侧端口类型的端口。网络设备1的端口3和端口4均为网络设备侧端口类型的端口。网络设备2的端口1和端口2均为用户侧端口类型的端口。网络设备2的端口3为网络设备侧端口类型的端口。上述对应关系仅为示意性举例,本申请不做限定。
在一种可能的实现方式中,运维人员可通过终端(例如电脑、平板或手机等终端设备)连接分析单元提供的接口,并通过终端为分析单元配置网络设备端口与端口类型对应关系表,分析单元可获取到运维人员配置的网络设备端口与端口类型对应关系表。
示例性的,接入位置获取单元接收到镜像报文,对镜像报文进行解封装,以获取到镜像报文的外层报文所携带的信息(或参数)。具体的,接入位置获取单元读取IP Header字段中的镜像报文发送端的标识,以及ERSPAN Header中携带的接口信息(即接收端口标识),该接收端口标识用于指示作为镜像报文发送端的网络设备接收到数据报文的端口。GRE Header字段中的信息使用可参照已有技术实施例,本申请不做赘述。
接入位置获取单元基于镜像报文中的镜像报文发送端的标识和接收端口标识,查询网络设备端口与端口类型对应关系表,以确定接收端口所对应的端口类型。
在一种可能的实现方式中,若网络设备端口与端口类型对应关系表如表1所示的形式,即仅包括用户侧端口类型的端口的相关信息(包括端口标识和对应的网络设备的标识)。一个示例中,接入位置获取单元基于镜像报文发送端的标识和接收端口标识,检测到镜像报文所携带的接收端口标识未包含于网络设备端口与端口类型对应关系表,可确定该接收端口标识所指示的端口为网络设备侧端口类型的端口,即为非用户侧端口类型的端口。另一个示例中,接入位置获取单元基于镜像报文发送端的标识和接收端口标识,检测到镜像报文所携带的接收端口标识包含于网络设备端口与端口类型对应关系表,可确定该接收端口标识所指示的端口为用户侧端口类型的端口,即为网络设备侧端口类型的端口。
在另一种可能的实现方式中,网络设备端口与端口类型对应关系表如表2所示的形式,即包括用户侧端口类型的端口的相关信息和网络设备侧端口类型的端口的相关信息。示例性的,接入位置获取单元基于镜像报文发送端的标识和接收端口标识,对网络设备端口与端口类型对应关系表中的各表项(包括网络设备的标识和端口的标识)进行匹配,并获取匹配成功的接收端口标识所对应的端口类型,以确定接收端口标识所指示的端口所对应的端口类型。
示例性的,接入位置单元基于接收端口的端口类型,可进一步判定基于该接收端口接收到的数据报文所对应的发送端是否为用户设备。
一个示例中,接入位置获取单元确定接收端口标识所指示的端口为用户侧端口类型的端口,则可进一步确定接收端口标识所指示的端口接收到的数据报文所对应的发送端为用户设备,也可以理解为设备的类型为用户设备类型,或者是非网络设备类型
另一个示例中,接入位置获取单元确定接收端口标识所指示的端口为网络设备侧端口类型的端口,则可进一步确定接收端口标识所指示的端口接收到的数据报文所对应的发送端为网络设备,也可以理解为设备的类型为网络设备类型,或者是非用户设备类型。
方式二:
在本申请实施例中,如上文所述,作为镜像报文发送端的至少一个网络设备为系统内的指定网络设备,即,分析单元可指定具有用户侧端口类型的端口的至少一个网络设备作为镜像报文的发送端。也就是说,在该示例中,只有具备用户侧端口类型的端口的网络设备,通过用户侧端口类型的端口接收到数据报文后,才会向接入位置获取单元发送镜像报文。相应的,接入位置获取单元在接收到镜像报文之后,即可确定镜像报文中的数据报文所对应的发送端为用户设备,即设备的类型为用户设备类型。
可选地,作为镜像报文发送端的至少一个网络设备也可以被配置为通过任意端口接收到数据报文,则在该示例中,可按照方式一中的执行。即,仍然需要先判断接收数据报文的接收端口的类型,再进一步识别是否为用户设备。
在一种可能的实现方式中,接入位置获取单元周期性地执行图3所示流程,例如周期时长为1s,可根据实际需求设置,本申请不做限定。即,接入位置获取单元在1s内接收到一个或多个镜像报文,可对接收到的镜像报文执行S302和S303。
这样,本申请实施例中通过扩展镜像报文,可使得镜像报文携带接收端口标识,装置通过接收端口,可判定接收端口所连接的发送端是否为用户设备。提供一种适用于二层、三层数据报文转发的场景的识别方案,可实现对用户设备的接入设备的准确定位,进而得到用户设备的接入位置。
2.基于数据报文的发送端的标识,判断发送端是否为用户设备。
示例性的,接入位置获取单元接收到多个镜像报文。镜像报文可能是来自一个或多个网络设备。例如,多个镜像报文可能是网络设备A发送的,其中,每个镜像报文中的数据报文所对应的发送端可以相同或不同,即,网络设备A可能是基于一个或多个设备发送的数据报文生成的多个镜像报文。网络设备A也可能是基于一个设备发送的多个数据报文生成的多个镜像报文。再例如,多个镜像报文分别来自网络设备A和网络设备B,同样的,网络设备A所发送的镜像报文可能是基于一个或多个设备发送的数据报文生成的,网络设备B类似,此处不再赘述。
示例性的,接入位置获取单元可周期性地对接收到的多个镜像报文进行处理。例如,周期时长可以是1s,可根据实际需求设置,本申请不做限定。
接入位置获取单元基于各镜像报文中携带的发送端标识,对多个镜像报文进行分组。其中,发送端标识相同的镜像报文划分为同一个组。具体的,接入位置获取单元读取每个镜像报文中的内层报文(即数据报文)中的IP Header字段的源IP地址,并将源IP地址相同的镜像报文划分到同一个组。可以理解为是每个组中的镜像报文的内层报文(即数据报文)均是来自同一个初始发送端(即源IP地址所标识的设备)。
接着,接入位置获取单元基于镜像报文的内层报文的发送端标识,对每个组的镜像报文进行过滤。具体地,接入位置获取单元读取组内的各镜像报文的数据报文中的Ethernet Header字段中的源MAC地址,接入位置获取单元将每个镜像报文中的源MAC地址与网络设备标识列表(该列表中包括观测范围内的所有网络设备的标识)进行匹配。接入位置获取单元过滤掉匹配成功的镜像报文。也就是说,若镜像报文中的源MAC地址位于网络设备标识列表中,即,这些镜像报文中的内层报文(即数据报文)的发送端是 观测范围内的网络设备,则接入位置获取单元过滤掉该类镜像报文。接入位置获取单元对组内的源MAC地址不属于网络设备标识列表的镜像报文,即内层报文的发送端为非观测范围内的网络设备的镜像报文进行下一步处理。
示例性的,接入位置获取单元读取过滤后的每个镜像报文的网络设备标识,判断各镜像报文是否来自同一个网络设备。具体地,接入位置获取单元读取过滤后的每个镜像报文的外层报文的IP Header字段中的源IP地址。如上文所述,该源IP地址用于指示镜像报文的发送端(该发送端为观测范围内的网络设备)。接入位置获取单元检测各镜像报文的外层报文中的源IP地址是否相同。
示例性的,如果外层报文中的源IP地址相同,接入位置获取单元可确定这些镜像报文(即过滤后的一个或多个镜像报文)是来自同一个发送端(即同一个网络设备)。相应的,接入位置获取单元判定过滤后的镜像报文的数据报文所对应的发送端即为用户设备,这些镜像报文的发送端即为该用户设备的接入点。这样,本申请实施例中利用镜像报文的特性,可获取到数据报文的实际发送端,并进一步基于发送端的标识以判断发送端的类型。
在本申请实施例中,两种判断方式即“基于接收端口标识,判断发送端是否为用户设备”和“基于数据报文的发送端的标识,判断发送端是否为用户设备”可选取任一种方式独立执行,以确定数据报文的发送端的角色类型(即用户设备或网络设备)。
在一种可能的实现方式中,上文所述的两种判断方式,即“基于接收端口标识,判断发送端是否为用户设备”和“基于数据报文的发送端的标识,判断发送端是否为用户设备”可以异步执行,即可以理解为并行执行,从而提升接入位置定位的准确性。例如,接入位置获取单元可在每个周期(例如1s)触发时刻,对本周期内获取到的多个镜像报文并行执行上述两种判断方式。一个示例中,如果“基于接收端口标识,判断发送端是否为用户设备”的方式判断为数据报文的发送端为用户设备,而“基于数据报文的发送端的标识,判断发送端是否为用户设备”的方式判断数据报文的发送端为网络设备(即非用户设备),则接入位置获取单元可确定数据报文的发送端为网络设备。具体示例将在下文实施例中说明。另一个示例中,如果“基于数据报文的发送端的标识,判断发送端是否为用户设备”的方式判断出接入位置为多个的场景下,则接入位置获取单元可进一步结合“基于数据报文的发送端的标识,判断发送端是否为用户设备”的方式的判断结果,以确定用户设备的接入位置。
S303,若发送端为用户设备,获取用户设备的接入位置。
示例性的,接入位置获取单元判定数据报文的发送端为用户设备之后,可确定该数据报文所属的镜像报文的发送端即为用户设备的接入点,并且,该接入点与用户设备的连接接口即为用户设备的接入口。
示例性的,接入位置获取单元判定出接入点之后,读取来自该接入点的镜像报文(具体为参与S302判断步骤的镜像报文),以获取用户设备的接入位置信息。接入位置信息包括但不限于:用户设备的标识、接入点标识以及接入口标识(即接入点与用户设备的连接接口)等。
具体地,接入位置获取单元读取镜像报文(来自接入点的镜像报文)的外层报文的IP Header字段中的源IP地址,该IP地址为用户设备接入的网络设备的标识,也可以理解为是用户设备的接入点的标识。接入位置获取单元读取镜像报文的内层报文的IP Header字段中的源IP地址,该IP地址为用户设备的标识。以及,接入位置获取单元读取镜像报文的外层报文的ERSPAN Header字段中的接口信息(即接收端口标识),即为接入口标识。
示例性的,接入位置获取单元将用户设备的接入位置信息保存至接入位置存储单元。具体地,接入位置存储单元可维护接入位置信息列表(也可以是其它存储形式,本申请不做限定),列表中包括一个或多个表项,每个表项中用于存储用户设备的接入位置信息,表项中包括但不限于:用户设备的标识、接入点标识和接入口标识等。
接入位置获取单元基于用户设备的标识,查询接入位置信息列表。一种可能的实现方式中,接入位置获取单元检测到接入位置信息列表中存在该用户设备的标识,则接入位置获取单元进一步检测已保存的该用户设备的接入位置信息(包括接入点标识和接入口标识等)与当前获取到的该用户设备的接入位置信息是否一致。一个示例中,如果两者一致,则无需将当前获取到的该用户设备的接入位置信息写入到列表中。另一个示例中,如果两者不一致,则接入位置获取单元将当前获取到的该用户设备的接入位置信息写入到接入位置信息列表中,以更新用户设备的接入位置信息。另一种可能的实现方式中,接入位置获取单元检测到接入位置信息列表中不存在该用户设备的标识,则接入位置获取单元将当前获取到的该用户设备的接入位置信息写入到接入位置信息列表中。
可选地,接入位置获取单元还可以在表项中对应写入当前获取到的该用户设备的接入位置的获取时间,其中,获取时间可以是获取到接入位置的时间,也可以是保存该接入位置信息的时间,本申请不做限定。这样,在后续进行故障定位的过程中,运维人员(或管理人员)可基于同一个用户设备的接入位置的变化情况(包括位置的变化和时间点)以进行故障定位和故障排除等操作。需要说明的是,用户设备的接入位置的改变可能是用户设备的接入位置迁移,例如用户设备之前接入网络设备A,之后迁移到网络设备B(即断开与网络设备A的连接之后,接入网络设备B)。
下面结合附图,对本申请实施例中的接入位置获取方法在不同应用场景中的应用进行详细说明。需要说明的是,下文实施例中所示的场景(包括设备连接关系、设备数量、数据报文传输路径等)仅为示意性举例,本申请不做限定。
图7为示例性示出的应用场景示意图。请参照图7,系统中包括但不限于:Spine1、Leaf1、Leaf2以及多个用户设备。其中,用户设备包括但不限于:服务器11、服务器12、服务器21和服务器22。在该示例中,Leaf1的端口11连接服务器11的端口A,Leaf1的端口12连接服务器12的端口B,Leaf1的端口13连接Spine1的端口31。Leaf2的端口21连接服务器21的端口C,Leaf2的端口22连接服务器22的端口D,Leaf2的端口23连接Spine1的端口32。示例性的,服务器12上部署有VM1和VM2等虚拟机。在本实例中,服务器22上部署有分析单元、接入位置获取单元和接入位置存储单元。
场景一
在该场景中,分析单元维护有网络设备标识列表,网络设备标识列表(在本申请实施例中以列表方式为例,在其他实施例中也可以是其它形式,本申请不做限定)中保存有观测范围内的所有网络设备的标识(例如为网络设备的MAC地址)。
结合图7,分析单元维护的网络设备标识列表如表3所示:
表3
其中,设备标识A为Spine1的MAC地址和IP地址,设备标识B为Leaf1的MAC地址和IP地址,设备标识C为Leaf2的MAC地址和IP地址。本申请实施例中仅以设备的标识包括MAC地址和IP地址为例进行说明,在其他实施例中还可以包括管理地址、设备名称等其它标识,本申请不做限定。
图8为示例性示出的设备接入位置的获取方法流程示意图。请参照图8,具体包括但不限于如下步骤:
S801,分析单元获取网络设备的邻居信息。
示例性的,请参照图7,Leaf1、Leaf2和Spine1周期性地获取LLDP信息。例如,Leaf1的LLDP信息包括但不限于:
端口11的标识-设备标识11-端口A的标识
端口12的标识-设备标识12-端口B的标识
端口13的标识-设备标识A-端口31的标识
示例性的,端口11的标识为Leaf1的端口11的MAC地址,设备标识11为服务器11的MAC地址,端口A的标识为服务器11的端口A的MAC地址。对应的LLDP信息指示Leaf1的端口11连接的邻居设备为设备标识11所指示的设备,且连接的端口为该邻居设备的端口A。
示例性的,端口12的标识为Leaf1的端口12的MAC地址,设备标识12为服务器12的MAC地址,端口B的标识为服务器12的端口B的MAC地址。对应的LLDP信息指示Leaf1的端口12连接的邻居设备为设备标识12所指示的设备,且连接的端口为该邻居设备的端口B。
示例性的,端口13的标识为Leaf1的端口13的MAC地址,设备标识A为Spine1的MAC地址,端口31的标识为Spine1的端口31的MAC地址。对应的LLDP信息指示Leaf1的端口13连接的邻居设备为设备标识A所指示的设备,且连接的端口为该邻居设备的端口31。
Leaf2的LLDP信息包括但不限于:
端口21的标识-设备标识21-端口A的标识
端口22的标识-设备标识22-端口B的标识
端口23的标识-设备标识A-端口32的标识
Leaf2的LLDP信息的描述可参照Leaf1此处不再赘述。
Spine1的LLDP信息包括但不限于:
端口31的标识-设备标识B-端口13的标识
端口32的标识-设备标识C-端口23的标识
示例性的,端口31的标识为Spine1的端口31的MAC地址,设备标识B为Leaf1的MAC地址,端口13的标识为Leaf1的端口13的MAC地址。对应的LLDP信息指示Spine1的端口31连接的邻居设备为设备标识B所指示的设备,且连接的端口为该邻居设备的端口13。
示例性的,端口32的标识为Spine1的端口32的MAC地址,设备标识C为Leaf2的MAC地址,端口23的标识为Leaf2的端口23的MAC地址。对应的LLDP信息指示Spine1的端口32连接的邻居设备为设备标识C所指示的设备,且连接的端口为该邻居设备的端口23。
示例性的,分析单元向系统内的各网络设备发送邻居信息请求消息,用于指示反馈邻居信息。分析单元可接收到Leaf1反馈的邻居信息1、Leaf2反馈的邻居信息2和Spine1反馈的邻居信息3。
其中,邻居信息1包括但不限于:Leaf1的标识(即Leaf1的MAC地址)和Leaf1的LLDP信息。邻居信息2包括但不限于:Leaf2的标识(即Leaf2的MAC地址)和Leaf2的LLDP信息。邻居信息3包括但不限于:Spin1的标识(即Spin1的MAC地址)和Spine1的LLDP信息。
S802,分析单元基于邻居信息,确定接口角色。
示例性的,分析单元基于网络设备标识列表和接收到的邻居信息,识别网络设备的各端口的端口类型(即接口角色)。
举例说明,以Leaf1为例,分析单元基于Leaf1对应的邻居信息,查询网络设备标识列表(例如表3所示)。分析单元检测到Leaf1的端口11连接的邻居设备的标识(即设备标识11)与Leaf1的端口12连接的邻居设备的标识(即设备标识12)均未包含于网络设备标识列表。分析单元判定Leaf1的端口11与端口12所连接的设备为非观测范围内的网络设备,相应的,分析单元确定Leaf1的端口11与端口12的端口类型为用户侧类型端口。分析单元检测到Leaf1的端口13连接的邻居设备的标识(即设备标识A)包含于网络设备标识列表。分析单元判定Leaf1的端口13连接的设备为观测范围内的网络设备,进一步确定Leaf1的端口13为网络设备侧类型端口。
与Leaf1的处理类似,分析单元分别获取到Leaf2和Spine1的端口的接口角色。例如包括但不限于:Leaf2的端口21和端口22为用户侧端口类型的端口,Leaf2的端口23为网络设备侧端口类型的端口。Spine1的端口31和端口32为网络设备侧端口类型的端口。具体识别方法可参照Leaf1的处理,此处不再赘述。
分析单元将用户侧端口类型的端口的标识以及对应的网络设备的标识发送给接入位置获取单元。接入位置获取单元维护有网络设备端口与端口类型对应关系表,接入位置获取单元将接收到的网络设备的标识和端口标识更新到网络设备端口与端口类型对应关系表。
具体的,如上文所述,分析单元维护的网络设备的标识可以包括但不限于网络设备的IP地址、网络设备的MAC地址以及网络设备的管理地址等。在本申请实施例中,分析单元可将接入位置获取单元所需的标识发送给接入位置单元。举例说明,在本实例中,分析单元向接入位置获取单元发送的设备标识为网络设备的IP地址,则分析单元确定网络设备具有用户侧端口类型的端口之后,可在网络设备标识列表中查找与该网络设备对应的IP地址,并将查找到的网络设备的IP地址以及对应的用户侧端口类型的端口的标识(例如为端口的MAC地址)发送给接入位置获取单元。可选地,如上文所述,镜像报文携带的接口信息可能是接收端口的INDEX信息。在该示例中,分析单元也可以获取各端口对应的INDEX信息,并将端口的INDEX信息和MAC地址对应发送给接入位置获取单元。可选地,INDEX信息可以是分析单元向网络设备请求的,也可以是管理人员配置的,本申请不做限定。可选地,INDEX信息也可以是接入位置获取单元在接收到镜像报文并读取到接口信息中的INDEX信息后,向镜像报文的外层报文的源IP地址所指示的网络设备发送请求消息,并基于网络设备反馈的响应消息(响应消息中携带与INDEX信息对应的端口的MAC地址)获取到的,本申请不做限定。
相应的,接入位置获取单元将获取到的网络设备的标识和端口标识写入到网络设备端口与端口类型对应关系表,例如表4所示:
表4
其中,表4中的设备标识B为Leaf1的IP地址,设备标识C为Leaf2的IP地址。该关系表中的表项1(即序号1)用于指示设备标识B所指示的网络设备的端口11为用户侧端口类型。表项2用于指示设备标识B所指示的网络设备的端口12为用户侧端口类型。表项3用于指示设备标识C所指示的网络设备的端口21为用户侧端口类型。表项4用于指示设备标识C所指示的网络设备的端口22为用户侧端口类型。可选地,网络设备端口与端口类型对应关系表也可以如表2中的形式,本申请不做限定。
S803,接入位置获取单元获取镜像报文。
下面以具体的传输场景为例对镜像报文的传输方式进行说明,图9a为示例性示出的镜像报文传输流程示意图,请参照图9a,在该场景中,以数据报文的三层转发场景为例进行说明。具体的,服务器11通过端口A将数据报文发送给Leaf1,Leaf1通过端口11接收到数据报文,并将数据报文通过端口13转发给Spine1。Spine1通过端口31接收到数据报文,并通过端口32将数据报文转发至Leaf2。Leaf2通过端口23接收到数据报文,并通过端口21将数据报文发送给服务器21。服务器21通过端口C接收到数据报文。
图9b为示例性示出的镜像报文传输示意图。请参照图9b,在该示例中,观测范围内的所有网络设备(包括Leaf1、Spine1和Leaf2)已完成报文镜像功能配置。相应的,在数据报文的传输过程中,Leaf1、Spine1和Leaf2接收到数据报文后,基于数据报文生成镜像报文,并将镜像报文发送给接入位置获取单元。在本实例中,镜像报文为ERSPAN报文。以Leaf1为例,Leaf1的镜像报文的传输路径可选地为:Leaf1的端口13-Spine1的端口31-Spine1的端口32-Leaf2的端口23-Leaf2的端口22-服务器22的端口D。其它设备的路径不再逐一赘述。
结合图9a和图9b,图9c为示例性示出的报文处理示意图。请参照图9c,服务器11发送的数据报文中的Ethernet Header字段携带目的MAC地址(即服务器12的MAC地址)和源MAC地址(即服务器11的MAC地址),IP Header字段携带目的IP地址(即服务器21的IP地址)和源IP地址(即服务器11的IP地址),数据字段承载数据。示例性的,服务器11即为数据报文的初始发送端。
Leaf1通过端口11接收数据报文。Leaf1对数据报文进行重新封装,并将重新封装后的数据报文通过端口13转发给Spine1,以及,Leaf1基于数据报文生成镜像报文。示例性的,重新封装后的数据报文的Ethernet Header字段携带目的MAC地址(即Spine1的MAC地址)和源MAC地址(即Leaf1的MAC地址)。IP Header字段携带目的IP地址(即服务器21的IP地址)和源IP地址(即服务器11的IP地址)。示例性的,对于Leaf1,服务器11即为数据报文的发送端。
示例性的,Leaf1的镜像报文包括外层报文和内层报文。其中,外层报文包括但不限于:IP Header字段、GRE Header字段和ERSPAN Header字段。外层报文的IP Header字段包括目的IP地址(即服务器22的IP地址)和源IP地址(即Leaf1的IP地址)。ERSPAN Header包括但不限于:Header字段和Subheader字段。其中,Subheader字段中的Platf ID字段携带指定信息(即0x7或0x0),Platform Specific Info字段携带端口11的标识(即Leaf1的端口11的MAC地址,也可以是端口ID等,本申请不做限定),用于指示该镜像报文是Leaf1基于端口11接收到的数据报文生成的。内层报文即为数据字段,数据字段中承载Leaf1接收到的数据报文。
Spine1通过端口31接收数据报文。Spine1对数据报文进行重新封装,并将重新封装后的数据报文通过端口32转发给Leaf2,以及,Spine1基于数据报文生成镜像报文。示例性的,重新封装后的数据报文的Ethernet Header字段携带目的MAC地址(即Leaf2的MAC地址)和源MAC地址(即Spine1的MAC地址)。IP Header字段携带目的IP地址(即服务器21的IP地址)和源IP地址(即服务器11的IP地址)。示例性的,对于Spine1,Leaf1即为数据报文的发送端。
示例性的,Spine1的镜像报文包括外层报文和内层报文。其中,外层报文包括但不限于:IP Header字段、GRE Header字段和ERSPAN Header字段。外层报文的IP Header字段包括目的IP地址(即服务器22的IP地址)和源IP地址(即Spine1的IP地址)。ERSPAN Header包括但不限于:Header字段和 Subheader字段。其中,Subheader字段中的Platf ID字段携带指定信息(即0x7或0x0),Platform Specific Info字段携带端口31的标识(即Spine1的端口31的MAC地址,也可以是端口ID等,本申请不做限定),用于指示该镜像报文是Spine1基于端口31接收到的数据报文生成的。内层报文即为数据字段,数据字段中承载Spine1接收到的数据报文。
Leaf2通过端口23接收数据报文。Leaf2对数据报文进行重新封装,并将重新封装后的数据报文通过端口21转发给服务器21,以及,Leaf2基于数据报文生成镜像报文。示例性的,重新封装后的数据报文的Ethernet Header字段携带目的MAC地址(即服务器21的MAC地址)和源MAC地址(即Leaf2的MAC地址)。IP Header字段携带目的IP地址(即服务器21的IP地址)和源IP地址(即服务器11的IP地址)。示例性的,对于Leaf2,Spine1即为数据报文的发送端。
示例性的,Leaf2的镜像报文包括外层报文和内层报文。其中,外层报文包括但不限于:IP Header字段、GRE Header字段和ERSPAN Header字段。外层报文的IP Header字段包括目的IP地址(即服务器22的IP地址)和源IP地址(即Leaf2的IP地址)。ERSPAN Header包括但不限于:Header字段和Subheader字段。其中,Subheader字段中的Platf ID字段携带指定信息(即0x7或0x0),Platform Specific Info字段携带端口23的标识(即Leaf2的端口23的MAC地址,也可以是端口ID等,本申请不做限定),用于指示该镜像报文是Leaf2基于端口23接收到的数据报文生成的。内层报文即为数据字段,数据字段中承载Leaf2接收到的数据报文。
示例性的,接入位置获取单元接收到多个网络设备发送的镜像报文,包括Leaf1的镜像报文、Spine1的镜像报文以及Leaf2的镜像报文。
S804,接入位置获取单元基于镜像报文和接口角色,获取用户设备的接入位置。
示例性的,如上文所述,接入位置获取单元维护有网络设备端口与端口类型对应关系表,其中,对应关系表中记录有用户侧端口类型的端口的端口标识以及对应的网络设备的标识。接入位置获取单元基于镜像报文中的网络设备标识和接口信息,查询网络设备端口与端口类型对应关系表,以检测接口信息中的接收端口标识是否包含于网络设备端口与端口类型对应关系表中,以确定单一镜像报文的数据报文所对应的发送端是否为用户设备。
仍参照图9c,示例性的,接入位置获取单元获取Leaf1的镜像报文的IP Header字段中的源IP地址(即Leaf1的IP地址),以及Platform Specific Info字段中的接口信息(即端口11的MAC地址)。接入位置获取单元基于Leaf1的IP地址与端口11的MAC地址,对网络设备端口与端口类型对应关系表中的各表项进行匹配。在该示例中,Leaf1的IP地址与端口11的MAC地址匹配成功,接入位置获取单元确定Leaf1的端口11为用户侧端口类型的端口。进一步的,接入位置获取单元可确定Leaf1的端口11连接的邻居设备(即端口11所连接的设备)为用户设备,即,Leaf1从端口11接收到的数据报文所对应的发送端即为用户设备。接入位置获取单元确定Leaf1为该用户设备的接入点。接入位置获取单元获取Leaf1的镜像报文的内层报文中的IP Header字段中的源IP地址(即服务器11的IP地址),也就是Leaf1接收到的数据报文对应的发送端的标识。接入位置获取服务器11所对应的接入位置信息,包括但不限于:服务器11的IP地址、接入点的标识(即Leaf1的IP地址)和接收端口标识(即端口11的MAC地址),该接入位置信息用于指示作为用户设备的服务器11接入到Leaf1的端口11。
请继续参照图9c,示例性的,接入位置获取单元获取Spine1的镜像报文的IP Header字段中的源IP地址(即Spine1的IP地址),以及Platform Specific Info字段中的接口信息(即端口31的MAC地址)。接入位置获取单元基于Spine1的IP地址与端口31的MAC地址,对网络设备端口与端口类型对应关系表中的各表项进行匹配。在该示例中,Spine1的IP地址与端口31的MAC地址匹配失败,接入位置获取单元确定Spine1的端口31为网络设备侧端口类型的端口。进一步的,接入位置获取单元可确定Spine1从端口31接收到的数据报文所对应的发送端(即端口31所连接的设备)为网络设备。
请继续参照图9c,示例性的,接入位置获取单元获取Leaf2的镜像报文的IP Header字段中的源IP地址(即Leaf2的IP地址),以及Platform Specific Info字段中的接口信息(即端口23的MAC地址)。接入位置获取单元基于Leaf2的IP地址与端口23的MAC地址,对网络设备端口与端口类型对应关系表中的各表项进行匹配。在该示例中,Leaf2的IP地址与端口23的MAC地址匹配失败,接入位置获取单元确定Leaf2的端口23为网络设备侧端口类型的端口。进一步的,接入位置获取单元可确定Leaf2从端口23接收到的数据报文所对应的发送端(即端口23所连接的设备)为网络设备。
在一种可能的实现方式中,接入位置获取单元也可以先基于接收到的镜像报文识别出接入点。在确 定接入点之后,再读取来自接入点的镜像报文(指携带的接口信息指示的端口为用户侧端口类型的镜像报文)的相关字段,以获取接入位置。
S805,接入位置存储单元保存用户设备的接入位置信息。
示例性的,接入位置获取单元将服务器11的接入位置信息保存到接入位置存储单元。接入位置存储单元维护有接入位置信息列表(也可以是其它存储形式,本申请不做限定),列表中包括一个或多个表项,每个表项中用于存储用户设备的接入位置信息,表项中包括但不限于:用户设备的标识、接入点标识和接收端口标识(即接入口标识)等。
接入位置获取单元(执行主体也可以是接入位置存储单元,本申请不做限定)基于服务器11的标识(即服务器11的IP地址),查询接入位置信息列表。一个示例中,如果接入位置信息列表中不包括服务器11的标识,即,未保存服务器11对应的接入位置信息。则,接入位置获取单元将服务器11的接入位置信息(包括但不限于:服务器11的IP地址、接入点的标识(即Leaf1的IP地址)和接收端口标识(即端口11的MAC地址))保存到接入位置信息列表。另一个示例中,如果接入位置信息列表中包括服务器11的标识,即,已保存服务器11对应的接入位置信息。接入位置获取单元检测已保存的接入位置信息与当前获取到的接入位置信息是否一致。如果一致,则不做更新。如果不一致,则,接入位置获取单元将服务器11的接入位置信息(包括但不限于:服务器11的IP地址、接入点的标识(即Leaf1的IP地址)和接收端口标识(即端口11的MAC地址))保存到接入位置信息列表。可选地,接入位置获取单元将接入位置信息的获取时间(例如保存到接入位置信息列表的时间)对应写入到接入位置信息中。
场景二
仍以图7所示的应用场景为例。在该场景中,以二层转发场景为例进行说明。分析单元以及接入位置获取单元执行S801~S802,具体细节可参照上文,此处不再赘述。
在S803中,数据报文的传输路径以及镜像报文的传输方式可参照图9a和图9b,此处不再赘述。
图10为示例性示出的报文处理示意图。请参照图10,服务器11发送的数据报文中的Ethernet Header字段携带目的MAC地址(即服务器12的MAC地址)和源MAC地址(即服务器11的MAC地址),IP Header字段携带目的IP地址(即服务器21的IP地址)和源IP地址(即服务器11的IP地址),数据字段承载数据。示例性的,服务器11即为数据报文的初始发送端。
Leaf1通过端口11接收数据报文。Leaf1将数据报文通过端口13转发给Spine1(也可以称为透传),以及,Leaf1基于数据报文生成镜像报文。示例性的,Leaf1转发的数据报文与接收到的数据报文(即服务器11发送的数据报文)是相同的,具体描述可参照上文相关描述,此处不再赘述。
示例性的,Leaf1的镜像报文包括外层报文和内层报文。其中,外层报文包括但不限于:IP Header字段、GRE Header字段和ERSPAN Header字段。外层报文的IP Header字段包括目的IP地址(即服务器22的IP地址)和源IP地址(即Leaf1的IP地址)。ERSPAN Header包括但不限于:Header字段和Subheader字段。其中,Subheader字段中的Platf ID字段携带指定信息(即0x7或0x0),Platform Specific Info字段携带端口11的标识(即Leaf1的端口11的MAC地址,也可以是端口ID等,本申请不做限定),用于指示该镜像报文是Leaf1基于端口11接收到的数据报文生成的。内层报文即为数据字段,数据字段中承载Leaf1接收到的数据报文。示例性的,对于Leaf1,服务器11即为数据报文的发送端。
Spine1通过端口31接收数据报文。Spine1将数据报文通过端口32转发给Leaf2(也可以称为透传),以及,Spine1基于数据报文生成镜像报文。示例性的,Spine1转发的数据报文与接收到的数据报文(即Leaf1发送的数据报文)是相同的,具体描述可参照上文相关描述,此处不再赘述。
示例性的,Spine1的镜像报文包括外层报文和内层报文。其中,外层报文包括但不限于:IP Header字段、GRE Header字段和ERSPAN Header字段。外层报文的IP Header字段包括目的IP地址(即服务器22的IP地址)和源IP地址(即Spine1的IP地址)。ERSPAN Header包括但不限于:Header字段和Subheader字段。其中,Subheader字段中的Platf ID字段携带指定信息(即0x7或0x0),Platform Specific Info字段携带端口31的标识(即Spine1的端口31的MAC地址,也可以是端口ID等,本申请不做限定),用于指示该镜像报文是Spine1基于端口31接收到的数据报文生成的。内层报文即为数据字段,数据字段中承载Spine1接收到的数据报文。示例性的,对于Spine1,Leaf1即为数据报文的发送端。
Leaf2通过端口23接收数据报文。Leaf1将数据报文通过端口21转发给服务器21(也可以称为透传),以及,Leaf2基于数据报文生成镜像报文。示例性的,Leaf2转发的数据报文与接收到的数据报文(即 Spine1发送的数据报文)是相同的,具体描述可参照上文相关描述,此处不再赘述。
示例性的,Leaf2的镜像报文包括外层报文和内层报文。其中,外层报文包括但不限于:IP Header字段、GRE Header字段和ERSPAN Header字段。外层报文的IP Header字段包括目的IP地址(即服务器22的IP地址)和源IP地址(即Leaf2的IP地址)。ERSPAN Header包括但不限于:Header字段和Subheader字段。其中,Subheader字段中的Platf ID字段携带指定信息(即0x7或0x0),Platform Specific Info字段携带端口23的标识(即Leaf2的端口23的MAC地址,也可以是端口ID等,本申请不做限定),用于指示该镜像报文是Leaf2基于端口23接收到的数据报文生成的。内层报文即为数据字段,数据字段中承载Leaf2接收到的数据报文。示例性的,对于Leaf2,Spine1即为数据报文的发送端。
示例性的,接入位置获取单元接收到多个网络设备发送的镜像报文。Leaf1的镜像报文、Spine1的镜像报文以及Leaf2的镜像报文。
在该场景中,接入位置获取单元接收到的Leaf1的镜像报文、Spine1的镜像报文以及Leaf2的镜像报文执行S803~S804的处理,具体细节与场景一相同,此处不再赘述。
场景三
仍以图7所示的应用场景为例。在该场景中,分析单元执行S801和S802。S801的具体细节可参照场景一中的相关内容,此处不再赘述。
示例性的,在S802执行过程中,分析单元基于邻居信息,确定接口角色之后,可向具有用户侧端口类型的端口的网络设备(例如Leaf1和Leaf2)发送指示信息,用于指示Leaf1在通过用户侧端口类型的端口(即端口11和端口)接收到数据报文后,生成镜像报文,并将镜像报文发送给接入位置获取单元,以及,指示Leaf2通过用户侧端口类型的端口(即端口21和端口22)接收到数据报文后,生成镜像报文,并将镜像报文发送给接入位置获取单元。
在S803中,若Leaf1和Leaf2通过用户侧端口类型的端口接收到数据报文,则生成对应的镜像报文。例如,以图9c为例,在本实例中,与图9c所示的场景不同,Leaf1向接入位置获取单元发送镜像报文,而Spine1和Leaf2均是通过网络设备侧端口类型的端口接收到的数据报文,则无需生成镜像报文。
在S804中,接入位置获取单元接收到Leaf1发送的镜像报文,即可确定Leaf1发送的镜像报文的内层报文(即数据报文)的发送端(即服务器11)为用户设备,相应的,Leaf1即为该用户设备的接入点。进一步的,接入位置获取单元读取Leaf1的镜像报文,以获取服务器11的接入位置信息,并保存到接入位置存储单元。未描述细节可参照上文相关内容,此处不再赘述。
场景四
图11为示例性示出的设备接入位置的获取方法流程示意图。请参照图11,具体包括但不限于如下步骤:
S1101,分析单元获取网络设备的MAC地址。
示例性的,分析单元可获取系统中的各网络设备的标识,例如可以是各网络设备的MAC地址和IP地址等。下文中仅以MAC地址为例进行说明。
可选地,分析单元可周期性地自动采集系统中的各网络设备的MAC地址,和/或,管理人员(或运维人员)可通过分析单元提供的用户接口,为分析单元配置系统内的各网络设备的MAC地址。
需要说明的是,在本示例中,分析单元获取到的网络设备的MAC地址包括观测范围内的网络设备的MAC地址,还包括非观测范围内的网络设备的MAC地址。例如,以图4中的防火墙为例,防火墙为非观测范围内的网络设备,但是,分析单元可与该网络设备进行通信,即可获取到防火墙对应的MAC地址。当然,防火墙的MAC地址也可以是管理人员配置的,本申请不做限定。
仍结合图7所示的应用场景,在本申请实施例中,分析单元可维护有网络设备标识列表,列表可参照表3,相关描述可参照上文相关内容,此处不再赘述。
示例性的,分析单元将获取到的网络设备的MAC地址发送给接入位置获取单元。其中,如上文所述,网络设备标识列表中的网络设备标识可以包括但不限于:网络设备的MAC地址、网络设备的IP地址和网络设备的管理地址(其中,列表中可能不包括防火墙等非观测范围内的网络设备的管理地址)等,在本示例中,分析单元可以只向接入位置获取单元发送MAC地址,当然也可以发送其它类型的标识,本申请不做限定。
S1102,接入位置获取单元获取镜像报文。
下面以具体的传输场景为例对镜像报文的传输方式进行说明,图12为示例性示出的镜像报文传输流程示意图,请参照图12,在该场景中,以数据报文的三层转发场景为例进行说明。具体的,服务器11通过端口A将数据报文1发送给Leaf1,Leaf1通过端口11接收到数据报文1,并将数据报文1通过端口13转发给Spine1。Spine1通过端口31接收到数据报文1,并通过端口32将数据报文1转发至Leaf2。Leaf2通过端口23接收到数据报文1,并通过端口21将数据报文1发送给服务器21。服务器21通过端口C接收到数据报文1。
仍参照图12,服务器12通过端口A将数据报文2发送给Leaf1,Leaf1通过端口12接收到数据报文2,并将数据报文2通过端口13转发给Spine1。Spine1通过端口31接收到数据报文2,并通过端口32将数据报文2转发至Leaf2。Leaf2通过端口23接收到数据报文2,并通过端口21将数据报文2发送给服务器21。服务器21通过端口C接收到数据报文2。
结合图12,图13为示例性示出的报文处理示意图。请参照图13,服务器11发送的数据报文1中的Ethernet Hear字段携带目的MAC地址(即Leaf1的MAC地址)和源MAC地址(即服务器11的MAC地址),IP Header字段携带目的IP地址(即服务器21的IP地址)和源IP地址(即服务器11的IP地址),数据字段承载数据。示例性的,服务器11即为数据报文1的初始发送端。需要说明的是,图12中示意出部分字段携带的信息,其它字段可参照图9c中的相关描述,此处不再赘述,下文中不再重复说明。
Leaf1通过端口11接收数据报文1。Leaf1对数据报文1进行重新封装,并将重新封装后的数据报文1通过端口13转发给Spine1,以及,Leaf1基于数据报文1生成镜像报文1。示例性的,重新封装后的数据报文1的Ethernet Header字段携带目的MAC地址(即Spine1的MAC地址)和源MAC地址(即Leaf1的MAC地址)。IP Header字段携带目的IP地址(即服务器21的IP地址)和源IP地址(即服务器11的IP地址)。
示例性的,Leaf1的镜像报文1包括外层报文和内层报文。其中,外层报文包括但不限于:IP Header字段、GRE Header字段和ERSPAN Header字段。外层报文的IP Header字段包括目的IP地址(即服务器22的IP地址)和源IP地址(即Leaf1的IP地址)。ERSPAN Header包括但不限于:Header字段和Subheader字段。其中,Subheader字段中的Platf ID字段携带指定信息(即0x7或0x0),Platform Specific Info字段携带端口11的标识(即Leaf1的端口11的MAC地址,也可以是端口ID等,本申请不做限定),用于指示该镜像报文是Leaf1基于端口11接收到的数据报文生成的。内层报文即为数据字段,数据字段中承载Leaf1接收到的数据报文1。示例性的,对于Leaf1,服务器11即为数据报文1的发送端。
Spine1通过端口31接收数据报文1。Spine1对数据报文1进行重新封装,并将重新封装后的数据报文1通过端口32转发给Leaf2,以及,Spine1基于数据报文1生成镜像报文3。示例性的,重新封装后的数据报文1的Ethernet Header字段携带目的MAC地址(即Leaf2的MAC地址)和源MAC地址(即Spine1的MAC地址)。IP Header字段携带目的IP地址(即服务器21的IP地址)和源IP地址(即服务器11的IP地址)。
示例性的,Spine1的镜像报文3包括外层报文和内层报文。其中,外层报文包括但不限于:IP Header字段、GRE Header字段和ERSPAN Header字段。外层报文的IP Header字段包括目的IP地址(即服务器22的IP地址)和源IP地址(即Spine1的IP地址)。ERSPAN Header包括但不限于:Header字段和Subheader字段。其中,Subheader字段中的Platf ID字段携带指定信息(即0x7或0x0),Platform Specific Info字段携带端口31的标识(即Spine1的端口31的MAC地址,也可以是端口ID等,本申请不做限定),用于指示该镜像报文是Spine1基于端口31接收到的数据报文生成的。内层报文即为数据字段,数据字段中承载Spine1接收到的数据报文1。示例性的,对于Spine1,Leaf1即为数据报文1的发送端。
Leaf2通过端口23接收数据报文1。Leaf2对数据报文1进行重新封装,并将重新封装后的数据报文1通过端口21转发给服务器21,以及,Leaf2基于数据报文1生成镜像报文5。示例性的,重新封装后的数据报文1的Ethernet Header字段携带目的MAC地址(即服务器21的MAC地址)和源MAC地址(即Leaf2的MAC地址)。IP Header字段携带目的IP地址(即服务器21的IP地址)和源IP地址(即服务器11的IP地址)。示例性的,对于Leaf2,Spine1即为数据报文1的发送端。
示例性的,Leaf2的镜像报文5包括外层报文和内层报文。其中,外层报文包括但不限于:IP Header字段、GRE Header字段和ERSPAN Header字段。外层报文的IP Header字段包括目的IP地址(即服务器22的IP地址)和源IP地址(即Leaf2的IP地址)。ERSPAN Header包括但不限于:Header字段和 Subheader字段。其中,Subheader字段中的Platf ID字段携带指定信息(即0x7或0x0),Platform Specific Info字段携带端口23的标识(即Leaf2的端口23的MAC地址,也可以是端口ID等,本申请不做限定),用于指示该镜像报文是Leaf2基于端口23接收到的数据报文1生成的。内层报文即为数据字段,数据字段中承载Leaf2接收到的数据报文1。
仍参照图13,服务器12发送的数据报文2中的Ethernet Hear字段携带目的MAC地址(即服务器Leaf1的MAC地址)和源MAC地址(即服务器12的MAC地址),IP Header字段携带目的IP地址(即服务器21的IP地址)和源IP地址(即服务器12的IP地址),数据字段承载数据。示例性的,服务器12即为数据报文2的初始发送端。需要说明的是,图12中示意出部分字段携带的信息,其它字段可参照图9c中的相关描述,此处不再赘述,下文中不再重复说明。
Leaf1通过端口12接收数据报文2。Leaf1对数据报文2进行重新封装,并将重新封装后的数据报文2通过端口13转发给Spine1,以及,Leaf1基于数据报文2生成镜像报文2。示例性的,重新封装后的数据报文2的Ethernet Header字段携带目的MAC地址(即Spine1的MAC地址)和源MAC地址(即Leaf1的MAC地址)。IP Header字段携带目的IP地址(即服务器21的IP地址)和源IP地址(即服务器11的IP地址)。示例性的,对于Leaf1,服务器12即为数据报文2的发送端。
示例性的,Leaf1的镜像报文2包括外层报文和内层报文。其中,外层报文包括但不限于:IP Header字段、GRE Header字段和ERSPAN Header字段。外层报文的IP Header字段包括目的IP地址(即服务器22的IP地址)和源IP地址(即Leaf1的IP地址)。ERSPAN Header包括但不限于:Header字段和Subheader字段。其中,Subheader字段中的Platf ID字段携带指定信息(即0x7或0x0),Platform Specific Info字段携带端口11的标识(即Leaf1的端口12的MAC地址,也可以是端口ID等,本申请不做限定),用于指示该镜像报文是Leaf1基于端口12接收到的数据报文2生成的。内层报文即为数据字段,数据字段中承载Leaf1接收到的数据报文2。
Spine1通过端口31接收数据报文2。Spine1对数据报文2进行重新封装,并将重新封装后的数据报文2通过端口32转发给Leaf2,以及,Spine1基于数据报文2生成镜像报文4。示例性的,重新封装后的数据报文2的Ethernet Header字段携带目的MAC地址(即Leaf2的MAC地址)和源MAC地址(即Spine1的MAC地址)。IP Header字段携带目的IP地址(即服务器21的IP地址)和源IP地址(即服务器12的IP地址)。
示例性的,Spine1的镜像报文4包括外层报文和内层报文。其中,外层报文包括但不限于:IP Header字段、GRE Header字段和ERSPAN Header字段。外层报文的IP Header字段包括目的IP地址(即服务器22的IP地址)和源IP地址(即Spine1的IP地址)。ERSPAN Header包括但不限于:Header字段和Subheader字段。其中,Subheader字段中的Platf ID字段携带指定信息(即0x7或0x0),Platform Specific Info字段携带端口31的标识(即Spine1的端口31的MAC地址,也可以是端口ID等,本申请不做限定),用于指示该镜像报文是Spine1基于端口31接收到的数据报文2生成的。内层报文即为数据字段,数据字段中承载Spine1接收到的数据报文2。示例性的,对于Spine1,Leaf1即为数据报文2的发送端。
Leaf2通过端口23接收数据报文2。Leaf2对数据报文2进行重新封装,并将重新封装后的数据报文2通过端口21转发给服务器21,以及,Leaf2基于数据报文2生成镜像报文6。示例性的,重新封装后的数据报文2的Ethernet Header字段携带目的MAC地址(即服务器21的MAC地址)和源MAC地址(即Leaf2的MAC地址)。IP Header字段携带目的IP地址(即服务器21的IP地址)和源IP地址(即服务器12的IP地址)。
示例性的,Leaf2的镜像报文6包括外层报文和内层报文。其中,外层报文包括但不限于:IP Header字段、GRE Header字段和ERSPAN Header字段。外层报文的IP Header字段包括目的IP地址(即服务器22的IP地址)和源IP地址(即Leaf2的IP地址)。ERSPAN Header包括但不限于:Header字段和Subheader字段。其中,Subheader字段中的Platf ID字段携带指定信息(即0x7或0x0),Platform Specific Info字段携带端口23的标识(即Leaf2的端口23的MAC地址,也可以是端口ID等,本申请不做限定),用于指示该镜像报文是Leaf2基于端口23接收到的数据报文2生成的。内层报文即为数据字段,数据字段中承载Leaf2接收到的数据报文2。示例性的,对于Leaf2,Spine1即为数据报文2的发送端。
示例性的,接入位置获取单元接收到多个网络设备发送的镜像报文,包括Leaf1的镜像报文1和镜像报文2、Spine1的镜像报文3和镜像报文4以及Leaf2的镜像报文5和镜像报文5。在该示例中,假设上述多个镜像报文均是在同一个周期内接收到的,相应的,在周期触发时刻,接入位置获取单元可基于上述 多个镜像报文,确定各数据报文的发送端是否为用户设备。
S1103,接入位置获取单元基于内层报文的IP地址,对镜像报文进行分组。
示例性的,请参照图14所示的镜像报文的示意图,接入位置获取单元在周期触发时刻,读取本周期内获取到的每个镜像报文的内层报文的IP地址字段中的源IP地址,即数据报文的初始发送端的标识。
接入位置获取单元基于各镜像报文的的内层报文的源IP地址,对镜像报文进行分组。其中,源IP地址相同的镜像报文分为一组。
举例说明,仍参照图13,在该示例中,镜像报文1、镜像报文3和镜像报文5均是基于同一个数据报文(即数据报文1)生成的,相应的,镜像报文1、镜像报文3和镜像报文5的内层报文的源IP地址相同,即均为服务器11的IP地址。接入位置获取单元将镜像报文1、镜像报文3和镜像报文5划分为同一个组(例如镜像报文组1)。
以及,镜像报文2、镜像报文4和镜像报文5均是基于同一个数据报文(即数据报文2)生成的,相应的,镜像报文2、镜像报文4和镜像报文6的内层报文的源IP地址相同,即均为服务器12的IP地址。接入位置获取单元将镜像报文2、镜像报文4和镜像报文6划分为同一个组(例如镜像报文组2)。
S1104,接入位置获取单元基于组内的镜像报文和网络设备的MAC地址,确定用户设备的接入位置。
示例性的,仍参照图14,接入位置获取单元读取同一个组内的镜像报文的Ethernet Header字段中的源MAC地址(即数据报文的发送端的标识),并将读取的源MAC地址与接入位置获取单元预先获取到的系统内的网络设备的MAC地址进行匹配。接入位置获取单元过滤掉匹配成功的源MAC地址所对应的镜像报文。也就是说,过滤掉的镜像报文的数据报文所对应的发送端均为网络设备。仍以图13中的场景为例,示例性的,接入位置获取单元对镜像报文组1(包括镜像报文1、镜像报文3和镜像报文5)进行处理,接入位置获取单元读取到镜像报文1的Ethernet Header字段中的源MAC地址(即服务器11的MAC地址)、镜像报文3的Ethernet Header字段中的源MAC地址(即Leaf1的MAC地址)、以及镜像报文5的Ethernet Header字段中的源MAC地址(即Spine1的MAC地址)。接入位置获取单元将读取到的源MAC地址分别与预先获取到的系统内的网络设备的MAC地址(如表3所示)进行匹配,以过滤掉源MAC地址为网络设备的MAC地址(包括观测范围内的网络设备和非观测范围内的网络设备)的镜像报文。其中,镜像报文3的Ethernet Header字段中的源MAC地址和镜像报文5的Ethernet Header字段中的源MAC地址匹配成功,接入位置获取单元过滤掉镜像报文3和镜像报文5。镜像报文1的Ethernet Header字段中的源MAC地址匹配失败,则镜像报文组1过滤后的镜像报文剩余镜像报文1。
接着,请参照图14,接入位置获取单元读取组内的过滤后的各镜像报文(即组内剩余的镜像报文)的发送端标识,即,镜像报文的外层报文的IP Header字段中的源IP地址。接入位置获取单元检测组内过滤后的各镜像报文的源IP地址是否相同,即,检测过滤后的镜像报文是否均为同一个网络设备(即发送端)发送的。
示例性的,如果组内过滤后的各镜像报文的源IP地址相同,即镜像报文来自同一个网络设备,则接入位置获取单元读取镜像报文的相关字段,以获取用户设备的接入位置信息。具体地,接入位置获取单元读取过滤后的任一镜像报文的内层报文的源IP地址(即数据报文的发送端(即用户设备)的IP地址)、该镜像报文的外层报文的ERSPAN Header字段中的接口信息(即接入点的接收端口标识)以及该镜像报文的外层报文的IP Header字段的源IP地址(即接入点的标识),上述信息即为用户设备的接入位置信息。举例说明,仍参照图13,在该场景中,镜像报文组1过滤后的镜像报文为镜像报文1。接入位置获取单元读取镜像报文1的外层报文的源IP地址,并确定来自同一个网络设备(即Leaf1)。相应的,接入位置获取单元读取镜像报文1的内层报文的源IP地址(即服务器11的IP地址),以获取用户设备的标识,并且,读取镜像报文1的外层报文的ERSPAN Header字段中的接口信息(即Leaf11的端口11的MAC地址),以获取接入点的接收端口标识(也可以称为接入口标识),以及读取镜像报文1的外层报文的IP Header字段的源IP地址(即Leaf1的IP地址),以获取接入点标识。
其中,组内过滤后的各镜像报文的源IP地址不相同的示例将在下面的场景中说明。
一种可能的实现方式中,如果过滤后的镜像报文数量为1,则可直接确定该镜像报文的数据报文的发送端即为用户设备,并且镜像报文的发送端为该用户设备的接入点。举例说明,仍参照图13,在该场景中,镜像报文组1过滤后的镜像报文剩余镜像报文1,则接入位置获取单元即可确定镜像报文1的发送端即为接入点,镜像报文1的数据报文的发送端即为用户设备。相应的,接入位置获取单元读取镜像报文1的相关字段,以获取用户设备(即服务器11)的接入位置信息,具体细节可参照上文,此处不再赘述。
示例性的,在该场景中,接入位置获取单元对镜像报文组2作相同的处理,具体处理流程可参照对镜像报文组1的处理,接入位置获取单元可获取到Leaf1接收到的数据报文的发送端(即服务器12)为用户设备,接入位置获取单元通过读取Leaf1的镜像报文2,获取服务器12的接入位置信息,包括但不限于:服务器12的MAC地址(即用户设备标识)、Leaf1的IP地址(即接入点标识)和Leaf1的端口12的MAC地址(即接入口标识)。
在另一种可能的实现方式中,如果周期内接收到的镜像报文的数量为1,仍需要对其执行图8和/或图11中的流程,以判定镜像报文的数据报文的发送端是否为用户设备。
S1105,接入位置保存单元保存用户设备的接入位置。
在图13所示的场景中,接入位置保存单元可保存服务器11的接入位置信息和服务器12的接入位置信息。具体细节可参照上文实施例的相关步骤,此处不再赘述。
场景五
结合图10(即二层转发场景),在该场景中,使用图11所示的接入位置获取方法,在执行S1104时,接入位置获取单元将具有相同内层报文的源IP地址的镜像报文划分为一组,例如将携带服务器11的IP地址的镜像报文均划分为同一组。接着,接入位置获取单元检测到组内的各镜像报文的数据报文的发送端的标识,即内层报文的Ethernet Header字段中的源MAC地址不属于系统内的任一网络设备,可判定数据报文的发送端均为非网络设备。进一步地,接入位置获取单元读取组内的各镜像报文的外层报文的源IP地址,并检测到各镜像报文的源IP地址不同,即指向多个网络设备(包括Leaf1、Spine1和Leaf2)。则接入位置获取单元无法判断出哪个网络设备为接入点,也无法判断出具体哪个数据报文的发送端为用户设备。
在该示例中,分析单元和接入位置获取单元可异步执行图8中的接入位置获取流程(例如场景二中所描述的流程)。相应的,接入位置可识别出图10所示的二层转发场景中的用户设备和对应的接入位置。
需要说明的是,图8所示的流程与图11所示的流程在异步执行时,其周期触发时刻可以相同或不同,本申请不做限定。
场景六
在本申请实施例中,同一个用户设备还可能接入两个或两个以上网络设备。举例说明,请参照图15所示的应用场景,在该场景中,服务器12接入Leaf1的端口12以及Leaf2的端口24。其它连接关系可参照图12,此处不再赘述。
在该示例中,服务器11发送数据报文1,其传输方式可参照图14中的描述,此处不再赘述。服务器12发送数据报文2,其传输方式可参照图14中的描述,此处不再赘述。以及,服务器12发送数据报文3。具体地,服务器12通过端口E将数据报文3发送给Leaf2,Leaf2通过端口24接收到数据报文3,并将数据报文3通过端口21将数据报文2发送给服务器21。服务器21通过端口C接收到数据报文3。
示例性的,服务器12发送的数据报文3中的Ethernet Hear字段携带目的MAC地址(即Leaf2的MAC地址)和源MAC地址(即服务器12的MAC地址),IP Header字段携带目的IP地址(即服务器21的IP地址)和源IP地址(即服务器12的IP地址),数据字段承载数据。示例性的,服务器12即为数据报文3的初始发送端。
Leaf2通过端口24接收数据报文3。Leaf2对数据报文3进行重新封装,并将重新封装后的数据报文3通过端口21转发给服务器21,以及,Leaf2基于数据报文3生成镜像报文7。示例性的,重新封装后的数据报文3的Ethernet Header字段携带目的MAC地址(即服务器21的MAC地址)和源MAC地址(即Leaf2的MAC地址)。IP Header字段携带目的IP地址(即服务器21的IP地址)和源IP地址(即服务器12的IP地址)。
示例性的,Leaf2的镜像报文7(图中未示出)包括外层报文和内层报文。其中,外层报文包括但不限于:IP Header字段、GRE Header字段和ERSPAN Header字段。外层报文的IP Header字段包括目的IP地址(即服务器22的IP地址)和源IP地址(即Leaf2的IP地址)。ERSPAN Header包括但不限于:Header字段和Subheader字段。其中,Subheader字段中的Platf ID字段携带指定信息(即0x7或0x0),Platform Specific Info字段携带端口24的标识(即Leaf2的端口24的MAC地址,也可以是端口ID等,本申请不做限定),用于指示该镜像报文是Leaf2基于端口24接收到的数据报文3生成的。内层报文即为 数据字段,数据字段中承载Leaf2接收到的数据报文3。示例性的,对于Leaf2,服务器12即为数据报文3的发送端。
在该场景中,接入位置获取单元可单独执行图8或图11所示的接入位置获取流程,也可以异步执行图8或图11所示的接入位置获取流程。本示例中以异步执行两个流程为例进行说明。
示例性的,接入位置获取单元执行图8所示的流程,可识别到服务器11为用户设备,其接入位置为Leaf1的端口11,具体细节可参照上文,此处不再赘述。接入位置获取单元基于Leaf1的镜像报文携带的接口信息,可确定Leaf1从用户侧类型的端口(即端口12)接收到数据报文,相应的,可判定数据报文2的发送端(即服务器12)为用户设备,对应的接入位置为Leaf1的端口12。示例性的,接入位置获取单元基于Leaf2的镜像报文携带的接口信息,可确定Leaf2从用户侧类型的端口(即端口24)接收到数据报文。相应的,可判定数据报文3的发送端(即服务器12)为用户设备,对应的接入位置为Leaf2的端口24。也就是说,接入位置获取获取单元可识别出服务器12在系统中的2个接入位置。
示例性的,接入位置获取单元执行图11所示的流程。接入位置获取单元可获取到服务器11的接入位置信息,获取方式可参照上文,此处不再赘述。示例性的,接入位置获取单元识别到镜像报文2、镜像报文4、镜像报文6以及镜像报文7的内层报文的源IP地址相同,即均为服务器12的IP地址。接入位置获取单元将镜像报文2、镜像报文4、镜像报文6以及镜像报文7划分为同一组。接入位置获取单元基于内层报文的MAC地址,对镜像报文进行过滤。其中,镜像报文2(具体描述可参照图13的相关内容)和镜像报文7的内层报文的源MAC地址均为服务器12的MAC地址,也就是说,镜像报文2(具体描述可参照图13的相关内容)和镜像报文7的内层报文的源MAC地址均指示为非网络设备。接着,接入位置获取单元识别过滤后的各镜像报文(即镜像报文2和镜像报文7)的外层报文的源IP地址。接入位置获取单元检测到镜像报文2的源IP地址指向Leaf1(即为Leaf1的IP地址),镜像报文7的源IP地址指向Leaf2(即为Leaf2的IP地址),即镜像报文2和镜像报文7的源IP地址指向不同的网络设备,也就是说,镜像报文2和镜像报文7来自不同的发送端,接入位置获取单元确定对应于服务器12存在多个接入点。可选地,接入位置获取单元可基于图8流程所获取到的结果,进一步确定服务器12的具体接入位置。
在一种可能的实现方式中,在图11和图8的流程异步执行时,接入位置获取单元可将图8获取到的结果与图11获取到的结果进行比较。例如在图15所示的场景中,接入位置获取单元通过图11和图8所示的流程,均可以获取到服务器11的接入位置,且获取到的结果是相同的,则接入位置获取单元可确定服务器11的接入位置即为Leaf1的接口11。而对于服务器12的接入位置,图8所得到的结果与图11所得到的结果不一致,在本申请实施例中,图8和图11的流程所得到的结果不一致的情况可以包括图15中的情况,即,图11所示的流程获取到用户设备的存在多个接入位置的情况下,可结合图8所示的流程进一步获取用户设备的接入位置。在其他实施例中,图8和图11的流程所得到的结果不一致的情况还可以包括图8判断出数据报文的发送端为用户设备,而图11判断出数据报文的发送端为非用户设备(即网络设备)的情况。具体可参照场景七。
场景七
图16为示例性示出的应用场景示意图。请参照图16,结合图13所示的场景,在图16所示的场景中,Spine1与Leaf2之间设置有防火墙。服务器11发送的数据报文通过Spine 1发送给防火墙,防火墙对数据报文执行安全验证等处理,再将数据报文发送给Leaf2。在本申请实施例中,以防火墙对数据报文的转发为透传方式,即不改变数据报文中的MAC地址为例进行说明,在其他实施例中,防火墙也可以对数据报文进行重新封装,本申请不做限定。
在该场景中,分析单元和接入位置获取单元可执行图8和/或图11中的接入位置获取方法。
在一种可能的实现方式中,在分析单元和接入位置获取单元执行图8所示的接入位置获取方法的过程中,在S801中,由于防火墙在本示例中不发送LLDP信息,相应的,Spine1无法获取到接口32所对应的LLDP信息,则在该示例中,分析单元获取到的Spine1的邻居信息包括但不限于:
端口31的标识-设备标识B-端口13的标识
相应的,在S802中,分析单元基于Spine1的邻居信息,确定端口32为空口,或者是确定端口32所连接的邻居设备为非观测范围内的网络设备。如上文所述,端口连接的邻居设备的标识不属于观测范围内的网络设备的端口,其端口类型为用户侧端口类型。相应的,分析单元确定Spine1的端口32为用户侧端口类型的端口。同理,Leaf2的端口23同样判定为是用户侧端口类型的端口。S801~S802的其它未描述 细节可参照上文,此处不再赘述。
请继续参照图16,在S803中,接入位置获取单元可接收到Leaf1、Spine1以及Leaf2发送的镜像报文。具体描述可参照场景一,此处不再赘述。
需要说明的是,在图16中,对于Leaf2,防火墙为其接收到的数据报文的发送端。
在S804中,接入位置获取单元可判断出Leaf1为服务器11的接入点,并获取到服务器11的接入位置信息。具体细节可参照上文,此处不再赘述。示例性的,接入位置获取单元基于Leaf2的镜像报文所携带的接口信息,确定端口23为用户侧端口类型的端口。相应的,接入位置获取单元可确定端口23所连接的邻居设备为用户设备,即,Leaf2通过端口23接收到的数据报文所对应的发送端为用户设备。
示例性的,接入位置获取单元读取Leaf2的镜像报文,获取用户设备的标识(镜像报文的内层报文携带的源IP地址,即为服务器11的IP地址)、接入点标识(即镜像报文的外层报文携带的源IP地址,即Leaf2的IP地址)以及接收端口标识(即镜像报文的外层报文携带的接口信息,即端口23的MAC地址)。即,服务器11的接入位置为Leaf2的端口23。也就是说,在图16所示的场景中,接入位置获取单元通过执行图8所示的流程,检测到Leaf1从端口11接收到的数据报文所对应的发送端为用户设备,并且,Leaf2从端口23接收到的数据报文所对应的发送端同样为用户设备。
在另一种可能的实现方式中,分析单元和接入位置获取单元执行图11所示的流程。接入位置获取单元执行分组操作(具体细节可参照上文,此处不再赘述)之后,基于Leaf2的镜像报文中的内层报文所携带的源MAC地址(即Spine1的MAC地址),确定Leaf2接收到的数据报文的发送端为观测范围内的网络设备,即,Leaf2的镜像报文中的内层报文所携带的源MAC地址包含于接入位置获取单元预先获取到的系统内的网络设备的MAC地址中。相应的,接入位置获取单元基于图11所示的流程的执行结果,可确定Leaf2从端口23接收到的数据报文所对应的发送端为非用户设备,该结果与图8执行后的结果不一致,则,接入位置获取单元以图11执行的结果为准,即确定Leaf2从端口23接收到的数据报文所对应的发送端(即防火墙)为非用户设备。
场景八
本申请实施例中的接入位置获取方法还可以用于用户设备的迁移场景中。仍以图7所示的场景为例,示例性的,假设服务器11从Leaf1的端口11迁移到Leaf2的端口25,即服务器11通过Leaf2的端口25接入系统,以与系统中的其它设备进行通信。
在该示例中,服务器11与Leaf1断开之后,Leaf1向系统内的各网络设备发送LLDP信息,LLDP信息用于指示Leaf1的端口11为空端口。服务器11接入Leaf2的端口25之后,Leaf2可向系统内的各网络设备发送LLDP信息,LLDP信息用于指示Leaf2的端口25连接服务器11。
一种可能的实现方式中,分析单元执行图8中的流程。一个示例中,Leaf1与Leaf2检测到LLDP信息更新,可向分析单元发送邻居信息更新信息。其中,Leaf1的邻居信息更新信息用于指示端口11为空端口。Leaf2的邻居信息更新信息包括但不限于:端口25的标识(即端口25的MAC地址)、邻居设备标识(即服务器11的MAC地址)以及邻居设备的端口标识(即服务器11的端口A),Leaf2的邻居信息更新信息用于指示Leaf2的端口25连接的服务器11的端口A。分析单元可更新本地保存的邻居信息。另一个示例中,分析单元也可以在周期触发时刻,向系统内的各网络设备请求邻居信息。分析单元可基于Leaf1和Leaf2反馈的邻居信息,更新本地保存的邻居信息。
示例性的,分析单元可基于新的邻居信息,执行S802~S805。在该示例中,服务器11的数据报文将发送至Leaf2。Leaf2通过端口25接收到服务器11发送的数据报文,对数据报文进行转发同时,基于该数据报文,生成并发送对应的镜像报文。相应的,接入位置获取单元执行S804时,即可获取到服务器11的接入位置为Leaf2的端口25。接入位置获取单元可基于服务器11的标识,检测接入位置信息列表中已存在服务器11的标识,且已保存的服务器11对应的接入位置信息与当前获取到的接入位置信息不相同。相应的,接入位置获取单元可将新获取到的服务器11的接入位置信息写入到接入位置信息列表中,并对应写入当前时刻(即接入位置信息的写入时间)。这样,在故障排查场景中,管理人员即可获取到服务器11的迁移情况(包括迁移的接入点以及对应时间)。
在另一种可能的实现方式中,分析单元和接入位置单元执行图11中的流程。在执行该流程的过程中,分析单元所维护的观测范围内的网络设备的MAC地址保持不变。接入位置获取单元在执行S1104时,可基于服务器11所发送的数据报文所对应的多个镜像报文,确定服务器11的接入位置,具体实现细节可参 照图11中的描述,此处不再赘述。
场景九
本申请实施例中的接入位置获取方法还可以应用于用户设备为虚拟机的场景中。仍以图7中的场景为例,在该示例中,服务器12中的VM1发送原始数据报文,原始数据报文的格式可参照图6a中的隧道内层报文。服务器12中的OVS对VM1的原始数据报文进行重新封装,重新封装后的数据报文(也可以称为隧道报文)的格式可参照图6a。在服务器12的数据报文(即隧道报文)的传输过程中,传输路径上的观测范围内的网络设备向接入位置获取单元发送镜像报文,镜像报文的格式可参照图6b。
一种可能的实现方式中,接入位置获取单元响应于接收到的镜像报文,执行图8中的S804(S801~S803可参照上文,此处不再赘述)。接入位置获取单元基于镜像报文的接口信息,判定数据报文的发送端是否为用户设备,具体细节与S804相同,此处不再赘述。示例性的,接入位置获取单元确定Leaf1接收到的数据报文所对应的发送端为用户设备,可获取用户设备对应的接入位置信息。具体地,接入位置获取单元读取Leaf1的镜像报文的内层报文(即隧道报文)中的隧道内层报文携带的源IP地址(即为用户设备标识),和镜像报文的外层报文携带的源IP地址(即Leaf1的标识)以及接口信息(即接收端口标识),以获取到对应服务器11对应的接入位置信息。
另一种可能的实现方式中,接入位置获取单元响应于接收到的镜像报文,执行图11中的S1104(S1101~S1103与图11中相同,此处不再赘述)。在该步骤中,接入位置获取单元基于各镜像报文的内层报文(即隧道报文或数据报文)的隧道报文内层报文所携带的源IP地址,对镜像报文进行分组,即将源IP地址为VM1的IP地址的镜像报文划分到同一组。在隧道报文传输过程中,各网络设备更新隧道外层报文中的Ehternet Header。相应的,接入位置获取单元可基于镜像报文中的内层报文中的隧道外层报文携带的源MAC地址(即为数据报文的发送端标识),对镜像报文进行过滤,具体过滤方式可参照上文,此处不再赘述。接着,接入位置获取单元基于过滤后的镜像报文的外层报文的源IP地址(即镜像报文的发送端的IP地址),确定用户设备的接入位置。具体细节可参照图11中的描述,此处不再赘述。
这样,本申请实施例中的接入位置获取方法可应用于隧道数据报文的传输场景中,即,对应于虚拟机等通过隧道协议接入系统的用户设备,同样可对其进行准确定位。
场景十
在本申请实施例中,系统中还存在一些非观测范围内的网络设备,例如部署在用户侧的网络设备。以图4中所示的场景为例,路由器X即为非观测范围内的网络设备,即部署在用户侧的路由器。
一种可能的实现方式中,在执行图8所示的流程的过程中,分析单元获取到Leaf3的邻居信息,并检测到路由器X的标识不属于观测范围内的网络设备,则可确定Leaf3连接路由器X的端口为用户侧端口类型。在该示例中,假设服务器41发送数据报文至路由器X,路由器X将数据报文转发是Leaf3。Leaf3对接收到的数据报文进行转发,同时生成并发送镜像报文。接入位置获取单元即可基于Leaf3的镜像报文,判断出Leaf3所接收到的数据报文的发送端(这里是指路由器X)为用户设备。即,Leaf3的镜像报文的数据报文所对应的接收端口为用户侧端口类型,相应的,该接收端口所连接的邻居设备,即数据报文的发送端即为用户设备。
接入位置读取Leaf3的镜像报文的内层报文携带的源IP地址,其中,该源IP地址为服务器41的IP地址。相应的,接入位置读取镜像报文的相关字段(具体细节可参照上文)所获取到的用户设备的接入位置即为服务器41的接入位置。服务器41的接入位置信息包括但不限于:服务器41的标识、Leaf3的标识(即接入点标识)以及接收端口标识(即Leaf3与路由器X的连接端口的标识)。也就是说,在该场景中,服务器41~服务器4n的接入位置是相同的,接入点均为Leaf3对应的接入端口均为Leaf3与路由器X的连接端口。在该示例中可以理解为路由器X对于网络侧而言,其属于用户侧设备,相应的,服务器41~服务器4n的接入位置也可以理解为是路由器X在系统中的接入位置。
另一种可能的实现方式中,在执行图11所示的流程的过程中,仍以服务器41发送的数据报文为例。接入位置获取单元将镜像报文中携带服务器41的IP地址的镜像报文划分为同一组。接着,接入位置获取单元基于该组内的镜像报文的内层报文携带的源MAC地址,对镜像报文进行过滤。其中,Leaf3的镜像报文的内层报文携带的源MAC地址为路由器X的MAC地址,该MAC地址不属于网络侧的网络设备,接入位置获取单元可对携带路由器X的MAC地址所对应的镜像报文执行后续步骤。同样的,接入位置获 取单元可确定Leaf3即为用户设备的接入点,并通过读取Leaf3的镜像报文的相关字段,以获取到用户设备的接入位置信息。同样的,接入位置获取到的用户设备的接入位置信息是指服务器41对应的接入位置信息(具体细节可参照上文,此处不再赘述)。
上述主要从各个网元之间交互的角度对本申请实施例提供的方案进行了介绍。可以理解的是,装置为了实现上述功能,其包含了执行各个功能相应的硬件结构和/或软件模块。本领域技术人员应该很容易意识到,结合本文中所公开的实施例描述的各示例的单元及算法步骤,本申请实施例能够以硬件或硬件和计算机软件的结合形式来实现。某个功能究竟以硬件还是计算机软件驱动硬件的方式来执行,取决于技术方案的特定应用和设计约束条件。专业技术人员可以对每个特定的应用来使用不同方法来实现所描述的功能,但是这种实现不应认为超出本申请的范围。
本申请实施例可以根据上述方法示例对装置进行功能模块的划分,例如,可以对应各个功能划分各个功能模块,也可以将两个或两个以上的功能集成在一个处理模块中。上述集成的模块既可以采用硬件的形式实现,也可以采用软件功能模块的形式实现。需要说明的是,本申请实施例中对模块的划分是示意性的,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式。
在采用对应各个功能划分各个功能模块的情况下,在采用对应各个功能划分各个功能模块的情况下,图17示出了上述实施例中所涉及的装置1700的一种可能的结构示意图,如图17所示,装置1700包括但不限于:接收单元1701和接入位置获取单元1702。其中,接收单元1701,用于接收网络设备发送的镜像报文。其中,镜像报文为网络设备基于接收到的数据报文生成的,镜像报文中包括网络设备的标识、接收端口标识和数据报文,数据报文中包括数据报文的发送端的标识,接收端口标识用于指示网络设备接收数据报文的接收端口。接入位置获取单元1702,用于基于镜像报文,判断数据报文的发送端是否为用户设备。接入位置获取单元1702,还用于若判定发送端为用户设备,获取用户设备的接入位置信息,接入位置信息包括发送端的标识、网络设备的标识和接收端口标识。
在一种可能的实现方式中,接入位置获取单元1702,具体用于基于镜像报文中的接收端口标识,判断数据报文的发送端是否为用户设备。
在一种可能的实现方式中,接入位置获取单元1702,具体用于基于镜像报文中的发送端的标识,判断数据报文的发送端是否为用户设备。
在一种可能的实现方式中,接收端口的端口类型为用户侧端口类型。
在一种可能的实现方式中,接入位置获取单元1702,具体用于响应于接收到的镜像报文,判定数据报文的发送端为用户设备。
在一种可能的实现方式中,装置还包括分析单元1703,用于:基于第一信息,确定网络中的至少一个网络设备,第一信息中包括网络中各网络设备的端口的端口标识和对应的端口类型,端口类型包括用户侧端口类型和网络设备侧端口类型,至少一个网络设备中的每个网络设备包括用户侧端口类型的端口;向至少一个网络设备发送指示信息,指示信息用于指示至少一个网络设备中的每个网络设备基于每个网络设备的用户侧接口类型的端口接收到的数据报文生成镜像报文。
在一种可能的实现方式中,接入位置获取单元1702,具体用于:基于第一信息和接收端口标识,确定接收端口的端口类型,第一信息包括网络中各网络设备的端口的端口标识和对应的端口类型,端口类型包括用户侧端口类型和网络设备侧端口类型;若接收端口的端口类型为用户侧端口类型,判定发送端为用户设备;若接收端口的端口类型为网络设备侧端口类型,判定发送端为非用户设备。
在一种可能的实现方式中,装置还包括分析单元1703,具体用于:获取第二信息,第二信息包括网络中多个网络设备的标识;获取多个网络设备中的每个网络设备的邻居信息,每个邻居信息包括源网络设备的标识、源网络设备端口标识和邻居设备的标识,源网络设备为发送邻居信息的设备,邻居设备为与源网络设备物理连接的设备,源网络设备端口标识用于指示源网络设备连接邻居设备的端口;基于第二信息和邻居信息,确定每个网络设备的端口的端口类型,端口类型为网络设备侧端口类型的端口连接的邻居设备的标识包含于第二信息中,端口类型为用户侧端口类型的端口连接的邻居设备的标识未包含于第二信息中。
在一种可能的实现方式中,接收单元1701,具体用于:接收多个镜像报文;多个镜像报文来自一个或多个网络设备;发送端的标识包括发送端的IP地址和发送端的MAC地址,接入位置获取单元1702,具体用于:若多个镜像报文中的N个镜像报文携带的发送端的IP地址相同,并且,N个镜像报文携带的 发送端的MAC地址未包含于第二信息中,以及N个镜像报文携带的网络设备的标识指示的是同一个网络设备,判定发送端为用户设备,第二信息包括网络中多个网络设备的标识。
在一种可能的实现方式中,接入位置获取单元1702,具体用于:若多个镜像报文中的M个镜像报文携带的发送端的IP地址相同,并且,M个镜像报文携带的发送端的MAC地址未包含于第二信息中,以及,M个镜像报文携带的网络设备的标识指示的是两个或两个以上网络设备,基于镜像报文中的接收端口标识,判断数据报文的发送端是否为用户设备。
在一种可能的实现方式中,接入位置获取单元1702具体用于:基于镜像报文中的接收端口标识和发送端的标识,判断数据报文的发送端是否为用户设备;若基于接收端口标识的判断结果指示发送端为用户设备,而基于发送端的标识的判断结果指示发送端为非用户设备,判定发送端为非用户设备。
在一种可能的实现方式中,装置还包括:接入位置存储单元1704,用于基于发送端的标识,查询用户设备接入信息,用户设备接入信息中包括至少一个用户设备的接入位置信息;接入位置存储单元1704,还用于若用户设备接入信息中已包含发送端的标识对应的用户设备的接入位置信息,且已保存的接入位置信息与当前获取到的接入位置信息不一致,更新用户设备接入信息中发送端的标识对应的用户设备的接入位置信息。
在另一个示例中,图18示出了本申请实施例的一种装置1800的示意性框图。装置1800可以包括:处理器1801和收发器/收发管脚1802,可选地,还包括存储器1803。该处理器1801可用于执行前述的实施例的各方法中的分析单元、接入位置获取单元以及接入位置存储单元所执行的步骤,并控制接收管脚接收信号,以及控制发送管脚发送信号。
装置1800的各个组件通过总线1804耦合在一起,其中总线系统1804除包括数据总线之外,还包括电源总线、控制总线和状态信号总线。但是为了清楚说明起见,在图中将各种总线都标为总线系统1804。
可选地,存储器1803可以用于前述方法实施例中的存储指令。
应理解,根据本申请实施例的装置1800可对应于前述的实施例的各方法中的分析单元、接入位置获取单元以及接入位置存储单元及所属服务器,并且装置1800中的各个元件的上述和其它管理操作和/或功能分别为了实现前述各个方法的相应步骤,为了简洁,在此不再赘述。
其中,上述方法实施例涉及的各步骤的所有相关内容均可以援引到对应功能模块的功能描述,在此不再赘述。
基于相同的技术构思,本申请实施例还提供一种计算机可读存储介质,该计算机可读存储介质存储有计算机程序,该计算机程序包含至少一段代码,该至少一段代码可由计算机执行,以控制计算机用以实现上述方法实施例。
基于相同的技术构思,本申请实施例还提供一种计算机程序,当该计算机程序被计算机执行时,用以实现上述方法实施例。
所述程序可以全部或者部分存储在与处理器封装在一起的存储介质上,也可以部分或者全部存储在不与处理器封装在一起的存储器上。
基于相同的技术构思,本申请实施例还提供一种处理器,该处理器用以实现上述方法实施例。上述处理器可以为芯片。
结合本申请实施例公开内容所描述的方法或者算法的步骤可以硬件的方式来实现,也可以是由处理器执行软件指令的方式来实现。软件指令可以由相应的软件模块组成,软件模块可以被存放于随机存取存储器(Random Access Memory,RAM)、闪存、只读存储器(Read Only Memory,ROM)、可擦除可编程只读存储器(Erasable Programmable ROM,EPROM)、电可擦可编程只读存储器(Electrically EPROM,EEPROM)、寄存器、硬盘、移动硬盘、只读光盘(CD-ROM)或者本领域熟知的任何其它形式的存储介质中。一种示例性的存储介质耦合至处理器,从而使处理器能够从该存储介质读取信息,且可向该存储介质写入信息。当然,存储介质也可以是处理器的组成部分。处理器和存储介质可以位于ASIC中。
本领域技术人员应该可以意识到,在上述一个或多个示例中,本申请实施例所描述的功能可以用硬件、软件、固件或它们的任意组合来实现。当使用软件实现时,可以将这些功能存储在计算机可读介质中或者作为计算机可读介质上的一个或多个指令或代码进行传输。计算机可读介质包括计算机存储介质和通信介质,其中通信介质包括便于从一个地方向另一个地方传送计算机程序的任何介质。存储介质可以是通用或专用计算机能够存取的任何可用介质。
本文中术语“和/或”,仅仅是一种描述关联对象的关联关系,表示可以存在三种关系,例如,A和/或B,可以表示:单独存在A,同时存在A和B,单独存在B这三种情况。
本申请实施例的说明书和权利要求书中的术语“第一”和“第二”等是用于区别不同的对象,而不是用于描述对象的特定顺序。例如,第一目标对象和第二目标对象等是用于区别不同的目标对象,而不是用于描述目标对象的特定顺序。
在本申请实施例中,“示例性的”或者“例如”等词用于表示作例子、例证或说明。本申请实施例中被描述为“示例性的”或者“例如”的任何实施例或设计方案不应被解释为比其它实施例或设计方案更优选或更具优势。确切而言,使用“示例性的”或者“例如”等词旨在以具体方式呈现相关概念。
在本申请实施例的描述中,除非另有说明,“多个”的含义是指两个或两个以上。例如,多个处理单元是指两个或两个以上的处理单元;多个系统是指两个或两个以上的系统。
上面结合附图对本申请的实施例进行了描述,但是本申请并不局限于上述的具体实施方式,上述的具体实施方式仅仅是示意性的,而不是限制性的,本领域的普通技术人员在本申请的启示下,在不脱离本申请宗旨和权利要求所保护的范围情况下,还可做出很多形式,均属于本申请的保护之内。

Claims (30)

  1. 一种设备接入位置的获取方法,其特征在于,包括:
    接收网络设备发送的镜像报文;其中,所述镜像报文为所述网络设备基于接收到的数据报文生成的,所述镜像报文中包括所述数据报文或者所述数据报文的部分内容,以及,所述网络设备的标识和接收端口标识,所述镜像报文中的数据报文或者所述镜像报文中的数据报文的部分内容中包括所述数据报文的发送端的标识,所述接收端口标识用于指示所述网络设备接收所述数据报文的接收端口;
    基于所述镜像报文,判断所述数据报文的发送端是否为用户设备;
    若判定所述发送端为所述用户设备,获取所述用户设备的接入位置信息,所述接入位置信息包括所述发送端的标识、所述网络设备的标识和所述接收端口标识。
  2. 根据权利要求1所述的方法,其特征在于,所述基于所述镜像报文,判断所述数据报文的发送端是否为用户设备,包括:
    基于所述镜像报文中的所述接收端口标识,判断所述数据报文的发送端是否为用户设备。
  3. 根据权利要求1所述的方法,其特征在于,所述基于所述镜像报文,判断所述数据报文的发送端是否为用户设备,包括:
    基于所述镜像报文中的所述发送端的标识,判断所述数据报文的发送端是否为用户设备。
  4. 根据权利要求1所述的方法,其特征在于,所述接收端口的端口类型为用户侧端口类型。
  5. 根据权利要求4所述的方法,其特征在于,所述基于所述镜像报文,判断所述数据报文的发送端是否为用户设备,包括:
    响应于接收到的所述镜像报文,判定所述数据报文的发送端为用户设备。
  6. 根据权利要求4所述的方法,其特征在于,所述接收网络设备发送的镜像报文之前,所述方法还包括:
    基于第一信息,确定网络中的至少一个网络设备,所述第一信息中包括所述网络中各网络设备的端口的端口标识和对应的端口类型,所述端口类型包括用户侧端口类型和网络设备侧端口类型,所述至少一个网络设备中的每个网络设备包括用户侧端口类型的端口;
    向所述至少一个网络设备发送指示信息,所述指示信息用于指示所述至少一个网络设备中的每个网络设备基于所述每个网络设备的所述用户侧接口类型的端口接收到的数据报文生成镜像报文。
  7. 根据权利要求2所述的方法,其特征在于,所述基于所述镜像报文中的接收端口标识,判断所述数据报文的发送端是否为用户设备,包括:
    基于第一信息和所述接收端口标识,确定所述接收端口的端口类型,所述第一信息包括网络中各网络设备的端口的端口标识和对应的端口类型,所述端口类型包括用户侧端口类型和网络设备侧端口类型;
    若所述接收端口的端口类型为所述用户侧端口类型,判定所述发送端为用户设备;
    若所述接收端口的端口类型为网络设备侧端口类型,判定所述发送端为非用户设备。
  8. 根据权利要求6或7所述的方法,其特征在于,所述接收网络设备发送的镜像报文之前,所述方法还包括:
    获取第二信息,所述第二信息包括所述网络中多个网络设备的标识;
    获取所述多个网络设备中的每个网络设备的邻居信息,每个邻居信息包括源网络设备的标识、源网络设备端口标识和邻居设备的标识,所述源网络设备为发送所述邻居信息的设备,所述邻居设备为与所述源网络设备物理连接的设备,所述源网络设备端口标识用于指示所述源网络设备连接所述邻居设备的端口;
    基于所述第二信息和所述邻居信息,确定每个网络设备的端口的端口类型,端口类型为所述网络设 备侧端口类型的端口连接的邻居设备的标识包含于所述第二信息中,端口类型为所述用户侧端口类型的端口连接的邻居设备的标识未包含于所述第二信息中。
  9. 根据权利要求3所述的方法,其特征在于,所述接收网络设备发送的镜像报文,包括:
    接收多个镜像报文;所述多个镜像报文来自一个或多个网络设备;
    所述发送端的标识包括所述发送端的IP地址和所述发送端的MAC地址,所述基于所述镜像报文中的所述发送端的标识,判断所述数据报文的发送端是否为用户设备,包括:
    若所述多个镜像报文中的N个镜像报文携带的发送端的IP地址相同,并且,所述N个镜像报文携带的发送端的MAC地址未包含于第二信息中,以及所述N个镜像报文携带的网络设备的标识指示的是同一个网络设备,判定所述发送端为用户设备,所述第二信息包括网络中多个网络设备的标识。
  10. 根据权利要求9所述的方法,其特征在于,所述基于所述镜像报文中的所述发送端的标识,判断所述数据报文的发送端是否为用户设备,还包括:
    若所述多个镜像报文中的M个镜像报文携带的发送端的IP地址相同,并且,所述M个镜像报文携带的发送端的MAC地址未包含于所述第二信息中,以及,所述M个镜像报文携带的网络设备的标识指示的是两个或两个以上网络设备,基于所述镜像报文中的所述接收端口标识,判断所述数据报文的发送端是否为用户设备。
  11. 根据权利要求1所述的方法,其特征在于,所述方法还包括:
    基于所述发送端的标识,查询用户设备接入信息,所述用户设备接入信息中包括至少一个用户设备的接入位置信息;
    若所述用户设备接入信息中已包含所述发送端的标识对应的用户设备的接入位置信息,且已保存的接入位置信息与当前获取到的接入位置信息不一致,更新所述用户设备接入信息中所述发送端的标识对应的用户设备的接入位置信息。
  12. 根据权利要求1至11任一项所述的方法,其特征在于,所述数据报文携带传输层控制信息或应用层控制信息。
  13. 根据权利要求1至12任一项所述的方法,其特征在于,所述数据报文为隧道报文,且所述发送端的标识承载于所述隧道报文的内层报文。
  14. 根据权利要求1至13任一项所述的方法,其特征在于,所述用户设备为服务器、终端设备或虚拟机。
  15. 一种设备接入位置的获取装置,其特征在于,包括:
    接收单元,用于接收网络设备发送的镜像报文;其中,所述镜像报文为所述网络设备基于接收到的数据报文生成的,所述镜像报文中包括所述数据报文或者所述数据报文的部分内容,以及,所述网络设备的标识和接收端口标识,所述镜像报文中的数据报文或者所述镜像报文中的数据报文的部分内容中包括所述数据报文的发送端的标识,所述接收端口标识用于指示所述网络设备接收所述数据报文的接收端口;
    接入位置获取单元,用于基于所述镜像报文,判断所述数据报文的发送端是否为用户设备;
    所述接入位置获取单元,还用于若判定所述发送端为所述用户设备,获取所述用户设备的接入位置信息,所述接入位置信息包括所述发送端的标识、所述网络设备的标识和所述接收端口标识。
  16. 根据权利要求15所述的装置,其特征在于,所述接入位置获取单元,具体用于基于所述镜像报文中的所述接收端口标识,判断所述数据报文的发送端是否为用户设备。
  17. 根据权利要求15所述的装置,其特征在于,所述接入位置获取单元,具体用于基于所述镜像报文 中的所述发送端的标识,判断所述数据报文的发送端是否为用户设备。
  18. 根据权利要求15所述的装置,其特征在于,所述接收端口的端口类型为用户侧端口类型。
  19. 根据权利要求18所述的装置,其特征在于,所述接入位置获取单元,具体用于响应于接收到的所述镜像报文,判定所述数据报文的发送端为用户设备。
  20. 根据权利要求18所述的装置,其特征在于,所述装置还包括分析单元,用于:
    基于第一信息,确定网络中的至少一个网络设备,所述第一信息中包括所述网络中各网络设备的端口的端口标识和对应的端口类型,所述端口类型包括用户侧端口类型和网络设备侧端口类型,所述至少一个网络设备中的每个网络设备包括用户侧端口类型的端口;
    向所述至少一个网络设备发送指示信息,所述指示信息用于指示所述至少一个网络设备中的每个网络设备基于所述每个网络设备的所述用户侧接口类型的端口接收到的数据报文生成镜像报文。
  21. 根据权利要求16所述的装置,其特征在于,所述接入位置获取单元,具体用于:
    基于第一信息和所述接收端口标识,确定所述接收端口的端口类型,所述第一信息包括网络中各网络设备的端口的端口标识和对应的端口类型,所述端口类型包括用户侧端口类型和网络设备侧端口类型;
    若所述接收端口的端口类型为所述用户侧端口类型,判定所述发送端为用户设备;
    若所述接收端口的端口类型为网络设备侧端口类型,判定所述发送端为非用户设备。
  22. 根据权利要求20或21所述的装置,其特征在于,所述装置还包括分析单元,具体用于:
    获取第二信息,所述第二信息包括所述网络中多个网络设备的标识;
    获取所述多个网络设备中的每个网络设备的邻居信息,每个邻居信息包括源网络设备的标识、源网络设备端口标识和邻居设备的标识,所述源网络设备为发送所述邻居信息的设备,所述邻居设备为与所述源网络设备物理连接的设备,所述源网络设备端口标识用于指示所述源网络设备连接所述邻居设备的端口;
    基于所述第二信息和所述邻居信息,确定每个网络设备的端口的端口类型,端口类型为所述网络设备侧端口类型的端口连接的邻居设备的标识包含于所述第二信息中,端口类型为所述用户侧端口类型的端口连接的邻居设备的标识未包含于所述第二信息中。
  23. 根据权利要求17所述的装置,其特征在于,所述接收单元,具体用于:
    接收多个镜像报文;所述多个镜像报文来自一个或多个网络设备;
    所述发送端的标识包括所述发送端的IP地址和所述发送端的MAC地址,所述接入位置获取单元,具体用于:
    若所述多个镜像报文中的N个镜像报文携带的发送端的IP地址相同,并且,所述N个镜像报文携带的发送端的MAC地址未包含于第二信息中,以及所述N个镜像报文携带的网络设备的标识指示的是同一个网络设备,判定所述发送端为用户设备,所述第二信息包括网络中多个网络设备的标识。
  24. 根据权利要求23所述的装置,其特征在于,所述接入位置获取单元,具体用于:
    若所述多个镜像报文中的M个镜像报文携带的发送端的IP地址相同,并且,所述M个镜像报文携带的发送端的MAC地址未包含于所述第二信息中,以及,所述M个镜像报文携带的网络设备的标识指示的是两个或两个以上网络设备,基于所述镜像报文中的所述接收端口标识,判断所述数据报文的发送端是否为用户设备。
  25. 根据权利要求15所述的装置,其特征在于,所述装置还包括:
    接入位置存储单元,用于基于所述发送端的标识,查询用户设备接入信息,所述用户设备接入信息中包括至少一个用户设备的接入位置信息;
    所述接入位置存储单元,还用于若所述用户设备接入信息中已包含所述发送端的标识对应的用户设 备的接入位置信息,且已保存的接入位置信息与当前获取到的接入位置信息不一致,更新所述用户设备接入信息中所述发送端的标识对应的用户设备的接入位置信息。
  26. 根据权利要求15至25任一项所述的装置,其特征在于,所述数据报文携带传输层控制信息或应用层控制信息。
  27. 根据权利要求15至26任一项所述的装置,其特征在于,所述数据报文为隧道报文,且所述发送端的标识承载于所述隧道报文的内层报文。
  28. 根据权利要求15至27任一项所述的装置,其特征在于,所述用户设备为服务器、终端设备或虚拟机。
  29. 一种计算机存储介质,其特征在于,包括计算机指令,当所述计算机指令在计算机上运行时,使得所述计算机执行如权利要求1-14任一项所述的方法。
  30. 一种计算机程序产品,其特征在于,当所述计算机程序产品在计算机上运行时,使得所述计算机执行如权利要求1-14任一项所述的方法。
PCT/CN2024/083830 2023-03-30 2024-03-26 设备接入位置的获取方法及装置 WO2024199223A1 (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202310371599.9 2023-03-30
CN202310371599.9A CN118740603A (zh) 2023-03-30 2023-03-30 设备接入位置的获取方法及装置

Publications (1)

Publication Number Publication Date
WO2024199223A1 true WO2024199223A1 (zh) 2024-10-03

Family

ID=92851699

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2024/083830 WO2024199223A1 (zh) 2023-03-30 2024-03-26 设备接入位置的获取方法及装置

Country Status (2)

Country Link
CN (1) CN118740603A (zh)
WO (1) WO2024199223A1 (zh)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102883265A (zh) * 2012-09-20 2013-01-16 中国联合网络通信集团有限公司 接入用户的位置信息发送和接收方法、设备及系统
CN107181759A (zh) * 2017-07-05 2017-09-19 杭州迪普科技股份有限公司 一种用户设备的认证方法及装置
WO2023281661A1 (ja) * 2021-07-07 2023-01-12 日本電気株式会社 情報処理装置、情報処理システム、情報処理方法、及びコンピュータ可読媒体

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102883265A (zh) * 2012-09-20 2013-01-16 中国联合网络通信集团有限公司 接入用户的位置信息发送和接收方法、设备及系统
CN107181759A (zh) * 2017-07-05 2017-09-19 杭州迪普科技股份有限公司 一种用户设备的认证方法及装置
WO2023281661A1 (ja) * 2021-07-07 2023-01-12 日本電気株式会社 情報処理装置、情報処理システム、情報処理方法、及びコンピュータ可読媒体

Also Published As

Publication number Publication date
CN118740603A (zh) 2024-10-01

Similar Documents

Publication Publication Date Title
US11979322B2 (en) Method and apparatus for providing service for traffic flow
US11729059B2 (en) Dynamic service device integration
US10237177B2 (en) Transfer device and transfer system
US11184842B2 (en) Conveying non-access stratum messages over ethernet
US9940153B2 (en) Method for generating configuration information, and network control unit
US10284461B2 (en) Method and related apparatus for probing packet forwarding path
CN112787931A (zh) 报文传输方法、代理节点及存储介质
CN109218178A (zh) 一种报文处理方法及网络设备
US10050859B2 (en) Apparatus for processing network packet using service function chaining and method for controlling the same
CN107306215B (zh) 一种数据处理方法、系统及节点
WO2018171529A1 (zh) 一种实现双控制平面的方法、装置、计算机存储介质
CN113938405B (zh) 一种数据处理的方法、装置
CN112511431A (zh) 一种用于虚拟化网络仿真的路由流量融合方法
CN115426305B (zh) 报文处理方法、装置、系统及存储介质
US20190215191A1 (en) Deployment Of Virtual Extensible Local Area Network
US11611506B2 (en) Processing a flow at the egress node in segment routing
US20040215781A1 (en) Techniques for determining device connectivity in a network using protocol-specific connectivity information
CN108075991B (zh) 报文转发方法及装置
US20230261963A1 (en) Underlay path discovery for a wide area network
WO2024001701A1 (zh) 数据处理方法、装置及系统
CN113965509A (zh) 路由方法、跨设备链路聚合组、装置、存储介质和网络
US20220247598A1 (en) Packet Detection Method, Connectivity Negotiation Relationship Establishment Method, and Related Device
WO2024199223A1 (zh) 设备接入位置的获取方法及装置
CN116455837A (zh) 一种报文处理方法及装置、设备、存储介质
JP2015521391A (ja) 通信システムと通信方法並びにプログラム

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 24778011

Country of ref document: EP

Kind code of ref document: A1