CN106506264B - A kind of self-defining data packet method of sampling based on SDN - Google Patents
A kind of self-defining data packet method of sampling based on SDN Download PDFInfo
- Publication number
- CN106506264B CN106506264B CN201610929876.3A CN201610929876A CN106506264B CN 106506264 B CN106506264 B CN 106506264B CN 201610929876 A CN201610929876 A CN 201610929876A CN 106506264 B CN106506264 B CN 106506264B
- Authority
- CN
- China
- Prior art keywords
- sampling
- data packet
- controller
- sample
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/02—Capturing of monitoring data
- H04L43/022—Capturing of monitoring data by sampling
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The self-defining data packet method of sampling based on SDN that the invention discloses a kind of.The method include the steps that 1) sampling module is arranged in the controller, the sampling configuration information that controller is sent according to upper layer application configures designated switch;2) when controller receives the sampling sign on that upper layer application is sent, designated switch is sent it to;3) when interchanger receives sampling sign on, the timer for starting setting screens each data packet according to configuration, obtains the data packet for meeting matching rule, then content needed for extracting from the data packet filtered out according to the sample mode of configuration, is output to designated port;4) when controller receives the sampling halt instruction that upper layer application is sent, sampling halt instruction is issued to designated switch according to sampling halt instruction;When interchanger receives stopping sampling instruction, stops sampling and cancel timer.The present invention not only guarantees that sample content is more accurate, and can reduce the size of data packet to the greatest extent.
Description
Technical field
The invention belongs to computer network fields, are related to a kind of method of sampling, more specifically, are related to one kind towards SDN
The self-defining data packet method of sampling.
Background technique
Network packet sampling purpose be to obtain the status information of network with a small amount of information content, to network communication into
Row monitoring, and some abnormal conditions of network are handled, now with the quick universal and network attack row of internet
For frequently occur, protect the operational safety of network also to become data packet sampling and then reach another free-revving engine of monitoring.
And existing traditional network, information collection usually is carried out to data packet by data image or according to the protocol format defined,
It samples other than needing to carry out complicated configuration or additional hardware supported to interchanger, the data packet sampled and required letter
Manner of breathing ratio, or since protocol format limits, sample content cannot be defined flexibly, cause sampled data inaccurately to be taken on demand, lead
Cause data packet excessive, data portion contains many useless information, causes to bring when data packet flow is very big to bandwidth
Very big pressure, the ability that data package size is finally minimized in the case where guaranteeing the complete situation of information needed are all limited.
The patent for being related to the method sampled based on SDN data packet at present is 201410827207.6, patent sampling
Mode is sampled for complete data packet, although also being wrapped in addition to useful feature wherein cover all useful features
Contain many other garbages, sample content cannot be minimized according to demand, does not make full use of SDN characteristic.Certainly based on SDN
Define the data packet method of sampling realized by being extended to existing OpenFlow instruction set each parameter in sampling process from
Definition setting, it is final to realize that flexibly complete sampling functions, SDN technology provide support for the realization of the method for sampling.Its
The complicated network equipment is divided into two, forwarding capability is realized by single hardware, referred to as data surface, and more complicated
Control, management are serviced and are realized by software, referred to as control plane, are transformed into original fully distributed framework in complete set
Or logical centralization/half centralization framework.By control plane carry out sampling configuration-direct, sampling initial order issue and it is right
The design parameter of sampling is set, so that the method for sampling that can customize is realized, it is minimum while realizing sampling on demand
Change sampled data bag size.
Summary of the invention
For the technical problems in the prior art, the purpose of the present invention is to provide a kind of based on the customized of SDN
The data packet method of sampling, the present invention support to carry out the specified sampling of data packet using custom parameter.
The present invention is based on SDN technologies can be for including screening rule, sample exchange come the customized sampling functions realized
Machine, sampled data Packet type, sampling time, sampled data bag output port, sample content carry out customized setting, and are screening
Rule and sample content part reach minimum unit be position matching, can step-by-step setting screening rule (need sample content
Displacement and sampling length) and step-by-step export adopted content, while the packet header of designated length also being supported to sample.In controller
It modifies on interchanger, adds sampling module respectively, so that controller and interchanger are realized by sending instructions under controller,
It is flexibly sampled in data Layer, and this sample mode provides different sample modes for user, is sampling user on demand
Under the premise of, not only guarantee that sample content is more accurate, also eliminates other uncorrelated contents, to reduce data to the greatest extent
The size of packet.
On the one hand, the present invention provides a kind of customized method of samplings of the data packet based on SDN, this method comprises:
1) controller receives the sample information from upper layer application, and controller parses it, obtains relevant parameter,
Sampling instruction is issued into specified interchanger;
A) customized based on SDN described in refers to that controller receives the sampling from upper layer application in SDN network
Information passes through the function of sampling module in controller issued to identification parsing, instruction generation and the instruction of upper layer application information
Can, when receiving the information of upper layer application, information identification and Parameter analysis of electrochemical are carried out, generates sampling configuration-direct using parameter, and
Under send instructions to designated switch, wherein be used to carry out sampling configuration sampling configuration information format it is as follows: instruction name;–i
Sampling interval;- v once samples duration;- p output port;- s sample exchange machine ID;- l matching rule;- o sample content;- h packet
Head length.
I. the parameter that the sampling configuration information of the parsing from upper layer application parses, refers to specified sample exchange
Machine, sample mode and the configuration parameter for being handed down to interchanger.
Ii. the sampling configuration-direct that the controller issues and interchanger receives is
OFSampleConfigRequest, instruction format are as follows: outputPort (16B), headLen (16B),
SamplingInterval(32B)、SamplingValueTime(32B)、matchFieldNum(16B)、offsetArr
(16B*matchFieldNum)、lenArr(16B*matchFieldNum)、maskArr(16B*matchFieldNum)、
OutFieldNum (16B) outOffsetArr (16B*outFieldNum) outLenArr (16B*outFieldNum), passes through
Parsing obtain relevant parameter, be respectively output port, packet header sampling length, the sampling interval, sampling duration, Matching Offsets,
With length, matching mask, output field number, output field displacement and output field length, and phase is carried out on switches
It closes and configures each parameter.
Iii. the sample mode includes packet header sampling and field sampling or is used in conjunction with, and packet header sampling, is finger to finger
The packet header content of measured length is sampled, and is continuous;Field sampling, refers to that the field that will be specified in data packet samples,
It can be interval, and can be a field or multiple fields.
Iv. the sampling time includes primary sampling duration and sampling interval.
V. the sampling matching rule can be multiple fields, wherein each field includes offset, length and covers
Code is determined by offset and length and is used to matched data in data packet, the segment data and mask matched to sentence
It is disconnected whether to meet sampling request, after meeting sampling request, sampling processing is carried out to the packet content, wherein sampling process is
The duplication of data is carried out using output field number, output field displacement and output field length and output operates.
Vi. the sampled data bag output port refers to the designated port that interchanger exports sample content.
Vii. the sample content, if sample mode is packet header sampling, sample content is sampling length, is packaged from data
Beginning position starts, and carries out specified output to the packet content of designated length;If sample mode is field sampling, sample content
Offset, sampling length for each field determine that a few positions of data packet are spliced and specified by offset and length
Output.
2) after the sampling on interchanger is provided with, controller receives the sample information from upper layer application, passes through control
The identification to upper layer application information of sampling module parses in device, carries out information identification and Parameter analysis of electrochemical, is adopted using parameter generation
Sample start-stop instruction, and under send instructions to designated switch, make interchanger execute corresponding actions.Wherein it is used to control sampling start-stop
Sample information format is as follows: instruction name-t1 (sampling starts) or instruction name-t0 (sampling stops).
I. the interchanger, which starts to sample, refers to that interchanger sets timer by sampling configuration-direct, when interchanger receives
When starting sampling instruction, start timer, periodically each data packet is screened using matching rule, meets matching
The data packet of rule takes required content, final output to designated port to the data packet according to specified sample mode.
Ii. when the interchanger stopping sampling referring to that interchanger receives stopping sampling instruction, cancellation timer terminates all
Sampling behavior.
On the other hand, the self-defining data packet sampling system based on SDN that the present invention provides a kind of.Simultaneously because of the invention
Dependent on SDN mechanism, therefore use mainstream controller software and switch protocol.
1) sample information from upper layer application is received;
2) judge sample information type, and parse sample information, issue command adapted thereto to designated switch;
If 3) interchanger receives sampling configuration-direct, interchanger is configured, sign on to be sampled is waited;
4) interchanger is after the completion of sampling configuration, if receiving sampling sign on, the specified content by sampling of timing
It is output to designated port;If receive halt instruction, all samplings are terminated, wait sampling next time.
Compared with prior art, beneficial effects of the present invention:
The present invention can be realized using the characteristic of SDN supports customized setting to sample, and adopts on demand to realize to data packet
Sample, and do not have any influence to the integrality of source data packet and implementation procedure, the flexibility of sampling is increased, controllability simultaneously subtracts
Small sampled result size, alleviates the pressure transmitted in data plane, this method can be to the data of SDN network data plane
It is sampled and carrys out timely awareness network status, and provided data to some attack detectings and support.
Detailed description of the invention
Fig. 1 is system operational process schematic diagram;
Fig. 2 is the flow chart of customized sampling module in controller;
Fig. 3 is the flow chart of customized sampling process in interchanger;
Fig. 4 is the flow chart of customized sampling.
Specific embodiment
To keep the purposes, technical schemes and advantages of the embodiment of the present invention clearer, further below in conjunction with attached drawing pair
The present invention is described in detail.
1. Fig. 1 is system operational flow diagram of the invention.As shown in Figure 1, which comprises
1) customized sampling module in controller, controller receive the sample information from upper layer application, carry out type
Judgement and parsing operation, the output of the subsystem be sampling configuration, sampling start/sample halt instruction;
2) interchanger receives and parses through instruction, if what is obtained is sampling configuration-direct, configures interchanger with custom parameter;
If what is obtained is to start sampling instruction, under the premise of completing configuration, to the specified content of the data packet for meeting sampling request into
Row sampling processing;If what is obtained is off sampling instruction, under the premise of starting sampling, stop sampling process, the subsystem
Output is sampled result.
2. the detailed process that Fig. 2 is customized sampling module in controller of the invention:
1) controller receives the sampling configuration information from upper layer application;
A) format of configuration information is sampled are as follows: the instruction name-i sampling interval;- v once samples duration;- p output port;–
S sample exchange machine ID;- l matching rule;- o sample content;The packet header-h length.Wherein sampling interval unit is ms, does not write unit;
Primary sampling duration unit is ms, does not write unit;Sample exchange machine ID can have multiple to be separated with comma;Matching rule can have more
A to be separated with branch, each field includes field length, and offset, three parts of mask form, separated respectively with comma;Sampling
Content can have it is multiple separated with branch, each field includes field length, and two parts of offset are separated with comma respectively;Packet
Head length be packet header sample mode under specify output packet header length, with-beginning seven parameters must have, sequentially can be mutual
It changes.
B) start information is sampled are as follows: 1;Sample Stop message are as follows: 0.
2) controller according to instruction format analyze the instruction in each parameter;
3) using the parameter parsed as order parameter, the OpenFlow instruction for issuing respective extension is issued to controller
It responds in interchanger.
3. the detailed process that Fig. 3 is customized sampling process in interchanger of the invention:
1) instruction is received, decision instruction type, if it is sampling configuration-direct, parsing obtains configuration parameter, configuration exchange
Machine continues waiting for;It is instructed if it is sampling is started, and interchanger has configured completion, starts to be sampled;
2) according to matching rule garbled data packet, and its specified portions is sampled;
3) sampled result is exported according to specified output port;
4) instruction is received, decision instruction type then stops sampling if it is sampling instruction is terminated.
4. the detailed process that Fig. 4 is the flow chart of customized sampling of the invention:
A) controller receives north orientation application and sends sampling configuration-direct, parses to instruction, when instruction format is correct, solution
It is complete to analyse obtained parameter, using relevant parameter as sampling configuration-direct parameter, is issued in the interchanger specified in parameter;
The sampling configuration-direct that controller is handed down to interchanger includes sampling time parameter, output port, data packet matched rule, sampling
Content parameters issue sampling configuration-direct into designated switch by controller;Controller receive beginning that north orientation application sends/
Stop sampling instruction, instruction is parsed, issues beginning/stopping sampling and instruct into interchanger;
B) interchanger for receiving instruction parses instruction, if it is sampling configuration-direct, the parameter obtained with parsing
Corresponding configuration is carried out to sampling process;Start/halt instruction if it is sampling, then starts/stop to sample;
2) start sampling when, interchanger judge whether be can the sampling time, if it is carry out in next step, otherwise by data
Packet is put back into normal flow;
3) judge whether data packet meets the matching rule of sampled data bag, if it is carry out in next step, otherwise to count
It is put back into normal flow according to packet;
4) data packet corresponding portion is replicated according to the content that parameter is specified, and generates sampled result data packet;
5) the sampled result data packet of generation is exported according to the output port that parameter is specified;
6) the former data packet for not doing any change is put back into the normal flow of interchanger.
In conclusion of the invention control plane by SDN based on the customized method of sampling of SDN technical data package and system
The characteristic mutually separated with data plane, realization flexibly acquire information needed in self defined time, and defeated according to designated port
Out.This method can guarantee the accuracy of sampled data while the significantly size of compression sampling result, obtain network
Status information, network communication is monitored, handles some abnormal conditions of network in time.
Through the above description of the embodiments, those skilled in the art can be understood that the present invention in SDN
In realization process, the above embodiments are merely illustrative of the technical solutions of the present invention rather than is limited, this field it is general
Logical technical staff can be with modification or equivalent replacement of the technical solution of the present invention are made, without departing from spirit and model of the invention
It encloses, protection scope of the present invention should be subject to described in claims.
Claims (3)
1. a kind of self-defining data packet method of sampling based on SDN, the steps include:
1) sampling module is set in the controller, and the sampling configuration information that controller is sent according to upper layer application is to specified exchange
Machine is configured;The sampling configuration information includes: sample exchange machine, sample mode and the configuration for being handed down to sample exchange machine
Parameter;The sample mode includes packet header sampling and/or field sampling;The configuration parameter includes: output port, packet header sampling
Length, sampling interval, sampling duration, Matching Offsets, matching length, matching mask, output field number, output field displacement
And output field length;
2) when controller receives the sampling sign on that upper layer application is sent, controller is according to sampling sign on to specified friendship
It changes planes and issues sampling sign on;
3) interchanger receive sampling sign on when, start the timer of setting, according to step 1) configuration to each data packet into
Row screening, obtains the data packet for meeting matching rule, then extracts from the data packet filtered out according to the sample mode of configuration
Required content, is output to designated port;Wherein, it if sample mode is packet header sampling, is extracted since data packet initial position
Set the data of length;If sample mode be field sampling, according to the offset of field each in data packet, sampling length come
It determines that each field is used to matched data, then the sample content of each field is spliced to the sampled data as the data packet;
4) when controller receives the sampling halt instruction that upper layer application is sent, controller is according to sampling halt instruction to specified friendship
It changes planes and issues sampling halt instruction;When interchanger receives stopping sampling instruction, stops sampling and cancel timer.
2. the method as described in claim 1, which is characterized in that it include switch identification information in the sampling sign on,
Controller issues sampling sign on to designated switch according to the switch identification information in sampling sign on;The sampling
It include switch identification information in halt instruction, controller is according to the switch identification information in sampling halt instruction to specified friendship
It changes planes and issues sampling halt instruction.
3. the method as described in claim 1, which is characterized in that the matching rule includes several samples fields, each sampling
Field includes offset, length and mask;It is determined by offset and length and is used to matched data in data packet, then
The segment data and mask are matched to determine whether meeting sampling request, after meeting sampling request, in the data packet
Hold carry out sampling processing, wherein sampling process be using output field number, output field displacement and output field length into
The duplication and output of row data operate.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610929876.3A CN106506264B (en) | 2016-10-31 | 2016-10-31 | A kind of self-defining data packet method of sampling based on SDN |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610929876.3A CN106506264B (en) | 2016-10-31 | 2016-10-31 | A kind of self-defining data packet method of sampling based on SDN |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106506264A CN106506264A (en) | 2017-03-15 |
| CN106506264B true CN106506264B (en) | 2019-11-19 |
Family
ID=58319271
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610929876.3A Active CN106506264B (en) | 2016-10-31 | 2016-10-31 | A kind of self-defining data packet method of sampling based on SDN |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106506264B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110191306B (en) * | 2018-06-06 | 2022-02-01 | 浙江宇视科技有限公司 | SDN-based data service transmission optimization method and device |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103036653A (en) * | 2012-12-26 | 2013-04-10 | 华中科技大学 | Method of network coding for Open Flow networks |
| CN104301129A (en) * | 2013-07-16 | 2015-01-21 | 上海宽带技术及应用工程研究中心 | Dynamic host configuration method and system in software defined network |
| CN104580173A (en) * | 2014-12-25 | 2015-04-29 | 广东顺德中山大学卡内基梅隆大学国际联合研究院 | SDN (self-defending network) anomaly detection and interception method and system |
| CN104580168A (en) * | 2014-12-22 | 2015-04-29 | 华为技术有限公司 | Method, device and system for processing attack data packages |
-
2016
- 2016-10-31 CN CN201610929876.3A patent/CN106506264B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103036653A (en) * | 2012-12-26 | 2013-04-10 | 华中科技大学 | Method of network coding for Open Flow networks |
| CN104301129A (en) * | 2013-07-16 | 2015-01-21 | 上海宽带技术及应用工程研究中心 | Dynamic host configuration method and system in software defined network |
| CN104580168A (en) * | 2014-12-22 | 2015-04-29 | 华为技术有限公司 | Method, device and system for processing attack data packages |
| CN104580173A (en) * | 2014-12-25 | 2015-04-29 | 广东顺德中山大学卡内基梅隆大学国际联合研究院 | SDN (self-defending network) anomaly detection and interception method and system |
Non-Patent Citations (1)
| Title |
|---|
| 面向工业控制网络的***方案;陈晓兵 等;《信息网络安全》;20160731(第7期);第61-70页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106506264A (en) | 2017-03-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| WO2020192733A1 (en) | Timed task configuration method, server, system and computer-readable storage medium | |
| CN106357534A (en) | Network flow monitoring system and method based on SDN | |
| CN103905237B (en) | A kind of network management system and management method of switching network for communication | |
| CN110290092B (en) | SDN network configuration management method based on programmable switch | |
| CN109617923A (en) | A kind of transformer station process layer network packet filtering retransmission unit | |
| CN105119911B (en) | A kind of safety certifying method and system based on SDN streams | |
| CN106506264B (en) | A kind of self-defining data packet method of sampling based on SDN | |
| CN109995675A (en) | A kind of adaptive industrial ethernet gateway System and method for based on software definition | |
| CN109194590B (en) | Network switching system supporting intelligence in network | |
| CN105025254B (en) | A kind of multi-platform monitoring terminal system development approach | |
| CN106850616A (en) | The method that distributed fire wall network consistent updates are solved using SDN technologies | |
| CN106850331A (en) | A kind of Ethernet with synchronised clock function hair frame device of field of traffic | |
| CN107248981A (en) | Internet of Things intelligent equipment protocol storehouse | |
| CN109450928A (en) | A kind of across cloud data penetration transmission method and system based on UDP and Modbus TCP | |
| CN107290988A (en) | Robot and its teaching machine communication system and method | |
| CN106897191A (en) | A kind of method and apparatus being monitored to system | |
| CN109713791B (en) | Diagnostic method for remote control command abnormity of smart power grid | |
| CN110296504A (en) | Air-conditioning O&M intelligent gateway and preservation & testing method | |
| CN202466183U (en) | Voice alarm system for lace dyeing machine | |
| CN105959137B (en) | The synchronous method and device of configuration data is realized in a kind of PON system | |
| CN110475087A (en) | A kind of transaction processing system, method and electronic equipment | |
| CN103401742B (en) | Effective method and system for home gateway SIP (Session Initiation Protocol) configuration | |
| CN106956265A (en) | The execution method and system of robot motion planning based on ROS and OROCOS | |
| CN106685460B (en) | A kind of intelligence outdoor pole top switch control system and method | |
| CN106130823B (en) | Uniformly send the method and system of BFD message |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |