TWI699100B - Path check device and path check method for heterogeneous sdn network - Google Patents

Path check device and path check method for heterogeneous sdn network Download PDF

Info

Publication number
TWI699100B
TWI699100B TW107143996A TW107143996A TWI699100B TW I699100 B TWI699100 B TW I699100B TW 107143996 A TW107143996 A TW 107143996A TW 107143996 A TW107143996 A TW 107143996A TW I699100 B TWI699100 B TW I699100B
Authority
TW
Taiwan
Prior art keywords
node
path
information
software
split
Prior art date
Application number
TW107143996A
Other languages
Chinese (zh)
Other versions
TW202023239A (en
Inventor
呂偉誌
黃詩宜
陳柏瑞
陳昶禎
簡士哲
Original Assignee
中華電信股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中華電信股份有限公司 filed Critical 中華電信股份有限公司
Priority to TW107143996A priority Critical patent/TWI699100B/en
Publication of TW202023239A publication Critical patent/TW202023239A/en
Application granted granted Critical
Publication of TWI699100B publication Critical patent/TWI699100B/en

Links

Images

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

A path check method for heterogeneous SDN network is provided, comprising: obtaining first information of a first node and second information of a second, and generating a first segmented path according to the first information and the second information; formulating a check packet format to transmit the check packet format to a SDN controller corresponding to the first segmented path, and receiving a check result of the first segmented path; and determining whether there is a fault occurred in a path between the first node and the second node.

Description

用於異質軟體定義網路的路徑查測裝置及路徑查測方法Path checking device and path checking method for heterogeneous software-defined network

本發明是有關於一種網路的路徑查測裝置及路徑查測方法,且特別是有關於一種用於異質軟體定義網路的路徑查測裝置及路徑查測方法。The invention relates to a path checking device and a path checking method for a network, and more particularly to a path checking device and a path checking method for a heterogeneous software-defined network.

隨著軟體定義網路(software-defined networking,SDN)以及網路技術的演進,網路由一網一設備的架構逐漸移轉至多網路共用相同設備的方式。尤其網路的使用又會跨越實體與虛擬等多個網段,其中不同網段可能又被不同的SDN控制器所管控,導致網路問題的查測變的更加困難。With the evolution of software-defined networking (SDN) and network technology, the architecture of one device for one network has gradually shifted to the way that multiple networks share the same device. In particular, the use of the network will span multiple network segments such as physical and virtual, and different network segments may be controlled by different SDN controllers, which makes it more difficult to detect network problems.

一般的SDN控制器只能提供目前隸屬於其下之交換器的狀態以及拓樸資料。在網路復雜的環境裡,網管人員無法快速的找出網路傳輸哪裡出問題,而只能藉由拓樸資料檢查連接埠或連線是否有異常,但在網路的環境中有可能這些資訊正常的情形下,由於流表規則設定錯誤或是無法確認跨網段的連線情況,導致機器間還是無法順利連通。若遭遇這種情形,網管人員只能一台一台地檢查設備。A general SDN controller can only provide the status and topology data of the switches currently under it. In a complex network environment, network administrators cannot quickly find out where there is a problem with the network transmission, but can only check whether the port or connection is abnormal by using topology data, but this may be possible in a network environment When the information is normal, because the flow table rules are set incorrectly or the connection status across the network segment cannot be confirmed, the machine still cannot connect smoothly. In such a situation, network administrators can only check the devices one by one.

有鑑於此,本發明提供一種用於異質軟體定義網路的路徑查測裝置及路徑查測方法,以降低查測異質SDN網路中之障礙的困難。In view of this, the present invention provides a path checking device and a path checking method for heterogeneous software-defined networks to reduce the difficulty of checking obstacles in heterogeneous SDN networks.

本發明提供一種用於異質軟體定義網路的路徑查測裝置,包括通訊單元、使用者介面、儲存媒體以及處理器。通訊單元傳送及接收訊號。使用者介面接收操作以決定第一節點和第二節點。儲存媒體儲存多個模組。處理器耦接通訊單元、儲存媒體以及使用者介面,且存取並執行該些模組,該些模組包括網路編配模組以及軟體定義網路管理模組。網路編配模組取得該第一節點的第一資訊和該第二節點的第二資訊,且根據該第一資訊和該第二資訊產生第一分割路徑。軟體定義網路管理模組制定查測封包格式以透過該通訊單元傳送該查測封包格式至對應於該第一分割路徑的軟體定義網路控制器,並且接收該第一分割路徑的查測結果,其中軟體定義網路管理模組根據該查測結果判斷該第一節點及該第二節點之間的路徑是否發生障礙。The invention provides a path checking device for a heterogeneous software-defined network, which includes a communication unit, a user interface, a storage medium and a processor. The communication unit transmits and receives signals. The user interface receives operations to determine the first node and the second node. The storage medium stores multiple modules. The processor is coupled to the communication unit, the storage medium, and the user interface, and accesses and executes the modules. The modules include a network configuration module and a software-defined network management module. The network allocation module obtains the first information of the first node and the second information of the second node, and generates a first split path according to the first information and the second information. The software-defined network management module formulates a test packet format to transmit the test packet format to the software-defined network controller corresponding to the first split path through the communication unit, and receives the test result of the first split path , Wherein the software-defined network management module determines whether an obstacle occurs in the path between the first node and the second node according to the inspection result.

本發明提供一種用於異質軟體定義網路的路徑查測方法,包括:取得該第一節點的第一資訊和該第二節點的第二資訊,且根據該第一資訊和該第二資訊產生第一分割路徑;制定查測封包格式以傳送該查測封包格式至對應於該第一分割路徑的軟體定義網路控制器,並且接收該第一分割路徑的查測結果;以及根據該查測結果判斷該第一節點及該第二節點之間的路徑是否發生障礙。The present invention provides a path checking method for a heterogeneous software-defined network, including: obtaining first information of the first node and second information of the second node, and generating based on the first information and the second information A first split path; formulate a test packet format to transmit the test packet format to the software-defined network controller corresponding to the first split path, and receive the test result of the first split path; and according to the test As a result, it is determined whether an obstacle occurs in the path between the first node and the second node.

基於上述,本發明透過集中控管SDN控制器以及實際投放查測封包進行查測,從而取得封包所經過的SDN網路節點之相關資訊,達到確實查測的功能,並有效地降低異質SDN網路中之障網路節點異常查測之困難。Based on the above, the present invention conducts inspection through centralized control of the SDN controller and actual delivery of inspection packets, thereby obtaining relevant information about the SDN network nodes through which the packet passes, achieving the function of authentic inspection, and effectively reducing heterogeneous SDN networks. It is difficult to detect abnormalities of network nodes on the road.

為讓本發明的上述特徵和優點能更明顯易懂,下文特舉實施例,並配合所附圖式作詳細說明如下。In order to make the above-mentioned features and advantages of the present invention more comprehensible, the following specific embodiments are described in detail in conjunction with the accompanying drawings.

圖1根據本發明的實施例繪示用於異質SDN網路的路徑查測裝置10及其所管理的SDN控制器2、SDN控制器3的示意圖,其中SDN網路可例如是使用OpenFlow協定的網路架構,而SDN控制器2、SDN控制器3為支援OpenFlow協定的控制器。舉例來說,SDN控制器2可例如是Ryu控制器,且SDN控制器3可例如是OpenDaylight控制器,但路徑查測裝置10可適用於管理各種支援OpenFlow協定之不同品牌的SDN控制器。以SDN控制器2為例,SDN控制器2可用以管理SDN網路,SDN網路可包括SDN交換器、連接埠或其他種支援OpenFlow協定的網路節點。Fig. 1 illustrates a schematic diagram of a path checking device 10 for a heterogeneous SDN network and its managed SDN controller 2 and SDN controller 3 according to an embodiment of the present invention, where the SDN network may be, for example, using the OpenFlow protocol Network architecture, and SDN controller 2 and SDN controller 3 are controllers supporting the OpenFlow protocol. For example, the SDN controller 2 may be, for example, a Ryu controller, and the SDN controller 3 may be, for example, an OpenDaylight controller, but the path finding device 10 may be suitable for managing various SDN controllers of different brands supporting the OpenFlow protocol. Taking the SDN controller 2 as an example, the SDN controller 2 can be used to manage the SDN network, and the SDN network can include SDN switches, ports, or other network nodes that support the OpenFlow protocol.

路徑查測裝置10可包括處理器100、儲存媒體300、使用者介面500以及通訊單元700。在本實施例中,路徑查測裝置10可透過通訊單元700通訊連接至一或多個SDN控制器以管理或控制該些SDN控制器,其中,該些SDN控制器可包括但不限於如圖1所示的SDN控制器2以及SDN控制器3。The path checking device 10 may include a processor 100, a storage medium 300, a user interface 500, and a communication unit 700. In this embodiment, the path checking device 10 may be communicatively connected to one or more SDN controllers through the communication unit 700 to manage or control the SDN controllers, where the SDN controllers may include but are not limited to SDN controller 2 and SDN controller 3 shown in 1.

處理器100耦接通訊單元700、儲存媒體300以及使用者介面500,且存取並執行儲存媒體300中的模組。處理器100可例如是中央處理單元(central processing unit,CPU),或是其他可程式化之一般用途或特殊用途的微處理器(microprocessor)、數位信號處理器(digital signal processor,DSP)、可程式化控制器、特殊應用積體電路(application specific integrated circuit,ASIC)或其他類似元件或上述元件的組合,本發明不限於此。The processor 100 is coupled to the communication unit 700, the storage medium 300, and the user interface 500, and accesses and executes the modules in the storage medium 300. The processor 100 may be, for example, a central processing unit (CPU), or other programmable general-purpose or special-purpose microprocessors, digital signal processors (DSP), and Programmable controller, application specific integrated circuit (application specific integrated circuit, ASIC) or other similar components or a combination of the above components, the present invention is not limited to this.

儲存媒體300用以儲存多個模組。在本實施例中,儲存媒體300可儲存的模組可包括網路編配(orchestration)模組310、軟體定義網路管理模組(或稱「SDN管理模組」)330、網路節點與拓樸知識庫350以及SDN網段拓樸知識庫370。儲存媒體300可例如是任何型態的固定式或可移動式的隨機存取記憶體(random access memory,RAM)、唯讀記憶體(read-only memory,ROM)、快閃記憶體(flash memory)、硬碟(hard disk drive,HDD)、固態硬碟(solid state drive,SSD)或類似元件或上述元件的組合,本發明不限於此。The storage medium 300 is used to store a plurality of modules. In this embodiment, the modules that can be stored in the storage medium 300 may include a network orchestration module 310, a software-defined network management module (or "SDN management module") 330, network nodes, and Topology knowledge base 350 and SDN network segment topology knowledge base 370. The storage medium 300 may be, for example, any type of fixed or removable random access memory (RAM), read-only memory (ROM), flash memory (flash memory). ), hard disk drive (HDD), solid state drive (solid state drive, SSD) or similar components or a combination of the above components, the present invention is not limited thereto.

網路編配模組310可接收使用者透過使用者介面500接收使用者欲查測之路徑的相關資訊,分析代表該路徑之起點的節點與代表該路徑之終點的節點的相關資訊,並可對起點和終點之間的路徑進行分割,並把分割路徑之相關資訊傳送至SDN管理模組330以進行查測。網路編配模組310還可以從SDN管理模組330取得各個分割路徑的查測結果,並根據查測結果產生包含了路徑中的各個節點之資訊的路徑節點串列資訊,從而使路徑查測裝置10可透過使用者介面500將路徑節點串列資訊顯示給使用者,供使用者進行查詢。The network orchestration module 310 can receive information about the path that the user wants to check through the user interface 500, analyze the information about the node representing the starting point of the path and the node representing the end point of the path, and The path between the start point and the end point is divided, and the related information of the divided path is sent to the SDN management module 330 for inspection. The network orchestration module 310 can also obtain the inspection result of each split path from the SDN management module 330, and generate the path node serial information containing the information of each node in the path according to the inspection result, so as to make the path search The measuring device 10 can display the path node serial information to the user through the user interface 500 for the user to query.

SDN管理模組330可控制不同的SDN控制器進行路徑障礙的查測,並取得各個SDN控制器中的查測結果。SDN管理模組330用以進行路徑查測的流程將於後續說明。The SDN management module 330 can control different SDN controllers to detect path barriers, and obtain the results of the inspections in each SDN controller. The process of the SDN management module 330 for path checking will be described later.

網路節點與拓樸知識庫350可記錄節點、節點的機器資訊、節點所在位置以及其網路介面相關資料,其中所述節點可例如是閘道(gateway)、虛擬網路功能(virtual network function,VNF)、交換器(switch)等等類別的網路設備,但本發明不限於此。The network node and topology knowledge base 350 can record the node, the node's machine information, the location of the node, and its network interface related data. The node may be, for example, a gateway, a virtual network function (virtual network function). , VNF), switch (switch) and other types of network equipment, but the present invention is not limited to this.

SDN網段拓樸知識庫370可記錄所有由路徑查測裝置10管理的所有SDN控制器的資訊以及該些SDN控制器管理的網路節點的拓樸資訊。The SDN network segment topology knowledge base 370 can record all the information of all SDN controllers managed by the path checking device 10 and the topology information of the network nodes managed by the SDN controllers.

使用者介面500可接收來自使用者的操作,並且將路徑查測裝置10取得的查測結果顯示給使用者。使用者介面500可例如是觸控式顯示器,或是由輸出裝置和輸出裝置組合而成。例如,使用者介面500可以是由作為輸入裝置的鍵盤以及作為輸出裝置的顯示器所組成。在本實施例中,使用者介面500可接收來自使用者的操作以決定第一節點和第二節點。路徑查測裝置10可針對第一節點和第二節點之間的路徑進行查測以判斷該路徑是否存在障礙。The user interface 500 can receive operations from the user, and display the inspection result obtained by the route inspection device 10 to the user. The user interface 500 may be, for example, a touch-sensitive display or a combination of an output device and an output device. For example, the user interface 500 may be composed of a keyboard as an input device and a display as an output device. In this embodiment, the user interface 500 can receive operations from the user to determine the first node and the second node. The path checking device 10 can check the path between the first node and the second node to determine whether the path has obstacles.

通訊單元700可用以傳送及接收訊號。通訊單元700可包括用以與其他網路節點進行通訊的網路介面,例如包括無線保真(Wireless Fidelity,WiFi)通訊介面、藍芽通訊介面、ZigBee通訊介面及/或其他無線通訊介面,或例如包括區域網路(local area network,LAN)介面、通用串列匯流排(Universal Serial Bus,USB)介面及/或其他有線通訊介面,但本發明不限於此。The communication unit 700 can be used to transmit and receive signals. The communication unit 700 may include a network interface for communicating with other network nodes, such as a wireless fidelity (WiFi) communication interface, a Bluetooth communication interface, a ZigBee communication interface, and/or other wireless communication interfaces, or For example, it includes a local area network (LAN) interface, a universal serial bus (USB) interface, and/or other wired communication interfaces, but the present invention is not limited thereto.

圖2根據本發明的實施例繪示用於異質SDN網路的路徑查測方法20的流程圖,其中路徑查測方法20可由如圖1所示的路徑查測裝置10實施。FIG. 2 shows a flowchart of a path checking method 20 for a heterogeneous SDN network according to an embodiment of the present invention, wherein the path checking method 20 can be implemented by the path checking device 10 shown in FIG. 1.

在步驟S210,網路編配模組210可透過使用者介面500來取得第一節點的第一資訊和第二節點的第二資訊。在本實施例中,第一節點代表使用者欲查測之路徑的起點,而第二節點代表使用者欲查測之路徑的終點。具體來說,網路編配模組210可透過使用者介面500決定第一節點和第二節點。接著,網路編配模組210可向網路節點與拓樸知識庫350查詢第一節點的第一資訊和第二節點的第二資訊。第一資訊和第二資訊可包括如節點的網際網路協定(Internet Protocol,IP)位址、節點隸屬的閘道或該閘道之連外介面等資訊,但本發明不限於此。In step S210, the network orchestration module 210 can obtain the first information of the first node and the second information of the second node through the user interface 500. In this embodiment, the first node represents the starting point of the path that the user wants to check, and the second node represents the end point of the path that the user wants to check. Specifically, the network orchestration module 210 can determine the first node and the second node through the user interface 500. Then, the network orchestration module 210 can query the network node and the topology knowledge base 350 for the first information of the first node and the second information of the second node. The first information and the second information may include information such as the Internet Protocol (IP) address of the node, the gateway to which the node belongs, or the external interface of the gateway, but the invention is not limited thereto.

在步驟S220,網路編配模組210可根據第一資訊和第二資訊產生一或多個分割路徑,該些分割路徑是分割自第一節點和第二節點之間的路徑。在本實施例中,路徑查測裝置10是透過命令路徑上的各個節點傳送查測封包來取得路徑上各個節點的資訊,但當一封包經過一些網路節點(例如:閘道或VNF)時,該封包的標頭可能會發生改變,進而導致查測判斷失敗。因此,須將路徑查測裝置10須對欲查測的路徑進行分割以產生一或多個分割路徑,並分別地對該些分割路徑進行查測,避開因查測封包的標頭改變而導致誤判該查測封包傳輸失敗的情形。具體來說,圖3根據本發明的實施例進一步地繪示步驟S220的流程圖。首先,網路編配模組210可透過步驟S221和步驟S223來判斷第一節點和第二節點是否對應於相同的網段。In step S220, the network orchestration module 210 can generate one or more split paths based on the first information and the second information, and the split paths are split from the path between the first node and the second node. In this embodiment, the path inspection device 10 obtains the information of each node on the path by instructing each node on the path to send the inspection packet, but when a packet passes through some network nodes (for example, a gateway or a VNF) , The header of the packet may be changed, which may lead to failure of inspection and judgment. Therefore, the path checking device 10 must divide the path to be checked to generate one or more divided paths, and check the divided paths separately, so as to avoid changes in the header of the checked packet. Circumstances that lead to misjudgment that the transmission of the inspection packet has failed. Specifically, FIG. 3 further illustrates a flowchart of step S220 according to an embodiment of the present invention. First, the network orchestration module 210 can determine whether the first node and the second node correspond to the same network segment through steps S221 and S223.

更具體來說,在步驟S221,網路編配模組210可判斷第一節點的IP位址和第二節點的IP位址是否對應於相同的網段。若第一節點的IP位址和第二節點的IP位址對應於相同的網段,則進入步驟S222,網路編配模組210將根據預設規則對第一節點及第二節點之間的路徑進行分割以產生第一分割路徑,並接著進入步驟S230。舉例來說,若第一節點的IP位址和第二節點的IP位址對應於相同的網段,則網路編配模組210可根據預設規則而直接將第一節點及第二節點之間的路徑視為第一分割路徑,亦即,將第一節點及第二節點之間的路徑分割為單一個分割路徑。More specifically, in step S221, the network allocation module 210 can determine whether the IP address of the first node and the IP address of the second node correspond to the same network segment. If the IP address of the first node and the IP address of the second node correspond to the same network segment, step S222 is entered, and the network orchestration module 210 will perform a check between the first node and the second node according to a preset rule. The path of is divided to generate a first divided path, and then step S230 is entered. For example, if the IP address of the first node and the IP address of the second node correspond to the same network segment, the network allocation module 210 can directly assign the first node and the second node to the The path between is regarded as the first split path, that is, the path between the first node and the second node is split into a single split path.

相對來說,若第一節點的IP位址和第二節點的IP位址不對應於相同的網段,則進入步驟S223。In contrast, if the IP address of the first node and the IP address of the second node do not correspond to the same network segment, step S223 is entered.

在步驟S223,網路編配模組210可判斷第一節點和第二節點是否具有相同的閘道或相同網段的閘道連外介面。舉例來說,若第一節點隸屬的閘道與第二節點隸屬的閘道相同,則進入步驟S222,網路編配模組210可預設規則而將第一節點及第二節點之間的路徑分割為兩段分割路徑。另一方面,若第一節點所使用之閘道的閘道連外介面與第二節點所使用之閘道的閘道連外介面具有相同的網段,則進入步驟S222,網路編配模組210可預設規則而將第一節點及第二節點之間的路徑分割為三段分割路徑。In step S223, the network orchestration module 210 can determine whether the first node and the second node have the same gateway or the same network segment with the gateway connecting the external interface. For example, if the gateway to which the first node belongs is the same as the gateway to which the second node belongs, then step S222 is entered, and the network orchestration module 210 can preset rules to divide the connection between the first node and the second node. The path is divided into two divided paths. On the other hand, if the gateway and external interface of the gateway used by the first node and the gateway and external interface of the gateway used by the second node have the same network segment, step S222 is entered, and the network allocation model The group 210 can preset rules to divide the path between the first node and the second node into three divided paths.

相對來說,若網路編配模組210在步驟S223判斷第一節點和第二節點對應於不同的網段,則進入步驟S224。In contrast, if the network orchestration module 210 determines in step S223 that the first node and the second node correspond to different network segments, then it proceeds to step S224.

在步驟S224,網路編配模組210可對第一節點使用深度優先搜尋(depth-first-search,DFS)演算法以取得該路徑的資訊,並根據該路徑上的閘道或VNF將對該路徑進行分割以產生第一分割路徑、第二分割路徑及/或更多段的其他分割路徑,並進入步驟S230。當該路徑屬於實體網域時,網路編配模組210可根據路徑上的閘道來分割該路徑。當路徑屬於虛擬網域時,網路編配模組210可根據路徑上的VNF來分割該路徑。In step S224, the network orchestration module 210 may use a depth-first-search (DFS) algorithm on the first node to obtain information about the path, and perform the matching according to the gateway or VNF on the path. The path is divided to generate a first divided path, a second divided path, and/or more segments of other divided paths, and step S230 is entered. When the path belongs to the physical network domain, the network orchestration module 210 can divide the path according to the gateway on the path. When the path belongs to the virtual network domain, the network orchestration module 210 can divide the path according to the VNF on the path.

以實體網域為例,圖4根據本發明的實施例繪示根據路徑上的閘道對路徑進行分割的示意圖,其中第一節點為節點n1且第二節點為節點n2。首先,網路編配模組210可對節點n1使用深度優先搜尋演算法取得節點n1與節點n2之間的路徑的資訊。如圖4所示,節點n1和節點n2之間的路徑上存在閘道GW1和閘道GW2。基此,網路編配模組210可以閘道GW1和閘道GW2為界而將節點n1和節點n2之間的路徑分割為分割路徑P1、分割路徑P2以及分割路徑P3。Taking the physical network domain as an example, FIG. 4 illustrates a schematic diagram of dividing a path according to a gateway on the path according to an embodiment of the present invention, where the first node is node n1 and the second node is node n2. First, the network orchestration module 210 can use a depth-first search algorithm on the node n1 to obtain information about the path between the node n1 and the node n2. As shown in Fig. 4, a gateway GW1 and a gateway GW2 exist on the path between the node n1 and the node n2. Based on this, the network orchestration module 210 can divide the path between the node n1 and the node n2 into a divided path P1, a divided path P2, and a divided path P3 based on the gateway GW1 and the gateway GW2.

在步驟S222或步驟S224結束後,SDN管理模組330可由網路編配模組310取得一或多個分割路徑的相關資訊,其中該些分割路徑可例如包括由步驟S222產生的第一分割路徑,或包括由步驟S224產生的分割路徑P1、分割路徑P2以及分割路徑P3等分割路徑。After step S222 or step S224 is completed, the SDN management module 330 can obtain information about one or more split paths from the network orchestration module 310, where the split paths may, for example, include the first split path generated in step S222 , Or include the divided paths P1, P2, and P3 generated in step S224.

接著,回到圖2。在步驟S230,SDN管理模組330可制定用於對一或多段分割路徑進行查測的查測封包格式,並透過通訊單元700傳送查測封包格式至對應於該一或多段分割路徑的一或多個SDN控制器。Then, return to Figure 2. In step S230, the SDN management module 330 may formulate a test packet format used to check one or more segmented paths, and transmit the test packet format to one or more segments corresponding to the one or more segmented paths through the communication unit 700. Multiple SDN controllers.

在步驟S240,SDN管理模組330可接收第一分割路徑的查測結果。具體來說,SDN管理模組330可透過通訊單元700傳送封包投放請求至對應於該一或多段分割路徑的SDN控制器,並且響應於傳送該封包投放請求而透過通訊單元700接收該一或多段分割路徑的查測結果,其中所述SDN控制器可例如是如圖1所示的SDN控制器2或SDN控制器3。以SDN控制器2為例,SDN控制器2可內建拓樸路徑查測程式,其可用以接收來自路徑查測裝置10的指令,所述指令可包括用以進行查測的前置動作以及投放查測封包的命令。此外,該拓樸路徑查測程式還可記錄所投放之查測封包經過的網路節點(例如:交換器)或其連接埠的資訊。此拓樸路徑查測程式之演算法具備可移植性,故可使用不同的程式語言實施之。In step S240, the SDN management module 330 may receive the inspection result of the first split path. Specifically, the SDN management module 330 may transmit a packet delivery request to the SDN controller corresponding to the one or more segmented paths through the communication unit 700, and receive the one or more segments through the communication unit 700 in response to transmitting the packet delivery request. As a result of the inspection of the split path, the SDN controller may be, for example, the SDN controller 2 or the SDN controller 3 as shown in FIG. 1. Taking the SDN controller 2 as an example, the SDN controller 2 may have a built-in topology path inspection program, which can be used to receive instructions from the path inspection device 10, and the instructions may include pre-actions for inspection and Send the command to check packets. In addition, the topological path testing program can also record the information of the network nodes (for example: switches) or their ports through which the dropped test packets pass. The algorithm of this topological path checking program is portable, so it can be implemented in different programming languages.

圖5根據本發明的實施例進一步地繪示步驟S240的流程圖,SDN管理模組330可透過此流程分別地對各段分割路徑進行查測。FIG. 5 further illustrates a flow chart of step S240 according to an embodiment of the present invention. The SDN management module 330 can separately check each segment of the divided path through this process.

在步驟S241,SDN管理模組330可根據封包投放請求以通知SDN控制器控制該第i段分割路徑的起始節點投放查測封包,其中i的初始值為1。SDN管理模組330可從SDN網段拓樸知識庫370查詢第i段分割路徑的起始節點之連接埠對應的SDN控制器,通知該SDN控制器使查測封包透過第i段分割路徑的起始節點的連接埠傳送至第i段分割路徑上的下一個網路節點(例如:SDN交換器)。此外,SDN管理模組330還可對對應於第i段分割路徑的各個SDN控制器發送命令,使得SDN控制器控制下的網路節點依照流規則來處理經過的查測封包。In step S241, the SDN management module 330 may notify the SDN controller to control the start node of the i-th segmented path to release the test packet according to the packet placement request, where the initial value of i is 1. The SDN management module 330 can query the SDN controller corresponding to the port of the starting node of the i-th segment of the split path from the SDN network segment topology knowledge base 370, and notify the SDN controller to enable the test packet to pass through the i-th segment of the split path. The port of the start node is sent to the next network node (for example: SDN switch) on the i-th segment of the split path. In addition, the SDN management module 330 can also send commands to each SDN controller corresponding to the i-th segment of the path, so that the network nodes under the control of the SDN controller process the passed inspection packets according to flow rules.

舉例來說,若分割路徑共有3段,依序為分割路徑P1、分割路徑P2以及分割路徑P3,如圖4所示。當首次執行步驟S241時,SDN管理模組330可根據封包投放請求以通知對應於第1段分割路徑(即:分割路徑P1)的SDN控制器控制分割路徑P1的起始節點n1(即:使用者透過使用者介面500所設定的第一節點)透過連接埠投放查測封包。此外,SDN管理模組330可對對應於分割路徑P1的各個SDN控制器發送流規則,使得各個SDN控制器控制下的網路節點依照流規則來處理經過的查測封包。For example, if there are three divided paths in total, the divided paths P1, P2, and P3 are in order, as shown in FIG. 4. When step S241 is executed for the first time, the SDN management module 330 may notify the SDN controller corresponding to the first segment of the split path (ie: split path P1) to control the start node n1 of the split path P1 (ie: use It uses the first node set by the user interface 500) to drop test packets through the port. In addition, the SDN management module 330 can send a flow rule to each SDN controller corresponding to the split path P1, so that the network nodes under the control of each SDN controller process the passed inspection packets according to the flow rule.

在步驟S242,SDN管理模組330可接收各個SDN控制器藉由查測封包取得的查測結果。具體來說,對應於第i段分割路徑的各個SDN控制器其下的網路節點可接收來自SDN控制器的流規則,並根據流規則以在查測封包經過時將查測封包轉發至路徑上的下一個網路節點,並且複製一份查測封包並送至SDN控制器。SDN控制器可記錄所接收到的查測封包對應的連接埠以及收到該查測封包時的時間戳記。SDN控制器可根據所收到的一或多個查測封包而產生對應該SDN控制器的各個網路節點的查測結果,其中所述查測結果可例如是具有如表1所示之格式的節點資訊。 1

Figure 107143996-A0305-0001
In step S242, the SDN management module 330 may receive the inspection result obtained by each SDN controller by inspecting the packet. Specifically, the network nodes under each SDN controller corresponding to the i-th segmented path can receive the flow rule from the SDN controller, and forward the inspection packet to the path according to the flow rule when the inspection packet passes by On the next network node, copy a copy of the inspection packet and send it to the SDN controller. The SDN controller can record the port corresponding to the received test packet and the time stamp when the test packet is received. The SDN controller may generate a check result corresponding to each network node of the SDN controller according to the received one or more check packets, where the check result may, for example, have the format shown in Table 1. The node information. Table 1
Figure 107143996-A0305-0001

節點序號欄位描述該節點為查測封包經過的第幾個節點。節點識別碼欄位描述各個模組可用以查詢該節點之資訊的識別碼。節點類型欄位描述節點為SDN交換器、VNF或實體網路功能(physical network function)等,其可因網路節點的種類增加而擴充。節點名稱欄位描述該節點名稱,幫助使用者快速了解節點。輸入連接埠號碼欄位描述查測封包是由哪一個連接埠進入該節點。輸入連接埠進階摘要資訊欄位可記錄埠頻寬、狀態等資訊,其中該資訊可為索引資料對照表(MAP)的結構,且可因節點不同而擴充或變化。輸出連接埠號碼欄位描述查測封包是由哪一個連接埠離開該節點。輸出連接埠進階摘要資訊欄位可記錄埠頻寬、狀態等資訊,其中該資訊可為索引資料對照表的結構,且可因節點不同而擴充或變化。The node serial number field describes which node is the node that the test packet passes through. The node identification code field describes the identification code that each module can use to query the information of the node. The node type field describes the node as an SDN switch, VNF, or physical network function, etc., which can be expanded as the types of network nodes increase. The node name field describes the node name to help users quickly understand the node. The input port number field describes the port from which the test packet enters the node. The input port advanced summary information field can record port bandwidth, status and other information. The information can be the structure of the index data comparison table (MAP) and can be expanded or changed for different nodes. The output port number field describes which port the test packet leaves the node from. The output port advanced summary information field can record port bandwidth, status and other information, where the information can be the structure of the index data comparison table, and it can be expanded or changed for different nodes.

在步驟S243,SDN管理模組330可根據查測結果判斷對應於第i段分割路徑的查測結果中記錄的最終節點是否為第二節點(即:使用者透過使用者介面500所設定的第二節點)。若該最終節點是第二節點,則進入步驟S244,反之,則進入步驟S245。In step S243, the SDN management module 330 may determine, according to the inspection result, whether the final node recorded in the inspection result corresponding to the i-th segment of the path is the second node (that is, the second node set by the user through the user interface 500). Two nodes). If the final node is the second node, go to step S244, otherwise, go to step S245.

在步驟S244,SDN管理模組330可將第i段分割路徑的查測結果標記為成功,並進入步驟S250。舉例來說,若對應於第i段分割路徑的查測結果中有記錄到的最終節點是第二節點,則代表SDN管理模組330已查測完代表路徑之起點的第一節點與代表路徑之終點的第二節點之間的路徑上的所有節點。因此,第i段分割路徑的查測結果為成功。In step S244, the SDN management module 330 may mark the inspection result of the i-th segment of the split path as successful, and proceed to step S250. For example, if the final node recorded in the inspection result corresponding to the i-th segment of the path is the second node, it means that the SDN management module 330 has checked the first node and the representative path that represent the starting point of the path. All nodes on the path between the second node at the end. Therefore, the inspection result of the i-th segmented path is successful.

在步驟S245,SDN管理模組330可判斷是否存在與該最終節點的第一連接埠對接的第二連接埠。若存在,則進入步驟S247,反之,則進入步驟S246。In step S245, the SDN management module 330 can determine whether there is a second port connected to the first port of the final node. If yes, go to step S247, otherwise, go to step S246.

在步驟S246,SDN管理模組330不將第i段分割路徑的查測結果標記為成功。若第i段分割路徑的最終節點並非由使用者設定的終點-第二節點,也不具有與其對接的連接埠,代表查測封包的傳送終止於該最終節點,且該最終節點並非由使用者所設定第二節點(即:欲查測之路徑的終點)。換言之,該最終節點可能發生了障礙而導致無法轉發查測封包。因此,SDN管理模組330不將對應於該最終節點的分割路徑的查測結果標記為成功。In step S246, the SDN management module 330 does not mark the inspection result of the i-th segment of the split path as successful. If the final node of the i-th segmentation path is not the end point set by the user-the second node, and does not have a port to connect with it, it means that the transmission of the test packet ends at the final node, and the final node is not the user Set the second node (ie: the end point of the path to be checked). In other words, the final node may be obstructed and unable to forward the inspection packet. Therefore, the SDN management module 330 does not mark the inspection result of the split path corresponding to the final node as successful.

在步驟S247,SDN管理模組330可將第i段分割路徑的查測結果標記為成功。若第i段分割路徑的最終節點並非由使用者設定的第二節點,但卻具有與其對接的連接埠,則代表查測封包可被該最終節點轉發至對應所對接的連接埠的第(i+1)段分割路徑。換言之,第i段分割路徑已查測完成,故可將第i段分割路徑的查測結果標記為成功。In step S247, the SDN management module 330 may mark the inspection result of the i-th segmented path as successful. If the final node of the i-th split path is not the second node set by the user, but has a port to connect with it, it means that the test packet can be forwarded by the final node to the (i)th node corresponding to the connected port. +1) Segment split path. In other words, since the inspection of the i-th segment of the path has been completed, the inspection result of the i-th segment of the path can be marked as successful.

在步驟S248,SDN管理模組330準備對下一段分割路徑進行查測,亦即,準備對第(i+1)段分割路徑進行查測。具體來說,SDN管理模組330可從SDN網段拓樸知識庫370中搜尋對應於第二連接埠的第二SDN控制器,從而取得對應於第二SDN控制器之第(i+1)段分割路徑的相關資訊。接著,進入步驟S241,SDN管理模組330傳送第二封包投放請求以通知第二SDN控制器控制第(i+1)段分割路徑的第二起始節點投放查測封包。In step S248, the SDN management module 330 prepares to check the next segment of the divided path, that is, prepares to check the (i+1)th segment of the divided path. Specifically, the SDN management module 330 can search for the second SDN controller corresponding to the second port from the SDN network segment topology knowledge base 370, thereby obtaining the (i+1)th corresponding to the second SDN controller Information about the segment split path. Next, in step S241, the SDN management module 330 transmits a second packet delivery request to notify the second SDN controller to control the second start node of the (i+1)th segment of the split path to drop the test packet.

回到圖2,在步驟S250,SDN管理模組330可根據查測結果判斷第一節點及第二節點之間的路徑是否發生障礙。具體來說,SDN管理模組330可根據一分割路徑的查測結果是否被標記為成功而判斷該分割路徑上是否存在發生障礙的網路節點。Returning to FIG. 2, in step S250, the SDN management module 330 can determine whether an obstacle occurs in the path between the first node and the second node according to the inspection result. Specifically, the SDN management module 330 can determine whether there is a network node on the split path that has an obstacle based on whether the result of the inspection of a split path is marked as successful.

圖6根據本發明的實施例繪示產生路徑節點串列資訊的流程圖。在本實施例中,網路編配模組310可根據由SDN管理模組330產生的查測結果產生路徑節點串列資訊,且透過使用者介面500顯示路徑節點串列資訊,方便網管人員快速地查詢欲查詢之路徑上的各個節點的資訊。FIG. 6 illustrates a flowchart of generating path node serial information according to an embodiment of the present invention. In this embodiment, the network configuration module 310 can generate path node serial information based on the survey results generated by the SDN management module 330, and display the path node serial information through the user interface 500, which is convenient for network administrators to quickly Query the information of each node on the path you want to query.

在步驟S301,網路編配模組310可從SDN管理模組330讀取第i段分割路徑的查測結果。In step S301, the network orchestration module 310 may read the inspection result of the i-th segmented path from the SDN management module 330.

在步驟S302,網路編配模組310可根據查測結果從網路節點與拓樸知識庫350查詢第i段分割路徑的起始節點的機器資訊。In step S302, the network orchestration module 310 can query the machine information of the start node of the i-th segment of the split path from the network node and the topology knowledge base 350 according to the search result.

在步驟S303,網路編配模組310可從第i段分割路徑的起始節點的機器資訊開始依序取得第i段分割路徑上的節點之相關資訊,並根據該些相關資訊產生或更新路徑節點串列資訊。In step S303, the network orchestration module 310 may sequentially obtain the relevant information of the nodes on the i-th segment of the split path starting from the machine information of the starting node of the i-th segment of the split path, and generate or update it based on the relevant information Path node list information.

在步驟S304,網路編配模組310可判斷第i段分割路徑的查測結果是否被標記為成功。若是,則進入步驟S307,反之,則進入步驟S305。In step S304, the network orchestration module 310 can determine whether the inspection result of the i-th segmented path is marked as successful. If yes, go to step S307, otherwise, go to step S305.

在步驟S305,網路編配模組310可在第i段分割路徑的最終節點的節點資訊的輸出連接埠進階摘要資訊欄位內填入失敗,以代表該最終節點可能發生障礙。In step S305, the network orchestration module 310 may fail to fill in the advanced summary information field of the output port of the node information of the final node of the i-th segment of the split path, to indicate that the final node may be obstructed.

在步驟S306,網路編配模組310可透過使用者介面500顯示所產生的路徑節點串列資訊,供使用者查詢欲查詢之路徑上的各個節點的資訊。In step S306, the network orchestration module 310 can display the generated path node serial information through the user interface 500 for the user to query the information of each node on the path to be queried.

在步驟S307,網路編配模組310可判斷是否存在下一段分割路徑。若是,則進入步驟S309,反之,則進入步驟S308。In step S307, the network orchestration module 310 can determine whether the next segment of the path exists. If yes, go to step S309, otherwise, go to step S308.

在步驟S308,網路編配模組310可從網路節點與拓樸知識庫350查詢第i段分割路徑的最終節點的機器資訊,藉以取得最終節點之相關資訊,並根據該些相關資訊更新路徑節點串列資訊。In step S308, the network orchestration module 310 can query the machine information of the final node of the i-th segment of the split path from the network node and the topology knowledge base 350, so as to obtain the relevant information of the final node, and update it according to the relevant information. Path node list information.

在步驟S309,網路編配模組310可搜尋第i段分割路徑與第(i+1)段分割路徑之間的網路節點的相關資訊,並根據該網路節點的相關資訊更新路徑節點串列資訊,其中所述網路節點可例如是第i段分割路徑與第(i+1)段分割路徑之間的閘道或VNF,本發明不限於此。In step S309, the network orchestration module 310 can search for relevant information of the network node between the i-th segmented path and the (i+1)-th segmented path, and update the path node according to the relevant information of the network node Serial information, where the network node can be, for example, a gateway or VNF between the i-th segmented path and the (i+1)-th segmented path, and the present invention is not limited to this.

在步驟S310,網路編配模組310可準備藉由下一段分割路徑更新路徑節點串列資訊,亦即,藉由第(i+1)段分割路徑更新路徑節點串列資訊。具體來說,網路編配模組310可重新執行步驟S301,藉以從SDN管理模組330讀取第i段分割路徑的查測結果。In step S310, the network orchestration module 310 may prepare to update the path node series information by the next segment of the split path, that is, update the path node series information by the (i+1)th segment of the split path. Specifically, the network orchestration module 310 may re-execute step S301 to read the inspection result of the i-th segment of the split path from the SDN management module 330.

綜上所述,本發明提供一種用於異質軟體定義網路的路徑查測裝置及路徑查測方法,主要目的為解決異質SDN控制器網段的路徑障礙查測的困難。透過集中控管SDN控制器以及實際投放查測封包進行查測,從而取得封包所經過的SDN網路節點之相關資訊,達到確實查測的功能,並有效地降低異質SDN網路中之障網路節點異常查測之困難。藉由路徑分割技術,本發明可避免封包標頭因網路節點導致錯誤的查測結果,因而正確地對異質SDN網路或跨不同網段之路徑進行障礙查測,協助網管人員快速地找出問題。In summary, the present invention provides a path checking device and a path checking method for a heterogeneous software-defined network, the main purpose of which is to solve the difficulty of checking the path obstacles of the heterogeneous SDN controller network segment. Through the centralized control of the SDN controller and the actual delivery of the inspection packet for inspection, the relevant information of the SDN network node through which the packet passes can be obtained to achieve a reliable inspection function and effectively reduce the barriers in the heterogeneous SDN network Difficulty in detecting abnormality of road nodes. By means of path segmentation technology, the present invention can avoid incorrect inspection results of packet headers caused by network nodes, and thus correctly perform obstacle inspections on heterogeneous SDN networks or paths across different network segments, helping network administrators to quickly find Something went wrong.

雖然本發明已以實施例揭露如上,然其並非用以限定本發明,任何所屬技術領域中具有通常知識者,在不脫離本發明的精神和範圍內,當可作些許的更動與潤飾,故本發明的保護範圍當視後附的申請專利範圍所界定者為準。Although the present invention has been disclosed in the above embodiments, it is not intended to limit the present invention. Anyone with ordinary knowledge in the technical field can make slight changes and modifications without departing from the spirit and scope of the present invention. The scope of protection of the present invention shall be subject to those defined by the attached patent scope.

10:路徑查測裝置 100:處理器 2、3:SDN控制器 20:路徑查測方法 300:儲存媒體 310:網路編配模組 330:SDN管理模組 350:網路節點與拓樸知識庫 370:SDN網段拓樸知識庫 500:使用者介面 700:通訊單元 GW1、GW2:閘道 n1:起始節點/第一節點 n2:最終節點/第二節點 P1、P2、P3:分割路徑 S210、S220、S221、S222、S223、S224、S230、S240、S241、S242、S243、S244、S245、S246、S247、S248、S250、S301、S302、S303、S304、S305、S306、S307、S308、S309、S310:步驟10: Path checking device 100: Processor 2, 3: SDN controller 20: Path checking method 300: Storage media 310: Network orchestration module 330: SDN management module 350: Network node and topology knowledge Library 370: SDN network segment topology knowledge base 500: User interface 700: Communication unit GW1, GW2: Gateway n1: Start node/First node n2: Final node/Second node P1, P2, P3: Split path S210, S220, S221, S222, S223, S224, S230, S240, S241, S242, S243, S244, S245, S246, S247, S248, S250, S301, S302, S303, S304, S305, S306, S307, S308, S309, S310: steps

圖1根據本發明的實施例繪示用於異質SDN網路的路徑查測裝置及其所管理的SDN控制器的示意圖。 圖2根據本發明的實施例繪示用於異質SDN網路的路徑查測方法的流程圖。 圖3根據本發明的實施例進一步地繪示步驟S220的流程圖。 圖4根據本發明的實施例繪示根據路徑上的閘道對路徑進行分割的示意圖。 圖5根據本發明的實施例進一步地繪示步驟S240的流程圖。 圖6根據本發明的實施例繪示產生路徑節點串列資訊的流程圖。FIG. 1 illustrates a schematic diagram of a path checking device used in a heterogeneous SDN network and an SDN controller managed by it according to an embodiment of the present invention. FIG. 2 illustrates a flowchart of a path checking method for a heterogeneous SDN network according to an embodiment of the present invention. Fig. 3 further illustrates a flowchart of step S220 according to an embodiment of the present invention. FIG. 4 illustrates a schematic diagram of dividing a path according to a gateway on the path according to an embodiment of the present invention. Fig. 5 further illustrates a flowchart of step S240 according to an embodiment of the present invention. FIG. 6 illustrates a flowchart of generating path node serial information according to an embodiment of the present invention.

20:路徑查測方法 S210、S220、S230、S240、S250:步驟20: Path inspection method S210, S220, S230, S240, S250: steps

Claims (12)

一種用於異質軟體定義網路的路徑查測裝置,包括:通訊單元,傳送及接收訊號;使用者介面,接收操作以決定第一節點和第二節點;儲存媒體,儲存多個模組;以及處理器,耦接該通訊單元、該儲存媒體以及該使用者介面,且存取並執行該些模組,該些模組包括:網路編配模組,取得該第一節點的第一資訊和該第二節點的第二資訊,且根據該第一資訊和該第二資訊產生第一分割路徑,其中該第一資訊包括該第一節點的網際網路協定位址、該第一節點隸屬的閘道或該第一節點隸屬的閘道之連外介面中的至少一者,且該第二資訊包括該第二節點的網際網路協定位址、該第二節點隸屬的閘道或該第二節點隸屬的閘道之連外介面中的至少一者;以及軟體定義網路管理模組,制定查測封包格式以透過該通訊單元傳送該查測封包格式至對應於該第一分割路徑的軟體定義網路控制器,並且接收該第一分割路徑的查測結果,其中該軟體定義網路管理模組根據該查測結果判斷該第一節點及該第二節點之間的路徑是否發生障礙,其中該查測結果包括節點序號、節點類型、輸入連接埠號碼或輸出連接埠號碼中的至少一者。 A path checking device for heterogeneous software-defined networks, comprising: a communication unit, which transmits and receives signals; a user interface, which receives operations to determine the first node and the second node; a storage medium, which stores multiple modules; and The processor is coupled to the communication unit, the storage medium and the user interface, and accesses and executes the modules. The modules include: a network configuration module to obtain the first information of the first node And second information of the second node, and generate a first split path based on the first information and the second information, wherein the first information includes the Internet protocol address of the first node, and the first node belongs to At least one of the gateway to which the first node belongs or the external interface of the gateway to which the first node belongs, and the second information includes the Internet protocol address of the second node, the gateway to which the second node belongs, or the At least one of the external interfaces of the gateway to which the second node belongs; and a software-defined network management module that formulates a test packet format to transmit the test packet format through the communication unit to correspond to the first split path The software-defined network controller of, and receives the inspection result of the first split path, wherein the software-defined network management module determines whether the path between the first node and the second node occurs according to the inspection result Obstacle, wherein the inspection result includes at least one of node serial number, node type, input port number, or output port number. 如申請專利範圍第1項所述的路徑查測裝置,其中根據該第一資訊和該第二資訊產生第一分割路徑的步驟,包括:判斷該第一節點和該第二節點是否對應於相同的網段;若該第一節點和該第二節點對應於相同的網段,則根據預設規則對將該第一節點及該第二節點之間的該路徑進行分割以產生該第一分割路徑;以及若該第一節點和該第二節點對應於不同的網段,則對該第一節點使用深度優先搜尋演算法以取得該路徑的資訊,並根據該路徑上的閘道對該路徑進行分割以產生該第一分割路徑。 As described in the first item of the scope of patent application, the step of generating a first split path based on the first information and the second information includes: determining whether the first node and the second node correspond to the same If the first node and the second node correspond to the same network segment, the path between the first node and the second node is split according to a preset rule to generate the first split Path; and if the first node and the second node correspond to different network segments, the depth-first search algorithm is used for the first node to obtain information about the path, and the path is based on the gateway on the path The division is performed to generate the first division path. 如申請專利範圍第2項所述的路徑查測裝置,其中判斷該第一節點和該第二節點是否對應於相同的網段的步驟,包括:判斷該第一節點的第一網際網路協定位址和該第二節點的第二網際網路協定位址是否對應於相同的網段;以及判斷該第一節點和該第二節點是否具有相同的閘道或相同網段的閘道連外介面。 The path checking device described in item 2 of the scope of patent application, wherein the step of judging whether the first node and the second node correspond to the same network segment includes: judging the first Internet protocol of the first node Whether the address and the second Internet protocol address of the second node correspond to the same network segment; and determining whether the first node and the second node have the same gateway or the same network segment outside the gateway interface. 如申請專利範圍第1項所述的路徑查測裝置,其中該軟體定義網路管理模組透過該通訊單元傳送封包投放請求至該軟體定義網路控制器,並且響應於傳送該封包投放請求而透過該通訊單元接收該查測結果。 For example, the path checking device described in item 1 of the scope of patent application, wherein the software-defined network management module transmits a packet delivery request to the software-defined network controller through the communication unit, and in response to transmitting the packet delivery request Receive the survey result through the communication unit. 如申請專利範圍第4項所述的路徑查測裝置,其中透過該通訊單元傳送封包投放請求至該軟體定義網路控制器,並且響 應於傳送該封包投放請求而透過該通訊單元接收該查測結果的步驟,包括:根據該封包投放請求以通知該軟體定義網路控制器控制該第一分割路徑的起始節點投放查測封包;接收該軟體定義網路控制器藉由該查測封包取得的該查測結果;根據該查測結果判斷該查測結果中記錄的最終節點是否為該第二節點;若該最終節點為該第二節點,則將該第一分割路徑的該查測結果標記為成功;若該最終節點非為該第二節點,則判斷是否存在與該最終節點的第一連接埠對接的第二連接埠;若該第二連接埠存在,則搜尋對應於該第二連接埠的第二軟體定義網路控制器,並且傳送第二封包投放請求以通知該第二軟體定義網路控制器控制第二分割路徑的第二起始節點投放該查測封包;若該第二連接埠不存在,則不將該第一分割路徑的該查測結果標記為成功。 For example, the path detection device described in item 4 of the scope of patent application, wherein the packet delivery request is sent to the software-defined network controller through the communication unit, and responds The step of receiving the inspection result through the communication unit upon transmitting the packet delivery request includes: according to the packet delivery request to notify the software-defined network controller to control the start node of the first split path to deliver the inspection packet ; Receive the inspection result obtained by the software-defined network controller through the inspection packet; determine whether the final node recorded in the inspection result is the second node according to the inspection result; if the final node is the For the second node, mark the inspection result of the first split path as successful; if the final node is not the second node, determine whether there is a second port connected to the first port of the final node ; If the second port exists, search for a second software-defined network controller corresponding to the second port, and send a second packet delivery request to notify the second software-defined network controller to control the second split The second start node of the path drops the test packet; if the second port does not exist, the test result of the first split path is not marked as successful. 如申請專利範圍第1項所述的路徑查測裝置,其中該網路編配模組根據該查測結果產生路徑節點串列資訊,且透過該使用者介面顯示該路徑節點串列資訊。 According to the path inspection device described in item 1 of the scope of patent application, the network configuration module generates path node serial information according to the inspection result, and displays the path node serial information through the user interface. 一種用於異質軟體定義網路的路徑查測方法,包括: 取得該第一節點的第一資訊和該第二節點的第二資訊,且根據該第一資訊和該第二資訊產生第一分割路徑,其中該第一資訊包括該第一節點的網際網路協定位址、該第一節點隸屬的閘道或該第一節點隸屬的閘道之連外介面中的至少一者,且該第二資訊包括該第二節點的網際網路協定位址、該第二節點隸屬的閘道或該第二節點隸屬的閘道之連外介面中的至少一者;制定查測封包格式以傳送該查測封包格式至對應於該第一分割路徑的軟體定義網路控制器,並且接收該第一分割路徑的查測結果;以及根據該查測結果判斷該第一節點及該第二節點之間的路徑是否發生障礙,其中該查測結果包括節點序號、節點類型、輸入連接埠號碼或輸出連接埠號碼中的至少一者。 A path checking method for heterogeneous software-defined networks, including: Obtain the first information of the first node and the second information of the second node, and generate a first split path based on the first information and the second information, wherein the first information includes the Internet of the first node At least one of the protocol address, the gateway to which the first node belongs, or the external interface of the gateway to which the first node belongs, and the second information includes the Internet protocol address of the second node, the At least one of the gateway to which the second node belongs or the external interface of the gateway to which the second node belongs; formulating a test packet format to transmit the test packet format to the software-defined network corresponding to the first split path Path controller, and receives the inspection result of the first split path; and judges whether the path between the first node and the second node is obstructed according to the inspection result, wherein the inspection result includes node serial number, node At least one of type, input port number, or output port number. 如申請專利範圍第7項所述的路徑查測方法,其中根據該第一資訊和該第二資訊產生第一分割路徑的步驟,包括:判斷該第一節點和該第二節點是否對應於相同的網段;若該第一節點和該第二節點對應於相同的網段,則根據預設規則對將該第一節點及該第二節點之間的該路徑進行分割以產生該第一分割路徑;以及若該第一節點和該第二節點對應於不同的網段,則對該第一節點使用深度優先搜尋演算法以取得該路徑的資訊,並根據該路徑上的閘道對該路徑進行分割以產生該第一分割路徑。 As described in item 7 of the scope of patent application, the step of generating a first split path based on the first information and the second information includes: determining whether the first node and the second node correspond to the same If the first node and the second node correspond to the same network segment, the path between the first node and the second node is split according to a preset rule to generate the first split Path; and if the first node and the second node correspond to different network segments, the depth-first search algorithm is used for the first node to obtain information about the path, and the path is based on the gateway on the path The division is performed to generate the first division path. 如申請專利範圍第8項所述的路徑查測方法,其中判斷該第一節點和該第二節點是否對應於相同的網段的步驟,包括:判斷該第一節點的第一網際網路協定位址和該第二節點的第二網際網路協定位址是否對應於相同的網段;以及判斷該第一節點和該第二節點是否具有相同的閘道或相同網段的閘道連外介面。 As described in item 8 of the scope of patent application, the step of determining whether the first node and the second node correspond to the same network segment includes: determining the first Internet protocol of the first node Whether the address and the second Internet protocol address of the second node correspond to the same network segment; and determining whether the first node and the second node have the same gateway or the same network segment outside the gateway interface. 如申請專利範圍第7項所述的路徑查測方法,更包括:傳送封包投放請求至該軟體定義網路控制器,並且響應於傳送該封包投放請求而接收該查測結果。 The path checking method described in item 7 of the scope of the patent application further includes: transmitting a packet placement request to the software-defined network controller, and receiving the check result in response to transmitting the packet placement request. 如申請專利範圍第10項所述的路徑查測方法,其中傳送封包投放請求至該軟體定義網路控制器,並且響應於傳送該封包投放請求而接收該查測結果的步驟,包括:根據該封包投放請求以通知該軟體定義網路控制器控制該第一分割路徑的起始節點投放查測封包;接收該軟體定義網路控制器藉由該查測封包取得的該查測結果;根據該查測結果判斷該查測結果中記錄的最終節點是否為該第二節點;若該最終節點為該第二節點,則將該第一分割路徑的該查測結果標記為成功;若該最終節點非為該第二節點,則判斷是否存在與該最終節點的第一連接埠對接的第二連接埠; 若該第二連接埠存在,則搜尋對應於該第二連接埠的第二軟體定義網路控制器,並且傳送第二封包投放請求以通知該第二軟體定義網路控制器控制第二分割路徑的第二起始節點投放該查測封包;若該第二連接埠不存在,則不將該第一分割路徑的該查測結果標記為成功。 As described in the 10th item of the scope of patent application, the step of transmitting a packet placement request to the software-defined network controller, and receiving the inspection result in response to transmitting the packet placement request includes: The packet delivery request is used to notify the software-defined network controller to control the start node of the first split path to deliver the test packet; receive the test result obtained by the software-defined network controller through the test packet; according to the The inspection result determines whether the final node recorded in the inspection result is the second node; if the final node is the second node, the inspection result of the first split path is marked as successful; if the final node If it is not the second node, determine whether there is a second port connected to the first port of the final node; If the second port exists, search for a second software-defined network controller corresponding to the second port, and send a second packet delivery request to notify the second software-defined network controller to control the second split path The second initiation node of ”drops the test packet; if the second port does not exist, the test result of the first split path is not marked as successful. 如申請專利範圍第7項所述的路徑查測方法,更包括:根據該查測結果產生路徑節點串列資訊,且透過使用者介面顯示該路徑節點串列資訊。For example, the path inspection method described in item 7 of the scope of patent application further includes: generating path node serial information according to the inspection result, and displaying the path node serial information through a user interface.
TW107143996A 2018-12-06 2018-12-06 Path check device and path check method for heterogeneous sdn network TWI699100B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW107143996A TWI699100B (en) 2018-12-06 2018-12-06 Path check device and path check method for heterogeneous sdn network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW107143996A TWI699100B (en) 2018-12-06 2018-12-06 Path check device and path check method for heterogeneous sdn network

Publications (2)

Publication Number Publication Date
TW202023239A TW202023239A (en) 2020-06-16
TWI699100B true TWI699100B (en) 2020-07-11

Family

ID=72175974

Family Applications (1)

Application Number Title Priority Date Filing Date
TW107143996A TWI699100B (en) 2018-12-06 2018-12-06 Path check device and path check method for heterogeneous sdn network

Country Status (1)

Country Link
TW (1) TWI699100B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI762995B (en) * 2020-08-07 2022-05-01 中華電信股份有限公司 System and method for communication site tagging associated with network flows
TWI774464B (en) * 2020-10-28 2022-08-11 美商戴爾產品有限公司 Expanded availability computing system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7305464B2 (en) * 2002-09-03 2007-12-04 End Ii End Communications, Inc. Systems and methods for broadband network optimization
WO2012050968A1 (en) * 2010-09-29 2012-04-19 Aviat Networks, Inc. Systems and methods for distributed data routing in a wireless network
US9712445B2 (en) * 2006-08-22 2017-07-18 Centurylink Intellectual Property Llc System and method for routing data on a packet network
TWI607641B (en) * 2016-07-12 2017-12-01 國立清華大學 Software-defined network controller and multipath routing method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7305464B2 (en) * 2002-09-03 2007-12-04 End Ii End Communications, Inc. Systems and methods for broadband network optimization
US9712445B2 (en) * 2006-08-22 2017-07-18 Centurylink Intellectual Property Llc System and method for routing data on a packet network
WO2012050968A1 (en) * 2010-09-29 2012-04-19 Aviat Networks, Inc. Systems and methods for distributed data routing in a wireless network
TWI607641B (en) * 2016-07-12 2017-12-01 國立清華大學 Software-defined network controller and multipath routing method

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI762995B (en) * 2020-08-07 2022-05-01 中華電信股份有限公司 System and method for communication site tagging associated with network flows
TWI774464B (en) * 2020-10-28 2022-08-11 美商戴爾產品有限公司 Expanded availability computing system

Also Published As

Publication number Publication date
TW202023239A (en) 2020-06-16

Similar Documents

Publication Publication Date Title
US9467330B2 (en) Diagnosing connectivity in a network
CN109714221B (en) Method, device and system for determining network data packet
US7307962B2 (en) System for inference of presence of network infrastructure devices
CN111835588B (en) In-band network remote measurement bearer flow selection method and system
CN101772918A (en) The Operations, Administration and Maintenance of service chaining (OAM)
US20160156516A1 (en) Monitoring device, method, and medium
JP4558139B2 (en) Network management device
TWI699100B (en) Path check device and path check method for heterogeneous sdn network
WO2020207051A1 (en) Method and apparatus for network verification
US9240940B2 (en) Scalable infiniband interconnect performance and diagnostic tool
EP3820121A1 (en) Time-sensitive networking for industrical automation
JP2007208633A (en) Device, method and program for designing network
TW201517556A (en) Network status visualization systems and methods
JP2013206112A5 (en)
JP2013026928A (en) Failure management system and failure management method
WO2023134377A1 (en) Network configuration method, device and system
CN108512698B (en) Network disaster tolerance method and device and electronic equipment
WO2023273637A1 (en) Fault detection method and apparatus
WO2022222479A1 (en) Network detection method and apparatus, and device and storage medium
US11606282B2 (en) Method and device for detecting network reliability
US20220329494A1 (en) System, method, and control apparatus
JP2015185968A (en) Failure message aggregation device and failure message aggregation program
CN117421185B (en) Cascade topology structure detection method, system, device and medium
WO2023010823A1 (en) Network fault root cause determining method and apparatus, device, and storage medium
CN116743617B (en) Method, computing device, and storage medium for network testing