WO2018121378A1 - Method and device for implementing packet mirroring of dynamic traffic in cloud network environment - Google Patents

Method and device for implementing packet mirroring of dynamic traffic in cloud network environment Download PDF

Info

Publication number
WO2018121378A1
WO2018121378A1 PCT/CN2017/117488 CN2017117488W WO2018121378A1 WO 2018121378 A1 WO2018121378 A1 WO 2018121378A1 CN 2017117488 W CN2017117488 W CN 2017117488W WO 2018121378 A1 WO2018121378 A1 WO 2018121378A1
Authority
WO
WIPO (PCT)
Prior art keywords
port
virtual machine
physical host
mirroring
switch
Prior art date
Application number
PCT/CN2017/117488
Other languages
French (fr)
Chinese (zh)
Inventor
袁航
周雍恺
祖立军
陈华俊
严峻岭
刘国宝
何朔
Original Assignee
***股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ***股份有限公司 filed Critical ***股份有限公司
Publication of WO2018121378A1 publication Critical patent/WO2018121378A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/20Support for services
    • H04L49/208Port mirroring
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1095Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes

Definitions

  • the present invention relates to network technologies, and in particular, to a method and apparatus for implementing message mirroring of dynamic traffic in a cloud network environment.
  • Cloud computing is an add-on, use, and delivery model of Internet-based related services that typically involves providing dynamically scalable and often virtualized resources over the Internet.
  • computing is distributed across a large number of distributed computers, rather than local computers or remote servers, enabling enterprises to switch resources to the applications they need and access the computers and storage systems as needed.
  • Virtual machine technology is widely used in cloud network environments.
  • a virtual machine is a server that is virtualized on a physical machine through a hypervisor. It can have its own independent CPU, memory, and disk. This technology can be used to divide a physical server into several isolated virtual servers to make full use of physical machine resources.
  • Virtual machine migration refers to an operation by which a virtual machine running on physical host A transmits related information (such as memory, disk, etc.) to another physical host through the network. B.
  • the above migration process is transparent to the user, and the business running in the virtual machine is not affected.
  • Port mirroring is performed by configuring a switch or router to forward data traffic of one or more source ports to a specified port.
  • the designated port is often called a mirrored port or a destination port.
  • Port mirroring does not affect the packet exchange between the source port and the destination port.
  • the packets that are sent to and from the source port are copied to the destination port as they are, so that the network traffic can be monitored and analyzed through the mirrored port.
  • network data can be effectively monitored and managed, especially in the event of a network failure.
  • An object of the present invention is to provide a method for implementing message mirroring of dynamic traffic in a cloud network environment, which has the advantages of high efficiency and high reliability.
  • a method for implementing message mirroring of dynamic traffic in a cloud network environment includes the following steps:
  • the port is connected to the mirror port to implement traffic mirroring of the virtual machine, and the mirror port is also used for traffic mirroring of other virtual machines in the cloud network environment.
  • the connection between the mirror port and the port used by the virtual machine to send and receive messages is also disconnected.
  • the identification information associated with the second physical host is determined by querying the cloud management platform database.
  • the network module that stores the network topology information is used to determine the switch connected to the second physical host and the port on the switch for sending and receiving packets associated with the virtual machine.
  • the network module is an SDN controller.
  • traffic mirroring is implemented by encapsulating the mirrored message in the GRE protocol and routing the encapsulated packet to the mirror port.
  • An object of the present invention is to provide an apparatus for implementing message mirroring of dynamic traffic in a cloud network environment, which has the advantages of high efficiency and high reliability.
  • An apparatus for implementing message mirroring of dynamic traffic in a cloud network environment includes:
  • a detection module configured to detect the occurrence of a virtual machine migration
  • a positioning module coupled to the probe module, configured to determine identification information associated with the second physical host in response to an event of the virtual machine migrating from the first physical host to the second physical host, and The identification information determines a switch to which the second physical host is connected and a port on the switch for transmitting and receiving a message associated with the virtual machine;
  • a port mirroring configuration module coupled to the positioning module, configured to connect the port to a mirror port to implement traffic mirroring of the virtual machine, where the mirror port is also used for other virtual machines in a cloud network environment Traffic mirroring.
  • the present invention has the following advantages over the prior art.
  • the source port can improve the level of automatic operation and maintenance; in this case, the GRE protocol is used to encapsulate the mirrored packets during port mirroring, so that the source port traffic can be obtained even when the source port and the destination port are not on the same switch. Mirror to the destination port.
  • FIG. 1 is a schematic block diagram of an apparatus for implementing message mirroring of dynamic traffic in a cloud network environment, in accordance with one embodiment of the present invention.
  • FIG. 2 is a schematic diagram of the operation of the apparatus for implementing message mirroring of dynamic traffic in a cloud network environment.
  • FIG. 3 is a flowchart of a method for implementing message mirroring of dynamic traffic in a cloud network environment according to another embodiment of the present invention.
  • FIG. 1 is a schematic block diagram of an apparatus for implementing message mirroring of dynamic traffic in a cloud network environment, in accordance with one embodiment of the present invention.
  • the apparatus 10 shown in FIG. 1 includes a detection module 110, a positioning module 120 coupled to the detection module 110, and a mirror configuration module 130 coupled to the positioning module 120.
  • the detection module 110 is configured to detect whether a virtual machine migration occurs within the cloud network and to transmit relevant information of the virtual machine to the positioning module 120 when the migration occurs. After the virtual machine is migrated, the switch port through which the virtual machine traffic passes will change.
  • the location module 120 is configured to locate the switch port currently being used by the virtual machine in response to the probe of the virtual machine migration. In this embodiment, the positioning module 120 can perform positioning in the following manner: determining identification information of the physical host to which the virtual machine is migrated, and determining, according to the queried identification information, the switch connected to the physical host and the switch. The port that sends and receives the message associated with the virtual machine (that is, the previously used switch port).
  • the port mirroring configuration module 130 is configured to establish a connection between the currently used port and the mirrored port and back up the packet that is sent and received by the virtual machine through the currently used port to the mirrored port.
  • the mirrored port is also shared by other virtual machines, that is, it is also used for traffic mirroring of other virtual machines in the cloud network environment.
  • the port mirroring configuration module 130 is further configured to connect the currently used port to the mirrored port, and also disconnect the mirrored port from the port used by the virtual machine to send and receive packets. connection.
  • FIG. 2 is a schematic diagram of the operation of the apparatus for implementing message mirroring of dynamic traffic in a cloud network environment.
  • the detection module 110 transmits relevant information of the virtual machine VM (eg, an identifier of the virtual machine VM) to the positioning module 120.
  • the positioning module 120 searches for the identification information of the physical host (in this example, the physical host B) corresponding to the information of the virtual machine VM, for example by querying the database 20 of the cloud management platform (for example, based on the Openstack architecture).
  • the identification information includes, for example, but is not limited to, a server address and/or an identifier, and the like.
  • the positioning module 120 accesses the network module 30 (for example, the SDN controller) that stores the network topology information, and determines, according to the identification information of the physical host B, the switch connected to the physical host B and the switch for transmitting and receiving the virtual machine VM.
  • the port of the associated message In the example shown in FIG. 2, by way of example, physical host A is connected to port P1 of switch J1, physical host B is connected to port P2 of switch J2, and port P3 of switch J3 is used as a mirrored port.
  • the location module 120 sends its determined switch and its port information to the port mirror configuration module 130. Subsequently, the port mirroring configuration module 130 establishes a connection between the port P2 of the switch J2 and the port P3 of the switch J3 according to the received switch and its port information, thereby providing a dynamic traffic mirror backup function for the virtual machine VM. Preferably, the port mirroring configuration module 130 encapsulates the mirrored packet at the port P2 of the switch J2 with the GRE protocol and routes the encapsulated packet to the port P3 of the switch J3, for example, by calling the API interface of the switch.
  • the mirrored packet can be encapsulated into an IP packet through the GRE tunnel, and then routed to the destination port of the remote mirroring device (for example, the monitoring system 40 in FIG. 2) (for example, the port P3 of the switch J3 in FIG. 2) ).
  • the mirrored packets cannot pass through the routed network.
  • the encapsulated remote port mirroring method in this embodiment can break through such flaws and transmit mirrored packets between the routed networks.
  • port mirror configuration module 130 While establishing a new connection, port mirror configuration module 130 also disconnects port P1 of switch J1 from port P3 of switch J3. It should be noted that the disconnect operation may be performed in synchronization with the operation of establishing a new connection, or before or after the operation of establishing a new connection.
  • the monitoring system 40 is connected to the port P3 of the switch J3, and can monitor and analyze all the packets mirrored to the port P3, including network traffic analysis, service quality analysis, and packet security analysis.
  • FIG. 3 is a flowchart of a method for implementing message mirroring of dynamic traffic in a cloud network environment according to another embodiment of the present invention.
  • the method of the present embodiment is implemented by using the apparatus for implementing message mirroring of dynamic traffic in a cloud network environment as shown in FIG. It should be noted, however, that the method of the present embodiment does not rely on a device of a particular configuration.
  • step 310 the detection module 110 periodically or irregularly detects one or more virtual machines in a cloud network environment. Then, proceeding to step 320, the detecting module 110 determines whether there is an event of virtual machine migration, and if so, proceeds to step 330, otherwise returns to step 310 to continue the detecting.
  • the probing module 110 will collect relevant information of the virtual machine in which the migration occurred (eg, the identifier of the virtual machine) and transmit it to the positioning module 120.
  • the positioning module 120 accesses the database of the cloud management platform, and searches for information of the physical host corresponding to the virtual machine information (the physical host to which the virtual machine belongs after migration), such as a server address and/or an identifier.
  • the positioning module 120 accesses the network module storing the network topology information, obtains the switch connected to the physical host according to the information of the physical host determined in step 340, and the switch is used to send and receive the virtual machine related to the virtual machine.
  • the port of the connected message is used to send and receive the virtual machine related to the virtual machine.
  • the location module 120 sends the determined information of the switch and its ports to the port mirror configuration module 130.
  • Steps 370 and 380 are then performed in parallel, wherein in step 370, the port mirroring configuration module 130 connects the port of the switch determined by the positioning module 120 at step 350 with the mirrored port to provide a dynamic traffic mirror backup function for the virtual machine; In step 380, the port mirroring configuration module 130 disconnects the switch port and the mirror port that the virtual machine originally used. It should be noted that although the establishment of the new connection operation and the disconnection of the old connection operation shown in this embodiment are performed in parallel, the two operations can also be sequentially performed.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The present invention relates to network technology, and in particular, to a method and device for implementing packet mirroring of dynamic traffic in a cloud network environment. The method for implementing packet mirroring of dynamic traffic in a cloud network environment according to the present invention comprises the following steps: in response to an event wherein a virtual machine migrates from a first physical host to a second physical host, determining identification information associated with the second physical host; according to the identification information, determining a switch to which the second physical host is connected and a port on the switch, said port being used for sending and receiving packets associated with the virtual machine; and connecting the port with a mirroring port to implement traffic mirroring of the virtual machine, the mirroring port being further used for traffic mirroring of other virtual machines in the cloud network environment.

Description

在云网络环境下实现动态流量的报文镜像的方法和装置Method and device for realizing message mirroring of dynamic traffic in cloud network environment 技术领域Technical field
本发明涉及网络技术,特别涉及用于在云网络环境下实现动态流量的报文镜像的方法和装置。The present invention relates to network technologies, and in particular, to a method and apparatus for implementing message mirroring of dynamic traffic in a cloud network environment.
背景技术Background technique
云计算是基于互联网的相关服务的增加、使用和交付模式,通常涉及通过互联网来提供动态易扩展且经常是虚拟化的资源。在云网络环境下,计算分布在大量的分布式计算机上,而非本地计算机或远程服务器中,这使得企业能够将资源切换到需要的应用上,根据需求访问计算机和存储***。Cloud computing is an add-on, use, and delivery model of Internet-based related services that typically involves providing dynamically scalable and often virtualized resources over the Internet. In a cloud network environment, computing is distributed across a large number of distributed computers, rather than local computers or remote servers, enabling enterprises to switch resources to the applications they need and access the computers and storage systems as needed.
虚拟机技术被广泛应用于云网络环境。所谓虚拟机是指通过虚拟化软件(hypervisor)在物理机上虚拟出来的服务器,它可以有自己独立的CPU、内存和磁盘。通过该技术可以把一个物理服务器分成几个相互隔离的虚拟服务器,从而更充分地利用物理机资源。虚拟机迁移指的是这样一种操作,借助该操作,一台运行在物理宿主机A上的虚拟机,通过通过网络将相关信息(如内存、磁盘等信息)传输到另一台物理宿主机B上。上述迁移过程对用户而言是透明的,虚拟机中运行的业务也不会受到影响。Virtual machine technology is widely used in cloud network environments. A virtual machine is a server that is virtualized on a physical machine through a hypervisor. It can have its own independent CPU, memory, and disk. This technology can be used to divide a physical server into several isolated virtual servers to make full use of physical machine resources. Virtual machine migration refers to an operation by which a virtual machine running on physical host A transmits related information (such as memory, disk, etc.) to another physical host through the network. B. The above migration process is transparent to the user, and the business running in the virtual machine is not affected.
端口镜像技术是通过配置交换机或路由器,将一个或多个源端口的数据流量转发到某一个指定端口来实现对网络的监听,其中指定端口常称为“镜像端口”或“目的端口”。端口镜像并不影响源端口和目的端口的报文交换,只是将所有进入源端口和从源端口输出的报文原样复制到目的端口,从而可以经镜像端口对网络流量进行监控分析。借助于镜像功能,可以对网络数据进行有效的监控管理,特别是在网络发生故障时能够快速地对故障定位。Port mirroring is performed by configuring a switch or router to forward data traffic of one or more source ports to a specified port. The designated port is often called a mirrored port or a destination port. Port mirroring does not affect the packet exchange between the source port and the destination port. The packets that are sent to and from the source port are copied to the destination port as they are, so that the network traffic can be monitored and analyzed through the mirrored port. With the mirroring function, network data can be effectively monitored and managed, especially in the event of a network failure.
如上所述,在云环境下,资源是通过虚拟机向用户提供的。物理机宿主机的故障、资源优化调度和重建等会导致虚拟机发生迁移。随着网络规模的扩大和用户数量的增长,虚拟资源的动态调整更为频繁,因此如何在云网络环境下实现动态流量的报文镜像对于业界来说是一个挑战。As mentioned above, in a cloud environment, resources are provided to users through virtual machines. The failure of the physical machine host, resource optimization scheduling and reconstruction will cause the virtual machine to migrate. As the network scales and the number of users grows, the dynamic adjustment of virtual resources is more frequent. Therefore, how to implement dynamic traffic packet mirroring in a cloud network environment is a challenge for the industry.
发明内容Summary of the invention
本发明的一个目的是提供一种用于在云网络环境下实现动态流量的报文镜像的方法,其具有高效率和高可靠性等优点。An object of the present invention is to provide a method for implementing message mirroring of dynamic traffic in a cloud network environment, which has the advantages of high efficiency and high reliability.
按照本发明一个方面的用于在云网络环境下实现动态流量的报文镜像的方法,其特征在于,包含下列步骤: A method for implementing message mirroring of dynamic traffic in a cloud network environment according to an aspect of the present invention includes the following steps:
响应于虚拟机从第一物理宿主机迁移到第二物理宿主机的事件,确定与所述第二物理宿主机相关联的标识信息;Determining identification information associated with the second physical host in response to an event of the virtual machine migrating from the first physical host to the second physical host;
根据所述标识信息确定所述第二物理宿主机所连接的交换机和该交换机上用来收发与所述虚拟机相关联的报文的端口;以及Determining, according to the identification information, a switch connected to the second physical host and a port on the switch for transmitting and receiving a message associated with the virtual machine;
将所述端口与镜像端口相连以实现所述虚拟机的流量镜像,其中,所述镜像端口还被用于云网络环境下其它虚拟机的流量镜像。The port is connected to the mirror port to implement traffic mirroring of the virtual machine, and the mirror port is also used for traffic mirroring of other virtual machines in the cloud network environment.
优选地,在上述方法中,在将所述端口与镜像端口相连的同时,还断开所述镜像端口与所述虚拟机之前用来收发报文的端口之间的连接。Preferably, in the above method, when the port is connected to the mirror port, the connection between the mirror port and the port used by the virtual machine to send and receive messages is also disconnected.
优选地,在上述方法中,通过查询云管理平台数据库确定与所述第二物理宿主机相关联的标识信息。Preferably, in the above method, the identification information associated with the second physical host is determined by querying the cloud management platform database.
优选地,在上述方法中,通过查询存储全网拓扑信息的网络模块确定所述第二物理宿主机所连接的交换机和该交换机上用来收发与所述虚拟机相关联的报文的端口。Preferably, in the above method, the network module that stores the network topology information is used to determine the switch connected to the second physical host and the port on the switch for sending and receiving packets associated with the virtual machine.
优选地,在上述方法中,所述网络模块为SDN控制器。Preferably, in the above method, the network module is an SDN controller.
优选地,在上述方法中,通过将被镜像的报文以GRE协议封装并且将封装后的报文路由到所述镜像端口来实现流量镜像。Preferably, in the above method, traffic mirroring is implemented by encapsulating the mirrored message in the GRE protocol and routing the encapsulated packet to the mirror port.
本发明的一个目的是提供一种用于在云网络环境下实现动态流量的报文镜像的装置,其具有高效率和高可靠性等优点。An object of the present invention is to provide an apparatus for implementing message mirroring of dynamic traffic in a cloud network environment, which has the advantages of high efficiency and high reliability.
按照本发明另一个方面的用于在云网络环境下实现动态流量的报文镜像的装置包含:An apparatus for implementing message mirroring of dynamic traffic in a cloud network environment according to another aspect of the present invention includes:
探测模块,其配置为探测虚拟机迁移的发生;a detection module configured to detect the occurrence of a virtual machine migration;
与所述探测模块耦合的定位模块,其配置为响应于虚拟机从第一物理宿主机迁移到第二物理宿主机的事件,确定与所述第二物理宿主机相关联的标识信息,并且根据所述标识信息确定所述第二物理宿主机所连接的交换机和该交换机上用来收发与所述虚拟机相关联的报文的端口;以及a positioning module coupled to the probe module, configured to determine identification information associated with the second physical host in response to an event of the virtual machine migrating from the first physical host to the second physical host, and The identification information determines a switch to which the second physical host is connected and a port on the switch for transmitting and receiving a message associated with the virtual machine;
与所述定位模块耦合的端口镜像配置模块,其配置为将所述端口与镜像端口相连以实现所述虚拟机的流量镜像,其中,所述镜像端口还被用于云网络环境下其它虚拟机的流量镜像。a port mirroring configuration module coupled to the positioning module, configured to connect the port to a mirror port to implement traffic mirroring of the virtual machine, where the mirror port is also used for other virtual machines in a cloud network environment Traffic mirroring.
与现有技术相比,本发明有以下优点。首先,流量镜像的粒度从交换机端口变成虚拟机,即使虚拟机的位置发生变化,仍不影响对其流量的监控,这提高了平台及业务的可靠性;其次,通过自动跟踪定位端口镜像的源端口,可以提高自动化运维水平;在这,通过在端口镜像的时候利用GRE协议封装被镜像的报文,使得即使当源端口和目的端口不在同一台交换机时,仍然可以将源端口的流量镜像到目的端口上。 The present invention has the following advantages over the prior art. First, the granularity of traffic mirroring changes from a switch port to a virtual machine. Even if the location of the virtual machine changes, it does not affect the monitoring of its traffic, which improves the reliability of the platform and services. Second, it automatically tracks the port mirroring. The source port can improve the level of automatic operation and maintenance; in this case, the GRE protocol is used to encapsulate the mirrored packets during port mirroring, so that the source port traffic can be obtained even when the source port and the destination port are not on the same switch. Mirror to the destination port.
附图说明DRAWINGS
本发明的上述和/或其它方面和优点将通过以下结合附图的各个方面的描述变得更加清晰和更容易理解,附图中相同或相似的单元采用相同的标号表示。附图包括:The above and/or other aspects and advantages of the present invention will be more clearly understood and understood from The drawings include:
图1为按照本发明一个实施例的用于在云网络环境下实现动态流量的报文镜像的装置的示意框图。1 is a schematic block diagram of an apparatus for implementing message mirroring of dynamic traffic in a cloud network environment, in accordance with one embodiment of the present invention.
图2为图1所示用于在云网络环境下实现动态流量的报文镜像的装置的工作原理图。FIG. 2 is a schematic diagram of the operation of the apparatus for implementing message mirroring of dynamic traffic in a cloud network environment.
图3为按照本发明另一个实施例的用于在云网络环境下实现动态流量的报文镜像的方法的流程图。FIG. 3 is a flowchart of a method for implementing message mirroring of dynamic traffic in a cloud network environment according to another embodiment of the present invention.
具体实施方式detailed description
下面参照其中图示了本发明示意性实施例的附图更为全面地说明本发明。但本发明可以按不同形式来实现,而不应解读为仅限于本文给出的各实施例。给出的上述各实施例旨在使本文的披露全面完整,以将本发明的保护范围更为全面地传达给本领域技术人员。The invention will now be described more fully hereinafter with reference to the accompanying drawings However, the invention may be embodied in different forms and should not be construed as limited to the various embodiments presented herein. The above-described embodiments are intended to be complete and complete to convey the scope of the present invention to those skilled in the art.
在本说明书中,诸如“包含”和“包括”之类的用语表示除了具有在说明书和权利要求书中有直接和明确表述的单元和步骤以外,本发明的技术方案也不排除具有未被直接或明确表述的其它单元和步骤的情形。In the present specification, the terms "including" and "including" are used to mean that the present invention does not exclude the direct Or the case of other units and steps that are expressly stated.
图1为按照本发明一个实施例的用于在云网络环境下实现动态流量的报文镜像的装置的示意框图。图1所示的装置10包括探测模块110、与探测模块110耦合的定位模块120和与定位模块120耦合的镜像配置模块130。1 is a schematic block diagram of an apparatus for implementing message mirroring of dynamic traffic in a cloud network environment, in accordance with one embodiment of the present invention. The apparatus 10 shown in FIG. 1 includes a detection module 110, a positioning module 120 coupled to the detection module 110, and a mirror configuration module 130 coupled to the positioning module 120.
探测模块110被配置为探测云网络内是否发生虚拟机迁移并且在发生迁移时将虚拟机的相关信息发送至定位模块120。当虚拟机发生迁移之后,虚拟机流量所经过的交换机端口将发生改变。定位模块120配置为响应于虚拟机迁移的探测,定位该虚拟机当前使用的交换机端口。在本实施例中定位模块120可按照下列方式进行定位:确定虚拟机所迁移到的物理宿主机的标识信息,并且根据查询到的标识信息确定该物理宿主机所连接的交换机和该交换机上用来收发与虚拟机相关联的报文的端口(即前述当前使用的交换机端口)。端口镜像配置模块130配置为在当前使用的端口与镜像端口之间建立连接并且将虚拟机经当前使用端口收发的报文镜像备份到镜像端口。在本实施例中,镜像端口还被其它虚拟机共享,即,其还被用于云网络环境下其它虚拟机的流量镜像。The detection module 110 is configured to detect whether a virtual machine migration occurs within the cloud network and to transmit relevant information of the virtual machine to the positioning module 120 when the migration occurs. After the virtual machine is migrated, the switch port through which the virtual machine traffic passes will change. The location module 120 is configured to locate the switch port currently being used by the virtual machine in response to the probe of the virtual machine migration. In this embodiment, the positioning module 120 can perform positioning in the following manner: determining identification information of the physical host to which the virtual machine is migrated, and determining, according to the queried identification information, the switch connected to the physical host and the switch. The port that sends and receives the message associated with the virtual machine (that is, the previously used switch port). The port mirroring configuration module 130 is configured to establish a connection between the currently used port and the mirrored port and back up the packet that is sent and received by the virtual machine through the currently used port to the mirrored port. In this embodiment, the mirrored port is also shared by other virtual machines, that is, it is also used for traffic mirroring of other virtual machines in the cloud network environment.
优选地,端口镜像配置模块130还被配置为在将当前使用的端口与镜像端口相连的同时,还断开镜像端口与虚拟机之前用来收发报文的端口之间的 连接。Preferably, the port mirroring configuration module 130 is further configured to connect the currently used port to the mirrored port, and also disconnect the mirrored port from the port used by the virtual machine to send and receive packets. connection.
图2为图1所示用于在云网络环境下实现动态流量的报文镜像的装置的工作原理图。FIG. 2 is a schematic diagram of the operation of the apparatus for implementing message mirroring of dynamic traffic in a cloud network environment.
如图2所示,当虚拟机VM从物理宿主机A迁移至物理宿主机B时,被探测模块110检测到。响应于该检测,探测模块110将虚拟机VM的相关信息(例如虚拟机VM的标识符)发送至定位模块120。As shown in FIG. 2, when the virtual machine VM migrates from the physical host A to the physical host B, it is detected by the detecting module 110. In response to the detection, the detection module 110 transmits relevant information of the virtual machine VM (eg, an identifier of the virtual machine VM) to the positioning module 120.
随后,定位模块120例如通过查询云管理平台(例如基于Openstack架构)的数据库20,搜索到与虚拟机VM的信息相对应的物理宿主机(在本示例中,即物理宿主机B)的标识信息,标识信息例如包括但不限于服务器地址和/或标识符等。接着,定位模块120访问存储全网拓扑信息的网络模块30(例如SDN控制器),根据物理宿主机B的标识信息确定物理宿主机B所连接的交换机和该交换机上用来收发与虚拟机VM相关联的报文的端口。在图2所示的实例中,示例性地,物理宿主机A与交换机J1的端口P1相连,物理宿主机B与交换机J2的端口P2相连,并且交换机J3的端口P3被用作镜像端口。Subsequently, the positioning module 120 searches for the identification information of the physical host (in this example, the physical host B) corresponding to the information of the virtual machine VM, for example by querying the database 20 of the cloud management platform (for example, based on the Openstack architecture). The identification information includes, for example, but is not limited to, a server address and/or an identifier, and the like. Next, the positioning module 120 accesses the network module 30 (for example, the SDN controller) that stores the network topology information, and determines, according to the identification information of the physical host B, the switch connected to the physical host B and the switch for transmitting and receiving the virtual machine VM. The port of the associated message. In the example shown in FIG. 2, by way of example, physical host A is connected to port P1 of switch J1, physical host B is connected to port P2 of switch J2, and port P3 of switch J3 is used as a mirrored port.
定位模块120将其确定的交换机及其端口信息发送至端口镜像配置模块130。随后,端口镜像配置模块130根据接收的交换机及其端口信息,在交换机J2的端口P2与交换机J3的端口P3之间建立连接,从而为虚拟机VM提供动态的流量镜像备份功能。优选地,端口镜像配置模块130例如通过调用交换机的API接口,将交换机J2的端口P2处被镜像的报文以GRE协议封装并且将封装后的报文路由到交换机J3的端口P3。特别是,可以将被镜像的报文通过GRE隧道封装成IP报文,然后路由到远端镜像设备(例如图2中的监测***40)的目的端口(例如图2中的交换机J3的端口P3)。在一般的远程端口镜像中,镜像的报文无法经过路由的网络,而采用本实施例的封装远程端口镜像方式可以突破这样的桎梏,在路由的网络间传输镜像的报文。The location module 120 sends its determined switch and its port information to the port mirror configuration module 130. Subsequently, the port mirroring configuration module 130 establishes a connection between the port P2 of the switch J2 and the port P3 of the switch J3 according to the received switch and its port information, thereby providing a dynamic traffic mirror backup function for the virtual machine VM. Preferably, the port mirroring configuration module 130 encapsulates the mirrored packet at the port P2 of the switch J2 with the GRE protocol and routes the encapsulated packet to the port P3 of the switch J3, for example, by calling the API interface of the switch. In particular, the mirrored packet can be encapsulated into an IP packet through the GRE tunnel, and then routed to the destination port of the remote mirroring device (for example, the monitoring system 40 in FIG. 2) (for example, the port P3 of the switch J3 in FIG. 2) ). In a typical remote port mirroring, the mirrored packets cannot pass through the routed network. The encapsulated remote port mirroring method in this embodiment can break through such flaws and transmit mirrored packets between the routed networks.
在建立新连接的同时,端口镜像配置模块130还断开交换机J1的端口P1与交换机J3的端口P3之间的连接。需要指出的是,断开操作可以与建立新连接的操作同步进行,也可以在建立新连接的操作之前或之后进行。While establishing a new connection, port mirror configuration module 130 also disconnects port P1 of switch J1 from port P3 of switch J3. It should be noted that the disconnect operation may be performed in synchronization with the operation of establishing a new connection, or before or after the operation of establishing a new connection.
如图2所示,监控***40与交换机J3的端口P3相连,其可对所有被镜像到端口P3的报文进行监测分析,例如包括网络流量分析、业务质量分析和报文安全分析等。As shown in FIG. 2, the monitoring system 40 is connected to the port P3 of the switch J3, and can monitor and analyze all the packets mirrored to the port P3, including network traffic analysis, service quality analysis, and packet security analysis.
图3为按照本发明另一个实施例的用于在云网络环境下实现动态流量的报文镜像的方法的流程图。为阐述方便起见,采用上面借助图1所示的用于在云网络环境下实现动态流量的报文镜像的装置来实现本实施例的方法, 但是需要指出的是,本实施例的方法并不依赖于特定结构的装置。FIG. 3 is a flowchart of a method for implementing message mirroring of dynamic traffic in a cloud network environment according to another embodiment of the present invention. For convenience of explanation, the method of the present embodiment is implemented by using the apparatus for implementing message mirroring of dynamic traffic in a cloud network environment as shown in FIG. It should be noted, however, that the method of the present embodiment does not rely on a device of a particular configuration.
如图3所示,在步骤310,探测模块110定期或不定期地对云网络环境下的一个或多个虚拟机进行探测。随后进入步骤320,探测模块110判断是否有虚拟机迁移的事件发生,如果发生,则进入步骤330,否则返回步骤310,继续进行探测。As shown in FIG. 3, in step 310, the detection module 110 periodically or irregularly detects one or more virtual machines in a cloud network environment. Then, proceeding to step 320, the detecting module 110 determines whether there is an event of virtual machine migration, and if so, proceeds to step 330, otherwise returns to step 310 to continue the detecting.
在步骤330,探测模块110将采集发生迁移的虚拟机的相关信息(例如该虚拟机的标识符)并且将其传送给定位模块120。随后进入步骤340,定位模块120访问云管理平台的数据库,查找与虚拟机信息对应的物理宿主机(虚拟机迁移后所属的物理宿主机)的信息,例如服务器地址和/或标识符。接着进入步骤350,定位模块120访问存储全网拓扑信息的网络模块,根据步骤340所确定的物理宿主机的信息获得该物理宿主机所连接的交换机和该交换机上用来收发与该虚拟机相关联的报文的端口。At step 330, the probing module 110 will collect relevant information of the virtual machine in which the migration occurred (eg, the identifier of the virtual machine) and transmit it to the positioning module 120. Then proceed to step 340, the positioning module 120 accesses the database of the cloud management platform, and searches for information of the physical host corresponding to the virtual machine information (the physical host to which the virtual machine belongs after migration), such as a server address and/or an identifier. Then, proceeding to step 350, the positioning module 120 accesses the network module storing the network topology information, obtains the switch connected to the physical host according to the information of the physical host determined in step 340, and the switch is used to send and receive the virtual machine related to the virtual machine. The port of the connected message.
在步骤360,定位模块120将所确定的交换机及其端口的信息发送给端口镜像配置模块130。At step 360, the location module 120 sends the determined information of the switch and its ports to the port mirror configuration module 130.
随后并行地执行步骤370和380,其中,在步骤370中,端口镜像配置模块130将定位模块120在步骤350确定的交换机的端口与镜像端口连接,从而为虚拟机提供动态的流量镜像备份功能;在步骤380中,端口镜像配置模块130断开虚拟机原先使用的交换机端口与镜像端口之间的连接。需要指出的是,虽然本实施例中所示的建立新连接操作和断开旧连接操作是并行地完成的,但是这两种操作也可以顺序执行。 Steps 370 and 380 are then performed in parallel, wherein in step 370, the port mirroring configuration module 130 connects the port of the switch determined by the positioning module 120 at step 350 with the mirrored port to provide a dynamic traffic mirror backup function for the virtual machine; In step 380, the port mirroring configuration module 130 disconnects the switch port and the mirror port that the virtual machine originally used. It should be noted that although the establishment of the new connection operation and the disconnection of the old connection operation shown in this embodiment are performed in parallel, the two operations can also be sequentially performed.
提供本文中提出的实施例和示例,以便最好地说明按照本技术及其特定应用的实施例,并且由此使本领域的技术人员能够实施和使用本发明。但是,本领域的技术人员将会知道,仅为了便于说明和举例而提供以上描述和示例。所提出的描述不是意在涵盖本发明的各个方面或者将本发明局限于所公开的精确形式。The embodiments and examples set forth herein are provided to best illustrate the embodiments of the present invention and the specific application thereof, and thereby enabling those skilled in the art to make and use the invention. However, those skilled in the art will appreciate that the above description and examples are provided for ease of illustration and illustration. The descriptions are not intended to cover the various aspects of the invention or to limit the invention to the precise forms disclosed.
鉴于以上所述,本公开的范围通过以下权利要求书来确定。 In view of the above, the scope of the present disclosure is determined by the following claims.

Claims (12)

  1. 一种用于在云网络环境下实现动态流量的报文镜像的方法,其特征在于,包含下列步骤:A method for implementing message mirroring of dynamic traffic in a cloud network environment, comprising the steps of:
    响应于虚拟机从第一物理宿主机迁移到第二物理宿主机的事件,确定与所述第二物理宿主机相关联的标识信息;Determining identification information associated with the second physical host in response to an event of the virtual machine migrating from the first physical host to the second physical host;
    根据所述标识信息确定所述第二物理宿主机所连接的交换机和该交换机上用来收发与所述虚拟机相关联的报文的端口;以及Determining, according to the identification information, a switch connected to the second physical host and a port on the switch for transmitting and receiving a message associated with the virtual machine;
    将所述端口与镜像端口相连以实现所述虚拟机的流量镜像,其中,所述镜像端口还被用于云网络环境下其它虚拟机的流量镜像。The port is connected to the mirror port to implement traffic mirroring of the virtual machine, and the mirror port is also used for traffic mirroring of other virtual machines in the cloud network environment.
  2. 如权利要求1所述的方法,其中,在将所述端口与镜像端口相连的同时,还断开所述镜像端口与所述虚拟机之前用来收发报文的端口之间的连接。The method of claim 1, wherein the connection between the mirrored port and a port used by the virtual machine to send and receive messages is also disconnected while the port is connected to the mirrored port.
  3. 如权利要求1所述的方法,其中,通过查询云管理平台数据库确定与所述第二物理宿主机相关联的标识信息。The method of claim 1 wherein the identification information associated with the second physical host is determined by querying a cloud management platform database.
  4. 如权利要求1所述的方法,其中,通过查询存储全网拓扑信息的网络模块确定所述第二物理宿主机所连接的交换机和该交换机上用来收发与所述虚拟机相关联的报文的端口。The method of claim 1, wherein the network module storing the network topology information is queried to determine that the switch connected to the second physical host and the switch are configured to send and receive messages associated with the virtual machine. Port.
  5. 如权利要求4所述的方法,其中,所述网络模块为SDN控制器。The method of claim 4 wherein said network module is an SDN controller.
  6. 如权利要求1所述的方法,其中,通过将被镜像的报文以GRE协议封装并且将封装后的报文路由到所述镜像端口来实现流量镜像。The method of claim 1 wherein traffic mirroring is achieved by encapsulating the mirrored message in a GRE protocol and routing the encapsulated message to the mirrored port.
  7. 一种用于在云网络环境下实现动态流量的报文镜像的装置,其特征在于,包含:An apparatus for implementing message mirroring of dynamic traffic in a cloud network environment, comprising:
    探测模块,其配置为探测虚拟机迁移的发生;a detection module configured to detect the occurrence of a virtual machine migration;
    与所述探测模块耦合的定位模块,其配置为响应于虚拟机从第一物理宿主机迁移到第二物理宿主机的事件,确定与所述第二物理宿主机相关联的标识信息,并且根据所述标识信息确定所述第二物理宿主机所连接的交换机和该交换机上用来收发与所述虚拟机相关联的报文的端口;以及a positioning module coupled to the probe module, configured to determine identification information associated with the second physical host in response to an event of the virtual machine migrating from the first physical host to the second physical host, and The identification information determines a switch to which the second physical host is connected and a port on the switch for transmitting and receiving a message associated with the virtual machine;
    与所述定位模块耦合的端口镜像配置模块,其配置为将所述端口与镜像端口相连以实现所述虚拟机的流量镜像,其中,所述镜像端口还被用于云网络环境下其它虚拟机的流量镜像。a port mirroring configuration module coupled to the positioning module, configured to connect the port to a mirror port to implement traffic mirroring of the virtual machine, where the mirror port is also used for other virtual machines in a cloud network environment Traffic mirroring.
  8. 如权利要求1所述的装置,其中,所述端口镜像配置模块还被配置为在将所述端口与镜像端口相连的同时,还断开所述镜像端口与所述虚拟机之前用来收发报文的端口之间的连接。The apparatus of claim 1, wherein the port mirroring configuration module is further configured to, when the port is connected to the mirrored port, disconnect the mirrored port from the virtual machine before being used to send and receive reports. The connection between the ports of the text.
  9. 如权利要求8所述的装置,其中,所述定位模块通过查询云管理平 台数据库确定与所述第二物理宿主机相关联的标识信息。The apparatus of claim 8, wherein the positioning module manages the cloud by querying The station database determines identification information associated with the second physical host.
  10. 如权利要求8所述的装置,其中,所述定位模块通过查询存储全网拓扑信息的网络模块确定所述第二物理宿主机所连接的交换机和该交换机上用来收发与所述虚拟机相关联的报文的端口。The device of claim 8, wherein the positioning module determines, by the network module storing the network topology information, the switch connected to the second physical host and the switch for transmitting and receiving the virtual machine The port of the connected message.
  11. 如权利要求10所述的装置,其中,所述网络模块为SDN控制器。The apparatus of claim 10 wherein said network module is an SDN controller.
  12. 如权利要求8所述的装置,其中,通过将被镜像的报文以GRE协议封装并且将封装后的报文路由到所述镜像端口来实现流量镜像。 The apparatus of claim 8, wherein the traffic mirroring is implemented by encapsulating the mirrored message in a GRE protocol and routing the encapsulated message to the mirrored port.
PCT/CN2017/117488 2016-12-30 2017-12-20 Method and device for implementing packet mirroring of dynamic traffic in cloud network environment WO2018121378A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201611270416.0A CN106982244B (en) 2016-12-30 2016-12-30 Method and device for realizing message mirroring of dynamic flow under cloud network environment
CN201611270416.0 2016-12-30

Publications (1)

Publication Number Publication Date
WO2018121378A1 true WO2018121378A1 (en) 2018-07-05

Family

ID=59340967

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/117488 WO2018121378A1 (en) 2016-12-30 2017-12-20 Method and device for implementing packet mirroring of dynamic traffic in cloud network environment

Country Status (3)

Country Link
CN (1) CN106982244B (en)
TW (1) TWI677217B (en)
WO (1) WO2018121378A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111585975A (en) * 2020-04-17 2020-08-25 上海中通吉网络技术有限公司 Security vulnerability detection method, device and system, and switch
CN114285667A (en) * 2021-12-30 2022-04-05 湖南泛联新安信息科技有限公司 Network target range flow real-time acquisition system and method
CN114785762A (en) * 2022-03-23 2022-07-22 深圳市飞泉云数据服务有限公司 Method and device for realizing cloud computing system, terminal equipment and storage medium

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106982244B (en) * 2016-12-30 2020-10-23 ***股份有限公司 Method and device for realizing message mirroring of dynamic flow under cloud network environment
CN107370642B (en) * 2017-09-04 2020-12-08 赛尔网络有限公司 Multi-tenant network stability monitoring system and method based on cloud platform
CN112217689B (en) * 2020-09-11 2022-05-31 苏州浪潮智能科技有限公司 Network message tracking method and system based on OpenStack

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120291026A1 (en) * 2011-05-14 2012-11-15 Amitabha Biswas Method for providing location independent dynamic port mirroring on distributed virtual switches
CN102845035A (en) * 2010-04-16 2012-12-26 思科技术公司 Method of identifying destination in virtual environment
CN103051479A (en) * 2012-12-24 2013-04-17 北京启明星辰信息技术股份有限公司 Migrating processing method and system of network control policies of virtual machine
CN106126318A (en) * 2016-07-05 2016-11-16 云南大学 The dynamic migration method of virtual machine in a kind of Openstack cloud platform
CN106254279A (en) * 2016-07-19 2016-12-21 广州市品高软件股份有限公司 The Autonomic Migration Framework system of a kind of Virtual NE equipment based on SDN and management method
CN106982244A (en) * 2016-12-30 2017-07-25 ***股份有限公司 The method and apparatus that the message mirror of dynamic flow is realized under cloud network environment

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8850426B2 (en) * 2009-12-13 2014-09-30 International Business Machines Corporation Managing remote deployment of a virtual machine and service request to be processed by the virtual machines based on network bandwith and storage connectivity
CN102185774A (en) * 2011-05-10 2011-09-14 中兴通讯股份有限公司 Method, monitor and system for seamless migration of virtual machine
CN102629941B (en) * 2012-03-20 2014-12-31 武汉邮电科学研究院 Caching method of a virtual machine mirror image in cloud computing system
EP2717515A1 (en) * 2012-06-30 2014-04-09 Huawei Technologies Co., Ltd. Virtual port monitoring method and device
CN103685368B (en) * 2012-09-10 2017-04-12 中国电信股份有限公司 method and system for migrating data
US10764162B2 (en) * 2015-03-25 2020-09-01 Gigamon Inc. In-fabric traffic analysis

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102845035A (en) * 2010-04-16 2012-12-26 思科技术公司 Method of identifying destination in virtual environment
US20120291026A1 (en) * 2011-05-14 2012-11-15 Amitabha Biswas Method for providing location independent dynamic port mirroring on distributed virtual switches
CN103051479A (en) * 2012-12-24 2013-04-17 北京启明星辰信息技术股份有限公司 Migrating processing method and system of network control policies of virtual machine
CN106126318A (en) * 2016-07-05 2016-11-16 云南大学 The dynamic migration method of virtual machine in a kind of Openstack cloud platform
CN106254279A (en) * 2016-07-19 2016-12-21 广州市品高软件股份有限公司 The Autonomic Migration Framework system of a kind of Virtual NE equipment based on SDN and management method
CN106982244A (en) * 2016-12-30 2017-07-25 ***股份有限公司 The method and apparatus that the message mirror of dynamic flow is realized under cloud network environment

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111585975A (en) * 2020-04-17 2020-08-25 上海中通吉网络技术有限公司 Security vulnerability detection method, device and system, and switch
CN111585975B (en) * 2020-04-17 2023-03-14 上海中通吉网络技术有限公司 Security vulnerability detection method, device and system and switch
CN114285667A (en) * 2021-12-30 2022-04-05 湖南泛联新安信息科技有限公司 Network target range flow real-time acquisition system and method
CN114285667B (en) * 2021-12-30 2023-06-02 湖南泛联新安信息科技有限公司 Real-time acquisition system and method for network target range flow
CN114785762A (en) * 2022-03-23 2022-07-22 深圳市飞泉云数据服务有限公司 Method and device for realizing cloud computing system, terminal equipment and storage medium

Also Published As

Publication number Publication date
CN106982244B (en) 2020-10-23
CN106982244A (en) 2017-07-25
TWI677217B (en) 2019-11-11
TW201824826A (en) 2018-07-01

Similar Documents

Publication Publication Date Title
WO2018121378A1 (en) Method and device for implementing packet mirroring of dynamic traffic in cloud network environment
US10601728B2 (en) Software-defined data center and service cluster scheduling and traffic monitoring method therefor
WO2018228302A1 (en) Virtual network link detection method and device
US20210160157A1 (en) Technologies for annotating process and user information for network flows
US8909758B2 (en) Physical server discovery and correlation
WO2017092347A1 (en) Method, device and system for updating client configuration in memcached system
JP2018522471A (en) Software-defined data center and service cluster placement method there
CN109067634B (en) Forwarding table item creating method and device
US9838245B2 (en) Systems and methods for improved fault tolerance in solicited information handling systems
WO2021018309A1 (en) Method, device and system for determination of message transmission path, and computer storage medium
JP6432955B2 (en) Method, apparatus and system for migrating virtual network function instances
WO2015109443A1 (en) Method for processing network service faults, service management system and system management module
TW201543243A (en) Capability monitoring in a service oriented architecture
WO2023030417A1 (en) Packet processing method and device, storage medium, and computer program product
CN103763121A (en) Method and device for quickly issuing network configuration information
JP2006262193A (en) Controller, packet transferring method, and packet processor
JP2015211374A (en) Information processing system, control method for information processing system, and control program for management device
CN104618189A (en) Link failure detection method and device
JP5503600B2 (en) Failure management system and failure management method
WO2018035766A1 (en) Network abnormality processing method and system
WO2015184759A1 (en) Apparatus and method for state detection and fault tolerance of service network port
JP2012221175A (en) Network failure detection method, device and program in virtual machine environment
US20070118655A1 (en) Network-based autodiscovery system for mac forwarding dispatcher
WO2023124127A1 (en) Communication connection method, apparatus and device for host and storage system, and medium
CN108270593A (en) A kind of two-node cluster hot backup method and system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17886035

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17886035

Country of ref document: EP

Kind code of ref document: A1