CN103023724B - A kind of method and apparatus realizing CE monitoring - Google Patents
A kind of method and apparatus realizing CE monitoring Download PDFInfo
- Publication number
- CN103023724B CN103023724B CN201210549800.XA CN201210549800A CN103023724B CN 103023724 B CN103023724 B CN 103023724B CN 201210549800 A CN201210549800 A CN 201210549800A CN 103023724 B CN103023724 B CN 103023724B
- Authority
- CN
- China
- Prior art keywords
- message
- mac address
- monitorce
- local
- monitored
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The invention discloses a kind of method and apparatus realizing CE monitoring, does the method include: when edge device ED receives from Client? during the message of CE side, does is this message sent to the MonitorCE of correspondence by described ED, by described Monitor? CE forwards the packet to Monitor equipment; When described ED receives from Normal? CE side, and target MAC (Media Access Control) address is Client? during the message of MAC Address of the main frame hung under CE, does is this message sent to the Monitor of correspondence by described ED? CE, by described Monitor? CE forwards the packet to Monitor equipment; When described ED receives from Monitor? during the message of CE side, this message is forwarded by described ED according to the target MAC (Media Access Control) address of this message. In the present invention, do not changing network topology, and do not affecting under the premise of original customer flow, it is achieved that to Client? the traffic monitoring of CE.
Description
Technical field
The present invention relates to the communications field, particularly relate to a kind of method and apparatus realizing CE monitoring.
Background technology
EVI(EthernetVirtualInterconnection, Ethernet virtualization interconnection) it is a kind of Ethernet interconnection technique, mainly apply to the subscriber data center interconnection of multiple different geographical. EVI realizes VLAN(VirtualLocalAreaNetwork, VLAN) expanded function between different websites, the VLAN of these expansions constitutes independent EVI example, EVI example uses NetworkID(mark) identify, overall situation Unified number, certain equipment forwards mutually isolated in the VLAN of different EVI examples.
Current EVI example network simply achieves the normal forwarding of user's effluent amount, not yet realize user's effluent amount is carried out Centralized Monitoring, the CE(CustomerEdge of side, customer network edge cannot be accessed for some) flow of equipment carries out purposive tracking and record.
Although specific group-network construction can be passed through, as Hub-Spoken mode networking realizes the concentration forwarding of flow, but once adopt this framework, all flows in EVI example all can carry out centralized forwarding.
In the process realizing the present invention, inventor have found that prior art at least exists techniques below problem:
EVI networking not yet provide effective method the flow of some specific user's CE equipment is tracked and is monitored, although adopting the concentration that Hub-Spoken networking mode can realize flow to forward and monitoring, but need existing network is recombinated, have impact on original customer flow to forward, can not be monitored for some CE equipment neatly simultaneously, all flows can only be processed, cause the waste of resource.
Summary of the invention
It is an object of the invention to provide a kind of method and apparatus realizing CE monitoring, to realize the traffic monitoring of user CE in EVI network under the premise not changing network topology.For this, the present invention adopts the following technical scheme that
A kind of method realizing customer edge CE monitoring, it is applied to Ethernet virtualization interconnection EVI network, described EVI network includes edge device ED and the CE being connected with ED, described CE includes connecting the client ClientCE of monitored client device, connecting the monitoring MonitorCE of monitoring device and be not connected with the common NormalCE of monitoring device or monitored client device, and the method includes:
When edge device ED receives the message from ClientCE side, this message is sent to the MonitorCE of correspondence by described ED, described MonitorCE forward the packet to Monitor equipment;
When described ED receives from NormalCE side, and during the message of MAC Address that target MAC (Media Access Control) address is the main frame hung under ClientCE, this message is sent to the MonitorCE of correspondence by described ED, described MonitorCE forward the packet to Monitor equipment;
When described ED receives the message from MonitorCE side, this message is forwarded by described ED according to the target MAC (Media Access Control) address of this message.
Wherein, described ED is connected with ClientCE and MonitorCE respectively; In described ED, storage has for forwarding the ClientMAC table of the message from ClientCE side, for forwarding the MonitorMAC table of the message from MonitorCE side and for forwarding the NormalMAC table of the message from NormalCE side; The method also includes:
Described ED is for the message from ClientCE side, MonitorMAC table carries out MAC address learning, and by study to MAC Address be synchronized in NormalMAC table, wherein, in NormalMAC table this study to outgoing interface corresponding to MAC Address be set to the port that is connected with MonitorCE;
Described ED, for the message from NormalCE side, carries out MAC address learning in NormalMAC table, and by study to the MAC address entries including MAC Address and outgoing interface, be synchronized in MonitorMAC table.
Wherein, the MAC address entries that described ClientMAC table comprises is sky, and the broadcast table of correspondence only comprises a broadcast node, and the outgoing interface that this broadcast node is specified is the port being connected with MonitorCE, and the method also includes:
When described ED receives the message from ClientCE side, forward according to ClientMAC table further, and when, in ClientMAC table, the MAC address entries not mated with message target MAC (Media Access Control) address, according to the broadcast table that ClientMAC table is corresponding, message is sent to MonitorCE.
Wherein, described ED includes MonitorED and ClientED, and wherein, described ClientCE and ClientED is connected, described MonitorCE and MonitorED is connected, and foundation has monitoring link MonitorLINK tunnel further between ClientED and MonitorED;
In ClientED, storage has for forwarding the ClientMAC table of the message from ClientCE side, for forwarding the MonitorMAC table of the message from far-end MonitorED side and for forwarding the NormalMAC table of the message from local NormalCE side; The method also includes:
Described ClientED is for the message from ClientCE side, local MonitorMAC table carries out MAC address learning, and by study to MAC Address be synchronized in local NormalMAC table, wherein, in local NormalMAC table this study to outgoing interface corresponding to MAC Address be set to MonitorLINK tunnel;
Described ClientED, for the message from local NormalCE side, carries out MAC address learning in local NormalMAC table, and by study to the MAC address entries including MAC Address and outgoing interface, be synchronized in local MonitorMAC table;
The MAC Address that local ClientCE side learns is distributed to far-end MonitorED by MonitorLINK tunnel by described ClientED, by EVILINK tunnel, the MAC Address that local NormalCE side learns is distributed to far-end MonitorED, and receive the far-end MonitorED MAC Address issued, the MAC Address that far-end MonitorED issues is learnt respectively to local NormalMAC table and MonitorMAC table, wherein, the outgoing interface corresponding with the MAC Address that this far-end MonitorED in MonitorMAC table issues at local NormalMAC table is disposed as EVILINK tunnel.
Wherein, the MAC address entries that ClientMAC table local for described ClientED comprises is sky, and the broadcast table of correspondence only comprises a broadcast node, and the outgoing interface that this broadcast node is specified is MonitorLINK tunnel, and the method also includes:
When described ClientED receives the message from ClientCE side, forward according to ClientMAC table further, and when, in ClientMAC table, the MAC address entries not mated with message target MAC (Media Access Control) address, according to the broadcast table that ClientMAC table is corresponding, message is sent to MonitorED by MonitorLINK tunnel, described MonitorED forwards the packet to MonitorCE.
Wherein, in MonitorED, storage has for forwarding the ClientMAC table of the message from far-end ClientED side, for forwarding the MonitorMAC table of the message from MonitorCE side and for forwarding the NormalMAC table of the message from local NormalCE side; The method also includes:
Described MonitorED, for the message from MonitorCE side, does not carry out MAC address learning;
Described MonitorED, for the message from local NormalCE side, carries out MAC address learning in local NormalMAC table, and by study to the MAC address entries including MAC Address and outgoing interface, be synchronized in local MonitorMAC table;
Described MonitorED is distributed to far-end ClientED by the MAC Address that this locality is learnt by EVILINK tunnel, and receive the far-end ClientED MAC Address issued, the MAC Address that far-end ClientED issues is learnt respectively to local NormalMAC table and MonitorMAC table, wherein, for the far-end ClientED MAC Address issued by EVI tunnel, in local NormalMAC table with MonitorMAC table, outgoing interface corresponding for this MAC Address is disposed as EVILINK tunnel; For the far-end ClientED MAC Address issued by MonitorLINK tunnel, outgoing interface corresponding for this MAC Address is respectively set to by local NormalMAC table with MonitorMAC table the port and the MonitorLINK tunnel that are connected with MonitorCE.
Wherein, the MAC address entries that ClientMAC table local for described MonitorED comprises is sky, and the broadcast table of correspondence only comprises a broadcast node, and the outgoing interface that this broadcast node is specified is the port being connected with MonitorCE, and the method also includes:
When described MonitorED receives the far-end ClientED message sent by MonitorLINK tunnel, forward according to ClientMAC table further, and when, in ClientMAC table, the MAC address entries not mated with message target MAC (Media Access Control) address, according to the broadcast table that ClientMAC table is corresponding, message is sent to MonitorCE.
A kind of edge device ED, it is applied to Ethernet virtualization interconnection EVI network, described EVI network includes the customer edge CE being connected with ED, described CE include connecting monitored client device client ClientCE, connect monitoring device monitoring MonitorCE and and be not connected with the common NormalCE of monitoring device or monitored client device, this ED includes:
First forwarding module, for when described ED receives the message from ClientCE side, being sent to the MonitorCE of correspondence, described MonitorCE forward the packet to Monitor equipment by this message;
Second forwarding module, for receiving from NormalCE side as described ED, and during the message of MAC Address that target MAC (Media Access Control) address is the main frame hung under ClientCE, this message is sent to the MonitorCE of correspondence, described MonitorCE forwards the packet to Monitor equipment;
3rd forwarding module, for when described ED receives the message from MonitorCE side, forwarding this message according to the target MAC (Media Access Control) address of this message.
Wherein, described ED is connected with ClientCE and MonitorCE respectively;
Described ED also includes:
First memory module, for storing for forwarding the ClientMAC table of the message from ClientCE side, for forwarding the MonitorMAC table of the message from MonitorCE side and for forwarding the NormalMAC table of the message from NormalCE side;
First mac learning module, for for the message from ClientCE side, MonitorMAC table carries out MAC address learning, and by study to MAC Address be synchronized in NormalMAC table, wherein, in NormalMAC table this study to outgoing interface corresponding to MAC Address be set to the port that is connected with MonitorCE; For the message from NormalCE side, NormalMAC table carries out MAC address learning, and by study to the MAC address entries including MAC Address and outgoing interface, be synchronized in MonitorMAC table.
Wherein, the MAC address entries that described ClientMAC table comprises is sky, and the broadcast table of correspondence only comprises a broadcast node, and the outgoing interface that this broadcast node is specified is the port being connected with MonitorCE,
Described first forwarding module specifically for, when described ED receives the message from ClientCE side, forward according to ClientMAC table further, and when, in ClientMAC table, the MAC address entries not mated with message target MAC (Media Access Control) address, according to the broadcast table that ClientMAC table is corresponding, message is sent to MonitorCE.
Wherein, described ED includes MonitorED and ClientED, and wherein, described ClientCE and ClientED is connected, described MonitorCE and MonitorED is connected, and foundation has monitoring link MonitorLINK tunnel further between ClientED and MonitorED;
Described ED also includes:
Second memory module, for when described ED is ClientED, storage is for forwarding the ClientMAC table of the message from ClientCE side, for forwarding the MonitorMAC table of the message from far-end MonitorED side and for forwarding the NormalMAC table of the message from local NormalCE side;
Second mac learning module, for when described ED is ClientED, for the message from ClientCE side, local MonitorMAC table carries out MAC address learning, and by study to MAC Address be synchronized in local NormalMAC table, wherein, in local NormalMAC table this study to outgoing interface corresponding to MAC Address be set to MonitorLINK tunnel;For the message from local NormalCE side, local NormalMAC table carries out MAC address learning, and by study to the MAC address entries including MAC Address and outgoing interface, be synchronized in local MonitorMAC table;
Processing module, for when described ED is ClientED, by MonitorLINK tunnel, the MAC Address that local ClientCE side learns is distributed to far-end MonitorED, by EVILINK tunnel, the MAC Address that local NormalCE side learns is distributed to far-end MonitorED, and receive the far-end MonitorED MAC Address issued, the MAC Address that far-end MonitorED issues is learnt respectively to local NormalMAC table and MonitorMAC table, wherein, the outgoing interface corresponding with the MAC Address that this far-end MonitorED in MonitorMAC table issues at local NormalMAC table is disposed as EVILINK tunnel.
Wherein, the MAC address entries that ClientMAC table local for described ClientED comprises is sky, and the broadcast table of correspondence only comprises a broadcast node, and the outgoing interface that this broadcast node is specified is MonitorLINK tunnel,
Described first forwarding module specifically for, when described ED is ClientED, and receive from ClientCE side message time, forward according to ClientMAC table further, and when, in ClientMAC table, the MAC address entries not mated with message target MAC (Media Access Control) address, according to the broadcast table that ClientMAC table is corresponding, message is sent to MonitorED by MonitorLINK tunnel, described MonitorED forwards the packet to MonitorCE.
Wherein, described second memory module is additionally operable to, when described ED is MonitorED, storage is for forwarding the ClientMAC table of the message from far-end ClientED side, for forwarding the MonitorMAC table of the message from MonitorCE side and for forwarding the NormalMAC table of the message from local NormalCE side;
Described second mac learning module is additionally operable to, and when described ED is MonitorED, for the message from MonitorCE side, does not carry out MAC address learning; For the message from local NormalCE side, local NormalMAC table carries out MAC address learning, and by study to the MAC address entries including MAC Address and outgoing interface, be synchronized in local MonitorMAC table;
Described processing module is additionally operable to, when described ED is MonitorED, the MAC Address learnt this locality by EVILINK tunnel is distributed to far-end ClientED, and receive the far-end ClientED MAC Address issued, the MAC Address that far-end ClientED issues is learnt respectively to local NormalMAC table and MonitorMAC table, wherein, for the far-end ClientED MAC Address issued by EVI tunnel, in local NormalMAC table with MonitorMAC table, outgoing interface corresponding for this MAC Address is disposed as EVILINK tunnel; For the far-end ClientED MAC Address issued by MonitorLINK tunnel, outgoing interface corresponding for this MAC Address is respectively set to by local NormalMAC table with MonitorMAC table the port and the MonitorLINK tunnel that are connected with MonitorCE.
Wherein, the MAC address entries that ClientMAC table local for described MonitorED comprises is sky, and the broadcast table of correspondence only comprises a broadcast node, and the outgoing interface that this broadcast node is specified is the port being connected with MonitorCE,
Described first forwarding module specifically for, when described ED is MonitorED, when receiving the far-end ClientED message sent by MonitorLINK tunnel, forward according to ClientMAC table further, and when, in ClientMAC table, the MAC address entries not mated with message target MAC (Media Access Control) address, according to the broadcast table that ClientMAC table is corresponding, message is sent to MonitorCE.
In the above embodiment of the present invention, when ED receives the message from ClientCE side, this message is sent to the MonitorCE of correspondence by ED, this MonitorCE forward the packet to Monitor equipment; When ED receives from NormalCE side, and during the message of MAC Address that target MAC (Media Access Control) address is the main frame Host hung under ClientCE, this message is sent to the MonitorCE of correspondence by ED, this MonitorCE forward the packet to Monitor equipment; When ED equipment receives the message from MonitorCE side, this message is forwarded by ED according to the target MAC (Media Access Control) address of this message, is not changing network topology, and is not affecting under the premise of original customer flow, it is achieved that the traffic monitoring to ClientCE.
Accompanying drawing explanation
The schematic flow sheet of a kind of method realizing CE monitoring of tools that Fig. 1 provides for the embodiment of the present invention;
The system architecture schematic diagram of a kind of concrete application scenarios that Fig. 2 provides for the embodiment of the present invention;
The schematic flow sheet of a kind of method realizing CE monitoring of tools that Fig. 3 provides for the embodiment of the present invention;
The system architecture schematic diagram of the another kind of concrete application scenarios that Fig. 4 provides for the embodiment of the present invention;
The schematic flow sheet of a kind of method realizing CE monitoring of tools that Fig. 5 provides for the embodiment of the present invention;
The structural representation of the ED that Fig. 6 ~ 8 provide for the embodiment of the present invention.
Detailed description of the invention
For the above-mentioned problems in the prior art, embodiments provide a kind of technical scheme realizing CE monitoring, it is applied to EVI network, this EVI network includes ED and the CE being connected with ED, this CE include the Client(client that connects monitored client device) CE, connect the Monitor(watch-dog of monitoring device) CE and to be not connected with the Normal(of monitoring device or monitored client device common) CE. In this technical scheme, when ED receives the message from ClientCE side, this message is sent to the MonitorCE of correspondence by ED, this MonitorCE forward the packet to Monitor equipment; When ED receives from NormalCE side, and during the message of MAC Address that target MAC (Media Access Control) address is the main frame Host hung under ClientCE, this message is sent to the MonitorCE of correspondence by ED, this MonitorCE forward the packet to Monitor equipment; When ED equipment receives the message from MonitorCE side, this message is forwarded by ED according to the target MAC (Media Access Control) address of this message, is not changing network topology, and is not affecting under the premise of original customer flow, it is achieved that the traffic monitoring to ClientCE.
Wherein, in embodiments of the present invention, ClientCE and MonitorCE manually joins on ED equipment, if ClientCE and MonitorCE is connected with same ED, then has only to the physical port being respectively configured the port being connected with ClientCE on this ED and being connected with MonitorCE. If ClientCE and MonitorCE and different ED is connected, the ED being then connected with ClientCE is ClientED, the ED being connected with MonitorCE is MonitorED, ClientED is upper except configuring the physical port being connected with ClientCE, also need to the IP address of MonitorED corresponding to configuration, on MonitorED equipment except configuring the physical port being connected with MonitorCE, also need the IP address of the ClientED of configuration correspondence, so that EVI agreement creates MonitorLINK tunnel between mutually corresponding ClientED and MonitorED.In the Client-Monitor group that mutually corresponding ClientCE and MonitorCE is constituted, it is possible to have multiple ClientCE, but can only have a MonitorCE, and each CE equipment can only belong to a Client-Monitor group. The present embodiment creates EVILINK tunnel same as the prior art between ClientED and MonitorED, in addition, the present embodiment also creates MonitorLINK tunnel extraly between ClientED and MonitorED, establishment mode and the existing EVILINK tunnel in MonitorLINK tunnel are similar, the IP address that simply tunnel configures is different from EVILINK tunnel, and concrete establishment mode is referred to EVILINK tunnel.
Below in conjunction with the accompanying drawing in embodiments of the invention, the technical scheme in embodiments of the invention is carried out clear, complete description, it is clear that the embodiments described below are only a part of embodiment of the present invention, rather than whole embodiments. Based on the embodiment in the present invention, the every other embodiment that those of ordinary skill in the art obtain under not paying creative work premise, broadly fall into the scope of embodiments of the invention protection.
As it is shown in figure 1, the schematic flow sheet of a kind of method realizing CE monitoring of tools provided for the embodiment of the present invention, it is possible to comprise the following steps:
Step 101, ED receive message, if this message is from ClientCE side, or, this message is the MAC Address of the main frame hung under ClientCE from NormalCE side and purpose MAC, then go to step 102; If this message is from MonitorCE side, then go to step 103.
The message received is sent to the MonitorCE of correspondence by step 102, ED, this MonitorCE forward the packet to Monitor equipment.
This message is forwarded by step 103, ED according to the target MAC (Media Access Control) address of this message.
Concrete, in embodiments of the present invention, in order to realize the traffic monitoring to user CE, (monitored user CE is ClientCE to need to set up Client-Monitor group between user CE and monitoring CE, monitoring CE is MonitorCE), and when ED receives the message from ClientCE side, or NormalCE side send the message of MAC Address that target MAC (Media Access Control) address is the main frame hung under ClientCE time, all need to forward the packet to MonitorCE, Monitor equipment is forwarded the packet to by MonitorCE, so that corresponding message is monitored, then corresponding purpose equipment it is then forwarded to. when ED equipment receives the message from MonitorCE side, directly message is forwarded by the target MAC (Media Access Control) address according to this message.
Wherein, in embodiments of the present invention, ED equipment can store ClientMAC table, MonitorMAC table and NormalMAC table, the message entering ED from ClientCE side forwards according to ClientMAC table, and the message entering ED from MonitorCE side carries out forwarding, enter from NormalCE side the message of ED to forward according to NormalMAC table according to MonitorMAC table.
In order to be more fully understood that the technical scheme that the embodiment of the present invention provides, the technical scheme embodiment of the present invention provided below in conjunction with concrete application scenarios is further described in more detail.
Referring to Fig. 2, for the configuration diagram of a kind of concrete application scenarios that the embodiment of the present invention provides. In this embodiment, setting up Client-Monitor group between CE10 and CE12 on ED1, CE10 is ClientCE equipment, and CE12 is MonitorCE equipment (namely in this embodiment, ClientCE equipment is connected with same ED with MonitorCE equipment).
Creating two kinds of MAC table, ClientMAC table and MonitorMAC table for Client-Monitor group on ED1, wherein, ClientMAC table is applicable to the flow come from CE10 side, enters the message inquiry ClientMAC table in this EVI example from CE10 side; MonitorMAC table is applicable to, from the CE12 flow come, enter the message inquiry MonitorMAC table in this EVI example from CE12 side. Additionally, ED1 can also store common MAC table, i.e. NormalMAC table, it is adaptable to from NormalCE(such as CE11) flow that comes of side, the message inquiry NormalMAC table in this EVI example is entered from CE11 side. Wherein, in embodiments of the present invention, flow NormalCE sent and the flow being forwarded to NormalCE are made without monitoring.
In embodiments of the present invention, mac learning needs to carry out special handling. Concrete, ED1 is for CE10(and ClientCE) side enter message, need to carry out source mac learning, but learn to MAC information be not issued in ClientMAC table, but by MAC synchronizing information to MonitorMAC table, to should the port that go out of source MAC record be ED1 and the CE10 port (Port10) connected in MonitorMAC table; In addition it is also necessary to by study to MAC synchronizing information in NormalMAC table, in NormalMAC table to should the port that go out of source MAC record be ED1 and CE12(i.e. MonitorCE) port (Port12) that connects.
For CE11(and NormalCE) side enter message, need to carry out source mac learning, learn to MAC information be issued in NormalMAC table, in NormalMAC table to should source MAC record go out port be ED1 and CE11 connect port (Port11), in addition, also need to by study to MAC synchronizing information in MonitorMAC table, in MonitorMAC table to should source MAC record go out the port (Port11) that port is ED1 and CE11 connection.
It should be noted that in embodiments of the present invention, the message that CE12 side enters is the message that Monitor equipment processed, it is not necessary to carry out source mac learning. ClientMAC table does not record mac address information, the message (message namely entered from ClientCE side) that inquiry ClientMAC table carries out forwarding is needed to forward according to the broadcast table that ClientMAC table is corresponding, this broadcast table only one of which broadcast node, the outgoing interface that this broadcast node is specified is ED1 and the CE12 port (i.e. Port12) being connected.
Assume user vlan Tag(label) it is 100, the MAC Address hanging main frame Host10 under CE10 is MAC10, the MAC Address hanging main frame Host11 under CE11 is MAC11, then in this embodiment, the content of the ClientMAC table on ED1, MonitorMAC table and NormalMAC table can respectively as shown in table 1, table 2 and table 3:
Table 1(ClientMAC table)
| NULL |
Table 2(MonitorMAC table)
| MAC10 | VLAN 100 | Port10 |
| MAC 11 | VLAN 100 | Port11 |
Table 3(NormalMAC table)
| MAC10 | VLAN 100 | Port12 |
| MAC 11 | VLAN 100 | Port11 |
Based on above-mentioned application scenarios, the schematic flow sheet of the CE monitoring implementation method that the embodiment of the present invention provides can as it is shown on figure 3, the main frame Host10 wherein hung under CE10 accesses extension main frame Host11 under CE11.
As it is shown on figure 3, the schematic flow sheet of a kind of method realizing CE monitoring provided for the embodiment of the present invention, it is possible to comprise the following steps:
Step 301, Host10 send ARP request message, and the target MAC (Media Access Control) address of this ARP request message is full F, and source MAC is MAC10.CE10 forwards it to ED1 after receiving this ARP request message.
After step 302, ED1 receive ARP request message, local MonitorMAC carries out the MAC address learning of routine, sets up corresponding MAC Address list item, and by study to MAC Address be synchronized to NormalMAC table.
Wherein, MonitorMAC table learning to outgoing interface corresponding to this source MAC (MAC10) be Port10, and in NormalMAC table, the outgoing interface that this source MAC (MAC10) is corresponding is recorded as Port12.
This ARP request message is forwarded by step 303, ED1 according to ClientMAC table.
Concrete, owing to not recorded mac address information in ClientMAC table, this ARP request message is forwarded by ED1 according to the broadcast table that ClientMAC table is corresponding, the broadcast node only one of which of this broadcast table, and the outgoing interface of its correspondence is Port12. Therefore, ARP request message is broadcasted by ED1 by Port12.
Step 304, CE12 forward it to Monitor equipment after receiving ARP request message, Monitor equipment send back to after processing, and the message after the process of Monitor equipment is transmitted to ED1 by CE12.
Wherein, Monitor equipment is a monitoring device, and the process of its message to receiving can be intercepting this message, to know the information such as the source MAC of this message, purpose MAC, type of message, User IP, UDP/TCP source destination interface.
Step 305, ED1 receive the CE12 ARP request message returned, and are broadcasted by other ports except port corresponding to source MAC in native vlan by this message.
Concrete, after ED1 receives the CE12 ARP request message returned, target MAC (Media Access Control) address inquiry MonitorMAC table according to this ARP request message, owing to the target MAC (Media Access Control) address of this ARP request message is full F, MonitorMAC table cannot match the MAC Address of correspondence, this ARP request message is broadcasted by ED1 on VLAN and LINK, broadcasted by other ports outside port corresponding to source MAC (i.e. the port of ED1 and CE10 connection, it is possible to get rid of this port by source MAC address filtering mode) in native vlan. Wherein, source mac learning is not carried out when ED1 receives the message from MonitorCE side.
After step 306, CE11 receive ARP request message, forward the message to the main frame Host11 of lower extension.
After step 307, Host11 receive ARP request message, responding arp reply message, its target MAC (Media Access Control) address is MAC10, and source MAC is MAC11, and this arp reply message gives ED1 on CE11.
Step 308, ED1 carry out source mac learning after receiving the CE11 arp reply message forwarded, and by study to MAC synchronizing information in NormalMAC table and MonitorMAC table.
Wherein, to should the outgoing interface that records of source MAC (MAC11) be to should the outgoing interface that records of source MAC (MAC11) be Port11 in Port11, NormalMAC table in MonitorMAC table.
Step 309, ED1 inquire about NormalMAC table according to the target MAC (Media Access Control) address of arp reply message, and are forwarded by message from corresponding port.
Concrete, owing to this arp reply message is the message entering ED1 from NormalCE side, and target MAC (Media Access Control) address is MAC10, therefore, the ED1 port (Port12) according to the corresponding MAC10 of inquiry in NormalMAC table, and this message is transmitted to CE12 by Port12.
Step 310, CE12 forward it to Monitor equipment after receiving arp reply message, Monitor equipment send back to after processing, and the message after the process of Monitor equipment is transmitted to ED1 by CE12.
Step 311, ED1 receive the CE12 arp reply message returned, and inquire about the port of correspondence according to the target MAC (Media Access Control) address of message, and forwarded from this port by arp reply message in MonitorMAC table.
Concrete, owing to this arp reply message is the message entering ED1 from MonitorCE side, therefore, ED1 inquires about the port of correspondence according to the target MAC (Media Access Control) address of this arp reply message in MonitorMAC table, namely corresponding for MAC10 port (Port10), and forward the packet to CE10 from Port10.
Wherein, in embodiments of the present invention, the ED1 message to entering from MonitorCE side does not carry out mac learning.
Arp reply message is transmitted to Host10 by step 312, CE10, so that Host10 learns the ARP of Host11.
Step 313, Host10 send unicast message, and the purpose MAC of this unicast message is Host11, and source MAC is Host10; CE10 forwards it to ED1 after receiving this unicast message.
Step 314, ED1 receive the CE10 unicast message forwarded, and according to the broadcast table that ClientMAC table is corresponding, this unicast message are broadcast to CE12.
Concrete, after ED1 receives the message of ClientCE side, inquire about ClientMAC table. Owing to not recording MAC information in ClientMAC table in ED1, therefore, this message is forwarded by ED1 according to the broadcast table that this ClientMAC table is corresponding. Wherein, only one of which broadcast node, i.e. CE12 in the broadcast table that in ED1, ClientMAC table is corresponding. The unicast message received is broadcast to CE12 by ED1, CE12 forward the packet to Monitor equipment.
The message that the ED1 received forwards is transmitted to Monitor equipment by step 315, CE12, Monitor equipment send back to after processing, and the message after the process of Monitor equipment is transmitted to ED1 by CE12.
Step 316, ED1 receive the CE12 message forwarded, and inquire about MonitorMAC table, and are forwarded from corresponding ports by this message.
Wherein, in the MonitorMAC table of ED1 record, the port of corresponding MAC11 is that message is transmitted to CE11 from Port11 by Port11, ED1, CE11 forward the packet to its lower main frame Host11 hung.
Referring to Fig. 4, for the framework schematic diagram of the another kind of concrete application scenarios that the embodiment of the present invention provides. In this embodiment, the equipment to hanging under the CE10 in certain EVI example on ED1 is needed to be monitored, supervisor's monitoring device for hanging under CE20 on ED2, CE10 is ClientCE, CE20 is MonitorCE, ED1 is ClientED, ED2 is that in MonitorED(i.e. this embodiment, ClientCE and MonitorCE connects from different ED).
An independent LINK tunnel is created between ED1 and ED2, it is called MonitorLINK tunnel, this tunnel, for the flow of ClientCE side on ClientED is sent to MonitorED, is also used for MonitorED and the flow of MonitorCE side is sent to ClientED; For setting up Client-Monitor group between CE10 and CE20.
ED1 creates two kinds of MAC table for Client-Monitor group, ClientMAC table and MonitorMAC table, wherein ClientMAC table is applicable to the flow next from CE10 side, the message inquiry ClientMAC table in this EVI example is entered from CE10 side, MonitorMAC table be applicable to from side, far-end MonitorED tunnel come flow, from far-end ED(and ED2) side enter this EVI message inquiry MonitorMAC table. Additionally, there is also common MAC table on ED1, i.e. NormalMAC table, it is adaptable to from common CE(such as CE11) flow that side comes, the message inquiry NormalMAC table in this EVI example is entered from CE11 side.
ED2 also contains for forwarding from far-end ClientED(and ED1) the ClientMAC table of the message of side, for forwarding the MonitorMAC table of the message from MonitorCE side and for forwarding the NormalMAC table of the message from local NormalCE side.
Here, NormalCE refers to that this CE is not connected with monitoring device or monitored client device.
In embodiments of the present invention, mac learning needs to carry out special handling. Concrete, for message next on CE10 side on ED1 equipment, need to carry out source mac learning, but learn to MAC information be not issued to ClientMAC table, but by MAC synchronizing information to MonitorMAC table, to should the port that go out of source MAC record be ED1 and the CE10 port (Port10) connected in MonitorMAC; In addition it is also necessary to by study to MAC synchronizing information in NormalMAC table, in NormalMAC table to should the port that go out of source MAC record be ED1 and MonitorED(i.e. ED2) connect MonitorLINK tunnel.
For CE11(and NormalCE) side enter message, need to carry out source mac learning, learn to MAC information be issued in NormalMAC table, in NormalMAC table to should source MAC record go out port be ED1 and CE11 connect port (Port11), in addition, also need to by study to MAC synchronizing information in MonitorMAC table, in MonitorMAC table to should source MAC record go out the port (Port11) that port is ED1 and CE11 connection.
After ED1 completes MAC address learning, also need to, by MonitorLINK tunnel, the MAC Address that local ClientCE side learns is published to far-end MonitorED(and ED2), by EVILINK tunnel, the MAC Address that local NormalCE side learns is distributed to far-end MonitorED, and receive the MAC Address that far-end MonitorED issue comes, the MAC Address that far-end MonitorED issues is learnt respectively to local NormalMAC table and MonitorMAC table; Wherein, the outgoing interface that the local NormalMAC table of ED1 is corresponding with the MAC Address that this far-end MonitorED in MonitorMAC table issues is disposed as EVILINK tunnel.
The upper message that CE21 side is entered of ED2, need to carry out source mac learning, learn to MAC information be issued in NormalMAC table, in NormalMAC table to should source MAC record go out port be ED2 and CE21 connect port (Port21), in addition, also need to by study to MAC synchronizing information in MonitorMAC table, in MonitorMAC table to should source MAC record go out the port (Port21) that port is ED2 and CE21 connection.
After ED2 completes MAC address learning, also need to be published to far-end ClientED(and ED1 by the MAC Address that this locality is learnt by EVILINK tunnel), and receive the far-end ClientED MAC Address issued, the MAC Address that far-end ClientED issues is learnt respectively to local NormalMAC table and MonitorMAC table, wherein, for the far-end ClientED MAC Address issued by EVI tunnel, in local NormalMAC table with MonitorMAC table, outgoing interface corresponding for this MAC Address is disposed as EVILINK tunnel; For the far-end ClientED MAC Address issued by MonitorLINK tunnel, outgoing interface corresponding for this MAC Address is respectively set to by local NormalMAC table with MonitorMAC table the port and the MonitorLINK tunnel that are connected with MonitorCE.
It should be noted that in embodiments of the present invention, the message that MonitorCE side enters is the message that Monitor equipment processed, it is not necessary to carry out source mac learning. ClientMAC table on ED1 and ED2 equipment does not record mac address information, needing the message (message namely entered from ClientCE side) that inquiry ClientMAC table carries out forwarding to forward according to the broadcast table that ClientMAC table is corresponding, the outgoing interface that this broadcast table this broadcast node of only one of which broadcast node is specified is the Monitor port being connected; Wherein, ED1 is upper is MonitorLINK tunnel, and ED2 is upper is the port being connected with CE20.
It is still assumed that user vlan Tag is 100, the MAC Address hanging main frame Host10 under CE10 is MAC10, the MAC Address hanging main frame Host11 under CE11 is MAC11, the MAC Address hanging main frame Hsot21 under CE21 is MAC21, then in this embodiment, upper ClientMAC, MonitorMAC table of ED1 and NormalMAC table, and on ED2, the content of ClientMAC, MonitorMAC table and NormalMAC table can respectively as shown in table 4-9:
ClientMAC table on table 4(ED1)
| NULL |
MonitorMAC table on table 5(ED1)
NormalMAC table on table 6(ED1)
ClientMAC table on table 7(ED2)
| NULL |
MonitorMAC table on table 8(ED2)
NormalMAC table on table 9(ED2)
| MAC10 | VLAN100 | Port between Port20(ED2 and CE20) |
| MAC11 | VLAN100 | LINK21 tunnel |
| MAC21 | VLAN 100 | Port between Port21(ED2 and CE21) |
Based on above-mentioned application scenarios, the schematic flow sheet of the CE monitoring implementation method that the embodiment of the present invention provides, it is possible to as it is shown in figure 5, wherein, the main frame Host10 hung under CE10 accesses and hangs main frame Host11 under CE11.
As it is shown in figure 5, the schematic flow sheet of a kind of method realizing CE monitoring of tools provided for the embodiment of the present invention, it is possible to comprise the following steps:
Step 501, Host10 send ARP request message, and the target MAC (Media Access Control) address of this ARP request message is full F, and source MAC is MAC10. CE10 forwards it to ED1 after receiving this ARP request message.
After step 502, ED1 receive ARP request message, local MonitorMAC carries out the MAC address learning of routine, sets up corresponding MAC Address list item, and by study to MAC Address be synchronized to NormalMAC table.
Wherein, the MonitorMAC table learning on ED1 to outgoing interface corresponding to this source MAC (MAC10) be Port10, and in NormalMAC table, the outgoing interface that this source MAC (MAC10) is corresponding is set to MonitorLINK tunnel.
ED1 learns after MAC10, is encapsulated in by MAC10 in EVI protocol massages, and is published to ED2 by MonitorLINK tunnel. After ED2 receives this EVI protocol massages, the corresponding relation in the MonitorLINK tunnel between MAC10 and ED2 and ED1 be recorded in the MonitorMAC table of self, the corresponding relation of MAC10 and Port20 be recorded in the NormalMAC table of self.
This ARP request message is forwarded by step 503, ED1 according to ClientMAC table.
Concrete, owing to not recorded mac address information in ClientMAC table, this ARP request message is forwarded by ED1 according to the broadcast table that ClientMAC table is corresponding, the broadcast node only one of which of this broadcast table, and the outgoing interface of its correspondence is MonitorLINK tunnel. Therefore, ARP request message is broadcasted by ED1 by MonitorLINK tunnel. Wherein, the ARP message format that ED1 is broadcast to ED2 by MonitorLINK tunnel is EthernetOverIPGRE form.
After step 504, ED2 receive ARP request message, according to ClientMAC table, this ARP request message is forwarded.
Concrete, what ED2 received is EthernetOverIPGRE message, and tunnel is MonitorLINK tunnel. After ED2 receives this message, bullet carries out MAC Address lookup after falling tunnel head in ClientMAC table. Owing to ClientMAC table is that NULL(is empty), ED2 forwards this ARP request according to the broadcast table that this ClientMAC table is corresponding. The broadcast node only one of which of this broadcast table, the outgoing interface of its correspondence is Port20, and therefore, ARP request message is broadcast to CE20 by Port20 by ED2.
After step 505, CE20 receive ARP request message, forwarding it to Monitor equipment, Monitor equipment send back to after processing, the message after the process of Monitor equipment is transmitted to ED2 by CE20.
Step 506, ED2 receive the CE20 ARP request message returned, and are broadcasted by other ports except port corresponding to source MAC in native vlan by this message. Wherein, the port of ED2 broadcast ARP request message includes the MonitorLINK tunnel between ED1 and ED2.
After step 507, ED1 receive the ED2 ARP request message forwarded, this message is broadcasted by other ports except port corresponding to source MAC in native vlan.
After step 508, CE11 receive ARP request message, forward the message to the main frame Host11 of lower extension.
After step 509, Host11 receive ARP request message, responding arp reply message, its target MAC (Media Access Control) address is MAC10, and source MAC is MAC11, and this arp reply message gives ED1 on CE11.
Step 510, ED1 carry out source mac learning after receiving the CE11 arp reply message forwarded, and by study to MAC synchronizing information in NormalMAC table and MonitorMAC table.
Wherein, to should the outgoing interface that records of source MAC (MAC11) be to should the outgoing interface that records of source MAC (MAC11) be Port11 in Port11, NormalMAC table in MonitorMAC table.
ED1 learns after MAC11, is encapsulated in by MAC11 in EVI protocol massages and is published to ED2 by the NormalLINK tunnel between ED1 and ED2. After ED2 receives this EVI message, the corresponding relation in the NormalLINK tunnel between MAC11 and ED2 and ED1 be recorded in the MonitorMAC table of self, and the corresponding relation in the NormalLINK tunnel between MAC11 and ED2 and ED1 be recorded in the NormalMAC table of self.
Step 511, ED1 inquire about NormalMAC table according to the target MAC (Media Access Control) address of arp reply message, and are forwarded by message from corresponding port.
Concrete, owing to this arp reply message is the message entering ED1 from NormalCE side, and target MAC (Media Access Control) address is MAC10, therefore, the ED1 port (MonitorLINK tunnel) according to the corresponding MAC10 of inquiry in NormalMAC table, and this message is transmitted to ED2 by MonitorLINK tunnel.
Step 512, ED2 receive the ED1 arp reply message forwarded, and inquire about ClientMAC table according to the target MAC (Media Access Control) address of message, and are forwarded by corresponding ports by this arp reply message.
Concrete, owing to the ClientMAC table on ED2 not recording MAC information, when needs carry out message forwarding according to ClientMAC table, ED2 carries out message forwarding according to the broadcast table that this ClientMAC table is corresponding, the broadcast node only one of which of this broadcast table, the port of its correspondence is Port20, and therefore, arp reply message is broadcast to CE20 by Prot20 by ED2.
Step 513, CE20 forward it to Monitor equipment after receiving arp reply message, Monitor equipment send back to after processing, and the message after the process of Monitor equipment is transmitted to ED2 by CE20.
Step 514, ED2 receive the CE20 arp reply message returned, and inquire about the port of correspondence according to the target MAC (Media Access Control) address of message, and forwarded from this port by arp reply message in MonitorMAC table.
Concrete, owing to this arp reply message is the message entering ED2 from MonitorCE side, therefore, ED2 inquires about the port of correspondence according to the target MAC (Media Access Control) address of this arp reply message in MonitorMAC table, namely corresponding for MAC10 port (MonitorLINK tunnel), and forward the packet to ED1 from MonitorLINK tunnel.
Step 515, ED1 inquire about the port of correspondence in MonitorMAC table, and are forwarded from this port by arp reply message after receiving the ED2 arp reply message forwarded according to the target MAC (Media Access Control) address of message.
Concrete, ED1 inquires about the port of correspondence, namely corresponding for MAC10 port (Port10) according to the target MAC (Media Access Control) address of arp reply message in MonitorMAC table, and forwards the packet to CE10 from Port10.
Arp reply message is transmitted to Host10 by step 516, CE10, so that Host10 learns the ARP of Host11.
Step 517, Host10 send unicast message, and the purpose MAC of this unicast message is Host11, and source MAC is Host10; CE10 forwards it to ED1 after receiving this unicast message.
Step 518, ED1 receive the CE10 unicast message forwarded, and according to the broadcast table that ClientMAC table is corresponding, this unicast message are broadcast to ED2.
This unicast message is broadcast to CE20 according to the broadcast table that ClientMAC table is corresponding after receiving the ED1 unicast message forwarded by step 519, ED2.
The message that the ED2 received forwards is transmitted to Monitor equipment by step 520, CE20, Monitor equipment send back to after processing, and the message after the process of Monitor equipment is transmitted to ED2 by CE20.
Step 521, ED2 receive the CE20 message forwarded, and inquire about MonitorMAC table, and are forwarded from corresponding ports by this message.
Wherein, in the MonitorMAC table of ED2 record, the port of corresponding MAC11 is the common LINK tunnel between ED2 and ED1, and message is transmitted to ED1 from this LINK tunnel by ED2.
Step 522, ED1 receive the ED2 message forwarded, and inquire about MonitorMAC table, and are forwarded from corresponding ports by this message.
Wherein, in the MonitorMAC table of ED1 record, the port of corresponding MAC11 is that message is transmitted to CE11 from Port11 by Port11, ED1, CE11 forward the packet to its lower main frame Host11 hung.
By above description it can be seen that in the technical scheme that the embodiment of the present invention provides, when ED receives the message from ClientCE side, this message is sent to the MonitorCE of correspondence by ED, this MonitorCE forward the packet to Monitor equipment; When ED receives from non-MonitorCE side, and during the message of MAC Address that target MAC (Media Access Control) address is the main frame Host hung under ClientCE, this message is sent to the MonitorCE of correspondence by ED, this MonitorCE forward the packet to Monitor equipment; When ED equipment receives the message from MonitorCE side, this message is forwarded by ED according to the target MAC (Media Access Control) address of this message, is not changing network topology, and is not affecting under the premise of original customer flow, it is achieved that the traffic monitoring to ClientCE.
Based on the inventive concept of said method embodiment system, the embodiment of the present invention additionally provides a kind of ED, it is possible to be applied to said method embodiment.
As shown in Figure 6, the structural representation of a kind of ED provided for the embodiment of the present invention, it is possible to including:
First forwarding module 61, for when described ED receives the message from ClientCE side, being sent to the MonitorCE of correspondence, described MonitorCE forward the packet to Monitor equipment by this message;
Second forwarding module 62, for receiving from NormalCE side as described ED, and during the message of MAC Address that target MAC (Media Access Control) address is the main frame hung under ClientCE, this message is sent to the MonitorCE of correspondence, described MonitorCE forwards the packet to Monitor equipment;
3rd forwarding module 63, for when described ED receives the message from MonitorCE side, forwarding this message according to the target MAC (Media Access Control) address of this message.
Wherein, in embodiments of the present invention, ClientCE and MonitorCE can be connected with same ED, it is also possible to is connected from different ED respectively.
When described ED is connected with ClientCE and MonitorCE (namely ClientCE and MonitorCE is connected with same ED) respectively, as it is shown in fig. 7, the ED that the embodiment of the present invention provides can also include:
First memory module 64, for storing for forwarding the ClientMAC table of the message from ClientCE side, for forwarding the MonitorMAC table of the message from MonitorCE side and for forwarding the NormalMAC table of the message from NormalCE side;
First mac learning module 65, for for the message from ClientCE side, MonitorMAC table carries out MAC address learning, and by study to MAC Address be synchronized in NormalMAC table, wherein, in NormalMAC table this study to outgoing interface corresponding to MAC Address be set to the port that is connected with MonitorCE; For the message from NormalCE side, NormalMAC table carries out MAC address learning, and by study to the MAC address entries including MAC Address and outgoing interface, be synchronized in MonitorMAC table.
Wherein, the MAC address entries that described ClientMAC table comprises is sky, and the broadcast table of correspondence only comprises a broadcast node, and the outgoing interface that this broadcast node is specified is the port being connected with MonitorCE,
Described first forwarding module 61 can be specifically for, when described ED receives the message from ClientCE side, forward according to ClientMAC table further, and when, in ClientMAC table, the MAC address entries not mated with message target MAC (Media Access Control) address, according to the broadcast table that ClientMAC table is corresponding, message is sent to MonitorCE.
When ClientCE and MonitorCE is connected from different ED respectively, described ED includes ClientED(and the ClientCE ED being connected) ED that is connected with MonitorED(and MonitorCE), and foundation has and monitors link MonitorLINK tunnel further between ClientED and MonitorED; Now, as shown in Figure 8, the ED that the embodiment of the present invention provides can also include:
Second memory module 66, for when described ED is ClientED, storage is for forwarding the ClientMAC table of the message from ClientCE side, for forwarding the MonitorMAC table of the message from far-end MonitorED side and for forwarding the NormalMAC table of the message from local NormalCE side;
Second mac learning module 67, for when described ED is ClientED, for the message from ClientCE side, local MonitorMAC table carries out MAC address learning, and by study to MAC Address be synchronized in local NormalMAC table, wherein, in local NormalMAC table this study to outgoing interface corresponding to MAC Address be set to MonitorLINK tunnel;For the message from local NormalCE side, local NormalMAC table carries out MAC address learning, and by study to the MAC address entries including MAC Address and outgoing interface, be synchronized in local MonitorMAC table;
Processing module 68, for when described ED is ClientED, by MonitorLINK tunnel, the MAC Address that local ClientCE side learns is distributed to far-end MonitorED, by EVILINK tunnel, the MAC Address that local NormalCE side learns is distributed to far-end MonitorED, and receive the far-end MonitorED MAC Address issued, the MAC Address that far-end MonitorED issues is learnt respectively to local NormalMAC table and MonitorMAC table, wherein, the outgoing interface corresponding with the MAC Address that this far-end MonitorED in MonitorMAC table issues at local NormalMAC table is disposed as EVILINK tunnel.
Wherein, the MAC address entries that ClientMAC table local for described ClientED comprises is sky, and the broadcast table of correspondence only comprises a broadcast node, and the outgoing interface that this broadcast node is specified is MonitorLINK tunnel,
Described first forwarding module 61 can be specifically for, when described ED is ClientED, and receive from ClientCE side message time, forward according to ClientMAC table further, and when, in ClientMAC table, the MAC address entries not mated with message target MAC (Media Access Control) address, according to the broadcast table that ClientMAC table is corresponding, message is sent to MonitorED by MonitorLINK tunnel, described MonitorED forwards the packet to MonitorCE.
Wherein, wherein, described second memory module 66 is additionally operable to, when described ED is MonitorED, storage is for forwarding the ClientMAC table of the message from far-end ClientED side, for forwarding the MonitorMAC table of the message from MonitorCE side and for forwarding the NormalMAC table of the message from local NormalCE side;
Described second mac learning module 67 is additionally operable to, and when described ED is MonitorED, for the message from MonitorCE side, does not carry out MAC address learning; For the message from local NormalCE side, local NormalMAC table carries out MAC address learning, and by study to the MAC address entries including MAC Address and outgoing interface, be synchronized in local MonitorMAC table;
Described processing module 68 is additionally operable to, when described ED is MonitorED, the MAC Address learnt this locality by EVILINK tunnel is distributed to far-end ClientED, and receive the far-end ClientED MAC Address issued, the MAC Address that far-end ClientED issues is learnt respectively to local NormalMAC table and MonitorMAC table, wherein, for the far-end ClientED MAC Address issued by EVI tunnel, in local NormalMAC table with MonitorMAC table, outgoing interface corresponding for this MAC Address is disposed as EVILINK tunnel; For the far-end ClientED MAC Address issued by MonitorLINK tunnel, outgoing interface corresponding for this MAC Address is respectively set to by local NormalMAC table with MonitorMAC table the port and the MonitorLINK tunnel that are connected with MonitorCE.
Wherein, the MAC address entries that ClientMAC table local for described MonitorED comprises is sky, and the broadcast table of correspondence only comprises a broadcast node, and the outgoing interface that this broadcast node is specified is the port being connected with MonitorCE,
Described first forwarding module 61 can be specifically for, when described ED is MonitorED, when receiving the far-end ClientED message sent by MonitorLINK tunnel, forward according to ClientMAC table further, and when, in ClientMAC table, the MAC address entries not mated with message target MAC (Media Access Control) address, according to the broadcast table that ClientMAC table is corresponding, message is sent to MonitorCE.
It will be appreciated by those skilled in the art that the module in the device in embodiment can describe according to embodiment to carry out being distributed in the device of embodiment, it is also possible to carry out respective change and be disposed other than in one or more devices of the present embodiment. The module of above-described embodiment can merge into a module, it is also possible to is further split into multiple submodule.
Through the above description of the embodiments, those skilled in the art is it can be understood that can add the mode of required general hardware platform by software to the present invention and realize, naturally it is also possible to by hardware, but in a lot of situation, the former is embodiment more preferably. Based on such understanding, the part that prior art is contributed by technical scheme substantially in other words can embody with the form of software product, this computer software product is stored in a storage medium, including some instructions with so that a station terminal equipment (can be mobile phone, personal computer, server, or the network equipment etc.) perform the method described in each embodiment of the present invention.
The above is only the preferred embodiment of the present invention; it should be pointed out that, for those skilled in the art, under the premise without departing from the principles of the invention; can also making some improvements and modifications, these improvements and modifications also should look protection scope of the present invention.
Claims (12)
1. the method realizing customer edge CE monitoring, it is applied to Ethernet virtualization interconnection EVI network, it is characterized in that, described EVI network includes edge device ED and the CE being connected with ED, described CE includes connecting the client ClientCE of monitored client device, connecting the monitoring MonitorCE of monitoring device and be not connected with the common NormalCE of monitoring device or monitored client device, and the method includes:
When edge device ED receives the message from ClientCE side, this message is sent to the MonitorCE of correspondence by described ED, described MonitorCE forward the packet to Monitor equipment;
When described ED receives from NormalCE side, and during the message of MAC Address that target MAC (Media Access Control) address is the main frame hung under ClientCE, this message is sent to the MonitorCE of correspondence by described ED, described MonitorCE forward the packet to Monitor equipment;
When described ED receives the message from MonitorCE side, this message is forwarded by described ED according to the target MAC (Media Access Control) address of this message;
Wherein, described ED is connected with ClientCE and MonitorCE respectively; In described ED, storage has the ClientMAC table for forwarding the message from ClientCE side;
The MAC address entries that described ClientMAC table comprises is sky, and the broadcast table of correspondence only comprises a broadcast node, and the outgoing interface that this broadcast node is specified is the port being connected with MonitorCE, and the method also includes:
When described ED receives the message from ClientCE side, forward according to ClientMAC table further, and when, in ClientMAC table, the MAC address entries not mated with message target MAC (Media Access Control) address, according to the broadcast table that ClientMAC table is corresponding, message is sent to MonitorCE.
2. the method for claim 1, it is characterised in that in described ED, also storage has for forwarding the MonitorMAC table of the message from MonitorCE side and for forwarding the NormalMAC table of the message from NormalCE side; The method also includes:
Described ED is for the message from ClientCE side, MonitorMAC table carries out MAC address learning, and by study to MAC Address be synchronized in NormalMAC table, wherein, in NormalMAC table this study to outgoing interface corresponding to MAC Address be set to the port that is connected with MonitorCE;
Described ED, for the message from NormalCE side, carries out MAC address learning in NormalMAC table, and by study to the MAC address entries including MAC Address and outgoing interface, be synchronized in MonitorMAC table.
3. the method for claim 1, it is characterized in that, described ED includes MonitorED and ClientED, wherein, described ClientCE and ClientED is connected, described MonitorCE and MonitorED is connected, and foundation has monitoring link MonitorLINK tunnel further between ClientED and MonitorED;
In ClientED, storage has for forwarding the ClientMAC table of the message from ClientCE side, for forwarding the MonitorMAC table of the message from far-end MonitorED side and for forwarding the NormalMAC table of the message from local NormalCE side; The method also includes:
Described ClientED is for the message from ClientCE side, local MonitorMAC table carries out MAC address learning, and by study to MAC Address be synchronized in local NormalMAC table, wherein, in local NormalMAC table this study to outgoing interface corresponding to MAC Address be set to MonitorLINK tunnel;
Described ClientED, for the message from local NormalCE side, carries out MAC address learning in local NormalMAC table, and by study to the MAC address entries including MAC Address and outgoing interface, be synchronized in local MonitorMAC table;
The MAC Address that local ClientCE side learns is distributed to far-end MonitorED by MonitorLINK tunnel by described ClientED, by EVILINK tunnel, the MAC Address that local NormalCE side learns is distributed to far-end MonitorED, and receive the far-end MonitorED MAC Address issued, the MAC Address that far-end MonitorED issues is learnt respectively to local NormalMAC table and MonitorMAC table, wherein, the outgoing interface corresponding with the MAC Address that this far-end MonitorED in MonitorMAC table issues at local NormalMAC table is disposed as EVILINK tunnel.
4. method as claimed in claim 3, it is characterized in that, the MAC address entries that ClientMAC table local for described ClientED comprises is sky, and the broadcast table of correspondence only comprises a broadcast node, the outgoing interface that this broadcast node is specified is MonitorLINK tunnel, and the method also includes:
When described ClientED receives the message from ClientCE side, forward according to ClientMAC table further, and when, in ClientMAC table, the MAC address entries not mated with message target MAC (Media Access Control) address, according to the broadcast table that ClientMAC table is corresponding, message is sent to MonitorED by MonitorLINK tunnel, described MonitorED forwards the packet to MonitorCE.
5. method as claimed in claim 3, it is characterised in that
In MonitorED, storage has for forwarding the ClientMAC table of the message from far-end ClientED side, for forwarding the MonitorMAC table of the message from MonitorCE side and for forwarding the NormalMAC table of the message from local NormalCE side; The method also includes:
Described MonitorED, for the message from MonitorCE side, does not carry out MAC address learning;
Described MonitorED, for the message from local NormalCE side, carries out MAC address learning in local NormalMAC table, and by study to the MAC address entries including MAC Address and outgoing interface, be synchronized in local MonitorMAC table;
Described MonitorED is distributed to far-end ClientED by the MAC Address that this locality is learnt by EVILINK tunnel, and receive the far-end ClientED MAC Address issued, the MAC Address that far-end ClientED issues is learnt respectively to local NormalMAC table and MonitorMAC table, wherein, for the far-end ClientED MAC Address issued by EVI tunnel, in local NormalMAC table with MonitorMAC table, outgoing interface corresponding for this MAC Address is disposed as EVILINK tunnel; For the far-end ClientED MAC Address issued by MonitorLINK tunnel, outgoing interface corresponding for this MAC Address is respectively set to by local NormalMAC table with MonitorMAC table the port and the MonitorLINK tunnel that are connected with MonitorCE.
6. method as claimed in claim 5, it is characterized in that, the MAC address entries that ClientMAC table local for described MonitorED comprises is sky, and the broadcast table of correspondence only comprises a broadcast node, the outgoing interface that this broadcast node is specified is the port being connected with MonitorCE, and the method also includes:
When described MonitorED receives the far-end ClientED message sent by MonitorLINK tunnel, forward according to ClientMAC table further, and when, in ClientMAC table, the MAC address entries not mated with message target MAC (Media Access Control) address, according to the broadcast table that ClientMAC table is corresponding, message is sent to MonitorCE.
7. an edge device ED, it is applied to Ethernet virtualization interconnection EVI network, it is characterized in that, described EVI network includes the customer edge CE being connected with ED, described CE includes connecting the client ClientCE of monitored client device, connecting the monitoring MonitorCE of monitoring device and be not connected with the common NormalCE of monitoring device or monitored client device, and this ED includes:
First forwarding module, for when described ED receives the message from ClientCE side, being sent to the MonitorCE of correspondence, described MonitorCE forward the packet to Monitor equipment by this message;
Second forwarding module, for receiving from NormalCE side as described ED, and during the message of MAC Address that target MAC (Media Access Control) address is the main frame hung under ClientCE, this message is sent to the MonitorCE of correspondence, described MonitorCE forwards the packet to Monitor equipment;
3rd forwarding module, for when described ED receives the message from MonitorCE side, forwarding this message according to the target MAC (Media Access Control) address of this message;
Wherein, described ED is connected with ClientCE and MonitorCE respectively;
Described ED also includes:
First memory module, for storing the ClientMAC table for forwarding the message from ClientCE side;
The MAC address entries that described ClientMAC table comprises is sky, and the broadcast table of correspondence only comprises a broadcast node, and the outgoing interface that this broadcast node is specified is the port being connected with MonitorCE,
Described first forwarding module specifically for, when described ED receives the message from ClientCE side, forward according to ClientMAC table further, and when, in ClientMAC table, the MAC address entries not mated with message target MAC (Media Access Control) address, according to the broadcast table that ClientMAC table is corresponding, message is sent to MonitorCE.
8. ED as claimed in claim 7, it is characterised in that described ED also includes:
First memory module, is additionally operable to storage for forwarding the MonitorMAC table of the message from MonitorCE side and for forwarding the NormalMAC table of the message from NormalCE side;
First mac learning module, for for the message from ClientCE side, MonitorMAC table carries out MAC address learning, and by study to MAC Address be synchronized in NormalMAC table, wherein, in NormalMAC table this study to outgoing interface corresponding to MAC Address be set to the port that is connected with MonitorCE; For the message from NormalCE side, NormalMAC table carries out MAC address learning, and by study to the MAC address entries including MAC Address and outgoing interface, be synchronized in MonitorMAC table.
9. ED as claimed in claim 7, it is characterized in that, described ED includes MonitorED and ClientED, wherein, described ClientCE and ClientED is connected, described MonitorCE and MonitorED is connected, and foundation has monitoring link MonitorLINK tunnel further between ClientED and MonitorED;
Described ED also includes:
Second memory module, for when described ED is ClientED, storage is for forwarding the ClientMAC table of the message from ClientCE side, for forwarding the MonitorMAC table of the message from far-end MonitorED side and for forwarding the NormalMAC table of the message from local NormalCE side;
Second mac learning module, for when described ED is ClientED, for the message from ClientCE side, local MonitorMAC table carries out MAC address learning, and by study to MAC Address be synchronized in local NormalMAC table, wherein, in local NormalMAC table this study to outgoing interface corresponding to MAC Address be set to MonitorLINK tunnel; For the message from local NormalCE side, local NormalMAC table carries out MAC address learning, and by study to the MAC address entries including MAC Address and outgoing interface, be synchronized in local MonitorMAC table;
Processing module, for when described ED is ClientED, by MonitorLINK tunnel, the MAC Address that local ClientCE side learns is distributed to far-end MonitorED, by EVILINK tunnel, the MAC Address that local NormalCE side learns is distributed to far-end MonitorED, and receive the far-end MonitorED MAC Address issued, the MAC Address that far-end MonitorED issues is learnt respectively to local NormalMAC table and MonitorMAC table, wherein, the outgoing interface corresponding with the MAC Address that this far-end MonitorED in MonitorMAC table issues at local NormalMAC table is disposed as EVILINK tunnel.
10. ED as claimed in claim 9, it is characterised in that the MAC address entries that ClientMAC table local for described ClientED comprises is sky, and the broadcast table of correspondence only comprises a broadcast node, the outgoing interface that this broadcast node is specified is MonitorLINK tunnel,
Described first forwarding module specifically for, when described ED is ClientED, and receive from ClientCE side message time, forward according to ClientMAC table further, and when, in ClientMAC table, the MAC address entries not mated with message target MAC (Media Access Control) address, according to the broadcast table that ClientMAC table is corresponding, message is sent to MonitorED by MonitorLINK tunnel, described MonitorED forwards the packet to MonitorCE.
11. ED as claimed in claim 9, it is characterised in that
Described second memory module is additionally operable to, when described ED is MonitorED, storage is for forwarding the ClientMAC table of the message from far-end ClientED side, for forwarding the MonitorMAC table of the message from MonitorCE side and for forwarding the NormalMAC table of the message from local NormalCE side;
Described second mac learning module is additionally operable to, and when described ED is MonitorED, for the message from MonitorCE side, does not carry out MAC address learning; For the message from local NormalCE side, local NormalMAC table carries out MAC address learning, and by study to the MAC address entries including MAC Address and outgoing interface, be synchronized in local MonitorMAC table;
Described processing module is additionally operable to, when described ED is MonitorED, the MAC Address learnt this locality by EVILINK tunnel is distributed to far-end ClientED, and receive the far-end ClientED MAC Address issued, the MAC Address that far-end ClientED issues is learnt respectively to local NormalMAC table and MonitorMAC table, wherein, for the far-end ClientED MAC Address issued by EVI tunnel, in local NormalMAC table with MonitorMAC table, outgoing interface corresponding for this MAC Address is disposed as EVILINK tunnel; For the far-end ClientED MAC Address issued by MonitorLINK tunnel, outgoing interface corresponding for this MAC Address is respectively set to by local NormalMAC table with MonitorMAC table the port and the MonitorLINK tunnel that are connected with MonitorCE.
12. ED as claimed in claim 11, it is characterized in that, the MAC address entries that ClientMAC table local for described MonitorED comprises is sky, and the broadcast table of correspondence only comprises a broadcast node, the outgoing interface that this broadcast node is specified is the port being connected with MonitorCE
Described first forwarding module specifically for, when described ED is MonitorED, when receiving the far-end ClientED message sent by MonitorLINK tunnel, forward according to ClientMAC table further, and when, in ClientMAC table, the MAC address entries not mated with message target MAC (Media Access Control) address, according to the broadcast table that ClientMAC table is corresponding, message is sent to MonitorCE.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210549800.XA CN103023724B (en) | 2012-12-17 | 2012-12-17 | A kind of method and apparatus realizing CE monitoring |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210549800.XA CN103023724B (en) | 2012-12-17 | 2012-12-17 | A kind of method and apparatus realizing CE monitoring |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103023724A CN103023724A (en) | 2013-04-03 |
| CN103023724B true CN103023724B (en) | 2016-06-08 |
Family
ID=47971876
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210549800.XA Active CN103023724B (en) | 2012-12-17 | 2012-12-17 | A kind of method and apparatus realizing CE monitoring |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103023724B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6023563A (en) * | 1996-08-20 | 2000-02-08 | Shani; Ron | Networking switch having the network presence of a bridge |
| CN102098189A (en) * | 2011-02-01 | 2011-06-15 | 杭州华三通信技术有限公司 | Method for monitoring CE and routing equipment |
| CN102238040A (en) * | 2010-04-22 | 2011-11-09 | 杭州华三通信技术有限公司 | Method for monitoring CE (Customer Edge router) and routing device |
| CN102394825A (en) * | 2011-11-04 | 2012-03-28 | 华为技术有限公司 | Method and device for processing message |
| CN102571610A (en) * | 2012-03-02 | 2012-07-11 | 杭州华三通信技术有限公司 | Packet forwarding method and edge equipment |
-
2012
- 2012-12-17 CN CN201210549800.XA patent/CN103023724B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6023563A (en) * | 1996-08-20 | 2000-02-08 | Shani; Ron | Networking switch having the network presence of a bridge |
| CN102238040A (en) * | 2010-04-22 | 2011-11-09 | 杭州华三通信技术有限公司 | Method for monitoring CE (Customer Edge router) and routing device |
| CN102098189A (en) * | 2011-02-01 | 2011-06-15 | 杭州华三通信技术有限公司 | Method for monitoring CE and routing equipment |
| CN102394825A (en) * | 2011-11-04 | 2012-03-28 | 华为技术有限公司 | Method and device for processing message |
| CN102571610A (en) * | 2012-03-02 | 2012-07-11 | 杭州华三通信技术有限公司 | Packet forwarding method and edge equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103023724A (en) | 2013-04-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102413061B (en) | Message transmission method and equipment | |
| CN102710509B (en) | Automatic data center configuration method and method | |
| CN102291320B (en) | MAC (media access control) address learning method and edge device | |
| CN102025591B (en) | Method and system for implementing virtual private network | |
| CN101009662B (en) | Message processing method, system and device based on the load balance technology | |
| CN103259725B (en) | Messaging method and network equipment | |
| CN102307136B (en) | Method for processing message and device thereof | |
| CN102377628B (en) | Method for establishing DS-Lite tunnel and DS-Lite CGN | |
| CN103118148B (en) | A kind of ARP buffering updating method and equipment | |
| CN102209121A (en) | Method and device for intercommunication between Internet protocol version 6 (IPv6) network and Internet protocol version 4 (IPv4) network | |
| CN103841023A (en) | Data forwarding method and device | |
| US20200280502A1 (en) | Network device snapshots | |
| CN103248720A (en) | Method and device for inquiring physical address | |
| CN105163062B (en) | A kind of system and method that social resources are linked into common platform | |
| WO2011147342A1 (en) | Method, equipment and system for exchanging routing information | |
| CN104168338A (en) | Network address conversion device and network address conversion method | |
| CN104539902A (en) | IPC remote access method and system | |
| CN103701945A (en) | Address translation method and address translation device | |
| CN103685007B (en) | A kind of mac learning method when edge device message forwards and edge device | |
| CN103747116A (en) | Business access method and device based on Layer 2 Tunneling Protocol (L2TP) | |
| EP3627775A1 (en) | Route synchronization | |
| CN103973569A (en) | Data message forwarding method, customer premises equipment and system | |
| CN102625162B (en) | Method and system for data transmission | |
| CN103139068B (en) | The method E-Packeted, router and system | |
| CN103391251B (en) | A kind of method and apparatus reducing redundant flow in PBB network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address |
Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No. Patentee after: NEW H3C TECHNOLOGIES Co.,Ltd. Address before: 310053 Hangzhou hi tech Industrial Development Zone, Zhejiang province science and Technology Industrial Park, No. 310 and No. six road, HUAWEI, Hangzhou production base Patentee before: HANGZHOU H3C TECHNOLOGIES Co.,Ltd. |
|
| CP03 | Change of name, title or address | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20230628 Address after: 310052 11th Floor, 466 Changhe Road, Binjiang District, Hangzhou City, Zhejiang Province Patentee after: H3C INFORMATION TECHNOLOGY Co.,Ltd. Address before: 310052 Changhe Road, Binjiang District, Hangzhou, Zhejiang Province, No. 466 Patentee before: NEW H3C TECHNOLOGIES Co.,Ltd. |
|
| TR01 | Transfer of patent right |