CN109525464A - Monitor the method and device of flow - Google Patents
Monitor the method and device of flow Download PDFInfo
- Publication number
- CN109525464A CN109525464A CN201811594079.XA CN201811594079A CN109525464A CN 109525464 A CN109525464 A CN 109525464A CN 201811594079 A CN201811594079 A CN 201811594079A CN 109525464 A CN109525464 A CN 109525464A
- Authority
- CN
- China
- Prior art keywords
- flow
- host
- monitoring
- aggregation switch
- new data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0876—Network utilisation, e.g. volume of load or congestion level
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0876—Network utilisation, e.g. volume of load or congestion level
- H04L43/0894—Packet rate
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Environmental & Geological Engineering (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The application provides a kind of method and device for monitoring flow.The method is applied on the controller in software defined network SDN, the described method includes: receiving the notification message that convergence switch is sent in SDN, notification message is the message that convergence switch is sent after the first data packet for determining to receive the new data stream that host is sent in SDN, and notification message includes: the host identification of host;According to host identification, judge whether to carry out traffic monitoring to the new data stream that host is sent;If it is determined that carrying out traffic monitoring to new data stream, it monitors and instructs to convergence switch transmitted traffic, so that convergence switch is instructed according to traffic monitoring, traffic monitoring is carried out to new data stream, traffic monitoring only is carried out to the host for meeting monitoring condition to realize convergence switch, reduces the cost of device of convergence switch.
Description
Technical Field
The present application relates to the field of network communications, and in particular, to a method and an apparatus for monitoring traffic.
Background
SDN (Software Defined Network) is a novel Network architecture, and in an optional implementation scheme, a control plane and a data plane of a Network device may be separated by an OpenFlow (OpenFlow) technology, so as to implement flexible control on Network traffic. In an SDN, a Controller (Controller) that implements a control plane function and several switches (switches) that implement a data plane function are typically included. Based on the difference of functions, the switches can be divided into two types, one is an access switch directly connected with a host, and the other is a convergence switch connected with a network through a built-in WAN interface, wherein the WAN interface is used as a broadband outlet of a local area network. When the host sends the network request, the network request sequentially passes through the access switch and the aggregation switch and is finally sent to the network through the WAN port on the aggregation switch.
Based on the SDN architecture characteristics, network requests sent by the hosts are all sent to the network through the aggregation switch, and the traffic perception of each host through the aggregation switch is most convenient. In the related technology, a manager configures a timer on a convergence switch, the convergence switch monitors the flow of data streams sent by each host connected with the convergence switch in real time, analyzes and calculates the monitored flow data, and sends the calculated flow data to a controller for the controller to manage the flow data after the preset time set by the timer is reached.
However, in the existing method for monitoring the traffic, the aggregation switch monitors the traffic of all connected hosts in real time, a processor in the aggregation switch analyzes and calculates a large amount of monitored traffic data, the calculation pressure of the processor is high, and other functions are delayed to be started when the processor is continuously occupied. Meanwhile, analysis operation and calculation operation on a large amount of flow data occupy a large memory, and continuous increase of the memory occupation amount can cause that other functions cannot be started, so that normal operation of the convergence switch is not facilitated.
Disclosure of Invention
In view of this, the present application provides a method and an apparatus for monitoring traffic, so as to solve the problems that in the prior art, a convergence switch performs traffic monitoring on connected hosts in real time, a processor in the convergence switch analyzes and calculates a large amount of monitored traffic data, and the convergence switch has a large device overhead.
Specifically, the method is realized through the following technical scheme:
according to a first aspect of embodiments of the present application, there is provided a method for monitoring traffic, where the method is applied to a controller in a software defined network SDN, and the method includes:
receiving a notification message sent by an aggregation switch in the SDN, where the notification message is sent by the aggregation switch after determining that a first data packet of a new data flow sent by a host in the SDN is received, and the notification message includes: a host identity of the host;
judging whether to monitor the flow of the new data stream sent by the host according to the host identifier;
and if the new data flow is judged to be subjected to the flow monitoring, sending a flow monitoring instruction to the aggregation switch so that the aggregation switch carries out the flow monitoring on the new data flow according to the flow monitoring instruction.
According to a second aspect of embodiments of the present application, there is provided a method for monitoring traffic, the method being applied to a convergence switch in an SDN, the method including:
judging whether a first data packet of a new data flow sent by a host in the SDN is received;
if the first data packet is judged to be received, sending a notification message to the SDN controller, wherein the notification message comprises: a host identity of the host;
receiving a flow monitoring instruction sent by the controller, wherein the flow monitoring instruction is an instruction sent by the controller after judging to perform flow monitoring on the new data stream according to the host identity;
and monitoring the flow of the new data flow according to the flow monitoring instruction.
According to a third aspect of embodiments of the present application, there is provided a traffic monitoring apparatus applied to a controller in a software defined network SDN, the apparatus including:
a receiving module configured to receive a notification message sent by an aggregation switch in the SDN, where the notification message is a message sent by the aggregation switch after determining that a first data packet of a new data flow sent by a host in the SDN is received, and the notification message includes: a host identity of the host;
the judging module is configured to judge whether to perform flow monitoring on the new data stream sent by the host according to the host identifier;
and the sending module is configured to send a traffic monitoring instruction to the aggregation switch if the new data flow is judged to be subjected to traffic monitoring, so that the aggregation switch performs traffic monitoring on the new data flow according to the traffic monitoring instruction.
According to a fourth aspect of embodiments of the present application, there is provided a traffic monitoring apparatus applied to an aggregation switch in an SDN, the apparatus including:
the system comprises a judging module and a sending module, wherein the judging module is configured to judge whether a first data packet of a new data flow sent by a host in the SDN is received;
a sending module configured to send a notification message to the SDN controller if it is determined that the first data packet is received, where the notification message includes: a host identity of the host;
a receiving module configured to receive a traffic monitoring instruction sent by the controller, where the traffic monitoring instruction is an instruction sent by the controller after determining to perform traffic monitoring on the new data stream according to the host identifier;
and the monitoring module is configured to perform traffic monitoring on the new data flow according to the traffic monitoring instruction.
According to a fifth aspect of embodiments of the present application, there is provided a computer-readable storage medium, on which a computer program is stored, which when executed by a processor, implements the steps of monitoring traffic in the first aspect described above.
According to a sixth aspect of embodiments of the present application, there is provided a controller comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the following steps when executing the program:
receiving a notification message sent by an aggregation switch in the SDN, where the notification message is sent by the aggregation switch after determining that a first data packet of a new data flow sent by a host in the SDN is received, and the notification message includes: a host identity of the host;
judging whether to monitor the flow of the new data stream sent by the host according to the host identifier;
and if the new data flow is judged to be subjected to the flow monitoring, sending a flow monitoring instruction to the aggregation switch so that the aggregation switch carries out the flow monitoring on the new data flow according to the flow monitoring instruction.
According to a seventh aspect of embodiments of the present application, there is provided a computer-readable storage medium, on which a computer program is stored, wherein the program is configured to, when executed by a processor, implement the step of monitoring traffic in the second aspect.
According to an eighth aspect of embodiments of the present application, there is provided a convergence switch, comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the following steps when executing the program:
judging whether a first data packet of a new data flow sent by a host in the SDN is received;
if the first data packet is judged to be received, sending a notification message to the SDN controller, wherein the notification message comprises: a host identity of the host;
receiving a flow monitoring instruction sent by the controller, wherein the flow monitoring instruction is an instruction sent by the controller after judging to perform flow monitoring on the new data stream according to the host identity;
and monitoring the flow of the new data flow according to the flow monitoring instruction.
According to a ninth aspect of embodiments of the present application, there is provided an SDN system including the controller in the sixth aspect and the aggregation switch in the eighth aspect.
By applying the embodiment, after judging that the first data packet of the new data flow sent by the host in the SDN is received, the aggregation switch in the SDN sends a notification message to the controller, the controller judges to perform flow monitoring on the new data flow according to the host identifier included in the notification message, and then sends a flow monitoring instruction to the aggregation switch, and triggers the aggregation switch to perform flow monitoring on the new data flow according to the flow monitoring instruction.
Because the aggregation switch only monitors the flow of the preset host meeting the monitoring condition, and the flow data monitored by the aggregation switch is relatively less, the method provided by the application can reduce the size of the memory occupied by the flow data, so that the aggregation switch is provided with enough memory to open other functions, and the normal operation of the aggregation switch is ensured.
Drawings
FIG. 1 is a schematic diagram illustrating an application scenario for monitoring traffic according to an exemplary embodiment of the present application;
FIG. 2 is a flow chart illustrating a method of monitoring traffic in accordance with an exemplary embodiment of the present application;
FIG. 3 is a flow chart illustrating another method of monitoring traffic in accordance with an exemplary embodiment;
FIG. 4 is a flow chart illustrating another method of monitoring traffic in accordance with an exemplary embodiment;
FIG. 5 is a hardware block diagram of an apparatus for monitoring traffic according to an exemplary embodiment of the present application;
FIG. 6 is a block diagram of an apparatus for monitoring traffic in accordance with an exemplary embodiment of the present application;
FIG. 7 is a block diagram illustrating another apparatus for monitoring traffic in accordance with an exemplary embodiment of the present application.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present application, as detailed in the appended claims.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this application and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It is to be understood that although the terms first, second, third, etc. may be used herein to describe various information, such information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present application. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.
Fig. 1 is a schematic diagram illustrating an application scenario for monitoring traffic according to an exemplary embodiment of the present application.
Referring to fig. 1, an application scenario is located in an SDN, where an application scenario is provided with a plurality of aggregation switches, each aggregation switch is connected to a certain number of access switches, each access switch is connected to a certain number of hosts, the aggregation switches, the access switches, and the hosts are located in a same local area network, each aggregation switch is provided with a WAN port, and each aggregation switch is connected to an Internet network through a WAN port provided by the aggregation switch. When the host sends a data packet (message), the data packet sequentially passes through an access switch connected with the host and a convergence switch connected with the access switch, and is finally sent to a network through a WAN port on the convergence switch. The application scene also comprises a controller, wherein the controller is in network connection with each aggregation switch in the local area network, and specifically interacts with the aggregation switches through WAN ports on the aggregation switches.
In this embodiment, after determining that a first data packet of a new data flow sent by a host in the SDN is received, a convergence switch in the SDN sends a notification message to a controller, the controller determines whether to perform flow monitoring on the new data flow sent by the host according to a host identifier of the host included in the notification message, and if it is determined that the new data flow is subjected to flow monitoring, sends a flow monitoring instruction to the convergence switch, and triggers the convergence switch to perform flow monitoring on the new data flow according to the flow monitoring instruction, so that the convergence switch only performs flow monitoring on the data flow sent by the host meeting monitoring conditions.
Fig. 2 is a flowchart illustrating a method for monitoring traffic, which is applied to a controller in an SDN, according to an exemplary embodiment of the present application, and the method for monitoring traffic includes the following steps:
in step 101, a notification message sent by an aggregation switch in the SDN is received, where the notification message is sent by the aggregation switch after determining that a first data packet of a new data flow sent by a host in the SDN is received, and the notification message includes: a host identity of the host.
In the application, a convergence switch is connected with a certain number of hosts, after the hosts send data packets, the data packets are sent to the convergence switch through an access switch connected with the hosts, after the convergence switch receives the data packets, whether the data packets are the first data packets of new data streams is judged according to data in the data packets, namely message header information in the messages, if the data packets are judged to be the first data packets of the new data streams, notification messages are generated, the notification messages comprise host identifiers of the hosts sending the data packets, then the generated notification messages are sent to an SDN controller, and correspondingly, the controller receives the notification messages sent by the convergence switch. The host id of the host is various, such as a host IP (Internet Protocol Address), a host name, a host number, and the like.
In implementation, the aggregation switch determines whether the data packet is the first data packet of the new data stream according to various criteria, for example, the destination address, the network protocol type, the preset field identifier, and other data in the data packet. After judging that the above-mentioned basis in the data packets sent successively is different, the aggregation switch judges that the data packet currently sent by the host is the first data packet of the new data stream.
For example, the aggregation switch determines each data packet sent by a host, and if it is determined that the network protocol type in the currently received data packet is different from the network protocol type in the data packet received last time, it is determined that the currently received data packet is the first data packet of a new data stream sent by the host.
In step 102, it is determined whether to perform traffic monitoring on a new data stream sent by the host according to the host identifier.
The controller is provided with a preset host identity set, the preset host identity set comprises a certain number of preset host identities, and the controller only monitors the flow of the host corresponding to the preset host identities in the preset host identity set.
After receiving a notification message sent by a convergence switch in an SDN, a controller acquires a host identifier included in the notification message, then judges whether a preset host identifier set includes the acquired host identifier, and if the preset host identifier set includes the acquired host identifier, judges that flow monitoring is performed on a new data stream sent by a host; and if the preset host identity set does not comprise the acquired host identity, judging that the flow monitoring is not performed on the new data stream sent by the host.
Based on the setting of the operation, the controller has the function of judging whether to monitor the flow of the new data stream according to the host identity included in the notification message, and the function of the controller is further enriched.
In an alternative embodiment, the aggregation switch generates the notification message after determining that the first packet of the new data stream sent by the host is received, where the generated notification message may include: the host identity of the host, and the switch identity of the aggregation switch connected with the host. The switch identification of the aggregation switch is various, such as the IP, name, number, etc. of the aggregation switch.
The controller judges whether to perform traffic monitoring on the new data stream sent by the host according to the host identifier by the following method: and judging whether to monitor the flow of the new data flow according to the host identifier and the switch identifier included in the notification message.
In the implementation, the controller can be provided with a preset switch identifier and a preset host identifier, and a host corresponding to the preset host identifier is connected with the aggregation switch corresponding to the preset switch identifier. The preset switch identification corresponds to the preset aggregation switch, the preset host identification corresponds to the preset host, and the controller only monitors the flow of the data stream passing through the preset aggregation switch and only monitors the flow of the preset host.
The controller determines whether to perform traffic monitoring on the new data stream according to the host identifier and the switch identifier included in the notification message, and the operation may be implemented in the following manner: firstly, judging whether a switch identifier included in the notification message is matched with a preset switch identifier or not; and secondly, if the switch identification is judged to be matched with the preset switch identification, judging whether the host identification is matched with the preset host identification.
Specifically, if it is determined that the switch identifier included in the notification message does not match the preset switch identifier, it is determined that the flow monitoring is not performed on the new data flow. If the host identity included in the notification message is judged to be matched with the preset host identity, judging to perform flow monitoring on the new data stream; and if the host identifier included in the notification message is not matched with the preset host identifier, judging not to monitor the flow of the new data stream.
Based on the setting of the operation, the controller has the function of judging the aggregation switch identifier firstly and then judging the host identifier, so that whether the flow monitoring is carried out on the new data stream sent by the host or not is judged quickly and accurately, and the functions of the controller are further enriched.
In step 103, if it is determined that the new data flow is to be traffic monitored, a traffic monitoring instruction is sent to the aggregation switch, so that the aggregation switch monitors the new data flow according to the traffic monitoring instruction.
And after judging that the new data flow is subjected to flow monitoring, the controller sends a flow monitoring instruction to the convergence switch, so that the convergence switch carries out flow monitoring on the new data flow sent by the host according to the flow monitoring instruction.
In operation, after receiving the notification message sent by the aggregation switch, the controller may obtain the network access information of the aggregation switch, where the network access information of the aggregation switch may include information such as an IP, a network protocol type, and a port number of the aggregation switch. And after judging that the new data flow is subjected to flow monitoring, the controller sends a flow monitoring instruction to the aggregation switch according to the network access information of the aggregation switch acquired in advance.
Compared with the prior art that the convergence switch monitors the flow of all connected hosts in real time and analyzes and calculates a large amount of monitored flow data, the method has the advantages that the convergence switch monitors the flow of only the preset hosts meeting monitoring conditions through the steps 101 to 103, so that the monitoring pressure of the convergence switch is reduced, the calculation pressure of a processor in the convergence switch is reduced, the processor can start other functions in time, and the normal operation of the convergence switch is guaranteed.
Because the aggregation switch only monitors the flow of the preset host meeting the monitoring condition, and the flow data monitored by the aggregation switch is relatively less, the method provided by the application can reduce the size of the memory occupied by the flow data, so that the aggregation switch is provided with enough memory to open other functions, and the normal operation of the aggregation switch is ensured.
In an alternative embodiment, the traffic monitoring instruction may include a flow entry, which may include a host identity and a counter of the host sending the new data flow. The controller sends a flow monitoring instruction to the aggregation switch, so that the aggregation switch can perform flow monitoring on the new data flow according to the flow monitoring instruction in the following manner: and sending the flow table entry to the aggregation switch so that the aggregation switch starts a counter included in the flow table entry, and using the counter to perform flow monitoring on the new data flow, wherein the new data flow is the data flow sent by the host corresponding to the host identifier included in the flow table entry. The counter counts the number of data packets included in the new data flow, and the counted number of data packets is used for determining the flow data of the new data flow.
The operation of the controller sending the flow table entry to the aggregation switch can be realized by the following steps: judging whether the flow table item exists in the aggregation switch or not, wherein the flow table item comprises a counter and a host identity of a host sending a new data flow; and if the flow table entry does not exist in the aggregation switch, sending the flow table entry to the aggregation switch. The method may further comprise: and if the flow table item exists in the aggregation switch, sending an instruction for using the flow table item to the aggregation switch, so that the aggregation switch uses the existing flow table item to monitor the flow of the new data flow according to the instruction.
Based on the setting of the operation, only one same flow table entry in the aggregation switch is ensured, so that the space occupied by the flow table entry is reduced, and the aggregation switch is favorable for executing other operations.
In implementation, after the controller historically sends the flow table entry to the aggregation switch, the flow table entry sent historically can be stored in a historical flow table entry set, and the historical flow table entry set includes: the controller histories at least one flow entry sent to the aggregation switch. In this case, the operation of the controller to determine whether the flow entry exists in the aggregation switch may be implemented by: and judging whether the stored historical flow table entry set comprises the flow table entry or not. If the historical flow table item set comprises the flow table item, judging that the flow table item exists in the aggregation switch; and if the flow table entry is not included in the historical flow table entry set, judging that the flow table entry does not exist in the aggregation switch.
Based on the setting of the operation, the controller judges whether the stored historical flow table item set comprises the flow table item, so that whether the flow table item exists in the aggregation switch or not is judged, and the functions of the controller are further enriched.
In an alternative embodiment, referring to fig. 3, which is a flowchart illustrating another method for monitoring traffic according to an exemplary embodiment of the present application, after sending a traffic monitoring instruction to an aggregation switch, a controller may further perform the following operations: in step 104, acquiring traffic data monitored by the aggregation switch for the new data flow; in step 105, determining first flow data used by the host in a historical period according to the acquired flow data; and/or, in step 106, determining second traffic data corresponding to the data stream passing through the aggregation switch in the historical period according to the acquired traffic data; and/or in step 107, determining third traffic data used by the local area network where the host is located in the historical period according to the acquired traffic data.
In relation to the step 104, there are various ways for the controller to obtain the traffic data monitored by the aggregation switch for the new data flow, for example, the first obtaining way is: sending a flow checking instruction to the aggregation switch, wherein the flow checking instruction is used for checking the flow data monitored by the aggregation switch and acquiring the flow data sent by the aggregation switch; the second acquisition mode is as follows: and receiving the traffic data actively sent by the aggregation switch. The first acquisition mode is an active acquisition mode, and the second acquisition mode is a passive acquisition mode.
In the first obtaining manner, there are various manners of sending the traffic check instruction to the aggregation switch, for example, the traffic check instruction is issued to the aggregation switch at intervals according to a preset duration, or the traffic check instruction is sent to the aggregation switch after the preset duration is reached.
When the controller issues the flow checking instruction to the aggregation switch at intervals according to the preset duration, the operation of acquiring the flow data sent by the aggregation switch by the controller can be realized in the following way: firstly, receiving sub-flow data reported by a convergence switch after receiving a data checking instruction each time, wherein the sub-flow data is data monitored by the convergence switch within a preset time length; and secondly, obtaining flow data according to the sub-flow data reported by the aggregation switch each time.
For example, after sending the traffic monitoring instruction to the aggregation switch, the controller issues the traffic checking instruction to the aggregation switch at intervals according to the time length of 20 s. The aggregation switch starts a counter after receiving the flow monitoring instruction, receives a flow checking instruction sent by the aggregation switch after the counter is started for 20s, sends the first data packet number (namely first sub-flow data) obtained by the counter to the controller, and then clears the counter; and receiving a flow checking instruction sent by the convergence switch after an interval of 20s, sending the second data packet number (namely, second sub-flow data) obtained by the counter to the controller, then clearing the counter, completing flow monitoring of the new data flow according to the method, and sending the flow data monitored aiming at the new data flow to the controller in a multi-time sending mode.
In the second acquisition mode, the controller sends the flow entry to the aggregation switch, so that the aggregation switch starts a counter included in the flow entry, and when the counter is used to monitor the flow of the new data flow, the service life of the counter may be set in advance, after the aggregation switch starts the counter, a timer configured for the counter is started at the same time, and the timer is used to count the service life of the counter. And the convergence switch acquires the traffic data counted by the counter after judging that the counter reaches the service life according to the duration counted by the timer, and actively sends the traffic data to the controller.
In operation, the aggregation switch may determine an idle duration of the counter within the lifetime, that is, a duration in which the data packet is not received, and send the idle duration of the counter to the controller. When the flow data is the number of the data packets, the controller can accurately determine the average transmission rate of the data packets in the transmission process of the new data flow according to the service life and the idle time of the counter.
For example, if the monitored number of data packets of the new data stream is N, the lifetime of the counter is T, and the idle duration T of the counter, the average transmission rate of the data packets of the new data stream during transmission is: N/(T-T).
For the above step 105, the aggregation switch performs traffic monitoring on the historical data stream sent by the host in history, and sends the monitored historical traffic data to the controller, and the controller may establish a corresponding relationship between the host identifier of the host and the historical traffic data. After the controller acquires new traffic data, which is data monitored by the aggregation switch for a new data stream currently sent by the host, the controller may search a correspondence relationship established in advance according to the host identifier of the host, determine historical traffic data corresponding to the host identifier, and determine first traffic data used by the host in a historical period according to the new traffic data and the historical traffic data.
According to the new flow data and the historical flow data, a plurality of ways are available for determining the first flow data used by the host in the historical time period, for example, the new flow data and the historical flow data are added to obtain total flow data, and the total flow data is used as the first flow data; or, if the traffic data is the number of data packets, adding the number of new data packets and the number of historical data packets to obtain a total number of data packets, dividing the total number of data packets by the duration of the historical time period to obtain an average transmission rate of the data packets when the host sends the data packets in the historical time period, and taking the average transmission rate as the first traffic data.
With respect to the step 106, based on the step 105, second traffic data corresponding to the data flow passing through the aggregation switch in the history period may be determined according to the first traffic data used by the host in the history period.
The aggregation switch may add first traffic data used by each host monitored by the aggregation switch in a historical period to obtain total traffic data, and use the total traffic data as second traffic data; or, if the traffic data is the number of data packets, the controller may divide the obtained total number of data packets by the duration of the history time period to obtain an average transmission rate of the data packets when the aggregation switch transmits the data stream in the history time period, and use the average transmission rate as the second traffic data.
The aggregation switch is connected with a network through a WAN port on the aggregation switch, and can determine the bandwidth utilization rate and the residual bandwidth of the aggregation switch according to the average transmission rate of a data packet and the total bandwidth of the aggregation switch when the aggregation switch transmits data streams in a historical period, and determine the bandwidth utilization rate and the residual bandwidth of the WAN port on the aggregation switch.
With respect to the step 107, based on the step 106, third traffic data used by the local area network where the aggregation switch is located in the history period may be determined according to second traffic data corresponding to a data flow passing through the aggregation switch in the history period.
The controller may add the second traffic data corresponding to the data flows passing through each aggregation switch in the history period to obtain total traffic data, and use the total traffic data as third traffic data.
If the second traffic data is the average transmission rate of the data packets when the aggregation switches transmit the data stream in the historical period, the controller may add the average transmission rates of the data packets when the aggregation switches transmit the data stream in the historical period in the local area network, so as to obtain the bandwidth usage amount of the local area network. Further, the bandwidth utilization rate of the local area network can be determined according to the bandwidth utilization rate and the total bandwidth of the local area network.
For example, a local area network only includes a first aggregation switch and a second aggregation switch, an average transmission rate of a data packet when the first aggregation switch transmits a data stream in a history period is a first average transmission rate, an average transmission rate of a data packet when the second aggregation switch transmits a data stream in a history period is a second average transmission rate, and a controller adds the first average transmission rate and the second average transmission rate to obtain a bandwidth usage amount of the local area network.
Based on the setting of the operation, the controller has the functions of acquiring the flow data monitored by the aggregation switch aiming at the new data flow, analyzing and calculating the acquired flow data, and determining the flow use conditions of the host, the aggregation switch and the local area network, and the functions of the controller are further enriched.
Referring to fig. 4, a flowchart of another method for monitoring traffic, which is applied to an aggregation switch in an SDN, according to an exemplary embodiment of the present application, is shown, where the method for monitoring traffic includes the following steps:
in step 201, it is determined whether a first packet of a new data flow sent by a host in the SDN is received.
The aggregation switch receives data packets sent by all hosts connected with the aggregation switch, and after receiving a data packet sent by any host, the aggregation switch judges whether the data packet is the first data packet of a new data stream sent by the host.
There are various bases for determining whether the data packet is the first data packet of the new data stream sent by the host, for example, data such as a destination address, a network protocol type, and a preset field identifier in the data packet. For example, the network protocol type in the data packet that is historically sent by a certain host is the UDP protocol type, the network protocol type in the data packet that is currently sent is the TCP protocol type, and the aggregation switch determines that the data packet that is currently sent by the host is the first data packet of a new data stream after determining that the network protocol types in the data packets that are successively sent are different.
In step 202, if it is determined that the first data packet is received, a notification message is sent to the SDN controller, where the notification message includes: a host identity of the host.
And after judging that the first data packet of the new data flow sent by the host is received, the aggregation switch sends a notification message comprising the host identifier of the host to the controller. The host id is various, such as host IP, host name, host number, etc.
There are various ways to send the notification message to the SDN controller, for example, the first way is: firstly, acquiring a host identity according to a received first data packet; secondly, generating a notification message according to the acquired host identity; finally, a notification message including the host identity is sent to the controller. After judging that the first data packet of the new data stream is received, the convergence switch analyzes the first data packet, acquires the host identifier from the analyzed data, and then sends the host identifier to the controller.
The second way of sending the notification message to the SDN controller is: and generating a notification message according to the received first data packet, and then sending the notification message comprising the first data packet to the controller. After judging that the first data packet of the new data stream is received, the aggregation switch directly sends the first data packet to the controller, so that the controller analyzes the data packet, and the host identifier is obtained from the data obtained through analysis.
In step 203, a traffic monitoring instruction sent by the controller is received, where the traffic monitoring instruction is sent by the controller after determining to perform traffic monitoring on the new data stream according to the host identifier.
The method comprises the steps that a convergence switch sends a notification message to an SDN controller, the controller judges whether to carry out flow monitoring on a new data flow sent by a host corresponding to a host identifier according to the host identifier included in the notification message, and after judging that the flow monitoring is carried out on the new data flow sent by the host, a flow monitoring instruction is sent to the convergence switch sending the notification message.
In step 204, the new data stream is subjected to traffic monitoring according to the traffic monitoring instruction.
And after receiving the flow monitoring instruction sent by the controller, the aggregation switch monitors the flow of the new data flow sent by the host according to the flow monitoring instruction.
Based on the setting of the above operation, the aggregation switch has the functions of judging whether a first data packet of a new data stream sent by a host in the SDN is received, sending a notification message including a host identifier to the SDN controller after judging that the first data packet is received, receiving a traffic monitoring instruction sent by the controller, and monitoring traffic of the new data stream according to the traffic monitoring instruction, and realizes traffic monitoring of the new data stream sent by the host meeting monitoring conditions through interaction with the controller.
In an implementation, the traffic monitoring instruction sent by the controller may include a flow entry, and the flow entry may include a counter and a host identifier of a host sending the first packet, where the counter is used to count the number of packets. In this case, the aggregation switch may perform traffic monitoring on the new data flow according to the traffic monitoring instruction in the following manner: firstly, starting a counter included in a flow table entry; secondly, the counter is used for monitoring the flow of the new data flow sent by the host, and the host is the host corresponding to the host identifier included in the flow table entry and is also the host sending the first data packet.
Based on the setting of the operation, the aggregation switch has the function of carrying out flow statistics on the new data flow according to the counter sent by the controller, and the function of the aggregation switch is further enriched.
In an optional embodiment, if a counter included in the flow entry has a lifetime, the aggregation switch may further perform the following operations after using the counter to monitor the traffic of the new data flow sent by the host: and monitoring whether the counter reaches the service life, and reporting the flow data monitored aiming at the new data flow to the controller if the counter reaches the service life.
Based on the setting of the operation, the aggregation switch has the function of monitoring whether the counter reaches the service life or not, and reporting the flow data monitored aiming at the new data flow to the controller if the counter reaches the service life, so that the aggregation switch can actively report the monitored flow data to the controller for the controller to use, and the function of the aggregation switch is further enriched.
In an optional embodiment, the controller sends a traffic monitoring instruction to the aggregation switch, and controls the aggregation switch to perform traffic monitoring on the new data stream according to the traffic monitoring instruction. After the controller executes the above operations, it may also issue a traffic check instruction to the aggregation switch, so as to obtain the monitored traffic data from the aggregation switch.
Based on the above process, after the convergence switch performs traffic monitoring on the new data stream according to the traffic monitoring instruction sent by the controller, the convergence switch may further perform the following operations: the method comprises the following steps that firstly, a flow checking instruction sent by a controller is received, and the flow checking instruction is used for checking flow data monitored by a convergence switch aiming at a new data flow; and a second step of reporting the flow data monitored aiming at the new data flow to the controller according to the flow checking instruction.
Based on the setting of the operation, the aggregation switch has the function of reporting the monitored flow data to the controller according to the flow monitoring instruction sent by the controller, and the function of the aggregation switch is further enriched.
Corresponding to the embodiment of the method for monitoring the flow, the application also provides an embodiment of a device for monitoring the flow.
The embodiment of the device for monitoring the traffic can be respectively applied to a controller and a convergence switch in an SDN. The device embodiments may be implemented by software, or by hardware, or by a combination of hardware and software. The software implementation is taken as an example, and as a logical device, the device is formed by reading corresponding computer program instructions in the nonvolatile memory into the memory by the CPU of the device where the device is located and running the computer program instructions. From a hardware aspect, as shown in fig. 5, a hardware structure diagram of a device where the apparatus for monitoring traffic is located in the present application is shown, where in addition to the CPU, the memory and the nonvolatile memory shown in fig. 5, the device where the apparatus is located in the embodiment may generally include other hardware, which is not described again.
Fig. 6 is a block diagram of an apparatus for monitoring traffic according to an exemplary embodiment, which may be applied to a controller in an SDN:
the device includes: a receiving module 310, a judging module 320 and a sending module 330.
Wherein the receiving module 310 is configured to receive a notification message sent by an aggregation switch in the SDN, where the notification message is a message sent by the aggregation switch after determining that a first data packet of a new data flow sent by a host in the SDN is received, and the notification message includes: a host identity of the host;
a determining module 320, configured to determine whether to perform traffic monitoring on the new data stream sent by the host according to the host identifier;
a sending module 330, configured to send a traffic monitoring instruction to the aggregation switch if it is determined that the new data flow is subjected to the traffic monitoring, so that the aggregation switch performs traffic monitoring on the new data flow according to the traffic monitoring instruction.
In an alternative implementation:
the sending module 330 may be configured to, if the traffic monitoring instruction includes: a flow entry, the flow entry comprising: and the host identifier and the counter send the flow table entry to the aggregation switch, so that the aggregation switch starts the counter, and the counter is used for monitoring the flow of the new data flow, wherein the new data flow is the data flow sent by the host corresponding to the host identifier.
In another alternative implementation:
the sending module 330 may include (not shown in fig. 6): a determining submodule configured to determine whether the flow entry exists in the aggregation switch; a sending submodule configured to send the flow entry to the aggregation switch if the flow entry does not exist in the aggregation switch.
In another alternative implementation:
the device may further comprise (not shown in fig. 6): a transmission module configured to send, to the aggregation switch, an instruction for using the flow table entry if the flow table entry exists in the aggregation switch, so that the aggregation switch uses the flow table entry to perform traffic monitoring on the new data flow according to the instruction.
In another alternative implementation:
the determining sub-module may be configured to, if the controller stores a historical flow entry set, the historical flow entry set includes: and the controller judges whether the historical flow table item set comprises the flow table item or not for at least one flow table item sent by the aggregation switch in a historical mode.
In another alternative implementation:
the determining module 320 may be configured to, if the notification message further includes: and the switch identification of the aggregation switch judges whether to carry out the flow monitoring on the new data flow according to the host identification and the switch identification.
In another alternative implementation:
the determining module 320 may include (not shown in fig. 6): the first judgment submodule is configured to judge whether the switch identifier is matched with a preset switch identifier; the second judgment sub-module is configured to judge whether the host identity is matched with a preset host identity if the switch identity is judged to be matched with the preset switch identity;
the sending module 330 may be configured to issue the traffic monitoring instruction to the aggregation switch if it is determined that the host identifier is matched with the preset host identifier.
In another alternative implementation:
the device may further comprise (not shown in fig. 6): an obtaining module configured to obtain traffic data monitored by the aggregation switch for the new data flow; a first determination module configured to determine, from the traffic data, first traffic data used by the host for a historical period; and/or a second determining module configured to determine, according to the traffic data, second traffic data corresponding to data flows passing through the aggregation switch within the historical period; and/or the third determining module is configured to determine, according to the traffic data, third traffic data used by the local area network where the host is located in the historical period.
In another alternative implementation:
the acquisition module may include (not shown in fig. 6): the sending submodule is configured to send a traffic viewing instruction to the aggregation switch, and the traffic viewing instruction is used for viewing the traffic data monitored by the aggregation switch; an obtaining submodule configured to obtain the traffic data sent by the aggregation switch.
In another alternative implementation: the sending submodule can be configured to issue the flow checking instruction to the aggregation switch at intervals according to preset duration;
the acquisition submodule may include (not shown in fig. 6):
a receiving unit, configured to receive sub-traffic data reported by the aggregation switch after receiving the data viewing instruction each time, where the sub-traffic data is data monitored by the aggregation switch within the preset time duration;
and the generating unit is configured to obtain the traffic data according to the sub-traffic data reported by the aggregation switch each time.
Fig. 7 is a block diagram of another apparatus for monitoring traffic according to an exemplary embodiment of the present application, which may be applied to an aggregation switch in an SDN:
the device includes: a judging module 410, a sending module 420, a receiving module 430 and a monitoring module 440.
The determining module 410 is configured to determine whether a first data packet of a new data flow sent by a host in the SDN is received;
a sending module 420, configured to send a notification message to the SDN controller if it is determined that the first data packet is received, where the notification message includes: a host identity of the host;
a receiving module 430, configured to receive a traffic monitoring instruction sent by the controller, where the traffic monitoring instruction is an instruction sent by the controller after determining to perform traffic monitoring on the new data stream according to the host identifier;
and a monitoring module 440 configured to perform traffic monitoring on the new data stream according to the traffic monitoring instruction.
In an alternative implementation:
the monitoring module 440 may include (not shown in fig. 7): a start sub-module configured to, if the flow monitoring instruction includes: a flow entry, the flow entry comprising: the host identifier and the counter start the counter; and the monitoring submodule is configured to perform traffic monitoring on the new data flow by using the counter, wherein the new data flow is the data flow sent by the host corresponding to the host identification.
In another alternative implementation:
the device may further comprise (not shown in fig. 7): the monitoring module is configured to monitor whether the counter reaches the service life or not if the counter has the service life; and the first reporting module is configured to report the traffic data to the controller if the counter is monitored to reach the service life.
In another alternative implementation:
the device may further comprise (not shown in fig. 7): an obtaining module configured to receive a traffic check instruction issued by the controller, where the traffic check instruction is used to check traffic data monitored by the aggregation switch for the new data stream; and the second reporting module is configured to report the traffic data to the controller according to the traffic viewing instruction.
In another alternative implementation:
the sending module 420 may include (not shown in fig. 7): a first obtaining sub-module configured to obtain the host identifier according to the first data packet; a first generation submodule configured to generate the notification message according to the host identity; a first sending sub-module configured to send the notification message including the host identity to the controller.
In another alternative implementation:
the sending module 420 may include (not shown in fig. 7): a second generation submodule configured to generate the notification message according to the first data packet; a second transmitting submodule configured to transmit the notification message including the first packet to the controller.
The present application further provides a computer readable storage medium having stored thereon a computer program which, when being executed by a processor, carries out the steps of the method of monitoring traffic applied on a controller in an SDN.
The present application further provides a controller, comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor executes the program to implement the following steps:
receiving a notification message sent by an aggregation switch in the SDN, where the notification message is sent by the aggregation switch after determining that a first data packet of a new data flow sent by a host in the SDN is received, and the notification message includes: a host identity of the host;
judging whether to monitor the flow of the new data stream sent by the host according to the host identifier;
and if the new data flow is judged to be subjected to the flow monitoring, sending a flow monitoring instruction to the aggregation switch so that the aggregation switch carries out the flow monitoring on the new data flow according to the flow monitoring instruction.
The present application further provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of a method for monitoring traffic on a convergence switch in an SDN.
The application also provides a convergence switch, which comprises a memory, a processor and a computer program stored on the memory and capable of running on the processor, wherein the processor executes the program to realize the following steps:
judging whether a first data packet of a new data flow sent by a host in the SDN is received;
if the first data packet is judged to be received, sending a notification message to the SDN controller, wherein the notification message comprises: a host identity of the host;
receiving a flow monitoring instruction sent by the controller, wherein the flow monitoring instruction is an instruction sent by the controller after judging to perform flow monitoring on the new data stream according to the host identity;
and monitoring the flow of the new data flow according to the flow monitoring instruction.
The application also provides an SDN system, which comprises the controller provided by the application and the aggregation switch provided by the application.
The implementation process of the functions and actions of each unit in the above device is specifically described in the implementation process of the corresponding step in the above method, and is not described herein again.
For the device embodiments, since they substantially correspond to the method embodiments, reference may be made to the partial description of the method embodiments for relevant points. The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules can be selected according to actual needs to achieve the purpose of the scheme of the application. One of ordinary skill in the art can understand and implement it without inventive effort.
It will be understood that the present application is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the application is limited only by the appended claims.
Claims (22)
1. A method for monitoring traffic, the method being applied to a controller in a Software Defined Network (SDN), the method comprising:
receiving a notification message sent by an aggregation switch in the SDN, where the notification message is sent by the aggregation switch after determining that a first data packet of a new data flow sent by a host in the SDN is received, and the notification message includes: a host identity of the host;
judging whether to monitor the flow of the new data stream sent by the host according to the host identifier;
and if the new data flow is judged to be subjected to the flow monitoring, sending a flow monitoring instruction to the aggregation switch so that the aggregation switch carries out the flow monitoring on the new data flow according to the flow monitoring instruction.
2. The method of claim 1, wherein the traffic monitoring instructions comprise: a flow entry, the flow entry comprising: the host identity and counter;
the sending a traffic monitoring instruction to the aggregation switch to enable the aggregation switch to perform traffic monitoring on the new data flow according to the traffic monitoring instruction includes:
and sending the flow table entry to the aggregation switch, so that the aggregation switch starts the counter, and performing flow monitoring on the new data flow by using the counter, wherein the new data flow is the data flow sent by the host corresponding to the host identifier.
3. The method of claim 2, wherein sending the flow table entry to the aggregation switch comprises:
judging whether the flow table entry exists in the aggregation switch or not;
and if the flow table entry does not exist in the aggregation switch, sending the flow table entry to the aggregation switch.
4. The method of claim 3, further comprising:
if the flow table entry exists in the aggregation switch, sending an instruction for using the flow table entry to the aggregation switch, so that the aggregation switch uses the flow table entry to monitor the flow of the new data flow according to the instruction.
5. The method of claim 3, wherein if the controller has a set of historical flow entries, the set of historical flow entries comprises: the controller sends at least one flow table item to the aggregation switch in a historical mode; the determining whether the flow entry exists in the aggregation switch includes:
and judging whether the flow table entry is included in the historical flow table entry set.
6. The method of claim 1, wherein the notification message further comprises: a switch identification of the aggregation switch;
the determining whether to perform traffic monitoring on the new data stream sent by the host according to the host identifier includes:
and judging whether to monitor the flow of the new data flow or not according to the host identity and the switch identity.
7. The method according to claim 6, wherein said determining whether to perform the traffic monitoring on the new data flow according to the host identity and the switch identity comprises:
judging whether the switch identification is matched with a preset switch identification or not;
if the switch identification is judged to be matched with a preset switch identification, judging whether the host identification is matched with a preset host identification;
if the new data flow is judged to be subjected to the flow monitoring, sending a flow monitoring instruction to the aggregation switch, including:
and if the host identity is judged to be matched with the preset host identity, issuing the flow monitoring instruction to the aggregation switch.
8. The method of claim 1, further comprising:
acquiring traffic data monitored by the aggregation switch for the new data stream;
determining first flow data used by the host in a historical period according to the flow data; and/or the presence of a gas in the gas,
determining second traffic data corresponding to data flows passing through the aggregation switch in the historical period according to the traffic data; and/or the presence of a gas in the gas,
and determining third flow data used by the local area network where the host is located in the historical time period according to the flow data.
9. The method of claim 8, wherein the obtaining traffic data monitored by the aggregation switch for the new data flow comprises:
sending a flow checking instruction to the aggregation switch, wherein the flow checking instruction is used for checking the flow data monitored by the aggregation switch;
acquiring the flow data sent by the aggregation switch; or,
and receiving the traffic data actively sent by the aggregation switch.
10. The method of claim 9, wherein sending traffic viewing instructions to the aggregation switch comprises:
issuing the flow checking instruction to the convergence switch at intervals according to preset duration;
the acquiring the traffic data sent by the aggregation switch includes:
receiving sub-flow data reported by the aggregation switch after receiving the data viewing instruction each time, wherein the sub-flow data is data monitored by the aggregation switch within the preset time length;
and obtaining the flow data according to the sub-flow data reported by the aggregation switch each time.
11. A method for monitoring traffic, the method being applied to a convergence switch in an SDN, the method comprising:
judging whether a first data packet of a new data flow sent by a host in the SDN is received;
if the first data packet is judged to be received, sending a notification message to the SDN controller, wherein the notification message comprises: a host identity of the host;
receiving a flow monitoring instruction sent by the controller, wherein the flow monitoring instruction is an instruction sent by the controller after judging to perform flow monitoring on the new data stream according to the host identity;
and monitoring the flow of the new data flow according to the flow monitoring instruction.
12. The method of claim 11, wherein the traffic monitoring instructions comprise: a flow entry, the flow entry comprising: the host identity and counter;
the monitoring the flow of the new data flow according to the flow monitoring instruction includes:
starting the counter;
and monitoring the new data flow by using the counter, wherein the new data flow is the data flow sent by the host corresponding to the host identification.
13. The method of claim 12, wherein the counter is provided with a lifetime, the method further comprising:
monitoring whether the counter has reached the lifespan;
and if the counter is monitored to reach the service life, reporting the flow data to the controller.
14. The method of claim 11, further comprising:
receiving a flow checking instruction issued by the controller, wherein the flow checking instruction is used for checking flow data monitored by the aggregation switch aiming at the new data flow;
and reporting the flow data to the controller according to the flow checking instruction.
15. The method of claim 11, wherein sending a notification message to the SDN controller comprises:
acquiring the host identifier according to the first data packet;
generating the notification message according to the host identity;
sending the notification message including the host identity to the controller; or,
generating the notification message according to the first data packet;
sending the notification message including the first data packet to the controller.
16. An apparatus for monitoring traffic, the apparatus being applied to a controller in a Software Defined Network (SDN), the apparatus comprising:
a receiving module configured to receive a notification message sent by an aggregation switch in the SDN, where the notification message is a message sent by the aggregation switch after determining that a first data packet of a new data flow sent by a host in the SDN is received, and the notification message includes: a host identity of the host;
the judging module is configured to judge whether to perform flow monitoring on the new data stream sent by the host according to the host identifier;
and the sending module is configured to send a traffic monitoring instruction to the aggregation switch if the new data flow is judged to be subjected to traffic monitoring, so that the aggregation switch performs traffic monitoring on the new data flow according to the traffic monitoring instruction.
17. An apparatus for monitoring traffic, the apparatus for monitoring traffic being applied on an aggregation switch in an SDN, the apparatus comprising:
the system comprises a judging module and a sending module, wherein the judging module is configured to judge whether a first data packet of a new data flow sent by a host in the SDN is received;
a sending module configured to send a notification message to the SDN controller if it is determined that the first data packet is received, where the notification message includes: a host identity of the host;
a receiving module configured to receive a traffic monitoring instruction sent by the controller, where the traffic monitoring instruction is an instruction sent by the controller after determining to perform traffic monitoring on the new data stream according to the host identifier;
and the monitoring module is configured to perform traffic monitoring on the new data flow according to the traffic monitoring instruction.
18. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 10.
19. A controller comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor when executing the program performs the steps of:
receiving a notification message sent by an aggregation switch in the SDN, where the notification message is sent by the aggregation switch after determining that a first data packet of a new data flow sent by a host in the SDN is received, and the notification message includes: a host identity of the host;
judging whether to monitor the flow of the new data stream sent by the host according to the host identifier;
and if the new data flow is judged to be subjected to the flow monitoring, sending a flow monitoring instruction to the aggregation switch so that the aggregation switch carries out the flow monitoring on the new data flow according to the flow monitoring instruction.
20. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method according to any one of claims 11-15.
21. A convergence switch comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor implements the following steps when executing the program:
judging whether a first data packet of a new data flow sent by a host in the SDN is received;
if the first data packet is judged to be received, sending a notification message to the SDN controller, wherein the notification message comprises: a host identity of the host;
receiving a flow monitoring instruction sent by the controller, wherein the flow monitoring instruction is an instruction sent by the controller after judging to perform flow monitoring on the new data stream according to the host identity;
and monitoring the flow of the new data flow according to the flow monitoring instruction.
22. An SDN system comprising the controller of claim 19 and the aggregation switch of claim 21.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811594079.XA CN109525464B (en) | 2018-12-25 | 2018-12-25 | Method and device for monitoring flow |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811594079.XA CN109525464B (en) | 2018-12-25 | 2018-12-25 | Method and device for monitoring flow |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109525464A true CN109525464A (en) | 2019-03-26 |
| CN109525464B CN109525464B (en) | 2020-08-04 |
Family
ID=65797016
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811594079.XA Active CN109525464B (en) | 2018-12-25 | 2018-12-25 | Method and device for monitoring flow |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109525464B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111756716A (en) * | 2020-06-15 | 2020-10-09 | 深信服科技股份有限公司 | Flow detection method and device and computer readable storage medium |
| CN113794655A (en) * | 2020-07-17 | 2021-12-14 | 北京京东尚科信息技术有限公司 | Flow monitoring method and device, computer storage medium and electronic equipment |
| CN116668340A (en) * | 2023-05-09 | 2023-08-29 | 中国联合网络通信集团有限公司 | Port flow detection method, device and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2018162953A1 (en) * | 2017-03-08 | 2018-09-13 | Telefonaktiebolaget Lm Ericsson (Publ) | Optimizing tunnel monitoring in sdn |
| CN108777646A (en) * | 2018-05-02 | 2018-11-09 | 新华三技术有限公司 | Flux monitoring method and device |
| CN108809857A (en) * | 2018-05-23 | 2018-11-13 | 中国石油大学(华东) | A method of the traffic monitoring based on SDN and service quality securing strategy |
-
2018
- 2018-12-25 CN CN201811594079.XA patent/CN109525464B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2018162953A1 (en) * | 2017-03-08 | 2018-09-13 | Telefonaktiebolaget Lm Ericsson (Publ) | Optimizing tunnel monitoring in sdn |
| CN108777646A (en) * | 2018-05-02 | 2018-11-09 | 新华三技术有限公司 | Flux monitoring method and device |
| CN108809857A (en) * | 2018-05-23 | 2018-11-13 | 中国石油大学(华东) | A method of the traffic monitoring based on SDN and service quality securing strategy |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111756716A (en) * | 2020-06-15 | 2020-10-09 | 深信服科技股份有限公司 | Flow detection method and device and computer readable storage medium |
| CN113794655A (en) * | 2020-07-17 | 2021-12-14 | 北京京东尚科信息技术有限公司 | Flow monitoring method and device, computer storage medium and electronic equipment |
| CN116668340A (en) * | 2023-05-09 | 2023-08-29 | 中国联合网络通信集团有限公司 | Port flow detection method, device and storage medium |
| CN116668340B (en) * | 2023-05-09 | 2025-09-26 | 中国联合网络通信集团有限公司 | Port traffic detection method, device and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109525464B (en) | 2020-08-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109525464B (en) | Method and device for monitoring flow | |
| US8427943B2 (en) | Bandwidth-aware multicast load balancing on a multi-interface host | |
| US9451502B2 (en) | Service control method and system, evolved nodeB, and packet data network gateway | |
| US12250151B2 (en) | Method and system for triggering augmented data collection on a network based on traffic patterns | |
| EP3758298B1 (en) | Network device management method and apparatus | |
| US20140189867A1 (en) | DDoS ATTACK PROCESSING APPARATUS AND METHOD IN OPENFLOW SWITCH | |
| US20130191829A1 (en) | Computer system, virtual server alignment method, and alignment control apparatus | |
| US9634851B2 (en) | System, method, and computer readable medium for measuring network latency from flow records | |
| CN112532409A (en) | Network parameter configuration method and device, computer equipment and storage medium | |
| US20060067240A1 (en) | Apparatus and method for detecting network traffic abnormality | |
| US11102273B2 (en) | Uplink performance management | |
| WO2009129841A1 (en) | Method and system for network fault management | |
| CN108028828A (en) | A kind of distributed denial of service ddos attack detection method and relevant device | |
| US9866456B2 (en) | System and method for network health and management | |
| EP3756413A1 (en) | Method and system for controlling an operation of a communication network to reduce latency | |
| EP2698961B1 (en) | Method, system and devices for securing traffic on a traffic path in a computer network | |
| KR20220029142A (en) | Sdn controller server and method for analysing sdn based network traffic usage thereof | |
| CN112291076A (en) | Packet loss location method, device and system, and computer storage medium | |
| EP4106334B1 (en) | Service monitoring method, apparatus and system | |
| CN110545213A (en) | Computer network data flow monitoring system and method | |
| JP3711981B2 (en) | Stream quality observation apparatus, program, and recording medium | |
| US12160356B2 (en) | Flow table sending method and related apparatus | |
| CN116962213A (en) | Operation maintenance management information processing method, network node and storage medium | |
| JP5923914B2 (en) | Network state estimation apparatus and network state estimation program | |
| Tang et al. | A performance monitoring architecture for IP videoconferencing |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |