HK40037361A

HK40037361A - Path fault detection method, system, server, and storage medium

Info

Publication number: HK40037361A
Application number: HK42021027274.6A
Authority: HK
Inventors: 谭利军; 桑占稳; 陈慕琼
Original assignee: 腾讯科技（深圳）有限公司
Filing date: 2021-03-15
Publication date: 2021-06-11

Description

Path fault detection method, system, server and storage medium

Technical Field

The embodiment of the application relates to the technical field of communication, in particular to a path fault detection method, a system, a server and a storage medium.

Background

The VPC (Virtual Private Cloud) is a Private network on a public Cloud, and is a Cloud network for implementing multi-tenant isolation based on a tunnel protocol. In a VPC scenario, a server includes virtual hosts, and different virtual hosts communicate with each other through a plurality of nodes.

In order To detect an abnormal node in a transmission path between virtual hosts, a Time To Live (TTL) value in a detection packet sent by the virtual hosts is copied into a tunnel detection packet, in the process of sending the tunnel detection packet, when each node receives the tunnel detection packet, the TTL value in the tunnel detection packet is reduced by 1, if a new TTL value obtained by reducing the TTL value by 1 by a certain node is equal To 0, an error packet needs To be returned To the virtual hosts, and if the virtual hosts do not receive the error packet returned by the node, the node is abnormal.

However, in the above method, the TTL value in the probe packet needs to be copied to the tunnel probe packet, and each node that receives the tunnel probe packet needs to process the TTL value in the tunnel probe packet, which increases the complexity of path fault detection, resulting in low efficiency of path fault detection.

Disclosure of Invention

The embodiment of the application provides a path fault detection method, a system, a server and a storage medium, which can improve the efficiency of path fault detection, and the technical scheme is as follows:

in one aspect, a method for detecting a path fault is provided, where the method includes:

a first server acquires a detection packet of a first virtual host in the first server, wherein the detection packet comprises a Time To Live (TTL) value, and a source address of the detection packet indicates the first virtual host;

the first server performs tunnel encapsulation on the detection packet to obtain a tunnel detection packet, and sends the tunnel detection packet to a second server where a second virtual host is located, wherein the destination address of the detection packet indicates the second virtual host,

wherein the second server is configured to decapsulate the tunnel probe packet to obtain the probe packet,

the second server is further configured to send a first error packet to the first virtual host if the TTL value in the probe packet is not greater than a first value; or, if the TTL value in the probe packet is greater than the first value, subtracting a second value from the TTL value in the probe packet, and sending the probe packet after subtracting the second value to the second virtual host, where the first value and the second value are positive integers.

Optionally, the method further comprises:

and if the TTL value in the detection packet is not greater than the first value, the first server sends the first error packet to the first virtual host.

Optionally, the method further comprises:

and if the first server does not inquire the transmission path corresponding to the detection packet, sending a second error packet to the first virtual host.

Optionally, after the first server tunnel-encapsulates the probe packet to obtain a tunnel probe packet and sends the tunnel probe packet to a second server where a second virtual host is located, the method further includes:

the first server receives a third tunnel error packet, the third tunnel error packet is obtained by the second server after tunnel encapsulation is carried out on the third error packet, and the third error packet is sent to the second server by the second virtual host under the condition that the second virtual host cannot respond to the detection packet;

the first server decapsulates the third tunnel error packet to obtain a third error packet;

the first server sends the third error packet to the first virtual host.

In another aspect, a path fault detection method is provided, the method including:

the method comprises the steps that a second server receives a tunnel detection packet sent by a first server, wherein the tunnel detection packet is obtained by tunnel encapsulation of the detection packet by the first server;

the second server decapsulates the tunnel detection packet to obtain the detection packet, wherein the detection packet comprises a Time To Live (TTL) value;

if the TTL value in the detection packet is not larger than a first value, the second server sends a first error packet to a first virtual host in the first server, and the source address of the detection packet indicates the first virtual host; alternatively, the first and second electrodes may be,

and if the TTL value in the detection packet is larger than the first numerical value, the second server subtracts a second numerical value from the TTL value in the detection packet, and sends the detection packet after subtracting the second numerical value to a second virtual host in the second server, wherein the destination address of the detection packet indicates the second virtual host, and the first numerical value and the second numerical value are positive integers.

Optionally, after the second server sends the probe packet to the second virtual host, the method further includes:

the second server acquires a third error packet, and the third error packet is sent to the second server by the second virtual host under the condition that the second virtual host cannot respond to the detection packet;

the second server performs tunnel encapsulation on the third error packet to obtain a third tunnel error packet;

the second server sends the third tunnel error packet to the first server,

the first server is configured to decapsulate the third tunnel error packet to obtain the third error packet, and send the third error packet to the first virtual host.

Optionally, the method further comprises:

if the second server does not inquire the transmission path corresponding to the detection packet, the second server performs tunnel encapsulation on the second error packet to obtain a second tunnel error packet;

the second server sends the second tunnel error packet to the first server,

the first server is configured to decapsulate the second tunnel error packet to obtain the second error packet, and send the second error packet to the first virtual host.

Optionally, the source address and the destination address are carried in the first error packet.

In another aspect, a network system is provided, the network system including a first server and a second server,

the first server comprises a first virtual host, and the second server comprises a second virtual host;

the first server is used for acquiring a detection packet of a first virtual host in the first server, wherein the detection packet comprises a Time To Live (TTL) value, and a source address of the detection packet indicates the first virtual host;

the first server is further configured to tunnel-encapsulate the probe packet to obtain a tunnel probe packet, and send the tunnel probe packet to a second server where the second virtual host is located, where a destination address of the probe packet indicates the second virtual host;

the second server is used for receiving the tunnel detection packet and decapsulating the tunnel detection packet to obtain the detection packet;

Optionally, the first server is configured to:

if the TTL value in the detection packet is larger than the first numerical value, subtracting the second numerical value from the TTL value in the detection packet;

and performing tunnel encapsulation on the detection packet obtained after the second numerical value is subtracted to obtain the tunnel detection packet.

Optionally, the first server is further configured to send a first error packet to the first vm if the TTL value in the probe packet is not greater than the first value.

Optionally, the first server is further configured to send a second error packet to the first vm if the transmission path corresponding to the probe packet is not queried.

Optionally, the second server is further configured to tunnel the obtained response packet to obtain a tunnel response packet, send the tunnel response packet to the first server, where the response packet is sent to the second server after the second virtual host receives the probe packet;

the first server is further configured to decapsulate the tunnel response packet to obtain the response packet, and send the response packet to the first virtual host.

Optionally, the second server is configured to tunnel-encapsulate the first error packet to obtain a first tunnel error packet, and send the first tunnel error packet to the first server;

the first server is further configured to decapsulate the first tunnel error packet to obtain the first error packet, and send the first error packet to the first virtual host.

Optionally, the second server is further configured to perform tunnel encapsulation on the second error packet to obtain a second tunnel error packet if the transmission path corresponding to the detection packet is not queried, and send the second tunnel error packet to the first server;

the first server is further configured to decapsulate the second tunnel error packet to obtain the second error packet, and send the second error packet to the first virtual host.

Optionally, the second server is further configured to tunnel the obtained third error packet to obtain a third tunnel error packet, and send the third tunnel error packet to the first server, where the third error packet is sent to the second server by the second vm when the second vm cannot respond to the probe packet;

the first server is further configured to decapsulate the third tunnel error packet to obtain the third error packet, and send the third error packet to the first virtual host.

Optionally, the second virtual host is a virtual load balancing host; the second virtual host is used for receiving the detection packet, converting a destination address in the detection packet into an address of a target virtual service host, and sending the converted detection packet to the second server;

and the second server is further configured to perform tunnel encapsulation on the converted detection packet to obtain an updated tunnel detection packet, and send the updated tunnel detection packet to a target service server where the target virtual service host is located.

Optionally, the second server is further configured to decapsulate a first tunnel error packet sent by the target service server to obtain a first error packet, and convert the address of the target virtual service host in the first error packet into the destination address;

the second server is further configured to perform tunnel encapsulation on the converted first error packet to obtain an updated first tunnel error packet, and send the updated first tunnel error packet to the first server.

Optionally, the second server is further configured to decapsulate a tunnel response packet sent by the target service server to obtain a response packet, and convert the address of the target virtual service host in the response packet into the destination address;

the second server is further configured to perform tunnel encapsulation on the converted response packet to obtain an updated tunnel response packet, and send the updated tunnel response packet to the first server.

In another aspect, a server is provided, which includes a processor and a memory, where at least one program code is stored in the memory, and the at least one program code is loaded by the processor and executed to implement the operations performed in the path failure detection method according to the above aspect.

In another aspect, a computer-readable storage medium is provided, in which at least one program code is stored, the at least one program code being loaded and executed by a processor to implement the operations performed in the path failure detection method according to the above aspect.

In another aspect, a computer program product or a computer program is provided, the computer program product or the computer program comprising computer program code, the computer program code being stored in a computer-readable storage medium, the computer program code being read by a processor of a server from the computer-readable storage medium, the computer program code being executed by the processor such that the server implements the operations performed in the path failure detection method according to the above aspect.

The method, the system, the server and the storage medium provided by the embodiment of the application only need the server where the virtual host is located to process the TTL value in the detection packet in the process of detecting the path obstacle in the transmission detection packet, and do not consider the physical node between the servers where the virtual host is located, so that the TTL value in the detection packet does not need to be copied into the tunnel detection packet, the physical node between the servers also does not need to process the TTL value of the tunnel detection packet, and therefore the complexity of path fault detection can be reduced, the abnormal node in the transmission path is rapidly positioned, and the efficiency of path fault detection is improved.

Drawings

In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.

Fig. 1 is an architecture diagram of a network system according to an embodiment of the present application.

Fig. 2 is an architecture diagram of a network system according to an embodiment of the present application.

Fig. 3 is an architecture diagram of a network system according to an embodiment of the present application.

Fig. 4 is an architecture diagram of a network system according to an embodiment of the present application.

Fig. 5 is a flowchart of a path fault detection method according to an embodiment of the present application.

Fig. 6 is a flowchart of a path fault detection method according to an embodiment of the present application.

Fig. 7 is a schematic diagram of a transmission path provided in the related art.

Fig. 8 is a flowchart of a path fault detection method according to an embodiment of the present application.

Fig. 9 is a flowchart of a path fault detection method according to an embodiment of the present application.

Fig. 10 is a flowchart of a path fault detection method according to an embodiment of the present application.

Fig. 11 is a flowchart of a path fault detection method according to an embodiment of the present application.

Fig. 12 is a flowchart of a path fault detection method according to an embodiment of the present application.

Fig. 13 is a flowchart of a path fault detection method according to an embodiment of the present application.

Fig. 14 is a schematic structural diagram of a network system according to an embodiment of the present application.

Fig. 15 is a schematic structural diagram of a network system according to an embodiment of the present application.

Fig. 16 is a schematic structural diagram of a server according to an embodiment of the present application.

Detailed Description

To make the objects, technical solutions and advantages of the embodiments of the present application more clear, the embodiments of the present application will be further described in detail with reference to the accompanying drawings.

It will be understood that the terms "first," "second," and the like as used herein may be used herein to describe various concepts, which are not limited by these terms unless otherwise specified. These terms are only used to distinguish one concept from another. For example, a first server may be referred to as a second server, and similarly, a second server may be referred to as a first server, without departing from the scope of the present application.

Cloud Technology refers to a hosting Technology for unifying resources of hardware, software, network and the like in a wide area network or a local area network to realize calculation, storage, processing and sharing of data. The cloud technology is a general term of a network technology, an information technology, an integration technology, a management platform technology, an application technology and the like based on cloud computing application, can form a resource pool, is used as required, and is flexible and convenient. Background services of the technical network system require a large amount of computing and storage resources, such as video websites, picture-like websites and more web portals. With the high development and application of the internet industry, each article may have its own identification mark and needs to be transmitted to a background system for logic processing, data in different levels are processed separately, and various industrial data need strong system background support and can only be realized through cloud computing.

Private Cloud (Private Cloud) is a method for creating Cloud infrastructure and software and hardware resources in a firewall so that each department in an organization or enterprise can share the resources in a data center. A private cloud is created, with cloud equipment (IaaS, Infrastructure as a Service) software in addition to hardware resources. The private cloud also comprises three layers of cloud hardware, a cloud platform and cloud service. In contrast, the cloud hardware is the user's own personal computer or server, not the cloud computing vendor's data center. Cloud computing vendors build data centers to provide public cloud services for millions of users, and therefore need to have tens of millions of servers.

Public Cloud (Public Cloud) generally refers to a Cloud that can be used and provided by a third party provider for a user, and the core attribute of the Public Cloud is a shared resource service. There are many instances of such a cloud that can provide services throughout the open public network today.

Hybrid Cloud (Hybrid Cloud) merges public Cloud and private Cloud, and is the main mode and development direction of Cloud computing in recent years. The private cloud is mainly oriented to enterprise users, for safety, enterprises prefer to store data in the private cloud, but meanwhile hope to obtain computing resources of the public cloud, in the situation, the hybrid cloud is adopted more and more, the public cloud and the private cloud are mixed and matched to obtain the best effect, and the personalized solution achieves the purposes of saving money and being safe.

The path fault detection method provided by the embodiment of the present application will be described below based on a cloud technology.

Before the embodiments of the present application are explained, the following explanation of the related concepts is made:

1. TTL (Time To Live) value: the number of nodes allowed to pass before the packet is dropped.

2. ICMP (Internet Control Message Protocol): a sub-Protocol of the TCP/IP (Transmission Control Protocol/Internet Protocol) Protocol family for transmitting Control messages.

3. Traceroute (route trace): the Traceroute can be implemented based on the path fault detection method provided in the following embodiments, and is used to locate which nodes pass between the source host and the destination host, and the delay condition and the packet loss condition of each node.

4. The Overlay network is established on the Underlay network, the Overlay network and the Underlay network are relative concepts, in the cloud network, the Underlay network refers to an outer layer network of a tunneling protocol, and the Overlay network refers to an inner layer network of the tunneling protocol.

5. VPC (Virtual Private Cloud): the private network on the public cloud is a multi-tenant isolated cloud network realized based on a tunnel protocol.

6. GRE (Generic Routing Encapsulation): the data packet of the network layer protocol is encapsulated, so that the encapsulated data packet can be transmitted in another network layer protocol, and the method can be used as a network virtualization technology to improve the expansion problem when a cloud computing system is deployed.

7. NVE (Network Virtualization Edge): and the network server is responsible for performing tunnel encapsulation on the tenant network and sending the tenant network to the Underlay network, and the Overlay network is established between the NVEs based on the Underlay network.

8. vRouter (virtual router): and the virtual host is responsible for routing inquiry and data forwarding of the virtual host in the VPC network.

9. DCGW (Direct Connect Gateway): and in the hybrid cloud scene, the gateway is responsible for network direct connection between the VPC in the public cloud and the user IDC (Internet Data Center).

Fig. 1 is an architecture diagram of a network system provided in an embodiment of the present application, and referring to fig. 1, the network system includes: a first server 101 and a second server 102, wherein the first server 101 includes a virtual host 11, a virtual host 12, a virtual host 13 and a virtual host 14, and the second server 102 includes a virtual host 15, a virtual host 16, a virtual host 17 and a virtual host 18. And the first server 101 and the second server 102 each include a virtual router therein. Among them, the virtual host 11, the virtual host 12, the virtual host 17, and the virtual host 18 constitute a private cloud 110, and the virtual host 13, the virtual host 14, the virtual host 15, and the virtual host 16 constitute a private cloud 120. The network formed between the virtual hosts is called an Overlay network. A plurality of network devices are connected between the first server 101 and the second server 102, and a network formed by the plurality of network devices is called an Underlay network.

The virtual router sends the data packet in the Overlay network to the Underlay network, and the virtual router in the first server 101 and the virtual router in the second server 102 perform data transmission through the Underlay network, so as to implement data transmission between the virtual host in the first server 101 and the virtual host in the second server 102. Taking the virtual host 11 and the virtual host 17 as an example, by using the path fault detection method provided in the embodiment of the present application, a node having an abnormality in the process of sending a data packet to the virtual host 17 by the virtual host 11 can be detected.

The servers in the network system may be independent physical servers, or may be a server cluster or a distributed system formed by a plurality of physical servers. The virtual host in the server is a cloud server providing basic cloud computing services such as cloud services, a cloud database, cloud computing, cloud functions, cloud storage, Network services, cloud communication, middleware services, domain name services, security services, a Content Delivery Network (CDN), big data, or an artificial intelligence platform.

Fig. 2 is an architecture diagram of another network system provided in an embodiment of the present application, and referring to fig. 2, the network system includes: a first server 201, a second server 202 and a target traffic server 203. Included in first server 201 are virtual host 21, virtual host 22, virtual host 23, and virtual host 24. The second server 102 is a cloud gateway device, and the second server 102 includes a virtual load balancing host 29 therein, where the virtual load balancing host 29 is associated with a plurality of virtual hosts. Included in target traffic server 203 are virtual host 25, virtual host 26, virtual host 27, and virtual host 28. And the first server 201, the second server 202 and the target service server 203 each include a virtual router therein. Among them, private cloud 210 is formed among virtual host 21, virtual host 22, virtual host 27, and virtual host 28, and private cloud 220 is formed among virtual host 23, virtual host 24, virtual host 25, virtual host 26, and virtual load balancing host 29. The network formed between the virtual hosts is called an Overlay network. And the network formed between the physical network device and the server is called an Underlay network.

Taking the virtual host 23 as an example, the virtual host 23 in the private cloud 220 in the first server 201 sends the data packet to the virtual load balancing host 29 in the second server 202, and the virtual load balancing host 29 selects a virtual host for responding to the data packet from the associated multiple virtual hosts, and takes the selected virtual host as the virtual host 25 as an example, then the virtual load balancing host 29 sends the data packet to the virtual host 25 in the target service server 203. By adopting the path fault detection method provided by the embodiment of the application, the nodes with the exception in the process that the virtual host 23 sends the data packet to the virtual load balancing host 29 and in the process that the virtual load balancing host 29 sends the data packet to the virtual host 25 can be detected.

In one possible implementation manner, as shown in fig. 3, the virtual routers in the first server 201, the second server 202 and the target service server 203 each establish a communication connection with a network device in the underly network, and data transmission is performed between the virtual routers through the network device in the underly network.

Fig. 4 is an architecture diagram of another network system provided in an embodiment of the present application, and referring to fig. 4, the network system includes: a first server 401 and a second server 402. Included in first server 401 are virtual host 41, virtual host 42, virtual host 43, and virtual host 44. The second server 402 is a cloud gateway device, and the virtual load balancing host 45 is included in the second server 402, and the virtual load balancing host 45 is associated with a plurality of network devices in a user IDC (Internet Data Center). Included in the user IDC are network device 46, network device 47 and network device 48. The first server 401 and the second server 402 each include a virtual router therein. Among them, private cloud 410 is formed between virtual host 41 and virtual host 42, and private cloud 420 is formed between virtual host 43, virtual host 44, and virtual load balancing host 45. The network formed between the virtual hosts is called an Overlay network. And the network formed between the physical network device and the server is called an Underlay network.

Taking the virtual host 43 as an example, the virtual host 43 in the private cloud 420 in the first server 401 sends the data packet to the virtual load balancing host 45 in the second server 402, the virtual load balancing host 45 selects a network device for responding to the data packet from the associated network devices, and taking the selected network device as the network device 46 as an example, the virtual load balancing host 45 sends the data packet to the network device 46 in the user IDC. By adopting the path fault detection method provided by the embodiment of the application, the abnormal node existing in the process that the virtual host 43 sends the data packet to the virtual load balancing host 45 can be detected.

On the basis of the network systems shown in fig. 1 to 4, the embodiment of the present application provides a path fault detection method, which can detect a node having an abnormality in a process of sending a data packet between virtual hosts. Fig. 5 is a flowchart of a path fault detection method according to an embodiment of the present application. The interaction subject of the embodiment of the application is a first server and a second server, and referring to fig. 5, the method includes:

501. the first server obtains a probe packet.

The first server comprises a first virtual host, the second server comprises a second virtual host, data transmission is carried out between the first virtual host and the second virtual host through a plurality of nodes, in order to detect whether an abnormal node and the position of the abnormal node exist in a transmission path, the first virtual host sends a detection packet to the first server, and the first server obtains the detection packet. The source address of the detection packet indicates a first virtual host in the first server, the destination address of the detection packet indicates a second virtual host in the second server, and the detection packet is used for detecting an abnormal node in a transmission path between the first virtual host and the second virtual host. Wherein, the detection packet includes TTL value, and TTL value represents the allowed node number before the detection packet is discarded.

In order to detect whether a node in a transmission path is an abnormal node or not, in the process of transmitting a detection packet, the node receives the detection packet, if the TTL value in the detection packet is not larger than a first numerical value, the TTL value indicates that the number of nodes allowed by the detection packet before being discarded is reached, the node returns a first error packet, if the TTL value in the detection packet is larger than the first numerical value, the TTL value in the detection packet indicates that the number of nodes allowed by the detection packet before being discarded is not reached, the node subtracts a second numerical value from the TTL value in the detection packet, sends the detection packet with the subtracted second numerical value to a next node, and continues to transmit.

Therefore, if it is desired to detect whether a certain node in the transmission path is an abnormal node, the first vm sets the TTL value of the probe packet according to the number of nodes that need to pass through to reach the node, so that the TTL value in the probe packet received by the node pair is not greater than the first value, when it is determined that the node before the node is not abnormal. For example, if the first value is 1 and the second value is 1, the initial value of the TTL value in the probe packet is set to the number of nodes passing through the transmission path between the first vm and the node, and the TTL value in the probe packet is equal to 1 when the probe packet reaches the node.

If the node does not have an exception, the node returns a first error packet. Therefore, whether the node has an exception can be determined according to whether the first virtual host receives the first error packet returned by the node. If the first virtual host receives a first error packet returned by the node, the node is indicated to be not abnormal; if the first virtual host does not receive the first error packet, the node is abnormal.

When a node is detected, the first virtual host needs to send a detection packet, the first virtual host can sequentially send the detection packets according to the sequence from near to far from the node in the transmission path, and TTL values in a plurality of sent detection packets are sequentially increased according to the sequence from near to far from the detected node, so that fault detection is performed on each node in the transmission path between the virtual hosts. The embodiment of the present application only takes a process of sending a probe packet once as an example for description.

502. And the first server performs tunnel encapsulation on the detection packet to obtain a tunnel detection packet.

Since the probe packet is a probe packet sent by the virtual host, the probe packet is a data packet transmitted in the virtual network (Overlay network), and cannot be directly transmitted in the physical network (Underlay network). Therefore, in order to transmit the detection packet to the second server where the second virtual host is located, the first server tunnel-encapsulates the detection packet to obtain a tunnel detection packet, where the tunnel detection packet includes the detection packet, and then sends the tunnel detection packet to the second server.

In order to reduce the processing complexity of path fault detection, in the embodiment of the present application, when a tunnel detection packet is encapsulated, it is not necessary to copy a TTL value in the detection packet to a packet header of the tunnel detection packet, and therefore, when the tunnel detection packet is transmitted in an Underlay network, a physical node in the Underlay network does not need to process the TTL value in the packet header of the tunnel detection packet.

Optionally, the first server tunnels the probe packet according to a GRE (Generic Routing Encapsulation) tunneling protocol. Or, the first server tunnel-encapsulates the probe packet according to a VxLAN (Virtual Extensible Local Area Network) tunnel protocol. Or, the first server performs tunnel encapsulation on the probe packet according to another tunnel protocol, which is not limited in this embodiment of the present application.

Optionally, the first server includes a virtual router, the virtual router is configured to perform routing table lookup and forwarding on a data packet sent by the virtual host, and the virtual router belongs to an NVE connecting the Overlay network and the Underlay network. The virtual router in the first server acquires the detection packet, and performs tunnel encapsulation on the detection packet to obtain a tunnel detection packet.

503. The first server sends a tunnel probe packet to the second server.

The first server sends the tunnel detection packet to the second server through the Underlay network. Optionally, the Underlay network includes a plurality of physical node devices, and the first server establishes a communication connection with the second server through the plurality of node devices, and then the first server sends the tunnel detection packet to the node devices in the Underlay network, and the node devices forward the tunnel detection packet, so as to forward the tunnel detection packet to the second server.

504. And the second server receives the tunnel detection packet sent by the first server, and decapsulates the tunnel detection packet to obtain a detection packet.

505. And if the TTL value in the detection packet is not larger than the first value, the second server sends a first error packet to the first virtual host.

And the second server obtains the detection packet, and if the TTL value in the detection packet is not greater than the first value, the number of the nodes passed by the detection packet is indicated, and the number of the nodes passed by the detection packet reaches the number of the nodes passed by before being discarded. The second server does not need to retransmit the probe packet but discards the probe packet and sends a first error packet to the first vm, the first error packet indicating that the TTL value of the probe packet is not greater than the first value. Wherein the first value is a positive integer. Optionally, the second value is set by each node in the network system, for example, the first value is 1.

In the embodiment of the present application, if it is to be detected whether a second server in a transmission path is abnormal, under the condition that a node before the second server is not abnormal, a TTL value in a probe packet is set according to the number of nodes through which the probe packet reaches the second server, so that the probe packet reaches the second server, and the TTL value in the probe packet is not greater than a first value.

If the second server does not have an exception, the second server may return the first error packet, and if the second server does have an exception, the second server may not return the first error packet. Therefore, in this step 505, the first virtual host receives the first error packet, which indicates that there is no exception in the second server. In another embodiment, if the first virtual host does not receive the first error packet, it indicates that the second server is abnormal.

It should be noted that, in the above step 505, only the case where the TTL value in the probe packet is not greater than the first value is described. In another embodiment, if the TTL value in the probe packet is greater than the first value, the second server subtracts the second value from the TTL value in the probe packet, and sends the probe packet after subtracting the second value to the second vm. Optionally, the second value is set by each node in the network system, for example, the second value is 1. And the second virtual host sends a response packet corresponding to the detection packet to the first virtual host after receiving the detection packet. In this embodiment, whether the second vm in the transmission path is abnormal is detected, so that when there is no abnormality in the node before the second vm, the TTL value in the detection packet is set according to the number of nodes through which the detection packet reaches the second vm, so that the detection packet reaches the second server, where the TTL value in the detection packet is greater than the first value, and the second server sends the detection packet after subtracting the second value to the second vm. And if the second virtual host does not have the abnormality, the second virtual host returns a response packet. If the second virtual host has an exception, the second virtual host may not return a response packet. Therefore, whether the second virtual host is abnormal or not can be determined according to whether the first virtual host receives the response packet returned by the second virtual host or not. If the first virtual host receives the response packet, the second virtual host is not abnormal; if the first virtual host does not receive the response packet, it indicates that the second virtual host is abnormal.

It should be noted that in the embodiment of the present application, it is described that, in the case where the TTL value in the probe packet is not greater than the first value, the node in the transmission path returns the first error packet, or in the case where the TTL value in the probe packet is greater than the first value, the probe packet is sent after subtracting the second value from the TTL value. In another embodiment, the node in the transmission path may first subtract a third value from the TTL value in the probe packet, and return the first error packet if the TTL value subtracted by the third value is not greater than a fourth value, or send the probe packet after subtracting the third value if the TTL value subtracted by the third value is greater than the fourth value, where the third value and the fourth value are positive integers.

According to the method provided by the embodiment of the application, in the process of detecting the path obstacle of the transmission detection packet, only the server where the virtual host is located needs to process the TTL value in the detection packet, and the physical node between the servers is not considered, so that the TTL value in the detection packet does not need to be copied into the tunnel detection packet, the physical node between the servers does not need to process the TTL value of the tunnel detection packet, the complexity of path fault detection can be reduced, abnormal nodes in a transmission path are rapidly located, and the efficiency of path fault detection is improved.

On the basis of the network system shown in fig. 1, the embodiment of the present application further provides a path failure detection method provided in the following embodiment of fig. 6. Fig. 6 is a flowchart of a path fault detection method according to an embodiment of the present application. The interaction subject of the embodiment of the present application is a first server, a first virtual host, and a second server, referring to fig. 6, the method includes:

601. the first virtual host sends a probe packet to the first server.

The first server comprises a first virtual host, the second server comprises a second virtual host, data transmission is carried out between the first virtual host and the second virtual host through a plurality of nodes, and in order to detect whether an abnormal node exists in a transmission path and the position of the abnormal node, the first virtual host sends a detection packet to the first server. The source address of the probing packet indicates a first virtual host in the first server, and the destination address of the probing packet indicates a second virtual host in the second server, wherein the probing packet includes a TTL value indicating the number of nodes allowed to pass through before the probing packet is discarded.

In one possible implementation, the source Address and the destination Address in the probe packet are both IP addresses (Internet Protocol addresses).

602. The first server obtains the detection packet, tunnel encapsulation is carried out on the detection packet to obtain a tunnel detection packet, and the tunnel detection packet is sent to the second server.

Since the probe packet is a probe packet sent by the first vm, and is a data packet transmitted in the Overlay network, it cannot be directly transmitted in the Underlay network. Therefore, in order to transmit the probe packet to the second server where the second vm is located, the first server tunnel-encapsulates the probe packet to obtain a tunnel probe packet, and sends the tunnel probe packet to the second server through the Underlay network.

In a possible implementation manner, if each physical node defaults to start a function of processing a TTL value in a data packet in an Underlay network through which data transmission between virtual hosts passes, when a first server encapsulates a tunnel detection packet, the TTL value in the detection packet does not need to be copied to a packet header of the tunnel detection packet, but the TTL value of the tunnel detection packet is set according to the number of physical nodes through which the tunnel detection packet passes, so that each physical node receives the tunnel detection packet, and the TTL value in the tunnel detection packet is greater than a first value.

In another possible implementation manner, the first server queries a transmission path corresponding to the detection packet, determines an address of a second server where the second virtual host is located, and performs tunnel encapsulation on the detection packet according to the address of the second server to obtain a tunnel detection packet including the address of the second server. Optionally, the tunneling detection packet includes a source address and a destination address, the source address in the tunneling detection packet is an address of the first server, and the destination address in the tunneling detection packet is an address of the second server.

In another possible implementation manner, the first server acquires the probe packet, and if the TTL value in the probe packet is greater than the first value, it indicates that the number of nodes allowed by the probe packet before being discarded has not been reached, so that the first server subtracts the second value from the TTL value in the probe packet, and performs tunnel encapsulation on the probe packet after subtracting the second value, to obtain a tunnel probe packet. In order to send the probe packet to the next node.

Accordingly, in another embodiment, if the TTL value of the probe packet is not greater than the first value, which indicates that the number of nodes allowed to pass through by the probe packet before being discarded has been reached, the probe packet is not further transmitted, and the first error packet is sent directly from the first server to the first vm without performing the following steps 603 and 605, where the first error packet is used to indicate that the TTL value of the probe packet is not greater than the first value, and optionally, the first error packet is an ICMP error packet.

Optionally, the detection packet carries a source address and a destination address, where the source address is an address of the first virtual host and the destination address is an address of the second virtual host, and then the first error packet generated by the first server also carries the source address and the destination address, so that the first virtual host queries the detection packet corresponding to the first error packet according to the source address and the destination address.

It should be noted that, in another embodiment, if the first server does not query the transmission path corresponding to the probe packet, the probe packet cannot be continuously transmitted, so that the second error packet is sent to the first vm without performing the following steps 603 and 606, where the second error packet is used to indicate that the transmission path corresponding to the probe packet is not queried.

Optionally, the detection packet carries a source address and a destination address, where the source address is an address of the first virtual host and the destination address is an address of the second virtual host, and then the second error packet generated by the first server also carries the source address and the destination address, so that the first virtual host queries the detection packet corresponding to the second error packet according to the source address and the destination address.

603. And the second server receives the tunnel detection packet, and decapsulates the tunnel detection packet to obtain a detection packet.

And the second server receives the tunnel detection packet, deletes the packet head of the tunnel detection packet, acquires the detection packet in the packet body of the tunnel detection packet, and completes the decapsulation of the tunnel detection packet.

604. And if the TTL value in the detection packet is not greater than the first numerical value, the second server performs tunnel encapsulation on the first error packet to obtain a first tunnel error packet, and the first tunnel error packet is sent to the first server.

And the second server acquires the detection packet, if the TTL value in the detection packet is not greater than the first numerical value, the number of nodes passed by the detection packet is indicated, and the number of nodes allowed to pass before being discarded is reached, the detection packet is not transmitted any more, the second server generates a first error packet corresponding to the detection packet according to the detection packet, and the first error packet is sent to the first virtual host. In the process of sending the first error packet to the first vm, the first error packet needs to be sent to the first server where the first vm is located through the Underlay network. Therefore, the second server carries out tunnel encapsulation on the first error packet to obtain a first tunnel error packet, and sends the first tunnel error packet to the first server.

In one possible implementation manner, the probe packet carries a source address and a destination address, where the source address is an address of the first vm and the destination address is an address of the second vm. The source address and the destination address are carried in a first error packet generated by the second server. Optionally, the first error packet includes a packet header and a packet body, the packet header of the first error packet includes a source address and a destination address, the source address of the first error packet indicates the second server, and the destination address of the first error packet indicates the first virtual host. The body of the first error packet comprises a source address and a destination address carried by the detection packet, and the body of the first error packet further comprises a first error message which is used for indicating that the TTL value of the detection packet reaches a second value. For example, if the second value is 0, the first error message is "TTL value is 0 during transmission".

In another possible implementation manner, the first server generates a first error packet, queries a transmission path corresponding to the first error packet, determines an address of the first server where the first virtual host is located, and performs tunnel encapsulation on the first error packet according to the address of the first server to obtain a first tunnel error packet including the address of the first server. Optionally, the first tunnel error packet includes a source address and a destination address, the source address in the first tunnel error packet is an address of the second server, and the destination address in the first tunnel error packet is an address of the second server.

In another possible implementation manner, when a node in the transmission path receives a first error packet, the node also processes the TTL value in the first error packet, and in order to send the first error packet to the first virtual host, the second server sets the TTL value in the first error packet according to the number of nodes through which the first error packet is sent to the first virtual host, so that when each node through which the first error packet passes receives the first error packet, the TTL value in the first error packet is greater than the first value.

605. And the first server receives the first tunnel error packet, decapsulates the first tunnel error packet to obtain a first error packet, and sends the first error packet to the first virtual host.

And the first server receives the first tunnel error packet, deletes the packet header of the first tunnel error packet, acquires the first error packet in the packet body of the first tunnel error packet, completes the decapsulation of the first tunnel error packet, and sends the first error packet to the first virtual host.

In one possible implementation, the header of the first error packet includes a destination address, which is an address of the first vm, so that the first server sends the first error packet to the first vm according to the address of the first vm.

606. The first virtual host receives a first error packet.

In the embodiment of the present application, to detect whether the second server in the transmission path is abnormal, the TTL value in the probe packet is set according to the number of nodes through which the probe packet reaches the second server when the node before the second server is not abnormal, so that the probe packet reaches the second server, and the TTL value in the probe packet is not greater than the first value. If the second server does not have the abnormality, the second server returns the first error packet, and if the second server does have the abnormality, the second server may not return the first error packet. Therefore, in this step 606, the first virtual host receives the first error packet, which indicates that there is no exception in the second server. In another embodiment, if the first virtual host does not receive the first error packet, it indicates that the second server is abnormal.

It should be noted that, in this embodiment of the present application, the second server obtains the probe packet, queries a transmission path corresponding to the probe packet, and after determining the transmission path, executes the step of sending the first error packet. In another embodiment, if the second server does not inquire the transmission path corresponding to the detection packet, a second error packet is generated, the second error packet is tunnel-encapsulated to obtain a second tunnel error packet, and the second tunnel error packet is sent to the first server. And the first server receives the second tunnel error packet, decapsulates the second tunnel error packet to obtain a second error packet, and sends the second error packet to the first virtual host.

In one possible implementation manner, the probe packet carries a source address and a destination address, where the source address is an address of the first vm and the destination address is an address of the second vm. The source address and the destination address are carried in a second error packet generated by the second server. Optionally, the second error packet further includes a second error message, where the second error message is used to indicate that the transmission path corresponding to the probe packet is not queried. For example, the second error message is "host unreachable".

In the related art, as shown in fig. 7, a first vm 701 sends a data packet to a second vm 704, which needs to pass through NVE node 702, NVE node 703 and a plurality of physical nodes between NVE node 702 and NVE node 703. In order to diagnose an abnormal node in a transmission path between the first vm 701 and the second vm 705, the NVE node 702 needs to copy a TTL value in a packet header of the probe packet to a packet header of the tunnel probe packet, the subsequent NVE node 703 copies the TTL value in the packet header of the tunnel probe packet back to the packet header of the probe packet, and each physical node in the Underlay network receives the tunnel probe packet, and needs to process the TTL value in the packet header of the tunnel probe packet to determine whether the tunnel probe packet needs to be discarded and returned to the first error packet. The above process increases the complexity of path fault detection, resulting in inefficient path fault detection.

In the related art, in a private cloud scenario, data transmission of virtual hosts of different tenants needs to pass through a physical node in the Underlay network, and therefore, as long as one tenant needs to start a path fault detection function, the physical node in the Underlay network also needs to start the path fault detection function. For tenants that do not need to implement the path fault detection function, when a transmitted data packet passes through a physical node in the Underlay network, operations corresponding to the path fault detection still need to be executed, which causes low efficiency of data transmission and wastes processing resources.

In the method provided by the embodiment of the application, because physical nodes between servers do not need to be considered, when a certain tenant needs to start the path fault detection function, only the path fault detection function of the node in the Overlay network corresponding to the tenant needs to be started, and the tenant is used as the granularity to be started and closed as required.

On the basis of the network system shown in fig. 1, the embodiment of the present application further provides a path failure detection method provided in the following embodiment of fig. 8. Fig. 8 is a flowchart of a path fault detection method according to an embodiment of the present application. The interaction subject of the embodiment of the present application is a first server, a first virtual host, a second server, and a second virtual host, referring to fig. 8, the method includes:

801. the first virtual host sends a probe packet to the first server.

802. The first server obtains the detection packet, tunnel encapsulation is carried out on the detection packet to obtain a tunnel detection packet, and the tunnel detection packet is sent to the second server.

803. And the second server receives the tunnel detection packet, and decapsulates the tunnel detection packet to obtain a detection packet.

Steps 801 through 803 are similar to steps 601 through 603, and are not described in detail herein.

804. And if the TTL value in the detection packet is larger than the first numerical value, the second server subtracts the second numerical value from the TTL value in the detection packet, and sends the detection packet after subtracting the second numerical value to the second virtual host.

And the second server acquires the detection packet, and if the TTL value in the detection packet is greater than the first numerical value, the number of nodes passed by the detection packet is indicated, the number of nodes passed by the detection packet does not reach the number of nodes passed by the detection packet before being discarded, and the detection packet needs to be continuously transmitted. Therefore, the second server subtracts the second value from the TTL value in the probe packet, and sends the probe packet after subtracting the second value to the second vm.

805. And the second virtual host receives the detection packet and sends a response packet to the second server.

The second virtual host receives the detection packet, generates a response packet corresponding to the detection packet, and sends the response packet to the first virtual host. The second server is required to pass through in the process of sending the response packet to the first virtual host by the second virtual host, so that the second virtual host sends the response packet to the second server, and the second server sends the response packet to the first virtual host.

In a possible implementation manner, the response packet carries a source address and a destination address, the source address in the response packet is an address of the second vm, and the destination address in the response packet is an address of the first vm.

In another possible implementation manner, when a node in the transmission path receives a response packet, the node also processes the TTL value in the response packet, and in order to send the response packet to the first virtual host, the second virtual host sets the TTL value in the response packet according to the number of nodes through which the response packet is sent to the first virtual host, so that when each node through which the response packet passes receives the response packet, the TTL value in the response packet is greater than the first value.

806. And the second server acquires the response packet, performs tunnel encapsulation on the response packet to obtain a tunnel response packet, and sends the tunnel response packet to the first server.

Since the response packet is a response packet sent by the second vm, the response packet is a data packet transmitted in the Overlay network, and cannot be directly transmitted in the Underlay network. Therefore, in order to transmit the response packet to the first server where the first virtual host is located, the second server tunnels the response packet to obtain a tunnel response packet, and sends the tunnel response packet to the first server through the Underlay network.

807. And the first server receives the tunnel response packet, decapsulates the tunnel response packet to obtain a response packet, and sends the response packet to the first virtual host.

And the first server receives the tunnel response packet, deletes the packet header of the tunnel response packet, acquires the response packet in the packet body of the tunnel response packet, completes decapsulation of the tunnel response packet, and sends the response packet to the first virtual host.

In one possible implementation manner, the header of the response packet includes a destination address, which is an address of the first vm, so that the first server sends the response packet to the first vm according to the address of the first vm.

808. The first virtual host receives the response packet.

In this embodiment of the present application, to detect whether a second vm in a transmission path is abnormal, if a node before the second vm is not abnormal, a TTL value in a detection packet is set according to the number of nodes through which the detection packet reaches the second vm, so that the detection packet reaches a second server where the second vm is located, where the TTL value in the detection packet is greater than a first value, so as to subtract a second value from the TTL value in the detection packet, and send the detection packet after subtracting the second value to the second vm. And if the second virtual host does not have the abnormality, the second virtual host returns a response packet. If the second virtual host has an exception, the second server may not be able to return a response packet. Therefore, in this step 808, the first vm receives the response packet, which indicates that there is no exception in the second vm. In another embodiment, if the first vm does not receive the response packet, it indicates that the second vm has an exception.

In another embodiment, if the second vm receives the probe packet and fails to respond to the probe packet, a third error packet is sent to the second server, where the third error packet is used to indicate that the probe packet cannot be responded to. And the second server acquires the third error packet, performs tunnel encapsulation on the third error packet to obtain a third tunnel error packet, and sends the third tunnel error packet to the first server. And the first server receives the third tunnel error packet, decapsulates the third tunnel error packet to obtain a third error packet, and sends the third error packet to the first virtual host. The process of sending the third error packet is similar to the process of sending the response packet, and is not described in detail here.

For example, the probe packet sent by the first vm is a TCP (Transmission Control Protocol) packet or a UDP (User Datagram Protocol) packet, and the corresponding port in the second vm is not opened, so the second vm returns a third error packet.

In one possible implementation, if the probe packet carries a source address and a destination address, where the source address is an address of the first vm and the destination address is an address of the second vm, the source address and the destination address are carried in the third error packet.

In addition, because physical nodes between servers do not need to be considered, when a certain tenant needs to start the path fault detection function, only the path fault detection function of the node in the Overlay network corresponding to the tenant needs to be started, and the tenant-based on-demand start and stop is realized.

On the basis of the network system shown in fig. 2 or fig. 3, the embodiment of the present application further provides a path failure detection method provided in the following embodiment of fig. 9. Fig. 9 is a flowchart of a path fault detection method according to an embodiment of the present application. The interaction main body of the embodiment of the application is a first server, a first virtual host, a second server, a second virtual host and a target service server. Referring to fig. 9, the method includes:

901. the first virtual host sends a probe packet to the first server.

902. The first server obtains the detection packet, tunnel encapsulation is carried out on the detection packet to obtain a tunnel detection packet, and the tunnel detection packet is sent to the second server.

903. And the second server receives the tunnel detection packet, and decapsulates the tunnel detection packet to obtain a detection packet.

904. And if the TTL value in the detection packet is larger than the first numerical value, the second server subtracts the second numerical value from the TTL value in the detection packet, and sends the detection packet after subtracting the second numerical value to the second virtual host.

Steps 901-904 are similar to steps 801-804 described above and will not be described in detail herein.

905. And the second virtual host receives the detection packet, converts the destination address in the detection packet into the address of the target virtual service host, and sends the converted detection packet to the second server.

The path fault detection method in the embodiment of the application is applied to a Cloud Load Balance (CLB) scenario, where the second server is a Cloud gateway server, or referred to as a Cloud Load Balance server, the second virtual host is a virtual Load Balance host, the virtual Load Balance host is associated with multiple virtual service hosts and used for distributing loads to the associated multiple virtual service hosts to be executed, and the virtual service hosts are used for responding to received data packets, so as to provide services for corresponding services.

Therefore, after the second virtual host receives the detection packet, a target virtual service host is selected from the associated virtual service hosts, and the destination address in the detection packet is converted into the address of the selected target virtual service host. In order to send the converted detection packet to the target virtual service host, the second virtual host sends the converted detection packet to the second server, and the second server forwards the converted detection packet to the target virtual service host.

In one possible implementation manner, the second virtual host selects a target virtual service host from the plurality of associated virtual service hosts according to a matching rule of load balancing. Optionally, the matching rule includes a matching rule based on a hash algorithm or a matching rule based on a connection tree, and the like, which is not limited in the embodiment of the present application. Optionally, the second vm selects the target vm according to the matching rule based on the field in the received probe packet.

In another possible implementation manner, after the second vm selects the target vm, a matching record is created, where the matching record includes the first vm sending the probe packet and the target vm for responding to the probe packet. And then the subsequent second virtual host receives the detection packet sent by the first virtual host again, inquires the created matching record, determines the target virtual service host matched with the first virtual host, and directly sends the detection packet to the target virtual service host without selecting the target virtual service host from the multiple associated virtual service hosts.

In another possible implementation manner, the destination address of the probe packet is an address of the second virtual host, and after the second virtual host receives the probe packet and selects the target virtual service host, the second virtual host determines the address of the target virtual service host, and converts the address of the second virtual host in the probe packet into the address of the target virtual service host.

906. And the second server performs tunnel encapsulation on the converted detection packet to obtain an updated tunnel detection packet, and sends the updated tunnel detection packet to a target service server where the target virtual service host is located.

The converted detection packet is a data packet transmitted in the Overlay network and cannot be directly transmitted in the Underlay network because the detection packet is sent by the first virtual host. Therefore, in order to transmit the converted detection packet to the target service server where the target virtual service host is located, the second server tunnel-encapsulates the converted detection packet to obtain an updated tunnel detection packet, and sends the updated tunnel detection packet to the target service server through the Underlay network.

907. And the target service server decapsulates the updated tunnel detection packet to obtain a converted detection packet.

908. And if the TTL value in the converted detection packet is not greater than the first numerical value, the target service server performs tunnel encapsulation on the first error packet to obtain a first tunnel error packet, and sends the first tunnel error packet to the second server.

Wherein the source address of the first error packet indicates the target service server and the destination address of the first error packet indicates the first virtual host. Optionally, the source address in the first error packet is an address of the target service server, and the destination address in the first error packet is an address of the first virtual host.

Wherein the source address of the first tunnel error packet indicates the target service server and the destination address of the first tunnel error packet indicates the second server. Optionally, the source address in the first tunnel error packet is an address of the target service server, and the destination address in the first tunnel error packet is an address of the second server.

The packet body of the first error packet further includes a first error message, an address of the first virtual host and an address of the target virtual service host, and the second virtual host which subsequently receives the first error packet can determine the converted detection packet corresponding to the first error packet according to the address of the first virtual host and the address of the target virtual service host in the first error packet.

The steps 907-908 are similar to the steps 603-604, and are not described in detail herein.

909. And the second server decapsulates the first tunnel error packet to obtain a first error packet, and converts the address of the target virtual service host in the first error packet into the destination address of the detection packet.

And the second server receives the first tunnel error packet, deletes the packet header of the first tunnel error packet, acquires the first error packet in the packet body of the first tunnel error packet, and completes the decapsulation of the first tunnel error packet. The second server obtains the first error packet, sends the first error packet to the second virtual host, and the second virtual host converts the address of the target virtual service host in the error packet into the destination address of the detection packet in the step 905 and sends the converted first error packet to the second server.

The packet body of the first error packet comprises an address of the first virtual host and an address of the target virtual service host, and the first error packet corresponds to the converted detection packet. However, since the first vm sends the detection packet, the second vm converts the address of the target vm in the first error packet into the destination address of the detection packet, that is, the address of the second vm, according to the packet body of the first error packet including the address of the first vm and the address of the target vm, so as to obtain the converted first error packet. The packet body of the converted first error packet comprises the address of the first virtual host and the address of the second virtual host, and the converted first error packet corresponds to the detection packet sent by the first virtual host.

910. And the second server performs tunnel encapsulation on the converted first error packet to obtain an updated first tunnel error packet, and sends the updated first tunnel error packet to the first server.

911. And the first server receives the first tunnel error packet, decapsulates the first tunnel error packet to obtain a converted first error packet, and sends the converted first error packet to the first virtual host.

912. The first virtual host receives the converted first error packet.

The process of sending the converted first error packet in steps 910 and 912 is similar to the process of sending the first error packet in steps 604 and 606, and is not described in detail here.

In the embodiment of the application, whether a target service server in a transmission path is abnormal or not is detected, and under the condition that nodes before the target service server are not abnormal, according to the number of nodes through which a detection packet reaches the target service server, the TTL value in the detection packet is set, so that when the detection packet reaches the target service server, the TTL value in the detection packet is not greater than a first value. If the target service server is not abnormal, the target service server returns a first error packet, and if the target service server is abnormal, the target service server may not return the first error packet. Therefore, in this step 912, the first vm receives the first error packet, which indicates that there is no exception in the target service server. In another embodiment, if the first virtual host does not receive the first error packet, it indicates that the target service server is abnormal.

According to the method provided by the embodiment of the application, in the process of detecting the path obstacle of the transmission detection packet, only the server where the virtual host is located needs to process the TTL value in the detection packet, and the physical node between the servers where the virtual host is located is not considered, so that the TTL value in the detection packet does not need to be copied into the tunnel detection packet, the physical node between the servers does not need to process the TTL value of the tunnel detection packet, the complexity of path fault detection can be reduced, abnormal nodes in a transmission path are rapidly located, and the efficiency of path fault detection is improved.

And the detection packet is sent to the virtual load balancing host, and the virtual load balancing host distributes the detection packet to the target virtual service host, so that path fault detection from the virtual host to the load balancing service virtual host in a cloud load balancing scene is realized, and the application scene of path fault detection is expanded.

In addition, because the physical nodes between the servers where the virtual hosts are located do not need to be considered, when a certain tenant needs to start the path fault detection function, only the path fault detection function of the node in the Overlay network corresponding to the tenant needs to be started, and the on-demand and off-demand with the tenant as the granularity is realized.

On the basis of the network system shown in fig. 2 or fig. 3, the embodiment of the present application further provides a path failure detection method provided in the following embodiment of fig. 10. Fig. 10 is a flowchart of a path fault detection method according to an embodiment of the present application. The interaction subject of the embodiment of the present application is a first server, a first virtual host, a second server, a second virtual host, a target service server, and a target virtual service host, where the second virtual host is a virtual load balancing host, as shown in fig. 10, the method includes:

1001. the first virtual host sends a probe packet to the first server.

1002. The first server obtains the detection packet, tunnel encapsulation is carried out on the detection packet to obtain a tunnel detection packet, and the tunnel detection packet is sent to the second server.

1003. And the second server receives the tunnel detection packet, and decapsulates the tunnel detection packet to obtain a detection packet.

1004. And if the TTL value in the detection packet is larger than the first numerical value, the second server subtracts the second numerical value from the TTL value in the detection packet, and sends the detection packet after subtracting the second numerical value to the second virtual host.

1005. And the second virtual host receives the detection packet, converts the destination address in the detection packet into the address of the target virtual service host, and sends the converted detection packet to the second server.

1006. And the second server performs tunnel encapsulation on the converted detection packet to obtain an updated tunnel detection packet, and sends the updated tunnel detection packet to a target service server where the target virtual service host is located.

1007. And the target service server decapsulates the updated tunnel detection packet to obtain a converted detection packet.

The steps 1001 and 1007 are similar to the steps 901 and 907, and are not described in detail herein.

1008. And if the TTL value in the converted detection packet is larger than the first numerical value, the target service server subtracts a second numerical value from the TTL value in the converted detection packet, and sends the detection packet after subtracting the second numerical value to the target virtual service host.

1009. And the target virtual service host receives the detection packet obtained after the second value is subtracted, and sends a response packet to the target service server.

1010. And the target service server acquires the response packet, performs tunnel encapsulation on the response packet to obtain a tunnel response packet, and sends the tunnel response packet to the second server.

The steps 1008-1010 are similar to the steps 804-806, and are not described in detail herein.

1011. And the second server decapsulates the tunnel response packet to obtain a response packet, and converts the address of the target virtual service host in the response packet into the destination address of the detection packet.

1012. And the second server performs tunnel encapsulation on the converted response packet to obtain an updated tunnel response packet, and sends the updated tunnel response packet to the first server.

1013. And the first server receives the updated tunnel response packet, decapsulates the updated tunnel response packet to obtain a converted response packet, and sends the converted response packet to the first virtual host.

1014. The first virtual host receives the converted response packet.

The steps 1011-1014 are similar to the steps 909-912, and are not described in detail herein.

In the embodiment of the present application, to detect whether a target virtual service host in a transmission path is abnormal, if a node before the target virtual service host is not abnormal, a TTL value in a detection packet is set according to the number of nodes through which the detection packet reaches the target virtual service host, so that the detection packet reaches a target service server where the target virtual service host is located, where the TTL value in the detection packet is greater than a first value, so as to subtract a second value from the TTL value in the detection packet, and send the detection packet after subtracting the second value to the target virtual service host. And if the target virtual service host does not have abnormality, the target virtual service host returns a response packet. If the target virtual service host is abnormal, the target virtual service host may not return a response packet. Therefore, in this step 1014, the first vm receives the response packet, which indicates that there is no exception in the target vm. In another embodiment, if the first vm does not receive the response packet, it indicates that the target vm has an exception.

It should be noted that, in this embodiment of the application, the service host associated with the second virtual host is a virtual service host running in the server. In another embodiment, as shown in the architecture diagram of the network system shown in fig. 4, in a hybrid cloud scenario, the second virtual host is DCGW, the service host associated with the second virtual host is a service server in the user IDC, the target service server obtains the converted probe packet, the target service server directly responds to the probe packet without performing the above step 1008 and 1009 to obtain a response packet, and performs the step 1010 and 1014, and in the step 1011, the second server converts the address of the target service server in the response packet into the destination address of the probe packet.

In a private cloud scenario, as shown in fig. 11, a first vm is a sender vm, an address of the sender vm is cvm _ a IP, a first server is a sender server, an address of the sender server is server a IP, a second server is a receiver server, an address of the receiver server is server B IP, a second vm is a receiver vm, and an address of the receiver vm is cvm _ B IP, a process of performing fault detection on a transmission path between the sender vm and the receiver vm is as follows:

and the virtual host of the sending party sends a detection packet with the TTL value being 1 to the server of the sending party.

And the sender server determines that the TTL value is less than or equal to 1, and then sends a first error packet to the sender virtual host.

And the virtual host of the sending party sends a detection packet with the TTL value being 2 to the server of the sending party.

And if the TTL value is more than 1, the server of the sending party subtracts 1 from the TTL value in the detection packet, performs tunnel encapsulation and sends the tunnel detection packet to the server of the receiving party.

And the receiver server decapsulates the tunnel detection packet to obtain a detection packet, and sends a first tunnel error packet to the sender server if the TTL value of the detection packet is determined to be less than or equal to 1.

And the server of the sending party decapsulates the first tunnel error packet to obtain a first error packet, and then sends the first error packet to the virtual host of the sending party.

And the virtual host of the sending party sends a detection packet with the TTL value being 3 to the server of the sending party.

And the receiver server decapsulates the tunnel detection packet to obtain a detection packet, determines that the TTL value of the detection packet is greater than 1, subtracts 1 from the TTL value of the detection packet, and sends the detection packet to the receiver virtual host.

And the virtual host of the receiving party responds to the detection packet and sends a response packet to the server of the receiving party.

And the receiver server performs tunnel encapsulation on the response packet to obtain a tunnel response packet, and sends the tunnel response packet to the sender server.

And the sender server decapsulates the tunnel response packet to obtain a response packet, and then sends the response packet to the sender virtual host.

In a load balancing scenario, as shown in fig. 12, a first virtual host is a sender virtual host, an address of the sender virtual host is cvm _ a IP, a first server is a sender server, an address of the sender server is server a IP, a second server is a cloud load balancing server, an address of the cloud load balancing server is CLB _ IP, a second virtual host is a virtual load balancing host in the cloud load balancing server, an address of the virtual load balancing host is CLB _ VIP, a target service server is a receiver server, an address of the receiver server is server B IP, a target virtual service host is a receiver virtual host, and an address of the receiver virtual host is cvm _ B IP, and a process of performing fault detection on a transmission path between the sender virtual host and the receiver virtual host is as follows:

And if the sender server determines that the TTL value is greater than 1, subtracting 1 from the TTL value in the detection packet, performing tunnel encapsulation, and sending the tunnel detection packet to the cloud load balancing server.

And the cloud load balancing server decapsulates the tunnel detection packet to obtain a detection packet, and sends a first tunnel error packet to the sender server if the TTL value of the detection packet is determined to be less than or equal to 1.

The cloud load balancing server decapsulates the tunnel detection packet to obtain a detection packet, determines that the TTL value of the detection packet is greater than 1, converts the CLB _ VIP in the detection packet into cvm _ b IP, subtracts 1 from the TTL value in the detection packet, performs tunnel encapsulation to obtain an updated tunnel detection packet, and sends the updated tunnel detection packet to the receiver server.

And the receiver server decapsulates the tunnel detection packet to obtain a detection packet, and sends a first tunnel error packet to the cloud load balancing server if the TTL value of the detection packet is determined to be less than or equal to 1.

And the cloud load balancing server decapsulates the first tunnel error packet to obtain a first error packet, converts cvm _ b IP in the first error packet into CLB _ VIP, performs tunnel encapsulation to obtain an updated first tunnel error packet, and sends the updated first tunnel error packet to the sender server.

And the virtual host of the sending party sends a detection packet with the TTL value being 4 to the server of the sending party.

And the receiver server decapsulates the tunnel detection packet to obtain a detection packet, and sends the detection packet to the receiver virtual host if the TTL value of the detection packet is greater than 1.

And the receiver server performs tunnel encapsulation on the response packet to obtain a tunnel response packet, and sends the tunnel response packet to the cloud load balancing server.

The cloud load balancing server converts cvm _ b IP in the tunnel response packet into CLB _ VIP, and sends the tunnel response packet to the sender server.

In a private cloud scenario, as shown in fig. 13, an address of the first vm is cvm _ a IP, an address of the second vm is cvm _ b IP, the first vm and the second vm are on the same server, and an address of the server is server a IP, then a process of performing fault detection on a transmission path between the first vm and the second vm is as follows:

the first virtual host sends a probe packet with TTL value 1 to the server.

And the server determines that the TTL value is less than or equal to 1, and then sends a first error packet to the first virtual host.

The first virtual host sends a probe packet with TTL value of 2 to the server.

And if the TTL value is determined to be more than 1 by the server, subtracting 1 from the TTL value in the detection packet and sending the detection packet to the second virtual host.

The second virtual host sends a response packet to the server in response to the probe packet.

The server sends the response packet to the first virtual host.

Fig. 14 is a schematic structural diagram of a network system according to an embodiment of the present application. Referring to fig. 14, the network system includes:

a first server 1401 and a second server 1402, the first server 1401 comprising a first virtual host 1411, the second server 1402 comprising a second virtual host 1412;

a first server 1401, configured to obtain a probe packet of a first virtual host in the first server, where the probe packet includes a time to live TTL value, and a source address of the probe packet indicates a first virtual host 1411;

the first server 1401 is further configured to tunnel-encapsulate the probe packet to obtain a tunnel probe packet, and send the tunnel probe packet to the second server 1402 where the second virtual host is located, where a destination address of the probe packet indicates the second virtual host;

the second server 1402, configured to receive the tunnel detection packet, decapsulate the tunnel detection packet, and obtain a detection packet;

the second server 1402, further configured to send a first error packet to the first vm 1411 if the TTL value in the probe packet is not greater than the first value; or, if the TTL value in the probe packet is greater than the first value, subtracting the second value from the TTL value in the probe packet, and sending the probe packet after subtracting the second value to the second virtual host 1412, where the first value and the second value are positive integers.

Optionally, the first server 1401 is configured to:

if the TTL value in the detection packet is larger than the first numerical value, subtracting a second numerical value from the TTL value in the detection packet;

and performing tunnel encapsulation on the detection packet after the second numerical value is subtracted to obtain a tunnel detection packet.

Optionally, the first server 1401 is further configured to send a first error packet to the first vm 1411 if the TTL value in the probe packet is not greater than the first value.

Optionally, the first server 1401 is further configured to send a second error packet to the first vm 1411 if the transmission path corresponding to the probe packet is not queried.

Optionally, the second server 1402 is further configured to perform tunnel encapsulation on the obtained response packet to obtain a tunnel response packet, send the tunnel response packet to the first server 1401, and send the response packet to the second server 1402 after the second virtual host 1412 receives the detection packet;

the first server 1401 is further configured to decapsulate the tunnel response packet to obtain a response packet, and send the response packet to the first virtual host 1411.

Optionally, the second server 1402 is configured to tunnel the first error packet to obtain a first tunnel error packet, and send the first tunnel error packet to the first server 1401;

the first server 1401 is further configured to decapsulate the first tunnel error packet to obtain a first error packet, and send the first error packet to the first virtual host 1411.

Optionally, the second server 1402 is further configured to perform tunnel encapsulation on the second error packet to obtain a second tunnel error packet if the transmission path corresponding to the detection packet is not queried, and send the second tunnel error packet to the first server 1401;

the first server 1401 is further configured to decapsulate the second tunnel error packet to obtain a second error packet, and send the second error packet to the first virtual host 1411.

Optionally, the second server 1402 is further configured to perform tunnel encapsulation on the obtained third error packet to obtain a third tunnel error packet, and send the third tunnel error packet to the first server 1401, where the third error packet is sent to the second server 1402 by the second virtual host 1412 in a case where the second virtual host 1412 cannot respond to the probe packet;

the first server 1401 is further configured to decapsulate the third tunnel error packet to obtain a third error packet, and send the third error packet to the first virtual host 1411.

Optionally, the second virtual host 1412 is a virtual load balancing host; referring to fig. 15, the network system further includes a target service server 1403, and the target service server 1403 includes a target virtual service host 1413; the second virtual host 1412, configured to receive the probe packet, convert the destination address in the probe packet into an address of the target virtual service host 1413, and send the converted probe packet to the second server 1402;

the second server 1402 is further configured to perform tunnel encapsulation on the converted probe packet to obtain an updated tunnel probe packet, and send the updated tunnel probe packet to the target service server 1403 where the target virtual service host 1413 is located.

Optionally, the second server 1402 is further configured to decapsulate the first tunnel error packet sent by the target service server 1403, obtain a first error packet, and convert the address of the target virtual service host 1413 in the first error packet into a destination address;

the second server 1402 is further configured to perform tunnel encapsulation on the converted first error packet to obtain an updated first tunnel error packet, and send the updated first tunnel error packet to the first server 1401.

Optionally, the second server 1402 is further configured to decapsulate the tunnel response packet sent by the target service server 1403, obtain a response packet, and convert the address of the target virtual service host 1413 in the response packet into a destination address;

the second server 1402 is further configured to perform tunnel encapsulation on the converted response packet to obtain an updated tunnel response packet, and send the updated tunnel response packet to the first server 1401.

Optionally, the source address and the destination address in the probe packet are carried in the first error packet.

The network system that this application embodiment provided, at the in-process that the transmission detection package carried out the path obstacle and surveyed, only need the server at virtual host place to handle the TTL value in the detection package, do not consider the physical node between the server, consequently, need not to duplicate the tunnel detection package with the TTL value in the detection package in, the physical node between the server also need not to handle the TTL value of tunnel detection package, consequently, can reduce the complexity that the path fault was surveyed, thereby fix a position the unusual node in the transmission path fast, the efficiency of path fault detection has been improved.

Fig. 16 is a schematic structural diagram of a server 1600 provided in an embodiment of the present application, where the server 1600 may generate relatively large differences due to different configurations or performances, and includes one or more processors (CPUs) 1601 and one or more memories 1602, where at least one program code is stored in the memory 1602, and the at least one program code is loaded and executed by the processors 1601 to implement the methods provided in the foregoing method embodiments. Of course, the server may also have components such as a wired or wireless network interface, a keyboard, and an input/output interface, so as to perform input/output, and the server may also include other components for implementing the functions of the device, which are not described herein again.

The server 1600 may be used to perform the steps performed by the first server or the second server in the path failure detection method described above.

The embodiment of the present application further provides a server, where the server includes a processor and a memory, where the memory stores at least one program code, and the at least one program code is loaded and executed by the processor, so as to implement the operations executed in the path fault detection method according to the foregoing embodiment.

The embodiment of the present application further provides a computer-readable storage medium, where at least one program code is stored in the computer-readable storage medium, and the at least one program code is loaded and executed by a processor to implement the operations performed in the path fault detection method of the foregoing embodiment.

The embodiments of the present application also provide a computer program product or a computer program, where the computer program product or the computer program includes computer program code, the computer program code is stored in a computer-readable storage medium, and a processor of the server reads the computer program code from the computer-readable storage medium, and executes the computer program code, so that the server implements the operations performed in the path fault detection method according to the above embodiments.

It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program instructing relevant hardware, where the program may be stored in a computer-readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.

The above description is only an alternative embodiment of the present application and should not be construed as limiting the present application, and any modification, equivalent replacement, or improvement made within the spirit and principle of the present application should be included in the protection scope of the present application.

Claims

1. A method of path failure detection, the method comprising:

2. The method of claim 1, wherein the tunneling the probe packet by the first server to obtain a tunneled probe packet comprises:

if the TTL value in the detection packet is larger than the first numerical value, the first server subtracts the second numerical value from the TTL value in the detection packet;

3. The method of claim 1, wherein the first server tunnels the probe packet to obtain a tunnel probe packet, and after sending the tunnel probe packet to a second server where a second virtual host is located, the method further comprises:

the first server receives a tunnel response packet sent by the second server, the tunnel response packet is obtained after the second server performs tunnel encapsulation on the response packet, and the response packet is sent to the second server after the second virtual host receives the detection packet;

the first server decapsulates the tunnel response packet to obtain the response packet;

the first server sends the response packet to the first virtual host.

4. The method of claim 1, wherein the first server tunnels the probe packet to obtain a tunnel probe packet, and after sending the tunnel probe packet to a second server where a second virtual host is located, the method further comprises:

the first server receives a first tunnel error packet, and the first tunnel error packet is obtained by the second server after the first error packet is subjected to tunnel encapsulation;

the first server decapsulates the first tunnel error packet to obtain the first error packet;

the first server sends the first error packet to the first virtual host.

5. The method of claim 1, wherein the first server tunnels the probe packet to obtain a tunnel probe packet, and after sending the tunnel probe packet to a second server where a second virtual host is located, the method further comprises:

the first server receives a second tunnel error packet, and the second tunnel error packet is obtained by the second server after tunnel encapsulation is carried out on the second error packet under the condition that a transmission path corresponding to the detection packet is not inquired;

the first server decapsulates the second tunnel error packet to obtain a second error packet;

the first server sends the second error packet to the first virtual host.

6. The method of any of claims 1-5, wherein the source address and the destination address are carried in the first error packet.

7. A method of path failure detection, the method comprising:

8. The method of claim 7, wherein sending, by the second server, a first error packet to the first VM in the first server comprises:

the second server performs tunnel encapsulation on the first error packet to obtain a first tunnel error packet;

the second server sends the first tunnel error packet to the first server,

the first server is configured to decapsulate the first tunnel error packet to obtain the first error packet, and send the first error packet to the first virtual host.

9. The method of claim 7, wherein after the second server sends the probe packet to the second VM in the first server, the method further comprises:

the second server acquires a response packet, and the response packet is sent to the second server after the second virtual host receives the detection packet;

the second server performs tunnel encapsulation on the response packet to obtain a tunnel response packet;

the second server sends the tunnel response packet to the first server,

the first server is configured to decapsulate the tunnel response packet to obtain the response packet, and send the response packet to the first virtual host.

10. The method of claim 7, wherein the second virtual host is a virtual load balancing host; after the second server sends the probe packet to a second virtual host in the first server, the method further comprises:

the second virtual host receives the detection packet, converts a destination address in the detection packet into an address of a target virtual service host, and sends the converted detection packet to the second server;

the second server performs tunnel encapsulation on the converted detection packet to obtain an updated tunnel detection packet;

and the second server sends the updated tunnel detection packet to a target service server where the target virtual service host is located.

11. The method according to claim 10, wherein after the second server sends the updated tunnel probe packet to the target traffic server where the target virtual traffic host is located, the method further comprises:

the second server decapsulates the first tunnel error packet sent by the target service server to obtain a first error packet;

the second server converting the address of the target virtual service host in the first error packet to the destination address;

the second server performs tunnel encapsulation on the converted first error packet to obtain an updated first tunnel error packet;

the second server sends the updated first tunnel error packet to the first server.

12. The method according to claim 10, wherein after the second server sends the updated tunnel probe packet to the target traffic server where the target virtual traffic host is located, the method further comprises:

the second server decapsulates the tunnel response packet sent by the target service server to obtain a response packet;

the second server converts the address of the target virtual service host in the response packet into the destination address;

the second server performs tunnel encapsulation on the converted response packet to obtain an updated tunnel response packet;

and the second server sends the updated tunnel response packet to the first server.

13. A network system is characterized in that the network system comprises a first server and a second server, wherein the first server comprises a first virtual host, and the second server comprises a second virtual host;

14. A server, characterized in that the server comprises a processor and a memory, in which at least one program code is stored, which is loaded and executed by the processor to implement the operations performed in the path failure detection method according to any of claims 1 to 6, or to implement the operations performed in the path failure detection method according to any of claims 7 to 12.

15. A computer-readable storage medium having stored therein at least one program code, which is loaded and executed by a processor, to implement the operations performed in the path failure detection method according to any one of claims 1 to 6 or to implement the operations performed in the path failure detection method according to any one of claims 7 to 12.