CN113794603A - Network state analysis method, device, equipment and machine readable storage medium - Google Patents
Network state analysis method, device, equipment and machine readable storage medium Download PDFInfo
- Publication number
- CN113794603A CN113794603A CN202110961026.2A CN202110961026A CN113794603A CN 113794603 A CN113794603 A CN 113794603A CN 202110961026 A CN202110961026 A CN 202110961026A CN 113794603 A CN113794603 A CN 113794603A
- Authority
- CN
- China
- Prior art keywords
- detection point
- token
- acl
- target
- equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
- 238000004458 analytical method Methods 0.000 title claims abstract description 101
- 238000003860 storage Methods 0.000 title claims abstract description 26
- 238000001514 detection method Methods 0.000 claims abstract description 218
- 238000000034 method Methods 0.000 claims abstract description 17
- 238000004364 calculation method Methods 0.000 abstract description 3
- 238000010586 diagram Methods 0.000 description 12
- 238000004590 computer program Methods 0.000 description 9
- 230000006870 function Effects 0.000 description 6
- 238000012545 processing Methods 0.000 description 5
- 230000009471 action Effects 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 4
- 238000005259 measurement Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000013459 approach Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000003745 diagnosis Methods 0.000 description 1
- 238000004043 dyeing Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000001914 filtration Methods 0.000 description 1
- 238000005111 flow chemistry technique Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000000737 periodic effect Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000013441 quality evaluation Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000005070 sampling Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/215—Flow control; Congestion control using token-bucket
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Environmental & Geological Engineering (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The present disclosure provides a network state analysis method, apparatus, device and machine-readable storage medium, the method comprising: adding a first ACL token to a token bucket of a first checkpoint device of a network system; adding a second ACL token to a token bucket of a second checkpoint device of the network system; and respectively receiving target messages sent by the first detection point equipment and the second detection point equipment, and acquiring the network state between the first detection point equipment and the second detection point equipment according to message information. According to the technical scheme, the hardware token bucket is used for collecting the target message of the collection point in the network system, so that less calculation power is consumed while the network state analysis is completed.
Description
Technical Field
The present disclosure relates to the field of communications technologies, and in particular, to a network status analysis method, apparatus, device, and machine-readable storage medium.
Background
With the arrival of the network IP era, more and more services are transmitted through the IP network, and services such as voice and video are very sensitive to network packet loss, so that the requirements on end-to-end performance fault diagnosis and performance quality evaluation are high. Currently, statistics on packet loss rate and time delay of an IP network is realized by a method for marking a service packet, so as to achieve the purpose of quickly and accurately positioning a fault.
ACL (Access Control Lists) is a packet filtering based Access Control technique that can filter packets on an interface, allow them to pass or drop according to set conditions.
In one approach, processor-controlled ACL matching features are used to report the analysis, consuming more processor effort.
Disclosure of Invention
In view of the above, the present disclosure provides a network status analysis method, a network status analysis device, an electronic device, and a machine-readable storage medium, so as to solve the problem of excessive performance overhead for network status analysis.
The specific technical scheme is as follows:
the present disclosure provides a network state analysis method, applied to an analysis device of a network system, the method including: adding a first ACL token to a token bucket of first detection point equipment of a network system, wherein the first detection point equipment is used for using the first ACL token, executing an instruction to mark a target message by a specific mark, copying the target message and forwarding the target message to analysis equipment; adding a second ACL token to a token bucket of a second detection point device of the network system, wherein the second detection point device is used for executing an instruction to inquire a target message with a specific mark by using the second ACL token, copying the target message and forwarding the target message to the analysis device; and respectively receiving target messages sent by the first detection point equipment and the second detection point equipment, and acquiring the network state between the first detection point equipment and the second detection point equipment according to message information.
As a technical solution, the adding a first ACL token to a token bucket of a first checkpoint device of a network system, where the first checkpoint device is configured to use the first ACL token, execute an instruction to mark a target packet with a specific flag, copy the target packet, and forward the target packet to an analysis device, includes: adding a first ACL token to a token bucket of first detection point equipment of a network system, wherein the first detection point equipment is used for using the first ACL token, executing an instruction to mark a target message by a specific mark, copying the target message and forwarding the target message to analysis equipment, and sending an ingress port timestamp of the target message at the first detection point equipment to the analysis equipment; the adding a second ACL token to a token bucket of a second checkpoint device of the network system, where the second checkpoint device is configured to execute an instruction to query for a target packet with a specific token using the second ACL token, and to copy the target packet and forward to the analyzing device, includes: adding a second ACL token to a token bucket of a second detection point device of the network system, wherein the second detection point device is used for executing an instruction to inquire a target message with a specific mark by using the second ACL token, copying the target message and forwarding the target message to an analysis device, and sending an ingress port timestamp of the target message at the second detection point device to the analysis device; the receiving target messages sent by the first detection point device and the second detection point device respectively, and acquiring the network state between the first detection point device and the second detection point device according to the message information includes: and acquiring the network delay between the first detection point equipment and the second detection point equipment according to the time stamp of the target message at the input port of the first detection point equipment and the time stamp of the target message at the input port of the second detection point equipment.
As a technical solution, the adding a first ACL token to a token bucket of a first checkpoint device of a network system, where the first checkpoint device is configured to use the first ACL token, execute an instruction to mark a target packet with a specific flag, copy the target packet, and forward the target packet to an analysis device, includes: according to a preset period, a first ACL token is periodically added to a token bucket of a first detection point device of the network system; the adding a second ACL token to a token bucket of a second checkpoint device of the network system, where the second checkpoint device is configured to execute an instruction to query for a target packet with a specific token using the second ACL token, and to copy the target packet and forward to the analyzing device, includes: and periodically sending a second ACL token to second measuring point equipment of the network system according to a preset period.
As a technical solution, the adding a second ACL token to a token bucket of a second checkpoint device of a network system, where the second checkpoint device is configured to execute an instruction to query a target packet with a specific flag using the second ACL token, copy the target packet, and forward the target packet to an analysis device, includes: according to a preset period, a second ACL token is periodically added to a token bucket of second detection point equipment of the network system, the second detection point equipment is used for using the second ACL token to execute an instruction to inquire a target message with a specific mark, and if the target message exists, the target message is copied and forwarded to analysis equipment; the receiving target messages sent by the first detection point device and the second detection point device respectively, and acquiring the network state between the first detection point device and the second detection point device according to the message information includes: and respectively counting the target messages received from the first detection point equipment and the second detection point equipment within a counting time period comprising a plurality of preset periods, and acquiring the network packet loss rate between the first detection point equipment and the second detection point equipment according to the respectively counted number.
The present disclosure also provides a network status analysis device, which is applied to an analysis device of a network system, and the device includes: the system comprises a first instruction module, a first analysis module and an analysis device, wherein the first instruction module is used for adding a first ACL token to a token bucket of first detection point equipment of a network system, and the first detection point equipment is used for using the first ACL token, executing an instruction to mark a target message by a specific mark, copying the target message and forwarding the target message to the analysis device; the second instruction module is used for adding a second ACL token to a token bucket of second detection point equipment of the network system, and the second detection point equipment is used for executing an instruction to inquire a target message with a specific mark by using the second ACL token and copying the target message and forwarding the target message to the analysis equipment; and the state analysis module is used for respectively receiving the target messages sent by the first detection point equipment and the second detection point equipment and acquiring the network state between the first detection point equipment and the second detection point equipment according to the message information.
As a technical solution, the adding a first ACL token to a token bucket of a first checkpoint device of a network system, where the first checkpoint device is configured to use the first ACL token, execute an instruction to mark a target packet with a specific flag, copy the target packet, and forward the target packet to an analysis device, includes: adding a first ACL token to a token bucket of first detection point equipment of a network system, wherein the first detection point equipment is used for using the first ACL token, executing an instruction to mark a target message by a specific mark, copying the target message and forwarding the target message to analysis equipment, and sending an ingress port timestamp of the target message at the first detection point equipment to the analysis equipment; the adding a second ACL token to a token bucket of a second checkpoint device of the network system, where the second checkpoint device is configured to execute an instruction to query for a target packet with a specific token using the second ACL token, and to copy the target packet and forward to the analyzing device, includes: adding a second ACL token to a token bucket of a second detection point device of the network system, wherein the second detection point device is used for executing an instruction to inquire a target message with a specific mark by using the second ACL token, copying the target message and forwarding the target message to an analysis device, and sending an ingress port timestamp of the target message at the second detection point device to the analysis device; the receiving target messages sent by the first detection point device and the second detection point device respectively, and acquiring the network state between the first detection point device and the second detection point device according to the message information includes: and acquiring the network delay between the first detection point equipment and the second detection point equipment according to the time stamp of the target message at the input port of the first detection point equipment and the time stamp of the target message at the input port of the second detection point equipment.
As a technical solution, the adding a first ACL token to a token bucket of a first checkpoint device of a network system, where the first checkpoint device is configured to use the first ACL token, execute an instruction to mark a target packet with a specific flag, copy the target packet, and forward the target packet to an analysis device, includes: according to a preset period, a first ACL token is periodically added to a token bucket of a first detection point device of the network system; the adding a second ACL token to a token bucket of a second checkpoint device of the network system, where the second checkpoint device is configured to execute an instruction to query for a target packet with a specific token using the second ACL token, and to copy the target packet and forward to the analyzing device, includes: and periodically sending a second ACL token to second measuring point equipment of the network system according to a preset period.
As a technical solution, the adding a second ACL token to a token bucket of a second checkpoint device of a network system, where the second checkpoint device is configured to execute an instruction to query a target packet with a specific flag using the second ACL token, copy the target packet, and forward the target packet to an analysis device, includes: according to a preset period, a second ACL token is periodically added to a token bucket of second detection point equipment of the network system, the second detection point equipment is used for using the second ACL token to execute an instruction to inquire a target message with a specific mark, and if the target message exists, the target message is copied and forwarded to analysis equipment; the receiving target messages sent by the first detection point device and the second detection point device respectively, and acquiring the network state between the first detection point device and the second detection point device according to the message information includes: and respectively counting the target messages received from the first detection point equipment and the second detection point equipment within a counting time period comprising a plurality of preset periods, and acquiring the network packet loss rate between the first detection point equipment and the second detection point equipment according to the respectively counted number.
The present disclosure also provides an electronic device, including a processor and a machine-readable storage medium, where the machine-readable storage medium stores machine-executable instructions executable by the processor, and the processor executes the machine-executable instructions to implement the foregoing network state analysis method.
The present disclosure also provides a machine-readable storage medium having stored thereon machine-executable instructions that, when invoked and executed by a processor, cause the processor to implement the aforementioned network state analysis method.
The technical scheme provided by the disclosure at least brings the following beneficial effects:
the hardware token bucket is used for collecting the target message of a collection point in the network system, so that less calculation power is consumed while the network state analysis is completed.
Drawings
In order to more clearly illustrate the embodiments of the present disclosure or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments of the present disclosure or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments described in the present disclosure, and other drawings can be obtained by those skilled in the art according to the drawings of the embodiments of the present disclosure.
FIG. 1 is a flow diagram of a network state analysis method in one embodiment of the present disclosure;
fig. 2 is a block diagram of a network status analysis device in one embodiment of the present disclosure;
fig. 3 is a hardware configuration diagram of an electronic device in an embodiment of the present disclosure.
Detailed Description
The terminology used in the embodiments of the present disclosure is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure. As used in this disclosure and the claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein is meant to encompass any and all possible combinations of one or more of the associated listed items.
It is to be understood that although the terms first, second, third, etc. may be used herein to describe various information in the embodiments of the present disclosure, such information should not be limited by these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present disclosure. Depending on the context, moreover, the word "if" as used may be interpreted as "at … …" or "when … …" or "in response to a determination".
The present disclosure provides a network status analysis method, device, electronic device, and machine-readable storage medium, so as to solve the problem of excessive performance overhead for network status analysis.
Specifically, the technical scheme is as follows.
In one embodiment, the present disclosure provides a network status analysis method applied to an analysis device of a network system, the method including: adding a first ACL token to a token bucket of first detection point equipment of a network system, wherein the first detection point equipment is used for using the first ACL token, executing an instruction to mark a target message by a specific mark, copying the target message and forwarding the target message to analysis equipment; adding a second ACL token to a token bucket of a second detection point device of the network system, wherein the second detection point device is used for executing an instruction to inquire a target message with a specific mark by using the second ACL token, copying the target message and forwarding the target message to the analysis device; and respectively receiving target messages sent by the first detection point equipment and the second detection point equipment, and acquiring the network state between the first detection point equipment and the second detection point equipment according to message information.
Specifically, as shown in fig. 1, the method comprises the following steps:
step S11, adding a first ACL token to a token bucket of a first checkpoint device of the network system;
step S12, adding a second ACL token to a token bucket of a second checkpoint device of the network system;
step S13, receiving the target messages sent by the first detection point device and the second detection point device, respectively, and obtaining the network state between the first detection point device and the second detection point device according to the message information.
The hardware token bucket is used for realizing the collection of the target message of the collection point in the network system, thereby completing the analysis of the network state and consuming less calculation power.
In one embodiment, the adding a first ACL token to a token bucket of a first checkpoint device of a network system, the first checkpoint device being configured to use the first ACL token, execute an instruction to mark a target packet with a specific token, and replicate the target packet for forwarding to an analysis device, includes: adding a first ACL token to a token bucket of first detection point equipment of a network system, wherein the first detection point equipment is used for using the first ACL token, executing an instruction to mark a target message by a specific mark, copying the target message and forwarding the target message to analysis equipment, and sending an ingress port timestamp of the target message at the first detection point equipment to the analysis equipment; the adding a second ACL token to a token bucket of a second checkpoint device of the network system, where the second checkpoint device is configured to execute an instruction to query for a target packet with a specific token using the second ACL token, and to copy the target packet and forward to the analyzing device, includes: adding a second ACL token to a token bucket of a second detection point device of the network system, wherein the second detection point device is used for executing an instruction to inquire a target message with a specific mark by using the second ACL token, copying the target message and forwarding the target message to an analysis device, and sending an ingress port timestamp of the target message at the second detection point device to the analysis device; the receiving target messages sent by the first detection point device and the second detection point device respectively, and acquiring the network state between the first detection point device and the second detection point device according to the message information includes: and acquiring the network delay between the first detection point equipment and the second detection point equipment according to the time stamp of the target message at the input port of the first detection point equipment and the time stamp of the target message at the input port of the second detection point equipment.
According to the time stamp difference of the same target message sent by the two detection point devices, the network time delay between the first detection point device and the second detection point device in the detection can be calculated.
In one embodiment, the adding a first ACL token to a token bucket of a first checkpoint device of a network system, the first checkpoint device being configured to use the first ACL token, execute an instruction to mark a target packet with a specific token, and replicate the target packet for forwarding to an analysis device, includes: according to a preset period, a first ACL token is periodically added to a token bucket of a first detection point device of the network system; the adding a second ACL token to a token bucket of a second checkpoint device of the network system, where the second checkpoint device is configured to execute an instruction to query for a target packet with a specific token using the second ACL token, and to copy the target packet and forward to the analyzing device, includes: and periodically sending a second ACL token to second measuring point equipment of the network system according to a preset period.
The network state between the first detection point equipment and the second detection point equipment is periodically detected, and the network state is obtained through comprehensive analysis according to the detection result of each period in a period of time, so that the detection error is reduced.
In one embodiment, the adding a second ACL token to a token bucket of a second checkpoint device of the network system, the second checkpoint device being configured to execute instructions to query a target packet with a specific token using the second ACL token and to replicate the target packet for forwarding to the analysis device, includes: according to a preset period, a second ACL token is periodically added to a token bucket of second detection point equipment of the network system, the second detection point equipment is used for using the second ACL token to execute an instruction to inquire a target message with a specific mark, and if the target message exists, the target message is copied and forwarded to analysis equipment; the receiving target messages sent by the first detection point device and the second detection point device respectively, and acquiring the network state between the first detection point device and the second detection point device according to the message information includes: and respectively counting the target messages received from the first detection point equipment and the second detection point equipment within a counting time period comprising a plurality of preset periods, and acquiring the network packet loss rate between the first detection point equipment and the second detection point equipment according to the respectively counted number.
In one embodiment, after matching a five-tuple of a feature flow through an ACL, limiting the speed by a specific token bucket, wherein the token bucket is configured to send only one message; tokens are put into the token bucket periodically to realize the periodic sampling of one message for uploading; and setting a mark for the message while uploading.
Issuing an ACL instruction to a first detection point device, wherein the ACL rule comprises: and after matching the specified message quintuple, executing an action to add a first ACL token, namely marking a specific mark, such as a green mark, on the target message, copying and forwarding the target message to a target device, such as an analysis device, and carrying an ingress port timestamp of the target message at the first detection point device when forwarding the target message to the analysis device.
And the first detection point equipment performs specific processing on the flow by using a token bucket A associated with the first detection point equipment through a flow strategy, wherein the flow strategy is to control the flow processing action through the token bucket A by matching specified message five-tuple information (a source IP address, a source port, a destination IP address, a destination port and a transport layer protocol) through an ACL. Only one token is placed in the initial token bucket A, one token is configured to support that a single message can pass through the token bucket, the color of the single message is marked as green, the action of the token bucket is set as green copy to CPU, green mark is designated to mark the message, ECN mark bits (the 6 th bit and the 7 th bit of a Tos field) can be selected for the dyeing bit of the message, and therefore one message is periodically sampled and marked.
And after the timer is overtime, a first ACL token is added in the token bucket A, so that a message is uploaded in each measurement period. One of the periodically sampled messages from the first checkpoint equipment is carried with an ingress port timestamp t1 to the CPU, which may be generated by the ASIC chip to ensure the accuracy of the measurement.
And issuing an ACL instruction to second detection point equipment, wherein the ACL rule comprises the following steps: and after the specified message quintuple and the specific mark are matched, action copying is executed, the target message is forwarded to target equipment such as analysis equipment, and the target message carries an ingress port timestamp of the target message at second detection point equipment when being forwarded to the analysis equipment.
In an embodiment, the present disclosure also provides a network status analysis apparatus, as shown in fig. 2, applied to an analysis device of a network system, the apparatus including: a first instruction module 21, configured to add a first ACL token to a token bucket of a first detection point device of a network system, where the first detection point device is configured to use the first ACL token, execute an instruction to mark a target packet with a specific flag, copy the target packet, and forward the target packet to an analysis device; a second instruction module 22, configured to add a second ACL token to a token bucket of a second checkpoint device of the network system, where the second checkpoint device is configured to execute an instruction to query a target packet with a specific flag using the second ACL token, copy the target packet, and forward the target packet to the analysis device; the state analysis module 23 is configured to receive the target messages sent by the first detection point device and the second detection point device, respectively, and obtain a network state between the first detection point device and the second detection point device according to message information.
In one embodiment, the adding a first ACL token to a token bucket of a first checkpoint device of a network system, the first checkpoint device being configured to use the first ACL token, execute an instruction to mark a target packet with a specific token, and replicate the target packet for forwarding to an analysis device, includes: adding a first ACL token to a token bucket of first detection point equipment of a network system, wherein the first detection point equipment is used for using the first ACL token, executing an instruction to mark a target message by a specific mark, copying the target message and forwarding the target message to analysis equipment, and sending an ingress port timestamp of the target message at the first detection point equipment to the analysis equipment; the adding a second ACL token to a token bucket of a second checkpoint device of the network system, where the second checkpoint device is configured to execute an instruction to query for a target packet with a specific token using the second ACL token, and to copy the target packet and forward to the analyzing device, includes: adding a second ACL token to a token bucket of a second detection point device of the network system, wherein the second detection point device is used for executing an instruction to inquire a target message with a specific mark by using the second ACL token, copying the target message and forwarding the target message to an analysis device, and sending an ingress port timestamp of the target message at the second detection point device to the analysis device; the receiving target messages sent by the first detection point device and the second detection point device respectively, and acquiring the network state between the first detection point device and the second detection point device according to the message information includes: and acquiring the network delay between the first detection point equipment and the second detection point equipment according to the time stamp of the target message at the input port of the first detection point equipment and the time stamp of the target message at the input port of the second detection point equipment.
In one embodiment, the adding a first ACL token to a token bucket of a first checkpoint device of a network system, the first checkpoint device being configured to use the first ACL token, execute an instruction to mark a target packet with a specific token, and replicate the target packet for forwarding to an analysis device, includes: according to a preset period, a first ACL token is periodically added to a token bucket of a first detection point device of the network system; the adding a second ACL token to a token bucket of a second checkpoint device of the network system, where the second checkpoint device is configured to execute an instruction to query for a target packet with a specific token using the second ACL token, and to copy the target packet and forward to the analyzing device, includes: and periodically sending a second ACL token to second measuring point equipment of the network system according to a preset period.
In one embodiment, the adding a second ACL token to a token bucket of a second checkpoint device of the network system, the second checkpoint device being configured to execute instructions to query a target packet with a specific token using the second ACL token and to replicate the target packet for forwarding to the analysis device, includes: according to a preset period, a second ACL token is periodically added to a token bucket of second detection point equipment of the network system, the second detection point equipment is used for using the second ACL token to execute an instruction to inquire a target message with a specific mark, and if the target message exists, the target message is copied and forwarded to analysis equipment; the receiving target messages sent by the first detection point device and the second detection point device respectively, and acquiring the network state between the first detection point device and the second detection point device according to the message information includes: and respectively counting the target messages received from the first detection point equipment and the second detection point equipment within a counting time period comprising a plurality of preset periods, and acquiring the network packet loss rate between the first detection point equipment and the second detection point equipment according to the respectively counted number.
The device embodiments are the same or similar to the corresponding method embodiments and are not described herein again.
In an embodiment, the present disclosure provides an electronic device, including a processor and a machine-readable storage medium, where the machine-readable storage medium stores machine-executable instructions executable by the processor, and the processor executes the machine-executable instructions to implement the foregoing network state analysis method, and from a hardware level, a schematic diagram of a hardware architecture may be as shown in fig. 3.
In one embodiment, the present disclosure provides a machine-readable storage medium having stored thereon machine-executable instructions that, when invoked and executed by a processor, cause the processor to implement the aforementioned network state analysis method.
Here, a machine-readable storage medium may be any electronic, magnetic, optical, or other physical storage device that can contain or store information such as executable instructions, data, and so forth. For example, the machine-readable storage medium may be: a RAM (random Access Memory), a volatile Memory, a non-volatile Memory, a flash Memory, a storage drive (e.g., a hard drive), a solid state drive, any type of storage disk (e.g., an optical disk, a dvd, etc.), or similar storage medium, or a combination thereof.
The systems, devices, modules or units described in the above embodiments may be implemented by a computer chip or an entity, or by a product with certain functions. A typical implementation device is a computer, which may take the form of a personal computer, laptop computer, cellular telephone, camera phone, smart phone, personal digital assistant, media player, navigation device, email messaging device, game console, tablet computer, wearable device, or a combination of any of these devices.
For convenience of description, the above devices are described as being divided into various units by function, and are described separately. Of course, the functionality of the various elements may be implemented in the same one or more software and/or hardware implementations in practicing the disclosure.
As will be appreciated by one skilled in the art, embodiments of the present disclosure may be provided as a method, system, or computer program product. Accordingly, the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, embodiments of the present disclosure may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and so forth) having computer-usable program code embodied therein.
The present disclosure is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the disclosure. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
Furthermore, these computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
As will be appreciated by one skilled in the art, embodiments of the present disclosure may be provided as a method, system, or computer program product. Accordingly, the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present disclosure may take the form of a computer program product embodied on one or more computer-usable storage media (which may include, but is not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The above description is only an embodiment of the present disclosure, and is not intended to limit the present disclosure. Various modifications and variations of this disclosure will be apparent to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present disclosure should be included in the scope of the claims of the present disclosure.
Claims (10)
1. A network status analysis method applied to an analysis device of a network system, the method comprising:
adding a first ACL token to a token bucket of first detection point equipment of a network system, wherein the first detection point equipment is used for using the first ACL token, executing an instruction to mark a target message by a specific mark, copying the target message and forwarding the target message to analysis equipment;
adding a second ACL token to a token bucket of a second detection point device of the network system, wherein the second detection point device is used for executing an instruction to inquire a target message with a specific mark by using the second ACL token, copying the target message and forwarding the target message to the analysis device;
and respectively receiving target messages sent by the first detection point equipment and the second detection point equipment, and acquiring the network state between the first detection point equipment and the second detection point equipment according to message information.
2. The method of claim 1,
the adding a first ACL token to a token bucket of a first checkpoint device of a network system, where the first checkpoint device is configured to use the first ACL token, execute an instruction to mark a target packet with a specific mark, copy the target packet, and forward the target packet to an analysis device, includes:
adding a first ACL token to a token bucket of first detection point equipment of a network system, wherein the first detection point equipment is used for using the first ACL token, executing an instruction to mark a target message by a specific mark, copying the target message and forwarding the target message to analysis equipment, and sending an ingress port timestamp of the target message at the first detection point equipment to the analysis equipment;
the adding a second ACL token to a token bucket of a second checkpoint device of the network system, where the second checkpoint device is configured to execute an instruction to query for a target packet with a specific token using the second ACL token, and to copy the target packet and forward to the analyzing device, includes:
adding a second ACL token to a token bucket of a second detection point device of the network system, wherein the second detection point device is used for executing an instruction to inquire a target message with a specific mark by using the second ACL token, copying the target message and forwarding the target message to an analysis device, and sending an ingress port timestamp of the target message at the second detection point device to the analysis device;
the receiving target messages sent by the first detection point device and the second detection point device respectively, and acquiring the network state between the first detection point device and the second detection point device according to the message information includes:
and acquiring the network delay between the first detection point equipment and the second detection point equipment according to the time stamp of the target message at the input port of the first detection point equipment and the time stamp of the target message at the input port of the second detection point equipment.
3. The method of claim 1,
the adding a first ACL token to a token bucket of a first checkpoint device of a network system, where the first checkpoint device is configured to use the first ACL token, execute an instruction to mark a target packet with a specific mark, copy the target packet, and forward the target packet to an analysis device, includes:
according to a preset period, a first ACL token is periodically added to a token bucket of a first detection point device of the network system;
the adding a second ACL token to a token bucket of a second checkpoint device of the network system, where the second checkpoint device is configured to execute an instruction to query for a target packet with a specific token using the second ACL token, and to copy the target packet and forward to the analyzing device, includes:
and periodically sending a second ACL token to second measuring point equipment of the network system according to a preset period.
4. The method of claim 3,
the adding a second ACL token to a token bucket of a second checkpoint device of the network system, where the second checkpoint device is configured to execute an instruction to query for a target packet with a specific token using the second ACL token, and to copy the target packet and forward to the analyzing device, includes:
according to a preset period, a second ACL token is periodically added to a token bucket of second detection point equipment of the network system, the second detection point equipment is used for using the second ACL token to execute an instruction to inquire a target message with a specific mark, and if the target message exists, the target message is copied and forwarded to analysis equipment;
the receiving target messages sent by the first detection point device and the second detection point device respectively, and acquiring the network state between the first detection point device and the second detection point device according to the message information includes:
and respectively counting the target messages received from the first detection point equipment and the second detection point equipment within a counting time period comprising a plurality of preset periods, and acquiring the network packet loss rate between the first detection point equipment and the second detection point equipment according to the respectively counted number.
5. A network status analysis apparatus, applied to an analysis device of a network system, the apparatus comprising:
the system comprises a first instruction module, a first analysis module and an analysis device, wherein the first instruction module is used for adding a first ACL token to a token bucket of first detection point equipment of a network system, and the first detection point equipment is used for using the first ACL token, executing an instruction to mark a target message by a specific mark, copying the target message and forwarding the target message to the analysis device;
the second instruction module is used for adding a second ACL token to a token bucket of second detection point equipment of the network system, and the second detection point equipment is used for executing an instruction to inquire a target message with a specific mark by using the second ACL token and copying the target message and forwarding the target message to the analysis equipment;
and the state analysis module is used for respectively receiving the target messages sent by the first detection point equipment and the second detection point equipment and acquiring the network state between the first detection point equipment and the second detection point equipment according to the message information.
6. The apparatus of claim 5,
the adding a first ACL token to a token bucket of a first checkpoint device of a network system, where the first checkpoint device is configured to use the first ACL token, execute an instruction to mark a target packet with a specific mark, copy the target packet, and forward the target packet to an analysis device, includes:
adding a first ACL token to a token bucket of first detection point equipment of a network system, wherein the first detection point equipment is used for using the first ACL token, executing an instruction to mark a target message by a specific mark, copying the target message and forwarding the target message to analysis equipment, and sending an ingress port timestamp of the target message at the first detection point equipment to the analysis equipment;
the adding a second ACL token to a token bucket of a second checkpoint device of the network system, where the second checkpoint device is configured to execute an instruction to query for a target packet with a specific token using the second ACL token, and to copy the target packet and forward to the analyzing device, includes:
adding a second ACL token to a token bucket of a second detection point device of the network system, wherein the second detection point device is used for executing an instruction to inquire a target message with a specific mark by using the second ACL token, copying the target message and forwarding the target message to an analysis device, and sending an ingress port timestamp of the target message at the second detection point device to the analysis device;
the receiving target messages sent by the first detection point device and the second detection point device respectively, and acquiring the network state between the first detection point device and the second detection point device according to the message information includes:
and acquiring the network delay between the first detection point equipment and the second detection point equipment according to the time stamp of the target message at the input port of the first detection point equipment and the time stamp of the target message at the input port of the second detection point equipment.
7. The apparatus of claim 5,
the adding a first ACL token to a token bucket of a first checkpoint device of a network system, where the first checkpoint device is configured to use the first ACL token, execute an instruction to mark a target packet with a specific mark, copy the target packet, and forward the target packet to an analysis device, includes:
according to a preset period, a first ACL token is periodically added to a token bucket of a first detection point device of the network system;
the adding a second ACL token to a token bucket of a second checkpoint device of the network system, where the second checkpoint device is configured to execute an instruction to query for a target packet with a specific token using the second ACL token, and to copy the target packet and forward to the analyzing device, includes:
and periodically sending a second ACL token to second measuring point equipment of the network system according to a preset period.
8. The apparatus of claim 7,
the adding a second ACL token to a token bucket of a second checkpoint device of the network system, where the second checkpoint device is configured to execute an instruction to query for a target packet with a specific token using the second ACL token, and to copy the target packet and forward to the analyzing device, includes:
according to a preset period, a second ACL token is periodically added to a token bucket of second detection point equipment of the network system, the second detection point equipment is used for using the second ACL token to execute an instruction to inquire a target message with a specific mark, and if the target message exists, the target message is copied and forwarded to analysis equipment;
the receiving target messages sent by the first detection point device and the second detection point device respectively, and acquiring the network state between the first detection point device and the second detection point device according to the message information includes:
and respectively counting the target messages received from the first detection point equipment and the second detection point equipment within a counting time period comprising a plurality of preset periods, and acquiring the network packet loss rate between the first detection point equipment and the second detection point equipment according to the respectively counted number.
9. An electronic device, comprising: a processor and a machine-readable storage medium storing machine-executable instructions executable by the processor to perform the method of any one of claims 1 to 4.
10. A machine-readable storage medium having stored thereon machine-executable instructions which, when invoked and executed by a processor, cause the processor to implement the method of any of claims 1-4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110961026.2A CN113794603A (en) | 2021-08-20 | 2021-08-20 | Network state analysis method, device, equipment and machine readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110961026.2A CN113794603A (en) | 2021-08-20 | 2021-08-20 | Network state analysis method, device, equipment and machine readable storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113794603A true CN113794603A (en) | 2021-12-14 |
Family
ID=79181876
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110961026.2A Withdrawn CN113794603A (en) | 2021-08-20 | 2021-08-20 | Network state analysis method, device, equipment and machine readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113794603A (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6950943B1 (en) * | 1998-12-23 | 2005-09-27 | International Business Machines Corporation | System for electronic repository of data enforcing access control on data search and retrieval |
| CN113518017A (en) * | 2021-06-29 | 2021-10-19 | 新华三信息安全技术有限公司 | Network state analysis method, device, equipment and machine readable storage medium |
-
2021
- 2021-08-20 CN CN202110961026.2A patent/CN113794603A/en not_active Withdrawn
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6950943B1 (en) * | 1998-12-23 | 2005-09-27 | International Business Machines Corporation | System for electronic repository of data enforcing access control on data search and retrieval |
| CN113518017A (en) * | 2021-06-29 | 2021-10-19 | 新华三信息安全技术有限公司 | Network state analysis method, device, equipment and machine readable storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11902096B2 (en) | Collection of error packet information for network policy enforcement | |
| EP3506565B1 (en) | Packet loss detection for user datagram protocol (udp) traffic | |
| CN106027326B (en) | Link healthprobe method and device | |
| US11171869B2 (en) | Microburst detection and management | |
| CN110213129B (en) | Forwarding path time delay detection method, controller and forwarding equipment | |
| CN113507396B (en) | Network state analysis method, device, equipment and machine-readable storage medium | |
| WO2016086542A1 (en) | Message transmission method and device, and computer storage medium | |
| CN113518017B (en) | Network state analysis method, device, equipment and machine readable storage medium | |
| CN110248379B (en) | Performance test method and device for base station in wireless local area network | |
| CN108737007A (en) | A kind of method for synchronizing time, device and equipment | |
| CN104717120A (en) | Method and device for determining time for sending information | |
| CN113542043A (en) | Data sampling method, device, device and medium for network equipment | |
| CN111865716B (en) | Port congestion detection method, device, equipment and machine-readable storage medium | |
| US20050117513A1 (en) | Flow generation method for internet traffic measurement | |
| CN107666417B (en) | Method for realizing IPFIX random sampling | |
| CN108833215A (en) | Calculate method, the network equipment and the computer storage medium of aggregation network delay | |
| CN113794603A (en) | Network state analysis method, device, equipment and machine readable storage medium | |
| CN114070798A (en) | Message transmission method, device and equipment | |
| CN116318626A (en) | Method, device, electronic equipment and storage medium for marking ECN in RoCE network | |
| CN116389320A (en) | Time delay detection method and device | |
| CN105704057B (en) | The method and apparatus for determining the type of service of burst port congestion packet loss | |
| CN114006731A (en) | Network attack processing method, device, equipment and machine readable storage medium | |
| CN109218196B (en) | Information collection method, device, equipment and machine-readable storage medium | |
| US9491311B1 (en) | Modular offline charging system that stores accounting data in data segments of a storage system | |
| CN112422360A (en) | Message sampling method, device, equipment and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WW01 | Invention patent application withdrawn after publication | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20211214 |