CN116132555B

CN116132555B - A message processing method and system

Info

Publication number: CN116132555B
Application number: CN202111350114.5A
Authority: CN
Inventors: 王瑞雪; 秦凤伟; 张译戈
Original assignee: China Mobile Communications Group Co Ltd; Research Institute of China Mobile Communication Co Ltd
Current assignee: China Mobile Communications Group Co Ltd; Research Institute of China Mobile Communication Co Ltd
Priority date: 2021-11-15
Filing date: 2021-11-15
Publication date: 2025-08-26
Anticipated expiration: 2041-11-15
Also published as: CN116132555A

Abstract

The present application provides a message processing method and system, the method comprising: a head node receiving configuration information sent by a controller, and determining, based on the configuration information, a Flow ID and Bitmap information required when generating an IOAM header; when the head node completes a table lookup and encapsulates a VXLAN message, if the quintuple information matches the inner message quintuple corresponding to the VXLAN message, encapsulating the IOAM header generated based on the Flow ID and Bitmap information in the VXLAN message, copying the original Protocol field value of the VXLAN message to the Reserved field of the IOAM header, modifying the Protocol field value of the VXLAN message to an IOAM specific identifier, and obtaining a detection message; the head node uses the Bitmap information of the IOAM header in the detection message to report subscription information related to the head node for implementing flow detection to the controller, and forwarding the detection message to the next node.

Description

Message processing method and system

Technical Field

The present application relates to the field of data service technologies, and in particular, to a method and a system for processing a message.

Background

With the continuous development of cloud computing technology and the mature technology of network function virtualization (Network Functions Virtualization, NFV), the service on the cloud is wider, the network scale of the data center is continuously improved, and the daily monitoring operation and maintenance of key service and the rapid positioning during faults are promoted to be new challenges. In order to improve the operation and maintenance precision and efficiency of a data center network, a network telemetry technology is generated, a flow-following detection technology and a network analysis platform are introduced into the data center network, parameter information such as an access port, a time stamp, time delay and the like in the process of transmitting a message to the analysis platform is reported by all network equipment along the way, and network quality information such as path visibility, packet loss, time delay and the like is provided by combining the technologies such as data analysis, artificial intelligence and the like, so that quick fault perception and root cause positioning are realized, and network refined management is promoted.

In the related art, one of the main schemes of the flow detection technology is that a Protocol field of a header of an internet Protocol (Internet Protocol, IP) message is adopted to identify that the message is of an In-band operation management maintenance (In-situ Operation Administration AND MAINTENANCE, IOAM) type, and the along-the-way device reports parameter information such as a device ID, an access port, a timestamp, a time delay and the like to an analysis platform by identifying the type of the message. However, in this scheme, the Protocol field of the original message is replaced with a specific value of the detection message, and because the data center network has an Equal-cost multi-path (ECMP) requirement, and the Protocol field is used as one of the parameters of the calculation of the ECMP, if the Protocol field changes, the forwarding paths of the detection message and the original message are inconsistent, so that the reported data is inaccurate, and further, the operation and maintenance accuracy of the data center network is reduced.

Disclosure of Invention

The application provides a message processing method and a system, which can ensure the accuracy of detecting a message forwarding path and improve the operation and maintenance precision of a data center network.

The technical scheme of the application is realized as follows:

the application provides a message processing method, which comprises the following steps:

The head node receives configuration information issued by a controller, and determines Flow ID and Bitmap information required when generating an IOAM head according to the configuration information, wherein the configuration information is generated according to Flow-following detection requirements issued by a cloud platform, the configuration information comprises quintuple information, and the head node is directly connected with a source host corresponding to the quintuple information;

When the head node finishes looking up a table and encapsulates a virtual extended local area network (Virtual Extensible Local Area Network, VXLAN) message, if the quintuple information is matched with an inner layer message quintuple corresponding to the VXLAN message, encapsulating an IOAM header generated according to the Flow ID and Bitmap information in the VXLAN message, copying an original Protocol field value of the VXLAN message into a Reserved field of the IOAM header, and modifying the Protocol field value of the VXLAN message as an IOAM specific identifier to obtain a detection message;

and the head node reports subscription information which is related to the head node and is used for realizing the detection along with the flow to the controller by utilizing the Bitmap information of the IOAM head in the detection message, and forwards the detection message to the next node.

In some embodiments, in a case that the head node and the tail node corresponding to the VXLAN packet are respectively connected to different hosts on the same tenant virtual network in the same data center network, the method further includes:

After the head node forwards the detection message To a first gateway device, the first gateway device recognizes that the Protocol field value is an IOAM specific identifier, reports subscription information related To the first gateway device for realizing flow-following detection To the controller by utilizing Bitmap information of an IOAM header in the detection message, and performs a1 subtracting operation on a Time To Live (TTL) value in the detection message;

And when the next hop is queried and an interface is forwarded, the Protocol field value of the IOAM head in the detection message and the offset value corresponding to the IOAM head are utilized to acquire port number information for ECMP calculation.

In some embodiments, the tail node is directly connected to the destination host, and the method further comprises:

Forwarding the detection message to the tail node by using the first gateway equipment;

the tail node uses Bitmap information of an IOAM header in the detection message to report subscription information related to the tail node and used for realizing stream-following detection to the controller, and then writes back an original Protocol field value of a Reserved field in the IOAM header into a Protocol field of the detection message, and removes the IOAM header in the detection message;

And the tail node sends the message for removing the IOAM header to the target host.

In some embodiments, in a case that a head node and a tail node corresponding to the VXLAN packet are respectively connected to different hosts on different tenant virtual networks in the same data center network, the method further includes:

after the head node forwards the detection message to a first gateway device, when removing a VXLAN message and an encapsulated IOAM header, the first gateway device stores the IOAM header and a TTL value in the detection message into a register, and reports subscription information which is related to the first gateway device and is used for realizing flow-following detection to the controller by utilizing Bitmap information of the IOAM header in the detection message;

when looking up a table and packaging a new VXLAN message, the first gateway device repackages the detection message by using the IOAM header obtained from the register, the TTL value after performing the 1 subtracting operation and a first VXLAN network identifier, wherein the first VXLAN network identifier represents an identifier of a tenant virtual network corresponding to an output interface of the first gateway device;

And when the next hop is queried and an interface is forwarded, the Protocol field value of the IOAM head in the repackaged detection message and the offset value of the IOAM head are utilized to acquire port number information for ECMP calculation.

Forwarding the repackaged detection message to the tail node by using the first gateway device;

The tail node uses Bitmap information of an IOAM header in the repackaged detection message to report subscription information related to the tail node and used for realizing stream-following detection to the controller, and then writes back an original Protocol field value of a Reserved field in the IOAM header to a Protocol field of the detection message, and removes the IOAM header in the repackaged detection message;

In some embodiments, in a case that the head node and the tail node corresponding to the VXLAN packet are respectively connected to different hosts in different data center networks, the method further includes:

When looking up a table and packaging a new VXLAN message, the first gateway equipment re-packages the detection message by using an IOAM header obtained from the register, a TTL value after performing 1 subtracting operation, a second VXLAN network identifier and a first value corresponding to a Flow ID field in the IOAM header, wherein the first value represents a preset public Flow identifier;

In some embodiments, the method further comprises:

When the first gateway device forwards the repackaged detection message to a public node, the public node reports subscription information related to the public node and used for realizing flow-following detection to the controller by utilizing Bitmap information of an IOAM header in the repackaged detection message, and updates a TTL value in the repackaged detection message to a value after performing a subtracting 1 operation, wherein the public node represents one node in the public VXLAN network;

In some embodiments, the method further comprises:

forwarding the repackaged detection message to a second gateway device by using the public node, when the VXLAN message and the encapsulated IOAM header are removed, storing the IOAM header and TTL value in the repackaged detection message into a register by the second gateway device, and reporting subscription information which is related to the second gateway device and is used for realizing stream-following detection to the controller by using Bitmap information of the IOAM header in the repackaged detection message;

when looking up a table and packaging a new VXLAN message, the second gateway device packages the detection message again by using the IOAM header obtained from the register, the TTL value after continuing to execute the subtracting 1 operation, a third VXLAN network identifier and a second value corresponding to a Flow ID field in the IOAM header, where the third VXLAN network identifier represents an identifier of a tenant virtual network corresponding to an output interface of the second gateway device, and the second value is used to characterize a traffic identifier corresponding to a data center network to which the second gateway device belongs.

Forwarding the repackaged detection message to the tail node by using the second gateway equipment;

In some embodiments, the subscription information includes a device identification number (Identity Document, ID) of the head node and a Flow ID.

The application provides a message processing system, comprising a head node, wherein,

The head node is used for receiving configuration information issued by the controller, determining Flow ID and Bitmap information required when generating the IOAM head according to the configuration information, wherein the configuration information is generated according to the Flow-following detection requirement issued by the cloud platform, the configuration information comprises five-tuple information, and the head node is directly connected with a source host corresponding to the five-tuple information;

When the header node is used for completing table lookup and packaging a VXLAN message, if the quintuple information is matched with an inner layer message quintuple corresponding to the VXLAN message, packaging an IOAM header generated according to the Flow ID and Bitmap information in the VXLAN message, copying an original Protocol field value of the VXLAN message into a Reserved field of the IOAM header, and modifying the Protocol field value of the VXLAN message into an IOAM specific identifier to obtain a detection message;

the head node is configured to report subscription information related to the head node for implementing flow-following detection to the controller by using Bitmap information of an IOAM header in the detection packet, and forward the detection packet to a next node.

The application provides a message processing method and system, wherein the method comprises the steps that a head node receives configuration information issued by a controller, determines Flow ID and Bitmap information required when an IOAM header is generated according to the configuration information, wherein the configuration information is generated according to the Flow following detection requirement issued by a cloud platform, the configuration information comprises quintuple information, the head node is directly connected with a source host corresponding to the quintuple information, when the head node finishes table lookup and encapsulates a VXLAN message, if the quintuple information is matched with an inner layer message quintuple corresponding to the VXLAN message, an IOAM header generated according to the Flow ID and the Bitmap information is encapsulated in the VXLAN message, an original Protocol field value of the VXLAN message is copied to a Reserved field of the IOAM header, a Protocol field value of the VXLAN message is modified to be a specific identifier of the IOAM message, and the head node utilizes the detection TMXLAN message to finish table lookup and encapsulates the VXLAN message, and the head node forwards the IOAM message to the relevant nodes to the corresponding to the detection node.

It can be seen that when the IOAM header obtained according to the configuration information is encapsulated in the VXLAN message, the embodiment of the application copies the Protocol field content in the VXLAN message to the Reserved field of the IOAM header, and modifies the Protocol field of the VXLAN message into the IOAM specific identifier, so that when the forwarding interface of the detection message is determined later, ECMP calculation can be performed based on the Protocol field in the IOAM header, thus, consistency of the forwarding paths of the detection message and the VXLAN message can be ensured, accuracy of data reporting can be improved, and operation and maintenance accuracy of the data center network can be ensured, and in addition, if the network equipment is configured with an access control list (Access Control Lists, ACL) rule, correct matching of the ACL rule can be ensured, and network security risk caused by incorrect matching can be reduced.

Drawings

FIG. 1A is a schematic diagram of a structure for performing concurrent detection according to an embodiment of the present application;

FIG. 1B is a flow chart of a message processing method according to an embodiment of the present application;

Fig. 1C is a schematic diagram of encapsulating an IOAM header in a VXLAN message according to an embodiment of the present application;

fig. 1D is a schematic diagram of copying a Protocol field to an IOAM header according to an embodiment of the present application;

FIG. 1E is a diagram illustrating an IOAM header in a detection message according to an embodiment of the application;

FIG. 1F is a schematic diagram of a detection message according to an embodiment of the present application;

FIG. 2A is a schematic diagram of a detection message passing through an underway device in an embodiment of the present application;

FIG. 2B is a schematic diagram of a detection message passing through a tail node according to an embodiment of the present application;

fig. 2C is a schematic diagram of a second detection message passing through a VXLAN gateway according to an embodiment of the present application;

fig. 2D is a schematic diagram of a VXLAN gateway through which a detection packet passes for a scene three according to an embodiment of the present application;

FIG. 3A is a schematic diagram of a message processing structure for scene one according to an embodiment of the present application;

Fig. 3B is a schematic structural diagram of a message processing for a second scenario according to an embodiment of the present application;

Fig. 3C is a schematic structural diagram of a message processing for a third scenario according to an embodiment of the present application;

fig. 3D is a flowchart of another message processing method according to an embodiment of the present application.

Detailed Description

The technical solutions of the present application will be clearly and completely described below with reference to the accompanying drawings.

The present application will be described in further detail with reference to the drawings and examples. It is to be understood that the examples provided herein are for the purpose of illustration only and are not intended to limit the application. The following examples are provided for carrying out the present application, but not for all examples, and the embodiments described in the present application can be carried out in any combination without any conflict.

It should be noted that, in the present application, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a method or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such method or apparatus. Without further limitation, an element defined by the phrase "comprising one does not exclude the presence of other related elements in a method or apparatus comprising the element (e.g., a step in a method or an element in an apparatus, e.g., an element may be part of a processor, part of a program or software, etc.).

The term "and/or" is merely an association relationship describing the associated object, and means that three relationships may exist, for example, a and/or B may mean that a exists alone, while a and B exist together, and B exists alone. In addition, the term "at least one" herein means any one of a plurality or any combination of at least two of a plurality, for example, including at least one of A, B, C, may mean including any one or more elements selected from the group consisting of A, B and C.

For example, the message processing method provided by the application comprises a series of steps, but the message processing method provided by the application is not limited to the steps, and likewise, the message processing device provided by the application comprises a series of modules, but the message processing device provided by the application is not limited to the modules explicitly described, and can also comprise the modules required to be set for acquiring related information or processing based on the information.

The present application may be implemented on the basis of an electronic device, which may be a thin client, thick client, handheld or laptop device, microprocessor-based system, set top box, programmable consumer electronics, network personal computer, small computer system, or the like.

The electronic device may implement the corresponding functions by execution of program modules. Generally, program modules may include routines, programs, objects, components, logic, data structures, and so forth. They perform specific tasks or implement specific abstract data types. The computer system may be implemented in a distributed cloud computing environment in which tasks are performed by remote processing devices that are linked through a communications network. In a distributed cloud computing environment, program modules may be located in both local and remote computing system storage media including memory storage devices.

At present, a data center network comprehensively introduces a software defined network (Software Defined Network, SDN) technology to realize network automation, and VXLAN is taken as a tunnel technology of MAC-in-UDP, so that the large two-layer network capability of the data center can be constructed, the multi-tenant isolation requirement is met, and the method becomes a main stream technology of the SDN data center.

In the case of a fully deployed VXLAN network in a data center, there are three types of traffic that needs to be detected by end-to-end with flow, as shown in fig. 1A, fig. 1A is a schematic structural diagram of one of the embodiments of the present application for performing with flow detection, where the structural diagram includes a control plane and a networking forwarding plane, where the control plane includes a cloud platform, three controllers (representing POD1 controllers to POD3 controllers), the networking forwarding plane includes three data center networks and a common VXLAN network C-Spine, each of the controllers corresponds to and manages traffic of one data center network, the data center network includes VXLAN GateWay (GateWay, GW) devices, virtual expansion lan tunnel endpoints (VXLAN Tunnel Endpoints, VTEP) and hosts connected to VTEP, and, illustratively, the data center network corresponding to the POD1 controllers includes VXLAN GW devices, VTEP1, VTEP2, VPC1-host1 (host 1) connected to VTEP 1) and VPC2 (host 1-host 2) connected to VTEP2 (host 1) and vphost (host 2-host 2) and vp2 (host 2-host 2) connected to vp2) on the data center network, where the data center network includes VXLAN GateWay (host 2) and host (host 2-host (host 2) connected to vp2-host (host 2) and virtual host (host 2) different from vp1-host (host 2).

Here, each type of flow to be detected end-to-end with flow may correspond to a scenario, where scenario one is that different hosts on the same VPC in the same data center network are in communication, for example, VPC1-host1 (host 1) and VPC1-host2 (host 2) in the data center network corresponding to the POD1 controller are in communication, as shown by the bold line in fig. 1A, and scenario two is that different hosts on different VPCs in the same data center network are in communication, for example, VPC1-host1 (host 1) and VPC1-host3 (host 3) in the data center network corresponding to the POD1 controller are in communication, as shown by the dotted line in fig. 1A, and scenario three is that different hosts in the different data center network are in communication, for example, VPC1-host1 (host 1) and VPC1-host4 (host 4) in the data center network corresponding to the POD2 controller are in communication, as shown by the bold line in fig. 1A.

In the related art, when the end-to-end flow detection is performed for the three scenes, the Protocol field of the original message is replaced by a specific value of the detected message, so that the matching cannot be performed based on the Protocol field of the original message when the ECMP is determined to be calculated by the message forwarding interface, the accuracy of the forwarding path of the detected message cannot be ensured, and the operation and maintenance precision of the data center network is reduced.

In order to solve the above problems, the following embodiments are proposed.

Fig. 1B is a flowchart of a message processing method according to an embodiment of the present application, as shown in fig. 1B, the flowchart may include:

Step 100, the head node receives configuration information issued by the controller, determines Flow ID and Bitmap information required when generating the IOAM head according to the configuration information, wherein the configuration information is generated according to Flow-following detection requirements issued by the cloud platform, the configuration information comprises quintuple information, and the head node is directly connected with a source host corresponding to the quintuple information.

The cloud platform refers to a service based on hardware resources and software resources and can provide computing, network and storage capabilities, and the cloud platform can be connected with one or more controllers, wherein the controllers can be SDN controllers corresponding to one POD (personal digital assistant) for example.

In the embodiment of the application, the cloud platform can configure the flow-following detection requirement based on quintuple information according to the actual service requirement and send the flow-following detection requirement to the corresponding controller, and the controller configures corresponding configuration information according to the received flow-following detection requirement and sends the configuration information to the corresponding network equipment.

Illustratively, the configuration information may include quintuple information, wherein the quintuple information includes a source IP address, a source port, a destination IP address, a destination port, and a transport layer protocol. That is, the controller may determine the network device that issued the configuration information according to the five-tuple information in the configuration information.

The network device corresponds to the head node, and the head node represents a source VTEP directly connected with the source host corresponding to the quintuple information in the configuration information issued by the controller, so that the source VTEP can receive the configuration information issued by the controller. Illustratively, the source host may be connected with one or more virtual machines, each of which may be available to a respective tenant. The source VTEP may include, among other things, a software vSwitch switch or a hardware access switch.

Specifically, the VTEP is a device capable of encapsulating and decapsulating an original message in the VXLAN protocol, and may be implemented by a hardware device or may be implemented by software, where the source VTEP may be used to encapsulate the VXLAN for the received original message.

For example, the Flow ID and Bitmap information may be determined according to configuration information, where the Flow ID and Bitmap information are used to generate the IOAM header subsequently, for the three scenarios shown in fig. 1A, the values corresponding to the Flow ID fields (i.e., the Flow IDs) are different, and the values of the Flow ID fields are configured by the controllers corresponding to the data center networks, and because the data center networks corresponding to the first scenario and the second scenario are the same, the Flow ID fields in the two scenarios both correspond to the same value, and the values are different from the values corresponding to the Flow ID fields in the third scenario, for example, in the case that the values corresponding to the Flow ID fields in the first scenario and the second scenario are 2000, the values corresponding to the Flow ID fields in the third scenario may be 4000.

The Flow ID fields in scenario one and scenario two each correspond to the same value, indicating that the traffic between end-to-end is from the same data center network, while the Flow ID field in scenario three corresponds to another value, indicating that the traffic between end-to-end is from different data center networks, where end-to-end means head node to tail node.

In the embodiment of the application, after the head node receives the configuration information issued by the controller, the head node can obtain the IOAM head according to the Flow ID field and the Bitmap information (i.e. the Bitmap field content) in the configuration information, wherein the IOAM head comprises a 16-bit Flow ID field, an 8-bit Bitmap field and an 8-bit Reserved field, and the type and the corresponding definition of each bit in the Bitmap field in the IOAM head are listed in the following table 1.

TABLE 1

Illustratively, as can be seen from table 1, the device ID, packet loss, ingress and egress port time stamp, and other related information of the head node can be obtained according to the Bitmap information in the IOAM header.

And 101, when the head node finishes table lookup and encapsulates the VXLAN message, if the quintuple information is matched with the inner layer message quintuple corresponding to the VXLAN message, encapsulating an IOAM header generated according to the Flow ID and Bitmap information in the VXLAN message, copying an original Protocol field value of the VXLAN message into a Reserved field of the IOAM header, and modifying the Protocol field value of the VXLAN message into an IOAM specific identifier to obtain a detection message.

In one embodiment, the source host sends an Original message (i.e., an inner layer message) outwards, where the Original message indicates a message that is not encapsulated by VXLAN, and the message may be an Original ethernet Frame (Original L2 Frame), and a procedure of table lookup of the head node is described below, where it should be noted that in the embodiment of the present application, the table lookup indicates a query routing forwarding table, and the purpose is to determine a forwarding interface for forwarding the message to a next node.

When the original message reaches the head node, whether the original message needs to be subjected to flow following detection or not is determined by matching ACL rules, if so, a route forwarding table is queried to determine a next node (namely, a next hop), specifically, the head node can perform ECMP calculation based on a Protocol field value of the original message and corresponding quintuple information (namely, inner layer message quintuple), the ECMP calculation is performed for determining a better path from a plurality of paths between the head node and the next node, and further, a forwarding interface corresponding to the head node is determined from the route forwarding table based on the better path, and at the moment, the head node completes the table lookup.

Further, after the head node completes the table lookup, the original message is subjected to VXLAN encapsulation to obtain a VXLAN message, which may be exemplified by encapsulating a VXLAN Header (VXLAN Header) on the basis of the original message, and encapsulating the whole VXLAN frame in a user datagram protocol (User Datagram Protocol, UDP) message in a physical network, followed by an IP Header and a media access Control (MEDIA ACCESS Control Header). To distinguish from the original ethernet frame (original message) inside, the Outer encapsulation is all plus an Outer UDP header (Outer UDP), an Outer IP header (Outer IP), and an Outer MAC header (Outer MAC).

The Header node obtains the VXLAN packet, and encapsulates the IOAM Header obtained according to step 100 in the VXLAN packet, specifically, inserts the IOAM Header between the L3 and L4 port numbers of the Outer layer IP Header, and fig. 1C is a schematic diagram of encapsulating the IOAM Header in the VXLAN packet according to an embodiment of the present application, as shown in fig. 1C, in the VXLAN network, inserts the IOAM Header (IOAM Header) between the L3 and L4 port numbers of the Outer layer IP Header, where L3 corresponds to the Outer IP in the figure, and L4 corresponds to the Outer UDP in the figure.

Illustratively, in the process of encapsulating the IOAM header in the VXLAN message, the Protocol field content of the VXLAN message is copied into the Reserved field of the IOAM header, as shown in fig. 1D, where the Reserved field of the IOAM header after copying has been replaced by the Protocol field (the original Protocol in the corresponding diagram) of the VXLAN message, as shown in fig. 1E.

Meanwhile, the Protocol field content of the outer layer IP in the VXLAN message is modified into the IOAM specific identifier to obtain the detection message, and the two processes of copying the Protocol field content of the VXLAN message into the Reserved field of the IOAM Header and modifying the Protocol field content of the outer layer IP in the VXLAN message into the IOAM specific identifier can be performed simultaneously, as shown in FIG. 1F, the Protocol field content of the outer layer IP (corresponding to the IPv4 Header in the figure) is modified into the IOAM specific identifier (corresponding to the original IOAM Protocol in the figure).

For example, after obtaining the detection message and defining the forwarding behavior of the message, the detection message may be forwarded to the next node based on the forwarding-out interface corresponding to the head node.

It can be seen that, in the embodiment of the present application, the content of the Protocol field in the VXLAN message is copied to the Reserved field of the IOAM header, which can solve the problem that the Protocol and five-tuple information forwarding process detection message based on the VXLAN message may not be consistent with the original message forwarding path, and the problem that the ACL rule based on the original Protocol fails when the ACL rule is configured by the network device.

Step 102, the head node uses Bitmap information of the IOAM head in the detection message to report subscription information related to the head node for realizing stream-following detection to the controller, and forwards the detection message to the next node.

In the embodiment of the present application, after obtaining the detection packet according to step 101, the head node may report subscription information related to the head node to a controller or an operation and maintenance platform corresponding to the data center network to which the head node belongs, using Bitmap information (specific meaning is shown in table 1) of an IOAM header in the detection packet. Meanwhile, the head node forwards the detection message to the next node, wherein the next node can be gateway equipment in the data center network.

Illustratively, the subscription information related to the head node includes at least one parameter information of an access port, a time stamp, and a time delay in addition to the device ID and the Flow ID of the head node.

Here, the controller or the operation and maintenance platform subscribes the parameter information of each network device in the data center network in advance, after the controller obtains the subscription information corresponding to the reporting of the head node, the subscription information is analyzed and processed, and the quality condition of the current data center network is determined, so that the rapid fault perception and root cause positioning are realized, the network fine management is promoted, and the operation and maintenance precision of the data center network is improved.

The application provides a message processing method and system, wherein the method comprises the steps that a head node receives configuration information issued by a controller, determines Flow ID and Bitmap information required when an IOAM header is generated according to the configuration information, the configuration information is generated according to current-following detection requirements issued by a cloud platform, the configuration information comprises quintuple information, the head node is directly connected with a source host corresponding to the quintuple information, when the head node finishes table lookup and encapsulates the VXLAN message, if the quintuple information matches an inner layer message quintuple corresponding to the VXLAN message, the IOAM header generated according to the Flow ID and the Bitmap information is encapsulated in the VXLAN message, an original Protocol field value of the VXLAN message is copied into a Reserved field of the IOAM header, the Protocol field value of the VXLAN message is modified to be an IOAM specific identifier, the detection message is obtained, the head node utilizes the Bitmap information of the IOAM header in the detection message, subscription information for realizing current-following detection is sent to the controller, and the detection message is forwarded to the next node. It can be seen that when the IOAM header obtained according to the configuration information is encapsulated in the VXLAN message, the embodiment of the application copies the Protocol field content in the VXLAN message to the Reserved field of the IOAM header, and modifies the Protocol field of the VXLAN message into the IOAM specific identifier, so that when the forwarding interface of the detection message is determined later, ECMP calculation can be performed based on the Protocol field in the IOAM header, thus, consistency of the forwarding paths of the detection message and the VXLAN message can be ensured, accuracy of data reporting can be improved, and operation and maintenance accuracy of the data center network can be ensured.

In some embodiments, when a head node and a tail node corresponding to a VXLAN packet are respectively connected to different hosts on the same tenant virtual network in the same data center network (corresponding to scenario one), the method may further include, after the head node forwards the detection packet to the first gateway device, the first gateway device identifying a Protocol field value as an IOAM specific identifier, reporting subscription information related to the first gateway device for implementing flow-following detection to the controller by using Bitmap information of an IOAM header in the detection packet, and performing a1 reduction operation on a time-to-live TTL value in the detection packet, and when querying a next hop and forwarding out an interface, performing ECMP calculation by using the Protocol field value of the IOAM header in the detection packet and an offset value corresponding to the IOAM header.

In the embodiment of the application, the tail node is directly connected with the target host, the tail node represents a target VTEP directly connected with the target host, and the first gateway device represents gateway devices in a data center network to which the head node belongs.

Here, the port number information may be a TCP or UDP port number, and the forwarding egress interface represents a forwarding egress interface corresponding to the first gateway device, which represents a physical interface, and the next hop represents the next node (the next network device), that is, the detection packet needs to be forwarded from the forwarding egress interface corresponding to the first gateway device to the next network device.

For example, for scenario one, the procedure of the first gateway device querying the next hop and forwarding out interfaces is described, after the detection message arrives at the first gateway device, the Protocol field value of the IOAM header in the detection message and the offset value corresponding to the IOAM header may be used to obtain port number information for ECMP, where the ECMP calculation is performed to determine a preferred path from multiple paths from the first gateway device to the next node (i.e. the next hop), and further determine, based on the preferred path, the forwarding out interface corresponding to the first gateway device from the routing forwarding table, where the first gateway device completes the query of the next hop and forwarding out interfaces.

And then, when the first gateway equipment needs to forward the detection message, the detection message can be forwarded to the next node based on the forwarding-out interface corresponding to the first gateway equipment.

For instance, for scenario one, the first gateway device is not a VTEP, but an underway device. Firstly, determining whether a detection message is an IOAM type message or not based on the Protocol field content of an outer layer IP in the detection message, when the detection message is determined to be a common IP message, performing ECMP calculation and ACL matching based on the Protocol field and TCP or UDP port number in an IP header of the detection message, otherwise, when the detection message is determined to be the IOAM type message (namely, the Protocol field content is an IOAM specific identifier), reporting subscription information which is related to the first gateway device and is used for realizing stream following detection to a controller according to the Bitmap information of the IOAM header in the detection message by the first gateway device. Meanwhile, a subtraction operation is performed on the TTL value in the detection message, when the next hop is queried and an interface is forwarded out, a TCP or UDP port number is obtained based on the content of a Protocol field in the IOAM header and an offset value (offset value of 4 bytes of IOAM header length) corresponding to the IOAM header, and then ECMP calculation and ACL matching are performed according to the port number, and specific message processing is shown in FIG. 2A, and it can be seen that the TTL value in the detection message is 100 when the Underray device (first gateway device) is not passed, and the TTL value in the detection message is 99 after the Underray device is passed.

The method further comprises the steps that the first gateway equipment is utilized to forward the detection message to the tail node, the tail node utilizes Bitmap information of an IOAM head in the detection message to report subscription information which is related to the tail node and is used for realizing stream-following detection to the controller, an original Protocol field value of a Reserved field in the IOAM head is written back into a Protocol field of the detection message, the IOAM head in the detection message is removed, and the tail node sends the message with the IOAM head removed to the target host.

The method comprises the steps of establishing a source host, sending a detection message to a destination host, wherein the destination host represents the target host which establishes communication with the source host, after the detection message reaches a tail node, reporting subscription information related to the tail node and used for realizing stream-following detection according to Bitmap information of an IOAM head in the message, copying the IOAM head and a TTL value into a register, and unpacking the detection message, wherein unpacking the detection message can comprise the steps of writing an original Protocol field value of a Reserved field in the IOAM head back into a Protocol field of the message, unpacking the IOAM head in the detection message and unpacking VXLAN (virtual local area network) to obtain the original message, and finally, the tail node sends the original message to the destination host, and the specific message processing is shown in FIG. 2B.

Illustratively, because the tail node is directly connected to the destination host, the IOMA header and TTL values in the registers may be cleared at this time.

Illustratively, the subscription information related to the tail node includes at least one parameter information of an access port, a time stamp and a time delay in addition to the device ID and the Flow ID of the tail node.

In some embodiments, when the head node and the tail node corresponding to the VXLAN packet are respectively connected to different hosts on different tenant virtual networks in the same data center network (corresponding to the second scenario), the method may further include, after the head node forwards the detection packet to the first gateway device, when the VXLAN packet and the encapsulated IOAM header are removed, the first gateway device saves the IOAM header and the TTL value in the detection packet into a register, and when Bitmap information of the IOAM header in the detection packet is utilized, subscription information related to the first gateway device for implementing on-stream detection is reported to the controller, and when a new VXLAN packet is look-up and encapsulated, the first gateway device repackages the detection packet by using the IOAM header obtained from the register, the TTL value after performing the operation of subtracting 1, and the first VXLAN network identifier, and when the next hop and the forwarding out interface are queried, calculates the ECMP information by using the Protocol field value of the repackaged detection packet and the offset value of the IOAM header. Here, the purpose of the lookup table is to determine a forwarding egress interface for the first gateway device to forward the message to the next node in the case of scenario two.

Here, the first VXLAN network identifier (VXLAN Network Identifier, VNI) indicates an identifier of the tenant virtual network corresponding to the first gateway device outgoing interface, specifically corresponds to a VNI in the VXLAN header, and for the second scenario, the VNI value corresponding to the first gateway device incoming interface is different from the VNI value corresponding to the first gateway device outgoing interface, for example, as shown by referring to the dashed line in fig. 1A, the VNI value corresponding to the first gateway device incoming interface is 1, and the VNI value corresponding to the first gateway device outgoing interface is 2.

The method includes the steps of firstly, determining whether a detection message is an IOAM type message or not based on Protocol field content of an outer layer IP in the detection message, carrying out ECMP calculation and ACL matching based on Protocol field and TCP or UDP port number in an IP header of the message when the detection message is determined to be a common IP message, otherwise, determining that the detection message is an IOAM type message (namely, the Protocol field content is an IOAM specific identifier), copying the IOAM header and TTL value into a register by the first gateway device when the VXLAN message and the encapsulated IOAM header are removed, and reporting subscription information related to the first gateway device for realizing stream following detection to a controller according to Bitmap information of the IOAM header in the message, wherein VNI value in the VXLAN message is a VNI value corresponding to an input interface of the first gateway device.

Then, when looking up a table and encapsulating a new VXLAN packet, the new VXLAN packet is repackaged by using the IOAM header obtained from the register, the TTL value after performing the subtracting 1 operation, and the first VXLAN network identifier (VNI value corresponding to the tail node), where the VNI value in the VXLAN packet is the VNI value corresponding to the output interface of the first gateway device, and when the next hop is queried and the interface is forwarded, the TCP or UDP port number is obtained based on the Protocol field content in the IOAM header and the offset value corresponding to the IOAM header (offset value of 4 bytes of IOAM header length), and further, ECMP calculation and ACL matching are performed according to the port number, and as shown in fig. 2C, it can be seen that, when the VXLAN gateway (first gateway device) is not passed, the TTL value in the detection packet is 100, the VNI value in the detection packet is 11111, and when the VXLAN gateway (first gateway device) is passed, the TTL value in the repackaged detection packet is 99, and the VNI value is 22222.

For example, for scenario two, the process of querying the next hop and forwarding out the interface by the first gateway device is similar to scenario one, and will not be described here again.

The method further comprises the steps of forwarding the repackaged detection message to the tail node by using the first gateway device, reporting subscription information which is related to the tail node and is used for realizing stream-following detection to the controller by the tail node by using Bitmap information of an IOAM head in the repackaged detection message, writing an original Protocol field value of a Reserved field in the IOAM head back to a Protocol field of the detection message, removing the IOAM head in the repackaged detection message, and sending the message with the IOAM head removed to the target host by the tail node.

Here, the implementation manner of the repackaged detection packet after reaching the tail node is similar to the implementation manner of the detection packet after reaching the tail node in the first scenario, and will not be repeated herein.

In some embodiments, when the head node and the tail node corresponding to the VXLAN packet are respectively connected to different hosts in different data center networks (corresponding to scenario three), the method may further include, after the head node forwards the detection packet to the first gateway device, when the VXLAN packet and the encapsulated IOAM header are removed, the first gateway device saves the IOAM header and the TTL value in the detection packet into a register, reports subscription information related to the first gateway device for implementing on-stream detection to the controller by using Bitmap information of the IOAM header in the detection packet, and when looking up a table and encapsulating a new VXLAN packet, the first gateway device repackages the detection packet by using a first access value corresponding to the TTL value obtained from the register, the TTL value after performing a 1-reduction operation, the second VXLAN network identifier and a Flow ID field in the IOAM header, the first access value represents a preset public Flow identifier, and when querying a next and forwarding an interface, calculates an offset value of the IOAM header and the Protocol value in the repackaged detection packet. Here, the purpose of the lookup table is to determine a forwarding egress interface for the first gateway device to forward the message to the next node in case of scenario three.

For instance, for scenario three, the process of querying the next hop and forwarding out the interface by the first gateway device is similar to scenario one, and will not be described here again.

Here, the second VXLAN network identifier is used to uniquely identify a routing domain corresponding to the interworking of different tenant virtual networks between different data center networks, so as to implement independent planning of network identifications of different data center network tenants.

The method includes the steps of determining that a first gateway device is a VTEP (virtual local area network), determining whether the detection message is an IOAM type message or not based on Protocol field content of an outer layer IP (Internet Protocol) in the detection message, carrying out ECMP (electronic control Protocol) calculation and ACL (access control Protocol) matching based on Protocol field and TCP (transmission control Protocol) or UDP (user datagram Protocol) port number in an IP header of the message when the detection message is a common IP message, otherwise determining that the detection message is an IOAM type message (namely, the Protocol field content is an IOAM specific identifier), copying the IOAM header and TTL (transistor-transistor logic) value into a register when the VXLAN message and an encapsulated IOAM header are removed, reporting subscription information related to the first gateway device for realizing Flow detection to a controller according to Bitmap information of the IOAM header in the message, and determining that a VNI value in the VXLAN message is a VNI value corresponding to an input interface of the first gateway device, and a value corresponding to a Flow ID field in the IOAM header is a first scene or a second scene, namely, detecting Flow of the same network Flow in the first scene or second scene, and corresponding to the same data Flow.

Then, when looking up a table and encapsulating a new VXLAN packet, the detection packet is repackaged by using the IOAM header obtained from the register, the TTL value after performing the subtracting 1 operation, the second VXLAN network identifier (VNI value corresponding to C-Spine) and the first value corresponding to the Flow ID field, where the VNI value in the VXLAN packet is the second VXLAN network identifier, i.e., the VNI value corresponding to C-Spine, and when querying the next hop and forwarding out the interface, the TCP or UDP port number is obtained based on the Protocol field content in the IOAM header and the offset value (offset value of 4 bytes IOAM header length) corresponding to the IOAM header, and then ECMP calculation and ACL matching are performed according to the port number, and specific packet processing is as shown in fig. 2D, it can be seen that, when the VXLAN gateway (first gateway device) is not passed, the TTL value in the detection packet is 100, the VNI value is 11111, the value in the Flow ID field is 2000, and when the VXLAN gateway (first gateway device) is the second VNI value is the first VNI value, and when the detection packet is the TTL value in the first gateway device is the second VNI value is 2000, and when the first packet is the first field is the corresponding to the first value, and the firstfield is the fie value, and the firstfield is the value, and the value is 2000.

Further, the method can further comprise the steps that when the first gateway device forwards the repackaged detection message to the public node, the public node reports subscription information which is related to the public node and is used for realizing flow-following detection to the controller by utilizing Bitmap information of an IOAM header in the repackaged detection message, the TTL value in the repackaged detection message is updated to a value after 1 reduction operation is executed, the public node represents one node in the public VXLAN network, and when the next hop is queried and an interface is forwarded out, ECMP calculation is performed by utilizing a Protocol field value of the IOAM header in the repackaged detection message and offset value of the IOAM header.

For example, for scenario three, the process of inquiring the next hop and forwarding out the interface by the public node is described, when the detection message arrives at the public node, the Protocol field value of the IOAM header in the detection message and the offset value corresponding to the IOAM header may be used to obtain port number information for ECMP, where the ECMP calculation is performed to determine a preferred path from multiple paths between the public node and the next node (i.e. the next hop), and further determine, based on the preferred path, the forwarding out interface corresponding to the public node from the routing forwarding table, where the public node completes the inquiry of the next hop and forwarding out the interface.

And then, when the public node needs to forward the detection message, forwarding the detection message to the next node based on a forwarding-out interface corresponding to the public node.

Illustratively, the common node represents a node in the common VXLAN network, corresponding to C-Spine in fig. 1A. The processing manner of the detection message by the public node is similar to that of the detection message by the first gateway device in the first scenario, and is not described herein.

Illustratively, the subscription information related to the public node includes at least one parameter information of an access port, a time stamp, and a time delay in addition to the device ID and the Flow ID of the public node.

In some embodiments, the method may further include forwarding the repackaged detection packet to a second gateway device by using a common node, when the VXLAN packet and the encapsulated IOAM header are removed, the second gateway device saves the IOAM header and the TTL value in the repackaged detection packet in a register, and reports subscription information related to the second gateway device for implementing Flow detection to a controller by using Bitmap information of the IOAM header in the repackaged detection packet, and when the new VXLAN packet is searched and encapsulated, the second gateway device uses the IOAM header obtained from the register, the TTL value after continuing to perform the subtracting 1 operation, a third VXLAN network identifier, and a second value corresponding to a Flow ID field in the IOAM header, and encapsulates the detection packet again. Here, the purpose of the lookup table is to determine a forwarding egress interface for the second gateway device to forward the message to the next node in case of scenario three.

Here, the third VXLAN network identifier represents an identifier of a tenant virtual network corresponding to the second gateway device outgoing interface, for example, as shown by an un-bolded solid line in fig. 1A, a VNI value corresponding to the second gateway device incoming interface is 1, and a VNI value corresponding to the second gateway device outgoing interface is 3. The second value corresponding to the Flow ID field is used to characterize the Flow identifier corresponding to the data center network to which the second gateway device belongs, that is, the value of the Flow ID field in the corresponding IOAM header in the first scene or the second scene, referring to fig. 2d, the second value of the Flow ID field is 2000.

The second gateway device copies the IOAM header and TTL value to a register when removing the VXLAN message and the encapsulated IOAM header, and reports subscription information related to the second gateway device for realizing the detection along with the flow to the controller according to the Bitmap field of the IOAM header in the message, and then removes the IOAM header in the detection message, wherein the VNI value in the detection message is the VNI value corresponding to the public node.

And then, when looking up a table and packaging a new VXLAN message, packaging the detection message again by using the IOAM head obtained from the register, the TTL value after continuing to execute the 1 reduction operation, the third VXLAN network identifier (VNI value corresponding to the second gateway equipment outlet interface) and the second value corresponding to the Flow ID field, and packaging the detection message again by using the IOAM head obtained from the register, the TTL value after executing the 1 reduction operation, the second VXLAN network identifier (VNI value corresponding to the C-Spine) and the second value corresponding to the Flow ID field.

Illustratively, the subscription information related to the second gateway device may include at least one parameter information of an access port, a time stamp, and a time delay in addition to the device ID and the Flow ID of the second gateway device.

In some embodiments, the method may further include forwarding the repackaged detection message to the tail node by using the second gateway device, reporting, by the tail node, subscription information related to the tail node for implementing stream-following detection to the controller by using Bitmap information of an IOAM header in the repackaged detection message, writing back an original Protocol field value of a Reserved field in the IOAM header to a Protocol field of the detection message, removing the IOAM header in the repackaged detection message, and sending, by the tail node, the message with the IOAM header removed to the destination host.

Here, the implementation manner of the repackaged detection packet after reaching the tail node is similar to the implementation manner of the detection packet after reaching the tail node in the first scenario, and will not be repeated here.

In order to further embody the object of the present application, further description will be made on the basis of the above-described embodiments of the present application.

Fig. 3A is a schematic diagram of a structure of a first packet processing for a first scenario in an embodiment of the present application, as shown in fig. 3A, first, an original packet passes through VTEP1 (header node), VXLAN encapsulation is performed on the original packet on the node to obtain a VXLAN packet, and an IOAM header is encapsulated in the VXLAN packet to obtain a detection packet, where a VNI value in the detection packet is 1 (VPC 1 is an L3 VNI value of the present data center network), and then the detection packet is forwarded to VXLAN GW (first gateway device).

When the detection message arrives at the VXLAN GW (which is an Underlay device), the VXLAN GW reports subscription information which is related to the VXLAN GW and is used for realizing the detection along with the flow to the controller according to the Bitmap field of the IOAM header in the message. And when inquiring the next hop and forwarding out the interface, acquiring a TCP or UDP port number based on the content of a Protocol field in the IOAM header and an offset value (offset value of 4 bytes of IOAM header length) corresponding to the IOAM header, and further performing ECMP calculation and ACL matching according to the port number.

When the detection message reaches the VTEP2 (tail node), the VTEP2 reports subscription information related to the VTEP2 for realizing stream-following detection according to the Bitmap field of the IOAM header in the message, copies the IOAM header and the TTL value into a register, de-encapsulates the detection message to obtain an original message, and finally sends the original message to the VPC1-host2 (destination host), wherein the VTEP2 is directly connected with the destination host, so that the IOMA header and the TTL value in the register need to be cleared.

Fig. 3B is a schematic diagram of a structure of performing a message processing for a second scenario in an embodiment of the present application, as shown in fig. 3B, first, an original message passes through VTEP1 (header node), VXLAN encapsulation is performed on the original message on the node to obtain a VXLAN message, and an IOAM header is encapsulated in the VXLAN message to obtain a detection message, where a VNI value in the detection message is 1 (VPC 1 is an L3 VNI value of the present data center network), and then the detection message is forwarded to VXLAN GW (first gateway device).

When determining that the detection message reaches the VXLAN GW (VTEP), the VXLAN GW copies the IOAM header and the TTL value into a register, reports subscription information which is related to the VXLAN GW and is used for realizing the detection along with the flow to a controller according to a Bitmap field of the IOAM header in the message, and then removes the IOAM header in the detection message. The original IOMA header and TTL value are repackaged in the VXLAN message, meanwhile, the VNI value is changed into 2 (the L3 VNI value of the VPC2 in the data center network), when the next hop is queried and an interface is forwarded out, the TCP or UDP port number is obtained based on the content of a Protocol field in the IOAM header and an offset value (the offset value of the length of the 4-byte IOAM header) corresponding to the IOAM header, and then ECMP calculation and ACL matching are carried out according to the port number.

When the detection message reaches the VTEP2 (tail node), the VTEP2 reports subscription information related to the VTEP2 for realizing stream-following detection according to the Bitmap field of the IOAM header in the message, copies the IOAM header and the TTL value into a register, de-encapsulates the detection message to obtain an original message, and finally sends the original message to the VPC2-host3 (destination host), wherein the VTEP2 is directly connected with the destination host, so that the IOMA header and the TTL value in the register need to be cleared.

Fig. 3C is a schematic structural diagram of a packet processing for a third scenario in an embodiment of the present application, as shown in fig. 3C, first, an original packet passes through a VTEP1 node (header node), and VXLAN packets are performed on the original packet on the node to obtain a VXLAN packet, and an IOAM header is encapsulated in the VXLAN packet to obtain a detection packet, where a VNI value in the detection packet is 1 (VPC 1 is an L3 VNI value of the present data center network), and then the detection packet is forwarded to a VXLAN GW (first gateway device).

When determining that the detection message reaches the VXLAN GW1 (VTEP), the VXLAN GW copies the IOAM header and the TTL value to the register, and reports subscription information for realizing flow-following detection related to the VXLAN GW to the controller according to the Bitmap field of the IOAM header in the message, and then removes the IOAM header in the detection message. The method comprises the steps of repackaging an original IOMA head and a TTL value in a VXLAN message, changing the VNI value into 4 (VNI value corresponding to C-Spine) according to VNI MAPPING, replacing an original value (a second value corresponding to a Flow ID field) corresponding to a Flow ID field in the POD with a value (a first value corresponding to a Flow ID field) corresponding to a Flow ID field between the PODs based on a Flow ID mapping table configured by a controller, and acquiring TCP or UDP port numbers based on the content of a Protocol field in an IOAM head and an offset value (an offset value of 4-byte IOAM head length) when inquiring the next hop and forwarding an interface, and further carrying out ECMP calculation and ACL matching according to the port numbers.

When the detection message reaches the C-spin (not the VTEP), the C-spin reports subscription information related to the VXLAN GW for realizing the detection along with the flow to the controller according to the Bitmap field of the IOAM header in the message. And when inquiring the next hop and forwarding out the interface, acquiring a TCP or UDP port number based on the content of a Protocol field in the IOAM header and an offset value (offset value of 4 bytes of IOAM header length) corresponding to the IOAM header, and further performing ECMP calculation and ACL matching according to the port number.

When the detection message arrives at the VXLAN GW2 (second gateway device), the VXLAN GW copies the IOAM header and the TTL value to the register, and reports subscription information for implementing the flow-following detection related to the VXLAN GW to the controller according to the Bitmap field of the IOAM header in the message, and then removes the IOAM header in the detection message. The method comprises the steps of repackaging an original IOMA head and a TTL value in a VXLAN message, changing a VNI value into 3 (an L3 VNI value of VPC3 in a data center network), replacing a value of a Flow ID field (a first value corresponding to the Flow ID field) with a value in the POD (a second value corresponding to the Flow ID field) based on a mapping table maintained by a local VXLAN gateway, and further realizing allocation decoupling of the Flow IDs among different PODs while finishing end-to-end traffic detection.

When the detection message reaches the VTEP3 (tail node), the VTEP2 reports subscription information related to the VTEP2 for realizing stream-following detection according to the Bitmap field of the IOAM header in the message, copies the IOAM header and the TTL value into a register, de-encapsulates the detection message to obtain an original message, and finally sends the original message to the VPC3-host4 (destination host), wherein the VTEP2 is directly connected with the destination host, so that the IOMA header and the TTL value in the register need to be cleared.

Fig. 3D is a flowchart of another message processing method according to an embodiment of the present application, as shown in fig. 1B, where the flowchart may include:

and step A1, judging whether the node is a head node or not.

After the message reaches a certain network device in the data center network, it needs to be judged whether the network device reached by the message is a head node, if so, step A2 is executed, otherwise, step A3 is executed.

And step A2, encapsulating the IOAM header.

The method includes the steps of receiving a message, judging whether the message reaches a head node, indicating that the message is an original message, encapsulating the original message by using a VXLAN to obtain the VXLAN message, encapsulating an IOAM head in the VXLAN message, copying the Protocol field content of the VXLAN message into a Reserved field of the IOAM head, and facilitating subsequent ECMP calculation and ACL matching.

And A3, judging whether the VTEP is the VTEP.

The method includes the steps of (a) executing step (a) 4 if the network device reached by the message is a detection message, and executing step (A5) if the network device reached by the message is a detection message.

And step A4, performing first processing on the detection message.

For example, after the detection message reaches the non-VTEP (corresponding to the above C-Spine), the C-Spine uses the IOAM header in the detection message to report the corresponding subscription information to the controller, and updates the TTL value in the detection message to a value after the subtracting 1 operation is performed, and forwards the value.

And step A5, judging whether the node is a tail node or not.

In an exemplary embodiment, if the network device that the detection packet arrives at is not a head node or a VTEP, the method continues to determine whether the network device is a tail node, if yes, step A6 is performed, and if not, step A7 is performed.

And step A6, performing second processing on the detection message.

When the detection message reaches the tail node, the tail node reports corresponding subscription information according to the Bitmap field of the IOAM header in the message, and decapsulates the detection message to obtain an original message, and finally, forwards the original message to the target host.

And A7, judging whether the flow is the flow in the POD.

In an exemplary embodiment, if the network device reached by the detection packet is not a head node, is not a VTEP, is not a tail node, it is determined whether the traffic corresponding to the detection packet is POD traffic, if yes, step A8 is executed, and if not, step A9 is executed. Here, the POD flow rate indicates a flow rate in the same data center network, that is, it is determined whether or not a flow rate corresponding to the detection packet is a flow rate in the same data center network.

And step A8, performing third processing on the detection message.

The method includes the steps of detecting that a Flow corresponding to a message is a Flow in the same data center network, namely, corresponding to a second scene, reporting corresponding subscription information by network equipment in which the message is located according to a Bitmap field of an IOAM header in the message, copying the IOAM header and a TTL value into a register, removing the IOAM header in the detection message, checking and forwarding to determine an interface, and if the value corresponding to a Flow ID field is determined to be empty, not changing the value corresponding to the Flow ID field, and repackaging the original IOMA header and the TTL value in a VXLAN message.

And step A9, performing fourth processing on the detection message.

The method includes the steps of detecting that a Flow corresponding to a message is not the Flow in the same data center network, namely, corresponding to the scene III, at the moment, the network equipment in which the message is located reports corresponding subscription information according to a Bitmap field of an IOAM header in the message, copies the IOAM header and a TTL value into a register, removes the IOAM header in the detection message, checks and forwards the IOAM header to determine an interface, at the moment, if the value corresponding to a Flow ID field is not empty, changing the value corresponding to the Flow ID field, and repackaging the original IOMA header and the TTL value in a VXLAN message.

It can be seen that in the embodiment of the application, the Reserved field of the IOAM header is used for backing up the content of the original Protocol field, ensuring that the transmission path of the detection message is accurate and the ACL policy is correctly matched, and simultaneously introducing different values of Flow ID for distinguishing the processing mechanism of the Flow between the data center networks and in the data center networks, so as to realize the allocation decoupling of the Flow ID between different PODs.

The application also provides a message processing system, which comprises a head node, wherein,

In some embodiments, the system further comprises a first gateway device in case the head node and the tail node corresponding to the VXLAN message are respectively connected to different hosts on the same tenant virtual network in the same data center network, wherein,

After the head node forwards the detection message to a first gateway device, the first gateway device is configured to identify that the Protocol field value is an IOAM specific identifier, report subscription information related to the first gateway device for implementing flow-following detection to the controller by using Bitmap information of an IOAM header in the detection message, and perform a1 reduction operation on a time-to-live TTL value in the detection message;

And the first gateway device is used for acquiring port number information by using a Protocol field value of an IOAM head in the detection message and an offset value corresponding to the IOAM head to perform equal-cost multipath ECMP calculation when inquiring a next hop and forwarding an interface.

Further, the system also comprises a tail node, which is directly connected with the destination host, wherein,

The tail node is configured to, using Bitmap information of an IOAM header in the detection packet, report subscription information related to the tail node for implementing stream-following detection to the controller, and write back an original Protocol field value of a Reserved field in the IOAM header to a Protocol field of the detection packet, and tear down the IOAM header in the detection packet;

and the tail node is used for sending the message for removing the IOAM header to the target host.

In some embodiments, the system further comprises a first gateway device in the case where the head node and the tail node corresponding to the VXLAN message are respectively connected to different hosts on different tenant virtual networks in the same data center network, wherein,

After the header node forwards the detection message to a first gateway device, when removing a VXLAN message and an encapsulated IOAM header, the first gateway device is used for storing the IOAM header and a TTL value in the detection message into a register, and using Bitmap information of the IOAM header in the detection message to report subscription information related to the first gateway device for realizing stream-following detection to the controller;

when looking up a table and packaging a new VXLAN message, the first gateway device is configured to repackage the detection message by using the IOAM header obtained from the register, the TTL value after performing the subtracting 1 operation, and a first VXLAN network identifier, where the first VXLAN network identifier represents an identifier of a tenant virtual network corresponding to an outgoing interface of the first gateway device;

And the first gateway device is used for acquiring port number information by using a Protocol field value of the IOAM head in the repackaged detection message and an offset value of the IOAM head to perform ECMP calculation when inquiring the next hop and forwarding out an interface.

The tail node is configured to report subscription information related to the tail node for implementing stream-following detection to the controller by using Bitmap information of an IOAM header in the repackaged detection packet, and write back an original Protocol field value of a Reserved field in the IOAM header to a Protocol field of the detection packet, so as to tear down the IOAM header in the repackaged detection packet;

In some embodiments, the system further comprises a first gateway device in the case where the head node and the tail node corresponding to the VXLAN message are respectively connected to different hosts in different data center networks, wherein,

When looking up a table and packaging a new VXLAN message, the first gateway device is used for repackaging the detection message by using an IOAM header obtained from the register, a TTL value after performing 1 subtracting operation, a second VXLAN network identifier and a first value corresponding to a Flow ID field in the IOAM header, wherein the first value represents a preset public Flow identifier;

Further, the system comprises a common node, wherein,

When the first gateway device forwards the repackaged detection message to a public node, the public node is used for reporting subscription information related to the public node and used for realizing stream-following detection to the controller by utilizing Bitmap information of an IOAM header in the repackaged detection message, and updating a TTL value in the repackaged detection message to a value after performing a subtracting 1 operation, wherein the public node represents one node in the public VXLAN network;

And the public node is used for acquiring port number information by using the Protocol field value of the IOAM head in the repackaged detection message and the offset value of the IOAM head to perform ECMP calculation when inquiring the next hop and forwarding out an interface.

Further, the system further comprises a second gateway device, wherein,

Forwarding the repackaged detection message to a second gateway device by using the public node, wherein when the VXLAN message and the encapsulated IOAM header are removed, the second gateway device is used for storing the IOAM header and TTL value in the repackaged detection message into a register, and reporting subscription information which is related to the second gateway device and is used for realizing stream-following detection to the controller by using Bitmap information of the IOAM header in the repackaged detection message;

When the second gateway device is used for looking up a table and packaging a new VXLAN message, the second gateway device packages the detection message again by using the IOAM header obtained from the register, the TTL value after continuing to execute the subtracting 1 operation, a third VXLAN network identifier and a second value corresponding to a Flow ID field in the IOAM header, wherein the third VXLAN network identifier represents an identifier of a tenant virtual network corresponding to an outgoing interface of the second gateway device, and the second value is used for representing a Flow identifier corresponding to a data center network to which the second gateway device belongs.

The tail node is configured to, using Bitmap information of an IOAM header in the repackaged detection packet, report subscription information related to the tail node for implementing stream-following detection to the controller, and write back an original Protocol field value of a Reserved field in the IOAM header to a Protocol field of the detection packet, and tear down the IOAM header in the repackaged detection packet;

In some embodiments, the subscription information includes a device ID and a Flow ID of the head node.

The foregoing description of various embodiments is intended to highlight differences between the various embodiments, which may be the same or similar to each other by reference, and is not repeated herein for the sake of brevity.

The methods disclosed in the method embodiments provided by the application can be arbitrarily combined under the condition of no conflict to obtain a new method embodiment.

The features disclosed in the embodiments of the products provided by the application can be combined arbitrarily under the condition of no conflict to obtain new embodiments of the products.

The features disclosed in the embodiments of the method or the device provided by the application can be arbitrarily combined under the condition of no conflict to obtain a new embodiment of the method or the device.

It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of a hardware embodiment, a software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, magnetic disk storage, optical storage, and the like) having computer-usable program code embodied therein.

The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

The above is only a preferred embodiment of the present application, and is not intended to limit the scope of the present application.

Claims

1. A message processing method, characterized in that the method comprises:

The head node receives configuration information issued by the controller and, based on the configuration information, determines the flow ID and bitmap information required for generating an in-band operation, management, and maintenance (IOAM) header. The configuration information is generated based on the in-flow detection requirements issued by the cloud platform and includes five-tuple information. The head node is directly connected to the source host corresponding to the five-tuple information.

When the head node completes the table lookup and encapsulates the Virtual Extended Local Area Network (VXLAN) message, if the quintuple information matches the inner message quintuple corresponding to the VXLAN message, the head node encapsulates the IOAM header generated according to the Flow ID and the bitmap information into the VXLAN message, copies the original Protocol field value of the VXLAN message to the Reserved field of the IOAM header, modifies the Protocol field value of the VXLAN message to the IOAM specific identifier, and obtains a detection message;

The head node uses the Bitmap information of the IOAM header in the detection message to report subscription information related to the head node for implementing follow-up detection to the controller, and forwards the detection message to the next node.

2. The method according to claim 1, wherein, when the head node and the tail node corresponding to the VXLAN message are respectively connected to different hosts on the same tenant virtual network in the same data center network, the method further comprises:

After the head node forwards the detection message to the first gateway device, the first gateway device identifies the Protocol field value as an IOAM specific identifier, uses the bitmap information of the IOAM header in the detection message, reports subscription information related to the first gateway device for implementing in-stream detection to the controller, and decrements the TTL value in the detection message by 1.

When querying the next hop and forwarding outbound interface, the Protocol field value of the IOAM header in the detection message and the offset value corresponding to the IOAM header are used to obtain port number information for performing equal cost multi-path (ECMP) calculation.

3. The method according to claim 2, wherein the egress node is directly connected to the destination host, and the method further comprises:

forwarding the detection message to the egress node using the first gateway device;

The egress node uses the bitmap information of the IOAM header in the detection message to report subscription information related to the egress node for implementing follow-up detection to the controller, and then writes back the original Protocol field value of the Reserved field in the IOAM header to the Protocol field of the detection message, removing the IOAM header in the detection message.

The tail node sends the message with the IOAM header removed to the destination host.

4. The method according to claim 1, wherein, when the head node and the tail node corresponding to the VXLAN message are respectively connected to different hosts on different tenant virtual networks in the same data center network, the method further comprises:

After the head node forwards the detection message to the first gateway device, when removing the VXLAN message and the encapsulated IOAM header, the first gateway device saves the IOAM header and TTL value in the detection message into a register, and uses the bitmap information of the IOAM header in the detection message to report subscription information related to the first gateway device for implementing flow detection to the controller;

When looking up the table and encapsulating a new VXLAN message, the first gateway device re-encapsulates the detection message using the IOAM header obtained from the register, the TTL value after performing a decrement operation by 1, and the first VXLAN network identifier; the first VXLAN network identifier represents an identifier of the tenant virtual network corresponding to the outbound interface of the first gateway device;

When querying the next hop and forwarding out interface, the Protocol field value of the IOAM header in the re-encapsulated detection message and the offset value of the IOAM header are used to obtain port number information for ECMP calculation.

5. The method according to claim 4, wherein the egress node is directly connected to the destination host, and the method further comprises:

forwarding the re-encapsulated detection message to the egress node using the first gateway device;

The egress node uses the bitmap information of the IOAM header in the re-encapsulated detection message to report subscription information related to the egress node for implementing in-stream detection to the controller, writes back the original Protocol field value of the Reserved field in the IOAM header to the Protocol field of the detection message, and removes the IOAM header in the re-encapsulated detection message;

6. The method according to claim 1, wherein, when the head node and the tail node corresponding to the VXLAN message are respectively connected to different hosts in different data center networks, the method further comprises:

When looking up the table and encapsulating a new VXLAN message, the first gateway device re-encapsulates the detection message using the IOAM header obtained from the register, the TTL value after performing a decrement operation, the second VXLAN network identifier, and the first value corresponding to the Flow ID field in the IOAM header; the first value represents a preset public flow identifier; the second VXLAN network identifier is used to uniquely identify the corresponding routing domain of the interconnection between different tenant virtual networks in different data center networks, and is used to implement independent planning of network identifiers for tenants in different data center networks;

7. The method according to claim 6, further comprising:

When the first gateway device forwards the re-encapsulated detection message to the public node, the public node uses the bitmap information of the IOAM header in the re-encapsulated detection message to report subscription information related to the public node for implementing in-flow detection to the controller, and updates the TTL value in the re-encapsulated detection message to a value after performing a decrement operation; the public node represents a node in the public VXLAN network;

8. The method according to claim 7, further comprising:

The re-encapsulated detection message is forwarded to the second gateway device by using the public node. When the VXLAN message and the encapsulated IOAM header are removed, the second gateway device saves the IOAM header and the TTL value in the re-encapsulated detection message into a register, and reports subscription information related to the second gateway device for implementing in-flow detection to the controller by using the bitmap information of the IOAM header in the re-encapsulated detection message;

When looking up the table and encapsulating a new VXLAN message, the second gateway device uses the IOAM header obtained from the register, the TTL value after continuing to perform the subtraction operation, the third VXLAN network identifier, and the second value corresponding to the Flow ID field in the IOAM header to encapsulate the detection message again; the third VXLAN network identifier represents the identifier of the tenant virtual network corresponding to the outbound interface of the second gateway device; the second value is used to represent the flow identifier corresponding to the data center network to which the second gateway device belongs.

9. The method according to claim 8, wherein the egress node is directly connected to the destination host, and the method further comprises:

forwarding the re-encapsulated detection message to the egress node using the second gateway device;

10. The method according to claim 1, wherein the subscription information includes a device identification number (ID) and a flow ID of the head node.

11. A message processing system, characterized in that the message processing system includes a head node, wherein the head node is used to receive configuration information issued by a controller and, based on the configuration information, determine the flow ID and bitmap information required when generating an IOAM header; the configuration information is generated based on the flow detection requirements issued by the cloud platform, the configuration information includes quintuple information, and the head node is directly connected to the source host corresponding to the quintuple information;

When the head node completes the table lookup and encapsulates the VXLAN message, if the quintuple information matches the inner message quintuple corresponding to the VXLAN message, the head node encapsulates the IOAM header generated according to the Flow ID and the bitmap information into the VXLAN message, copies the original Protocol field value of the VXLAN message to the Reserved field of the IOAM header, modifies the Protocol field value of the VXLAN message to the IOAM specific identifier, and obtains a detection message;

The head node is configured to report subscription information related to the head node for implementing follow-up detection to the controller by using the Bitmap information of the IOAM header in the detection message, and forward the detection message to the next node.