CN105490884B - A kind of VXLAN tunnel detection method and device - Google Patents
A kind of VXLAN tunnel detection method and device Download PDFInfo
- Publication number
- CN105490884B CN105490884B CN201510931765.1A CN201510931765A CN105490884B CN 105490884 B CN105490884 B CN 105490884B CN 201510931765 A CN201510931765 A CN 201510931765A CN 105490884 B CN105490884 B CN 105490884B
- Authority
- CN
- China
- Prior art keywords
- tunnel
- configuration information
- equipment
- address
- vxlan
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0805—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4633—Interconnection of networks using encapsulation techniques, e.g. tunneling
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0631—Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Environmental & Geological Engineering (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The reason of the embodiment provides a kind of VXLAN tunnel detection method and devices, are related to field of communication technology, can establish failure to the tunnel VXLAN is fed back, and is improved the tunnel VXLAN and is established efficiency.This method comprises: the first equipment receives the second tunnel configuration information that the second equipment is sent;Second tunnel configuration information is matched with the first tunnel configuration information in the first equipment;When the first tunnel configuration information and the second tunnel configuration information mismatch, the first equipment sends failure message to the second equipment;Tunnel configuration information includes the IP address of the destination in the tunnel VXLAN and the mapping relations of virtual network instance identification VNID, and wherein tunnel configuration information establishes the tunnel VXLAN for the first equipment and the second equipment.The embodiment of the present invention is used for VXLAN Tunnel testing.
Description
Technical field
The embodiment of the present invention is related to the communications field more particularly to a kind of method and device of VXLAN Tunnel testing.
Background technique
Virtual expansible local area network (Virtual Extensible Local Area Network, VXLAN) technology is to use
It is virtualized in extended network, meets the technology that user uses to obtain sufficient amount of virtual network.VXLAN technology is by building
The vertical tunnel VXLAN creates a large amount of virtual expansible local area network, different virtual expansible local area networks on existing network framework
It is identified using VNI (VXLAN Network Identifier, virtual expansible local net network identifier).
The tunnel VXLAN is established there are two types of modes in the prior art: one is being established using proprietary protocol, another kind is
Manually establish.But when manually establishing the tunnel VXLAN, need by user configuration or third party
Proprietary protocol is completed, when increasing the complexity of network, and establishing the tunnel VXLAN using proprietary protocol, it is possible to because of VXLAN
The user configuration at tunnel both ends mismatches and the case where failure is established in the tunnel VXLAN occurs, and when there is above situation, nothing
Method determines the reason of failure is established in the tunnel VXLAN, causes the tunnel VXLAN that cannot establish in time, reduces the tunnel VXLAN and establishes effect
Rate influences user experience.
Summary of the invention
The embodiment of the present invention provides a kind of method and device of VXLAN Tunnel testing, can establish and lose to the tunnel VXLAN
The reason of losing is fed back, and is improved the tunnel VXLAN and is established efficiency, improves user experience.
In a first aspect, the embodiment of the invention provides a kind of VXLAN tunnel detection method, this method comprises: the first equipment
Receive the second tunnel configuration information of the second equipment transmission;Second tunnel configuration information and the first tunnel in the first equipment are matched
Confidence breath is matched;When the first tunnel configuration information and the second tunnel configuration information mismatch, the first equipment is set to second
Preparation send failure message;First tunnel configuration information includes the first IP address and the mapping pass of virtual network instance identification VNID
System, the first IP address is that the IP address of the destination in the tunnel VXLAN is established with the first equipment;Second tunnel configuration information includes the
The mapping relations of two IP address and virtual network instance identification VNID, the second IP address are to establish the tunnel VXLAN with the second equipment
Destination IP address, wherein tunnel configuration information establishes the tunnel VXLAN for the first equipment and the second equipment.
In the first possible implementation of the first aspect, by the in the second tunnel configuration information and the first equipment
One tunnel configuration information is matched, comprising: the first virtual network instance identification is taken out from the second tunnel configuration information, wherein
First virtual network instance identification is any virtual network instance identification of the second tunnel configuration information;Believe in the second tunnel configuration
The second IP address corresponding with the first virtual network instance identification is obtained in breath, and as the first tunnel source IP address;?
The first IP address corresponding with the first virtual network instance identification is obtained in one tunnel configuration information, and as the first tunnel purpose
Hold IP address;When the first tunnel configuration information and the second tunnel configuration information mismatch, the first equipment is sent to the second equipment
Failure message, comprising: when the first tunnel source IP address is identical as the first tunnel destination IP address, the first equipment is to second
Equipment sends Fisrt fault message.
With reference to first aspect or first aspect the first possible implementation, in second of possible implementation
In, the second tunnel configuration information is matched with the first tunnel configuration information in the first equipment, further includes: by the second tunnel
Configuration information is matched with the first tunnel configuration information in the first equipment, further includes: is taken from the second tunnel configuration information
Second IP address is as the second tunnel destination IP address out;It is obtained and the second tunnel mesh in the second tunnel configuration information
The corresponding all virtual network instance identifications of end IP address, and as the second virtual network instance identification group;In the first tunnel
Tunnel destination corresponding with virtual network instance identification each in the second virtual network instance identification group is obtained in configuration information
IP address;When the first tunnel configuration information and the second tunnel configuration information mismatch, the first equipment sends event to the second equipment
Hinder message, comprising: as the corresponding tunnel destination IP of virtual network instance identification each in the second virtual network instance identification group
When address is not unique, the first equipment sends the second failure message to second equipment.
With reference to first aspect or first aspect the first to second any one possible implementation, at the third
In possible implementation, the first equipment and the second equipment are bgp neighbor.
The third possible implementation with reference to first aspect, in the fourth possible implementation, failure message is
BGP notifies Notification message;After the second equipment receives failure message, the content according to failure message carries out mistake and mentions
Show, and bgp neighbor is maintained to be in established state.
Second aspect, the embodiment of the invention provides a kind of VXLAN tunnel detectors, are located at the first equipment, comprising: connect
Unit is received, for receiving the second tunnel configuration information of the second equipment transmission;Processing unit is used for the second tunnel configuration information
It is matched with the first tunnel configuration information in the first equipment;Transmission unit, for when the first tunnel configuration information and second
When tunnel configuration information mismatches, failure message is sent to the second equipment;First tunnel configuration information include the first IP address with
The mapping relations of virtual network instance identification VNID, the first IP address are that the destination in the tunnel VXLAN is established with the first equipment
IP address;Second tunnel configuration information includes the mapping relations of the second IP address Yu virtual network instance identification VNID, the 2nd IP
Address is the IP address that the destination in the tunnel VXLAN is established with the second equipment, wherein tunnel configuration information for the first equipment with
Second equipment establishes the tunnel VXLAN.
In the first possible implementation of the second aspect, processing unit is also used to: from the second tunnel configuration information
The first virtual network instance identification of middle taking-up, wherein the first virtual network instance identification is any void of the second tunnel configuration information
Quasi- network example mark;Twoth IP corresponding with the first virtual network instance identification is obtained in the second tunnel configuration information
Location, and as the first tunnel source IP address;It is obtained and the first virtual network instance identification pair in the first tunnel configuration information
The first IP address answered, and as the first tunnel destination IP address;Transmission unit is also used to: when the first tunnel source IP address
When identical as the first tunnel destination IP address, Fisrt fault message is sent to the second equipment.
In conjunction with second aspect or second aspect the first possible implementation, in second of possible implementation
In, processing unit is also used to: second IP address is taken out from the second tunnel configuration information as the second tunnel destination IP
Address;All virtual network example marks corresponding with the second tunnel destination IP address are obtained in the second tunnel configuration information
Know, and as the second virtual network instance identification group;It is obtained and the second virtual network example mark in the first tunnel configuration information
The corresponding tunnel destination IP address of each virtual network instance identification in knowledge group;Transmission unit is also used to: when the second virtual net
When the corresponding tunnel destination IP address of each virtual network instance identification is not unique in network instance identification group, sent out to the second equipment
Send the second failure message.
In conjunction with second aspect or second aspect the first to second any one possible implementation, at the third
In possible implementation, the first equipment and the second equipment are bgp neighbor.
The third possible implementation in conjunction with second aspect, in the fourth possible implementation, failure message is
BGP notifies Notification message;After the second equipment receives failure message, the content according to failure message carries out mistake and mentions
Show, and bgp neighbor is maintained to be in established state.
A kind of VXLAN tunnel detection method and device provided in an embodiment of the present invention, comprising: the first equipment first receives the
The second tunnel configuration information that two equipment are sent;Secondly by the first tunnel configuration in the second tunnel configuration information and the first equipment
Information is matched;Finally when the first tunnel configuration information and the second tunnel configuration information mismatch, the first equipment is to second
Equipment sends failure message;Wherein the first tunnel configuration information includes the first IP address and virtual network instance identification VNID reflects
Relationship is penetrated, the first IP address is that the IP address of the destination in the tunnel VXLAN, the second tunnel configuration packet are established with the first equipment
The mapping relations of the second IP address Yu virtual network instance identification VNID are included, the second IP address is to establish with second equipment
The IP address of the destination in the tunnel VXLAN, tunnel configuration information establish the tunnel VXLAN for the first equipment and the second equipment.Cause
This VXLAN tunnel detection method provided by the above embodiment, for the VXLAN tunnel information configured in VXLAN network, by
The second tunnel configuration information that two equipment are generated according to own configuration information, with for detect the second tunnel configuration information legitimacy institute
The configuration information in the first equipment needed i.e. the first tunnel configuration information is matched, and judges that second matches according to matching result
Whether confidence breath is legal, and such as the second configuration information is illegal, sends failure message to the second equipment, the second equipment is enable to learn
It is illegal that configuration information required for the tunnel VXLAN is established in second equipment, thus to will establish before establishing the tunnel VXLAN
The configuration information in the tunnel VXLAN carries out legitimacy detection, when the configuration information of tested equipment is illegal, informs to the equipment
The error message improves the foundation of the tunnel VXLAN so as to timely feedback the reason of establishing failure to the tunnel VXLAN
Efficiency improves user experience.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
Some embodiments of invention for those of ordinary skill in the art without creative efforts, can be with
Other attached drawings are obtained according to these attached drawings.
Fig. 1 is the schematic diagram of VXLAN in the prior art;
Fig. 2 is a kind of flow diagram for VXLAN tunnel detection method that the embodiment of the present invention provides;
Fig. 3 is a kind of flow diagram for VXLAN tunnel detection method that another embodiment of the present invention provides;
Fig. 4 is a kind of schematic diagram for VXLAN tunnel detector that the embodiment of the present invention provides.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, those of ordinary skill in the art are acquired every other without making creative work
Embodiment shall fall within the protection scope of the present invention.
The term used in this application is only merely for for the purpose of describing particular embodiments, being not intended to be limiting this Shen
Please.It is also intended in the term such as "an" of the application and singular shape used in the attached claims, " described " and "the"
Including most forms, unless the context clearly indicates other meaning.Simultaneously it is also understood that term used herein
"and/or" refers to and includes that one or more associated any or all of project listed may combine.
It will be appreciated that though in the application various letters may be described using term such as " first ", " second ", " third "
Breath, but these information should not necessarily be limited by these terms, and above-mentioned term is only used to for same type of information being distinguished from each other out.It is exemplary
, in the case where not departing from the application range, the first information can also be referred to as the second information, similarly, the second information
The first information can be referred to as, while depending on context, the word used in above-mentioned scene " if " can be construed as
For " ... when " or " when ... " or " in response to determination ".
As shown in Figure 1, virtual expansible local area network VXLAN is generally included:
101, VXLAN endpoint of a tunnel (VXLAN Tunnel End Point, VTEP): VTEP is the edge device of VXLAN,
The relevant treatment of VXLAN carries out all on VTEP, such as identifies VXLAN belonging to ethernet data frame, is based on VXLAN to data
Frame carries out two layers of forwarding, encapsulation/decapsulation message etc., passes through three-layer network progress between VTEP by establishing the tunnel VXLAN
Data communication, VTEP can be an independent physical equipment, be also possible to the server that operation has virtual machine.Wherein VXLAN
It is identified by VXLAN network identifier (VXLAN Network Identifier, VNI).
102, the tunnel VXLAN: the tunnel VXLAN is the logical tunnel of point-to-point between two VTEP.VTEP is data frame envelope
After dress VXLAN, UDP, IP, the message after encapsulation is transmitted to by distal end VTEP by the tunnel VXLAN, distal end VTEP is to it
It is decapsulated.
When generating the tunnel VXLAN when establishing the tunnel VXLAN by proprietary protocol, need to carry out VXLAN phase on VTEP
Close configuration, wherein carried out on VTEP to generate the tunnel VXLAN it is relevant configuration include: the tunnel VXLAN source IP address,
The destination address in the tunnel VXLAN, the VNI with the VXLAN of VXLAN tunnel-associated.Wherein a tunnel VXLAN can only possess one
A source, i.e. a tunnel VXLAN can only correspond to the source address in a tunnel VXLAN.A VXLAN can be associated with more simultaneously
The tunnel VXLAN, a tunnel VXLAN can be associated with multiple VXLAN, these VXLAN share the tunnel VXLAN, i.e. a VNI
The a plurality of tunnel VXLAN can be corresponded to, a tunnel VXLAN can also correspond to multiple VNI.
For the above-mentioned VXLAN tunnel information configured in VXLAN network, referring to shown in Fig. 2, the embodiment of the present invention
A kind of VXLAN tunnel detection method is provided, is included the following steps:
201, the first equipment receives the second tunnel configuration information that the second equipment is sent.
Wherein the first equipment and the second equipment are VXLAN endpoint of a tunnel (VXLAN Tunnel End Point, VTEP),
First equipment and the routing of the second equipment room are reachable, i.e. the first equipment sends data to the second equipment room, and the second equipment can receive
The data sent to the first equipment, and feedback data is sent to the first equipment, the first equipment can receive the transmission of the second equipment
Feedback data.First equipment and the second equipment can be independent physical equipment, such as router, or operation has void
The server of quasi- machine.
Second tunnel configuration information, is included in the first equipment and the second equipment room establishes configuration required for the tunnel VXLAN
Information, the second tunnel configuration information may include the tunnel VXLAN destination address i.e. the second IP address IPTA and the tunnel VXLAN
The VNI and IPTA of associated VXLAN and the mapping relations of VNI, wherein IPTA is with the second equipment for the tunnel VXLAN source
Under the premise of the tunnel VXLAN destination address.One of IPTA can correspond to one or more VNI, and a VNI is only capable of
Wherein occur in a mapping relations.Second tunnel configuration information can be generated by the second equipment according to own configuration information,
It can be the configuration information having previously been stored in the second equipment.
It illustratively, as shown in table 1, is a kind of specific implementation of the second tunnel configuration information.
Table 1
| The destination address in the tunnel VXLAN | VXLAN network identifier |
| IPTA1 | VNI1 |
| IPTA2 | VNI2、VNI3 |
| IPTA3 | VNI4、VNI5、VNI6 |
202, judge whether the second tunnel configuration information matches with the first tunnel configuration information in the first equipment
Wherein the first tunnel configuration information is located in the first equipment, and the first tunnel configuration information includes in the first equipment pair
The configuration information of first equipment required for the legitimacy of second tunnel configuration information is detected, the first tunnel configuration information can
With include the tunnel VXLAN destination address i.e. the first IP address IPTB, with the VNI of the VXLAN of VXLAN tunnel-associated, and
The mapping relations of IPTB and VNI, it is the tunnel VXLAN purpose under the premise of the tunnel VXLAN source that wherein IPTB, which is with the first equipment,
The address at end.One of IPTB can correspond to one or more VNI, and a VNI is only capable of going out in a wherein mapping relations
It is existing.First tunnel configuration information can be generated by the first equipment according to own configuration information, or have previously been stored in first
Configuration information in equipment.
It illustratively, as shown in table 2, is a kind of specific implementation of the first tunnel configuration information.
Table 2
| The destination address in the tunnel VXLAN | VXLAN network identifier |
| IPTB1 | VNI1 |
| IPTB2 | VNI2、VNI3 |
| IPTB3 | VNI4 |
Second tunnel configuration information is matched with the first tunnel configuration information, can be from the second tunnel configuration information
One VNI of middle taking-up, and IPTA corresponding with the VNI, it is corresponding with the VNI further according to the first tunnel configuration acquisition of information
IPTB, when IPTA is identical as IPTB, the second tunnel configuration information and the first tunnel configuration information are mismatched.Second tunnel is matched
Confidence breath is matched with the first tunnel configuration information, is also possible to take out an IPTA, root from the second tunnel configuration information
According to the IPTA and the second tunnel configuration acquisition of information all VNIs corresponding with the IPTA, according to the first tunnel configuration acquisition of information
With all corresponding IPTB of VNI, when acquired IPTB is not unique, the second tunnel configuration information and the first tunnel configuration
Information mismatches.
It is illustrative: it is based on the first tunnel configuration information shown in the second tunnel configuration information shown in table 1 and table 2,
When being matched to the second tunnel configuration information with the first tunnel configuration information:
VNI1, and IPTA1 corresponding with VNI1 are taken out from the second configuration information, according to the first configuration information obtain with
The corresponding IPTB1 of VNI1, as IPTA1=IPTB1, the second configuration information and the first configuration information are mismatched.
203, when the second configuration information and the first configuration information mismatch, the first equipment sends failure report to the second equipment
Text.
The wherein failure message that the first equipment is sent to the second equipment can be the second configuration information of expression and the first configuration
The unmatched data of information, or further include indicating that the second configuration information and the first configuration information specifically mismatch type
Data, as long as the first equipment can inform that the second configuration information is illegal to the second equipment by failure message.
A kind of VXLAN tunnel detection method provided in an embodiment of the present invention, comprising: the first equipment first receives the second equipment
The the second tunnel configuration information sent;Secondly by the first tunnel configuration information in the second tunnel configuration information and the first equipment into
Row matching;Finally when the first tunnel configuration information and the second tunnel configuration information mismatch, the first equipment is sent out to the second equipment
Send failure message;Wherein the first tunnel configuration information includes the first IP address and the mapping pass of virtual network instance identification VNID
System, the first IP address be that the IP address of the destination in the tunnel VXLAN is established with the first equipment, and the second tunnel configuration information includes the
The mapping relations of two IP address and virtual network instance identification VNID, the second IP address are to establish VXLAN with second equipment
The IP address of the destination in tunnel, tunnel configuration information establish the tunnel VXLAN for the first equipment and the second equipment.Therefore above-mentioned
The VXLAN tunnel detection method that embodiment provides, for the VXLAN tunnel information configured in VXLAN network, by the second equipment
According to own configuration information generate the second tunnel configuration information, with for detect the second tunnel configuration information legitimacy required for
Configuration information i.e. the first tunnel configuration information in first equipment is matched, and judges the second configuration information according to matching result
Whether legal, such as the second configuration information is illegal, sends failure message to the second equipment, the second equipment is enable to learn that second sets
It is illegal that configuration information required for the tunnel VXLAN is established on standby, thus to will establish VXLAN before establishing the tunnel VXLAN
The configuration information in tunnel carries out legitimacy detection and informs the mistake to the equipment when the configuration information of tested equipment is illegal
False information improves the tunnel VXLAN and establishes efficiency so as to timely feedback the reason of establishing failure to the tunnel VXLAN,
Improve user experience.
For the above-mentioned VXLAN tunnel information configured in VXLAN network, referring to shown in Fig. 3, the embodiment of the present invention
A kind of VXLAN tunnel detection method is provided, is included the following steps:
301, the first equipment receives the second tunnel configuration information that the second equipment is sent.
Specific example is referring to above-mentioned steps 201, and which is not described herein again.
It should be noted that the first equipment and the second equipment can also be to establish Border Gateway Protocol (Border
Gateway Protocol, abbreviation BGP) in neighborhood (or Correspondent Node/peer-entities).
302, a virtual network instance identification is taken out from the second tunnel configuration information as the first virtual network example
Mark.
A virtual network instance identification is wherein taken out from the second tunnel configuration information, can be from the second tunnel configuration
Information takes out any one virtual network instance identification and as the first virtual network instance identification, illustratively, is based on 1 institute of table
The the second tunnel configuration information shown, takes out VNI2 from the second tunnel configuration information, as the first virtual network instance identification.
303, the second IP address corresponding with the first virtual network instance identification is obtained in the second tunnel configuration information, and
As the first tunnel source IP address, corresponding with the first virtual network instance identification the is obtained in the first tunnel configuration information
One IP address, and as the first tunnel destination IP address.
The second IP address corresponding with the first virtual network instance identification is wherein obtained in the second tunnel configuration information, and
As the first tunnel source IP address, it is included in the second tunnel configuration information, acquisition is deposited with the first virtual network instance identification
In the second IP address of mapping relations, and as the first tunnel source IP address.It is obtained and the in the first tunnel configuration information
Corresponding first IP address of one virtual network instance identification, and as the first tunnel destination IP address, it is included in the first tunnel
In configuration information, there are the first IP address of mapping relations with the first virtual network instance identification for acquisition, and make the first tunnel mesh
End IP address.
Illustratively, based on the second tunnel configuration information shown in table 1, obtaining the first tunnel source IP address includes:
According to the VNI1 taken out in the second configuration information, the IPTA1 with VNI1 mapping is obtained in the second configuration information, is made
For the first tunnel source IP address.
Based on the first tunnel configuration information shown in table 2, obtaining the first tunnel destination IP address includes:
According to the VNI1 taken out in the second tunnel configuration information, obtained in the first configuration information and VNI1 mapping
IPTB1, as the first tunnel destination IP address.
304, judge whether the first tunnel source IP address and the first tunnel destination IP address are identical.
According to the first tunnel source IP address and the first tunnel destination IP address obtained in step 303, judge that it is
No is same IP address.
According to the judging result of step 304, when the first tunnel source IP address is identical as the first tunnel destination IP address
When, then carry out following steps:
305, the first equipment sends Fisrt fault message to the second equipment.
Wherein Fisrt fault message includes that the second tunnel configuration information is illegal and specific illegal content, i.e., and second
Tunnel configuration information and the first tunnel configuration information for tunnel source IP address in the configuration information in the tunnel same VXLAN with
Tunnel destination IP address is identical.Fisrt fault message can also be including in the second tunnel configuration information in above-mentioned illegal content
There is the second IP address being overlapped.
First equipment to the second equipment send Fisrt fault message, can for the first equipment by the second tunnel configuration information not
Legal and specific illegal content is sent to the second equipment in the form of data packet, or the first equipment is by the second tunnel
Road configuration information is illegal and specific illegal content by the format of BGP notice Notification message is sent to the
Two equipment.
According to the judging result of step 304, when the first tunnel source IP address is different from the first tunnel destination IP address
When, then carry out following steps:
306, second IP address is taken out from the second tunnel configuration information as the second tunnel destination IP address.
Wherein one the second IP address of taking-up, can as the second tunnel destination IP address from the second tunnel configuration information
Think and takes out any one second IP address from the second tunnel configuration information and as the second tunnel destination IP address, it is exemplary
, based on the second tunnel configuration information shown in table 1, VNI4 is taken out from the second tunnel configuration information, as the second tunnel mesh
End IP address.
307, all virtual networks corresponding with the second tunnel destination IP address are obtained in the second tunnel configuration information
Instance identification, and as the second virtual network instance identification group;It is obtained and the second virtual network in the first tunnel configuration information
The corresponding tunnel destination IP address of each virtual network instance identification in instance identification group.
Wherein, all virtual networks corresponding with the second tunnel destination IP address are obtained in the second tunnel configuration information
Instance identification is deposited including obtaining in the second tunnel configuration information with the second tunnel destination IP address obtained within step 306
In one or more virtual network instance identifications of mapping relations, and using the set of acquired virtual network instance identification as
Second virtual network instance identification group.
It is obtained in the first tunnel configuration information and each virtual network example mark in the second virtual network instance identification group
Know corresponding tunnel destination IP address, including obtains in the first tunnel configuration information and in the second virtual network instance identification group
Corresponding first IP address of all virtual network instance identifications, and the first IP address that will acquire is considered as the second tunnel source
IP address, the second tunnel source IP address may include one or more first IP address.
308, judge the corresponding tunnel destination of each virtual network instance identification in the second virtual network instance identification group
Whether IP address is unique.
When each virtual network instance identification is corresponding in the second virtual network instance identification group acquired in step 307
Tunnel destination IP address is multiple first IP address, then represents that there are multiple corresponding with the second tunnel destination IP address the
Two tunnel source IP address;The second tunnel source IP address acquired in step 307 is first IP address, then represents
The second tunnel source IP address corresponding with the second tunnel destination IP address is unique.
According to the judging result of step 308, when each virtual network instance identification in the second virtual network instance identification group
When corresponding tunnel destination IP address is not unique, then following steps are carried out:
309, the first equipment sends the second failure message to the second equipment.
Wherein the second failure message includes that the second tunnel configuration information is illegal and specific illegal content, i.e., with the
The corresponding second tunnel source IP address of two tunnel destination IP address is not unique.
First equipment to the second equipment send the second failure message, can for the first equipment by the second tunnel configuration information not
Legal and specific illegal content is sent to the second equipment in the form of data packet, or the first equipment is by the second tunnel
Road configuration information is illegal and specific illegal content by the format of BGP notice Notification message is sent to the
Two equipment.Second failure message can also include above-mentioned illegal content in in the first tunnel configuration information be used as the second tunnel
The 2nd IP in first IP address of destination IP address and the second tunnel configuration information as the second tunnel source IP address
Address.
Optionally, after step 305, further includes:
S01, the second equipment carry out miscue according to the content of Fisrt fault message.
Second equipment is after receiving the Fisrt fault message that the first equipment is sent, according to including in Fisrt fault message
The illegal content of second tunnel configuration information carries out miscue, wherein the content shown may include that the second tunnel is matched
Confidence ceases illegal concrete reason, i.e., because the second tunnel configuration information and the first tunnel configuration information are directed to same
Source IP address in tunnel is overlapped with tunnel destination IP address in the configuration information in the tunnel VXLAN, and the content shown may be used also
To include occurring the second IP address being overlapped in above-mentioned illegal content in the second tunnel configuration information.Display herein, can be with
It is shown, can also be shown by way of print command by way of log recording.
Optionally, after step 309, further includes:
S02, the second equipment carry out miscue according to the content of the second failure message.
Second equipment is after receiving the second failure message that the first equipment is sent, according to including in the second failure message
The illegal content of second tunnel configuration information carries out miscue, wherein the content shown may include that the second tunnel is matched
Confidence ceases illegal concrete reason, i.e., source IP address in the second tunnel corresponding with the second tunnel destination IP address is not only
One, the content shown can also include above-mentioned illegal content in in the first tunnel configuration information be used as the second tunnel mesh
End IP address the first IP address and the second tunnel configuration information in as mapping with the second tunnel destination IP address
Second IP address of the second tunnel source IP address.Display herein can be shown by way of log recording, can also be led to
The mode for crossing print command is shown.
A kind of VXLAN tunnel detection method provided in an embodiment of the present invention, comprising: the first equipment first receives the second equipment
The the second tunnel configuration information sent;Secondly a virtual network instance identification is taken out from the second tunnel configuration information as the
One virtual network instance identification;Twoth IP corresponding with the first virtual network instance identification is obtained in the second tunnel configuration information
Address, and as the first tunnel source IP address, it is obtained and the first virtual network instance identification in the first tunnel configuration information
Corresponding first IP address, and as the first tunnel destination IP address;Judge the first tunnel source IP address and the first tunnel
Whether destination IP address is identical, and the first equipment sends Fisrt fault message to the second equipment if they are the same;From the second tunnel configuration
Second IP address is taken out in information as the second tunnel destination IP address;It is obtained and the in the second tunnel configuration information
The corresponding all virtual network instance identifications of two tunnel destination IP address, and as the second virtual network instance identification group;?
Tunnel corresponding with virtual network instance identification each in the second virtual network instance identification group is obtained in first tunnel configuration information
Road destination IP address;Judge the corresponding tunnel purpose of each virtual network instance identification in the second virtual network instance identification group
Hold IP address i.e. the second tunnel source IP address whether unique, if not unique first equipment sends the second failure report to the second equipment
Text.Therefore VXLAN tunnel detection method provided by the above embodiment is believed for the tunnel VXLAN configured in VXLAN network
Breath, the second tunnel configuration information that the second equipment is generated according to own configuration information, with for detection the second tunnel configuration information
Configuration information i.e. the first tunnel configuration information in first equipment required for legitimacy is matched, when the second tunnel configuration is believed
Breath is with the first tunnel configuration information for tunnel source IP address and tunnel destination in the configuration information in the tunnel same VXLAN
When IP address is overlapped, the first equipment sends the Fisrt fault message comprising above-mentioned illegal content to the second equipment;When first
Select first IP address as the second tunnel destination IP address in tunnel configuration information, according to the second tunnel configuration information
When the second tunnel source IP address corresponding with the second tunnel destination IP address obtained is not unique, the first equipment is set to second
Preparation send the second failure message comprising above-mentioned illegal content.To before establishing the tunnel VXLAN to VXLAN tunnel will be established
The configuration information in road carries out legitimacy detection and informs the configuration to the equipment when the configuration information of tested equipment is illegal
Information is illegal and the specific illegal content of configuration information, so as to carry out the reason of establishing failure to the tunnel VXLAN
It timely feedbacks, improves the tunnel VXLAN and establish efficiency, improve user experience.
The embodiment of the present invention provides a kind of VXLAN tunnel establishing method, using any of the above-described before establishing the tunnel VXLAN
VXLAN tunnel detection method in embodiment is detected.
In establishing VXLAN tunneling process, a VNI is taken out from the second tunnel configuration information, is matched according to the first tunnel
Acquisition of information is set with the VNI the first IP address mapped and as tunnel source IP address, according to the second tunnel configuration acquisition of information
The second IP address with VNI mapping is as tunnel purpose IP address, tunnel source IP address and tunnel purpose IP address composition one
Tunnel.The VNI that the tunnel is carried by by tunnel purpose IP address in the second tunnel configuration information corresponding VNI and tunnel
Source IP address corresponding VNI in the first tunnel configuration information in road seeks common ground acquisition.
A kind of VXLAN tunnel establishing method provided in an embodiment of the present invention, is included in front of establishing the tunnel VXLAN and is examined
It surveys, comprising: the first equipment first receives the second tunnel configuration information that the second equipment is sent;Secondly from the second tunnel configuration information
One virtual network instance identification of middle taking-up is as the first virtual network instance identification;In the second tunnel configuration information obtain with
Corresponding second IP address of first virtual network instance identification, and as the first tunnel source IP address, in the first tunnel configuration
The first IP address corresponding with the first virtual network instance identification is obtained in information, and as the first tunnel destination IP address;
Judge whether the first tunnel source IP address and the first tunnel destination IP address are identical, the first equipment is to the second equipment if they are the same
Send Fisrt fault message;Second IP address is taken out as the second tunnel destination IP from the second tunnel configuration information
Location;All virtual network instance identifications corresponding with the second tunnel destination IP address are obtained in the second tunnel configuration information,
And as the second virtual network instance identification group;It is obtained and the second virtual network instance identification group in the first tunnel configuration information
In the corresponding tunnel destination IP address of each virtual network instance identification;It is every in judgement and the second virtual network instance identification group
Whether the corresponding tunnel destination IP address of a virtual network instance identification is unique, if not unique first equipment is sent out to the second equipment
Send the second failure message.Therefore VXLAN tunnel detection method provided by the above embodiment, for what is configured in VXLAN network
VXLAN tunnel information, the second tunnel configuration information that the second equipment is generated according to own configuration information, with for detect the second tunnel
Configuration information i.e. the first tunnel configuration information in first equipment required for road configuration information legitimacy is matched, when second
Tunnel configuration information and the first tunnel configuration information for tunnel source IP address in the configuration information in the tunnel same VXLAN with
When tunnel destination IP address is overlapped, the first equipment sends the Fisrt fault report comprising above-mentioned illegal content to the second equipment
Text;When selecting first IP address in the first tunnel configuration information as the second tunnel destination IP address, according to second
When the second tunnel source IP address corresponding with the second tunnel destination IP address of tunnel configuration acquisition of information is not unique, first
Equipment sends the second failure message comprising above-mentioned illegal content to the second equipment.Thus to general before establishing the tunnel VXLAN
The configuration information for establishing the tunnel VXLAN carries out legitimacy detection and sets when the configuration information of tested equipment is illegal to this
It is standby to inform that the configuration information is illegal and the specific illegal content of configuration information, it is lost so as to be established to the tunnel VXLAN
The reason of losing is timely feedbacked, and is improved the tunnel VXLAN and is established efficiency, improves user experience.
Referring to shown in Fig. 4, the embodiment of the present invention provides a kind of VXLAN tunnel detector, comprising:
Receiving unit 401, for when the second tunnel configuration information for receiving the transmission of the second equipment.
Wherein the first equipment and the second equipment are VXLAN endpoint of a tunnel (VXLAN Tunnel End Point, VTEP),
First equipment and the routing of the second equipment room are reachable, i.e. the first equipment sends data to the second equipment room, and the second equipment can receive
The data sent to the first equipment, and feedback data is sent to the first equipment, the first equipment can receive the transmission of the second equipment
Feedback data.First equipment and the second equipment can be independent physical equipment, such as router, or operation has void
The server of quasi- machine.
Second tunnel configuration information, is included in the first equipment and the second equipment room establishes configuration required for the tunnel VXLAN
Information, the second tunnel configuration information may include the tunnel VXLAN destination address i.e. the second IP address IPTA and the tunnel VXLAN
The VNI and IPTA of associated VXLAN and the mapping relations of VNI, wherein IPTA is with the second equipment for the tunnel VXLAN source
Under the premise of the tunnel VXLAN destination address.One of IPTA can correspond to one or more VNI, and a VNI is only capable of
Wherein occur in a mapping relations.Second tunnel configuration information can be generated by the second equipment according to own configuration information,
It can be the configuration information having previously been stored in the second equipment.It illustratively, as shown in table 1, is the second tunnel configuration information
A kind of specific implementation.
Processing unit 402, for by the first tunnel configuration in the second tunnel configuration information and first equipment
Information is matched.
Wherein the first tunnel configuration information is located in the first equipment, and the first tunnel configuration information includes in the first equipment pair
The configuration information of first equipment required for the legitimacy of second tunnel configuration information is detected, the first tunnel configuration information can
With include the tunnel VXLAN destination address i.e. the first IP address IPTB, with the VNI of the VXLAN of VXLAN tunnel-associated, and
The mapping relations of IPTB and VNI, it is the tunnel VXLAN purpose under the premise of the tunnel VXLAN source that wherein IPTB, which is with the first equipment,
The address at end.One of IPTB can correspond to one or more VNI, and a VNI is only capable of going out in a wherein mapping relations
It is existing.First tunnel configuration information can be generated by the first equipment according to own configuration information, or have previously been stored in first
Configuration information in equipment.It illustratively, as shown in table 2, is a kind of specific implementation of the first tunnel configuration information.
Second tunnel configuration information is matched with the first tunnel configuration information, can be from the second tunnel configuration information
One VNI of middle taking-up, and IPTA corresponding with the VNI, it is corresponding with the VNI further according to the first tunnel configuration acquisition of information
IPTB, when IPTA is identical as IPTB, the second tunnel configuration information and the first tunnel configuration information are mismatched.Second tunnel is matched
Confidence breath is matched with the first tunnel configuration information, is also possible to take out an IPTA, root from the second tunnel configuration information
According to the IPTA and the second tunnel configuration acquisition of information all VNIs corresponding with the IPTA, according to the first tunnel configuration acquisition of information
With all corresponding IPTB of VNI, when acquired IPTB is not unique, the second tunnel configuration information and the first tunnel configuration
Information mismatches.
It is illustrative: it is based on the first tunnel configuration information shown in the second tunnel configuration information shown in table 1 and table 2,
When being matched to the second tunnel configuration information with the first tunnel configuration information: VNI1 is taken out from the second configuration information, and
IPTA1 corresponding with VNI1 obtains IPTB1 corresponding with VNI1, as IPTA1=IPTB1, second according to the first configuration information
Configuration information and the first configuration information mismatch.
Transmission unit 403 is used for when the first tunnel configuration information and the second tunnel configuration information mismatch,
Failure message is sent to second equipment.
The failure message wherein sent to the second equipment, can be not indicate the second configuration information and the first configuration information not
The data matched, or further include indicating that the second configuration information and the first configuration information specifically mismatch the data of type, only
Want the first equipment that can inform that the second configuration information is illegal to the second equipment by failure message.
A kind of VXLAN tunnel detector provided in an embodiment of the present invention, comprising: receive the of the second equipment transmission first
Two tunnel configuration information;Secondly the second tunnel configuration information is matched with the first tunnel configuration information in the first equipment;
Finally when the first tunnel configuration information and the second tunnel configuration information mismatch, failure message is sent to the second equipment;Wherein
First tunnel configuration information includes the mapping relations of the first IP address Yu virtual network instance identification VNID, the first IP address be with
First equipment establishes the IP address of the destination in the tunnel VXLAN, and the second tunnel configuration information includes the second IP address and virtual net
The mapping relations of network instance identification VNID, the second IP address are that the IP of the destination in the tunnel VXLAN is established with second equipment
Address, tunnel configuration information establish the tunnel VXLAN for the first equipment and the second equipment.Therefore provided by the above embodiment
VXLAN tunnel detection method configures the second equipment according to itself for the VXLAN tunnel information configured in VXLAN network
The second tunnel configuration information that information generates, and to detect required for the second tunnel configuration information legitimacy in the first equipment
Configuration information i.e. the first tunnel configuration information is matched, and judges whether the second configuration information is legal according to matching result, such as
Second configuration information is illegal, sends failure message to the second equipment, so that the second equipment is learnt in the second equipment and establish
Configuration information required for the tunnel VXLAN is illegal, to match before establishing the tunnel VXLAN to will establish the tunnel VXLAN
Confidence breath carries out legitimacy detection and informs the error message to the equipment when the configuration information of tested equipment is illegal, from
And the reason of capable of establishing failure to the tunnel VXLAN, timely feedbacks, and improves the tunnel VXLAN and establishes efficiency, improves use
Family experience.
Specifically, in the above-described embodiments, the first equipment and the second equipment can also be to establish side referring to shown in Fig. 4
(or Correspondent Node/equity is real for neighborhood in boundary's gateway protocol (Border Gateway Protocol, abbreviation BGP)
Body).
Processing unit 401 can be also used for:
A virtual network instance identification is taken out from the second tunnel configuration information as the first virtual network instance identification;
The second IP address corresponding with the first virtual network instance identification is obtained in the second tunnel configuration information, and as the first tunnel
Source IP address obtains the first IP address corresponding with the first virtual network instance identification in the first tunnel configuration information, and
As the first tunnel destination IP address;A virtual network instance identification is wherein taken out from the second tunnel configuration information, it can
Think and take out any one virtual network instance identification from the second tunnel configuration information and as the first virtual network instance identification,
It is illustrative: based on the second tunnel configuration information shown in table 1, VNI2 to be taken out from the second tunnel configuration information, as first
Virtual network instance identification.
The second IP address corresponding with the first virtual network instance identification is wherein obtained in the second tunnel configuration information, and
As the first tunnel source IP address, it is included in the second tunnel configuration information, acquisition is deposited with the first virtual network instance identification
In the second IP address of mapping relations, and as the first tunnel source IP address.It is obtained and the in the first tunnel configuration information
Corresponding first IP address of one virtual network instance identification, and as the first tunnel destination IP address, it is included in the first tunnel
In configuration information, there are the first IP address of mapping relations with the first virtual network instance identification for acquisition, and as the first tunnel
Destination IP address.
Illustratively, based on the second tunnel configuration information shown in table 1, obtaining the first tunnel source IP address includes:
According to the VNI1 taken out in the second configuration information, the IPTA1 with VNI1 mapping is obtained in the second configuration information, is made
For the first tunnel source IP address.
Based on the first tunnel configuration information shown in table 2, obtaining the first tunnel destination IP address includes:
According to the VNI1 taken out in the second tunnel configuration information, obtained in the first configuration information and VNI1 mapping
IPTB1, as the first tunnel destination IP address.
Transmission unit 403 can be also used for:
When the first tunnel source IP address is identical as the first tunnel destination IP address, the first event is sent to the second equipment
Hinder message.
Wherein Fisrt fault message includes that the second tunnel configuration information is illegal and specific illegal content, i.e., and second
Tunnel configuration information and the first tunnel configuration information for tunnel source IP address in the configuration information in the tunnel same VXLAN with
Tunnel destination IP address is identical.Fisrt fault message can also be including in the second tunnel configuration information in above-mentioned illegal content
There is the second IP address being overlapped.
To the second equipment send Fisrt fault message, can for the first equipment by the second tunnel configuration information it is illegal and
Specific illegal content is sent to the second equipment in the form of data packet, or the first equipment believes the second tunnel configuration
It ceases illegal and specific illegal content and notifies the format of Notification message to be sent to the second equipment by BGP.
Optionally, the second equipment carries out miscue according to the Fisrt fault message after receiving Fisrt fault message.
A kind of VXLAN tunnel detector provided in an embodiment of the present invention, comprising: the first equipment first receives the second equipment
The the second tunnel configuration information sent;Secondly a virtual network instance identification is taken out from the second tunnel configuration information as the
One virtual network instance identification;Twoth IP corresponding with the first virtual network instance identification is obtained in the second tunnel configuration information
Address, and as the first tunnel source IP address, it is obtained and the first virtual network instance identification in the first tunnel configuration information
Corresponding first IP address, and as the first tunnel destination IP address;Judge the first tunnel source IP address and the first tunnel
Whether destination IP address is identical, sends Fisrt fault message to the second equipment if they are the same;Therefore provided by the above embodiment
VXLAN tunnel detection method configures the second equipment according to itself for the VXLAN tunnel information configured in VXLAN network
The second tunnel configuration information that information generates, and to detect required for the second tunnel configuration information legitimacy in the first equipment
Configuration information i.e. the first tunnel configuration information is matched, when the second tunnel configuration information and the first tunnel configuration information are directed to together
When source IP address in tunnel is overlapped with tunnel destination IP address in the configuration information in one tunnel VXLAN, sent out to the second equipment
Send the Fisrt fault message comprising above-mentioned illegal content.To before establishing the tunnel VXLAN to the tunnel VXLAN will be established
Configuration information carries out legitimacy detection and informs the configuration information to the equipment when the configuration information of tested equipment is illegal
The illegal and specific illegal content of configuration information, it is timely so as to establish the reason of failing progress to the tunnel VXLAN
Feedback, improves the tunnel VXLAN and establishes efficiency, improve user experience.
Specifically, in the above-described embodiments, processing unit 401 can be also used for referring to shown in Fig. 4:
Second IP address is taken out from the second tunnel configuration information as the second tunnel destination IP address;Second
All virtual network instance identifications corresponding with the second tunnel destination IP address are obtained in tunnel configuration information, and as second
Virtual network instance identification group;Obtained in the first tunnel configuration information with it is each virtual in the second virtual network instance identification group
Network example identifies corresponding tunnel destination IP address.
Wherein one the second IP address of taking-up, can as the second tunnel destination IP address from the second tunnel configuration information
Think and takes out any one second IP address from the second tunnel configuration information and as the second tunnel destination IP address, it is exemplary
, based on the second tunnel configuration information shown in table 1, VNI4 is taken out from the second tunnel configuration information, as the second tunnel mesh
End IP address.
All virtual network examples corresponding with the second tunnel destination IP address are obtained in the second tunnel configuration information
Mark, and as the second virtual network instance identification group, including obtain in the second tunnel configuration information with obtain within step 306
The second tunnel destination IP address there are one or more virtual network instance identifications of mapping relations, and by acquired void
The set of quasi- network example mark is as the second virtual network instance identification group.
It is obtained in the first tunnel configuration information and each virtual network example mark in the second virtual network instance identification group
Know corresponding tunnel destination IP address, including obtains in the first tunnel configuration information and in the second virtual network instance identification group
Corresponding first IP address of all virtual network instance identifications, and the first IP address that will acquire is considered as the second tunnel source
IP address, the second tunnel source IP address may include one or more first IP address.
Transmission unit 403 can be also used for:
When the second tunnel source IP address is not unique, the second failure message is sent to the second equipment.
Distinguish when acquired in step 307 with virtual network instance identifications all in the second virtual network instance identification group
When corresponding first IP address is greater than one, then represents presence and be greater than one and the second tunnel destination IP address corresponding second
Tunnel source IP address;When the second tunnel source IP address acquired in step 307 is first IP address, then represent with
The corresponding second tunnel source IP address of second tunnel destination IP address is unique.
Wherein the second failure message includes that the second tunnel configuration information is illegal and specific illegal content, i.e., with the
The corresponding second tunnel source IP address of two tunnel destination IP address is not unique.
Send the second failure message to the second equipment, can for by the second tunnel configuration information it is illegal and it is specific not
Legal content is sent to the second equipment in the form of data packet, or the second tunnel configuration information is illegal and specific
Illegal content the second equipment is sent to by the format of BGP Notification message.Second failure message can also wrap
Include in above-mentioned illegal content with the first IP address in the first tunnel configuration information as the second tunnel destination IP address, with
And second the second IP address in tunnel configuration information as the second tunnel source IP address.
Optionally, the second equipment carries out miscue according to the second failure message after receiving the second failure message.
A kind of VXLAN tunnel detector provided in an embodiment of the present invention, comprising: the first equipment first receives the second equipment
The the second tunnel configuration information sent;Second IP address is taken out first from the second tunnel configuration information as the second tunnel
Destination IP address;Secondly it is obtained in the second tunnel configuration information corresponding with the second tunnel destination IP address all virtual
Network example mark, and as the second virtual network instance identification group;It is obtained in the first tunnel configuration information with second virtually
The corresponding tunnel destination IP address of each virtual network instance identification in network example mark group;Finally judge the second virtual net
Corresponding i.e. the second tunnel source IP address of tunnel destination IP address of each virtual network instance identification in network instance identification group
It is whether unique, if not unique first equipment sends the second failure message to the second equipment.Therefore VXLAN provided by the above embodiment
Tunnel detection method, for the VXLAN tunnel information configured in VXLAN network, by the second equipment according to own configuration information
The the second tunnel configuration information generated, and to detect the configuration required for the second tunnel configuration information legitimacy in the first equipment
Information i.e. the first tunnel configuration information is matched, when selected in the first tunnel configuration information first IP address as
Two tunnel destination IP address, according to the second tunnel configuration acquisition of information and the second tunnel destination IP address corresponding second
When tunnel source IP address is not unique, the second failure message comprising above-mentioned illegal content is sent to the second equipment.Thus
It establishes before the tunnel VXLAN and legitimacy detection is carried out to the configuration information that will establish the tunnel VXLAN, in the configuration of tested equipment
When information is illegal, inform that the configuration information is illegal and the specific illegal content of configuration information to the equipment, so as to
Enough the reason of establishing failure to the tunnel VXLAN, timely feedback, and improve the tunnel VXLAN and establish efficiency, improve user's body
It tests.
Wherein, it should be noted that each unit in the present embodiment can be the processor or sensor individually set up,
Also it can integrate and realized in some processor or sensor, in addition it is also possible to be stored in touch-control in the form of program code
In the memory of point identification device, the function of above each unit is called by processor and executed.Processor described here can
To be a central processing unit (full name in English: Central Processing Unit, English abbreviation: CPU), or matched
It is set to the one or more integrated circuits (full name in English: Integrated Circuit, English letter for implementing the embodiment of the present invention
Claim: IC);Sensor can be the circuit structure an of electronic component or multiple electronic components composition, or be configured to
Implement one or more integrated circuits of the embodiment of the present invention.
The above description is merely a specific embodiment, but scope of protection of the present invention is not limited thereto, any
In the technical scope disclosed by the present invention, any changes or substitutions that can be easily thought of by those familiar with the art, all answers
It is included within the scope of the present invention.Therefore, protection scope of the present invention should be subject to the protection scope in claims.
Claims (14)
1. a kind of VXLAN tunnel detection method, which is characterized in that this method comprises:
First equipment receives the second tunnel configuration information that the second equipment is sent;
The second tunnel configuration information is matched with the first tunnel configuration information in first equipment;
When the first tunnel configuration information and the second tunnel configuration information mismatch, first equipment is to described the
Two equipment send failure message;
The first tunnel configuration information includes the mapping relations of the first IP address Yu virtual network instance identification VNID, and described
One IP address is that the IP address of the destination in the tunnel VXLAN is established with first equipment;The second tunnel configuration packet
The mapping relations of the second IP address Yu virtual network instance identification VNID are included, second IP address is to build with second equipment
The IP address of the destination in the vertical tunnel VXLAN, wherein tunnel configuration information establishes VXLAN tunnel for the first equipment and the second equipment
Road.
2. VXLAN tunnel detection method according to claim 1, it is characterised in that:
It is described to match the second tunnel configuration information with the first tunnel configuration information in first equipment, packet
It includes:
The first virtual network instance identification is taken out from the second tunnel configuration information, wherein the first virtual network example
It is identified as any virtual network instance identification of the second tunnel configuration information;
The second IP address corresponding with the first virtual network instance identification is obtained in the second tunnel configuration information, and
As the first tunnel source IP address;
The first IP address corresponding with the first virtual network instance identification is obtained in the first tunnel configuration information, and
As the first tunnel destination IP address;
It is described when the first tunnel configuration information and the second tunnel configuration information mismatch, first equipment is to institute
It states the second equipment and sends failure message, comprising:
When the first tunnel source IP address is identical as the first tunnel destination IP address, first equipment is to institute
It states the second equipment and sends Fisrt fault message.
3. -2 described in any item VXLAN tunnel detection methods according to claim 1, it is characterised in that:
It is described to match the second tunnel configuration information with the first tunnel configuration information in first equipment, also wrap
It includes:
Second IP address is taken out from the second tunnel configuration information as the second tunnel destination IP address;
All virtual networks corresponding with the second tunnel destination IP address are obtained in the second tunnel configuration information
Instance identification, and as the second virtual network instance identification group;
It is obtained in the first tunnel configuration information real with virtual network each in the second virtual network instance identification group
Example identifies corresponding tunnel destination IP address;
It is described when the first tunnel configuration information and the second tunnel configuration information mismatch, first equipment is to institute
It states the second equipment and sends failure message, further includes:
When the corresponding tunnel destination IP address of virtual network instance identification each in the second virtual network instance identification group
When not unique, first equipment sends the second failure message to second equipment.
4. VXLAN tunnel detection method according to claim 1 or 2, which is characterized in that first equipment and described the
Two equipment are bgp neighbor.
5. VXLAN tunnel detection method according to claim 3, which is characterized in that first equipment and described second
Equipment is bgp neighbor.
6. VXLAN tunnel detection method according to claim 4, which is characterized in that the failure message is BGP notice
Notification message;
After second equipment receives the failure message, the content according to failure message carries out miscue, and maintains institute
It states bgp neighbor and is in established state.
7. VXLAN tunnel detection method according to claim 5, which is characterized in that the failure message is BGP notice
Notification message;
After second equipment receives the failure message, the content according to failure message carries out miscue, and maintains institute
It states bgp neighbor and is in established state.
8. a kind of VXLAN tunnel detector is located at the first equipment characterized by comprising
Receiving unit, for receiving the second tunnel configuration information of the second equipment transmission;
Processing unit, for carrying out the first tunnel configuration information in the second tunnel configuration information and first equipment
Matching;
Transmission unit is used for when the first tunnel configuration information and the second tunnel configuration information mismatch, Xiang Suoshu
Second equipment sends failure message;
The first tunnel configuration information includes the mapping relations of the first IP address Yu virtual network instance identification VNID, and described
One IP address is that the IP address of the destination in the tunnel VXLAN is established with first equipment;The second tunnel configuration packet
The mapping relations of the second IP address Yu virtual network instance identification VNID are included, second IP address is to build with second equipment
The IP address of the destination in the vertical tunnel VXLAN, wherein the tunnel configuration information is established for the first equipment and the second equipment
The tunnel VXLAN.
9. VXLAN tunnel detector according to claim 8, which is characterized in that the processing unit is also used to:
The first virtual network instance identification is taken out from the second tunnel configuration information, wherein the first virtual network example
It is identified as any virtual network instance identification of the second tunnel configuration information;
The second IP address corresponding with the first virtual network instance identification is obtained in the second tunnel configuration information, and
As the first tunnel source IP address;
The first IP address corresponding with the first virtual network instance identification is obtained in the first tunnel configuration information, and
As the first tunnel destination IP address;
The transmission unit is also used to:
When the first tunnel source IP address is identical as the first tunnel destination IP address, the second equipment of Xiang Suoshu hair
Send Fisrt fault message.
10. VXLAN tunnel detector according to claim 8 or claim 9, which is characterized in that the processing unit is also used to:
Second IP address is taken out from the second tunnel configuration information as the second tunnel destination IP address;
All virtual networks corresponding with the second tunnel destination IP address are obtained in the second tunnel configuration information
Instance identification, and as the second virtual network instance identification group;
It is obtained in the first tunnel configuration information real with virtual network each in the second virtual network instance identification group
Example identifies corresponding tunnel destination IP address;
The transmission unit is also used to:
When the corresponding tunnel destination IP address of virtual network instance identification each in the second virtual network instance identification group
When not unique, the second equipment of Xiang Suoshu sends the second failure message.
11. VXLAN tunnel detector according to claim 8 or claim 9, which is characterized in that first equipment with it is described
Second equipment is bgp neighbor.
12. VXLAN tunnel detector according to claim 10, which is characterized in that first equipment and described the
Two equipment are bgp neighbor.
13. VXLAN tunnel detector according to claim 11, which is characterized in that the failure message is BGP notice
Notification message;
After second equipment receives the failure message, the content according to failure message carries out miscue, and maintains institute
It states bgp neighbor and is in established state.
14. VXLAN tunnel detector according to claim 12, which is characterized in that the failure message is BGP notice
Notification message;
After second equipment receives the failure message, the content according to failure message carries out miscue, and maintains institute
It states bgp neighbor and is in established state.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510931765.1A CN105490884B (en) | 2015-12-14 | 2015-12-14 | A kind of VXLAN tunnel detection method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510931765.1A CN105490884B (en) | 2015-12-14 | 2015-12-14 | A kind of VXLAN tunnel detection method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105490884A CN105490884A (en) | 2016-04-13 |
| CN105490884B true CN105490884B (en) | 2019-04-02 |
Family
ID=55677625
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510931765.1A Active CN105490884B (en) | 2015-12-14 | 2015-12-14 | A kind of VXLAN tunnel detection method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105490884B (en) |
Families Citing this family (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108123864B (en) * | 2016-11-30 | 2020-09-25 | 新华三技术有限公司 | EVPN tunnel monitoring method and device |
| CN108617008B (en) * | 2016-12-05 | 2019-09-17 | 大唐移动通信设备有限公司 | A kind of method and apparatus of business data processing |
| CN107171966B (en) * | 2017-07-27 | 2019-11-26 | 迈普通信技术股份有限公司 | A kind of VXLAN file transmitting method, VTEP and VXLAN system |
| CN111225006A (en) * | 2018-11-23 | 2020-06-02 | 中兴通讯股份有限公司 | Connection establishing method, message transmission method, device and storage medium |
| CN112583690B (en) * | 2019-09-27 | 2022-08-19 | 华为技术有限公司 | Tunnel configuration method, device, system, equipment and storage medium |
| CN112887185B (en) * | 2019-11-29 | 2024-03-15 | 华为云计算技术有限公司 | Communication method and device of overlay network |
| CN111130978B (en) * | 2019-12-03 | 2021-11-23 | 杭州迪普科技股份有限公司 | Network traffic forwarding method and device, electronic equipment and machine-readable storage medium |
| CN113923075A (en) * | 2020-07-09 | 2022-01-11 | 华为技术有限公司 | Data transmission method and device |
| CN112187611B (en) * | 2020-09-30 | 2022-03-25 | 瑞斯康达科技发展股份有限公司 | Method, storage medium and device for establishing service tunnel |
| CN113746715B (en) * | 2021-07-16 | 2023-03-31 | 北京华三通信技术有限公司 | Method and device for realizing cross-three-layer transmission of two-layer message |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7373660B1 (en) * | 2003-08-26 | 2008-05-13 | Cisco Technology, Inc. | Methods and apparatus to distribute policy information |
| CN102822835A (en) * | 2010-01-20 | 2012-12-12 | 先行有限公司 | Personal portable secured network access system |
| CN103580980A (en) * | 2012-07-24 | 2014-02-12 | 中兴通讯股份有限公司 | Automatic searching and automatic configuration method and device of VN |
| CN104243268A (en) * | 2014-09-19 | 2014-12-24 | 杭州华三通信技术有限公司 | Association method and device between virtual extensible local area networks (VXLAN) and tunnel |
| US8954601B1 (en) * | 2007-06-15 | 2015-02-10 | Juniper Networks, Inc. | Authentication and encryption of routing protocol traffic |
| CN104468394A (en) * | 2014-12-04 | 2015-03-25 | 杭州华三通信技术有限公司 | Method and device for forwarding messages in VXLAN network |
| CN104767666A (en) * | 2015-04-15 | 2015-07-08 | 杭州华三通信技术有限公司 | Virtual extensible local area network tunnel terminal tunnel building method and equipment |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8948054B2 (en) * | 2011-12-30 | 2015-02-03 | Cisco Technology, Inc. | System and method for discovering multipoint endpoints in a network environment |
-
2015
- 2015-12-14 CN CN201510931765.1A patent/CN105490884B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7373660B1 (en) * | 2003-08-26 | 2008-05-13 | Cisco Technology, Inc. | Methods and apparatus to distribute policy information |
| US8954601B1 (en) * | 2007-06-15 | 2015-02-10 | Juniper Networks, Inc. | Authentication and encryption of routing protocol traffic |
| CN102822835A (en) * | 2010-01-20 | 2012-12-12 | 先行有限公司 | Personal portable secured network access system |
| CN103580980A (en) * | 2012-07-24 | 2014-02-12 | 中兴通讯股份有限公司 | Automatic searching and automatic configuration method and device of VN |
| CN104243268A (en) * | 2014-09-19 | 2014-12-24 | 杭州华三通信技术有限公司 | Association method and device between virtual extensible local area networks (VXLAN) and tunnel |
| CN104468394A (en) * | 2014-12-04 | 2015-03-25 | 杭州华三通信技术有限公司 | Method and device for forwarding messages in VXLAN network |
| CN104767666A (en) * | 2015-04-15 | 2015-07-08 | 杭州华三通信技术有限公司 | Virtual extensible local area network tunnel terminal tunnel building method and equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105490884A (en) | 2016-04-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105490884B (en) | A kind of VXLAN tunnel detection method and device | |
| CN103401726B (en) | Network path detection method and device, system | |
| CN105577417B (en) | Message forwarding method and device based on VXLAN network | |
| CN103581021B (en) | The method and apparatus of business detection under software defined network | |
| CN113595897B (en) | Path detection method and device | |
| CN107819677A (en) | A kind of message forwarding method and device | |
| CN104660469B (en) | A kind of method for detecting connectivity and relevant device of double layer network | |
| CN103580894B (en) | Method, equipment and the system of Operations, Administration and Maintenance OAM configurations | |
| CN105227466B (en) | Communication processing method and device | |
| CN104253745B (en) | A kind of route withdraw method and the network equipment | |
| CN104468368B (en) | Configure the method and device of bgp neighbor | |
| US10856202B2 (en) | Creation of a wireless mesh network among proximately located wireless devices | |
| CN104852840A (en) | Method and device for controlling mutual access between virtual machines | |
| CN102349277A (en) | Intrusion detection for virtual layer-2 services | |
| CN106878136A (en) | A kind of message forwarding method and device | |
| CN104579973B (en) | Message forwarding method and device in a kind of Virtual Cluster | |
| CN106452862A (en) | Method and device for determining loop network | |
| CN105207909B (en) | A kind of method and network equipment sending information | |
| JP5267065B2 (en) | Communication apparatus and network test method | |
| CN104009919B (en) | Message forwarding method and device | |
| US8514724B2 (en) | Testing connectivity in networks using overlay transport virtualization | |
| WO2018232910A1 (en) | Method and system for determining data transmission routes between internet of things devices | |
| CN102571464B (en) | Link tracking processing method and system | |
| US9893979B2 (en) | Network topology discovery by resolving loops | |
| CN105763411B (en) | Method and device for establishing multicast tunnel |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |