CN113114588B - Data processing method and device, electronic equipment and storage medium - Google Patents
Data processing method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN113114588B CN113114588B CN202110399866.4A CN202110399866A CN113114588B CN 113114588 B CN113114588 B CN 113114588B CN 202110399866 A CN202110399866 A CN 202110399866A CN 113114588 B CN113114588 B CN 113114588B
- Authority
- CN
- China
- Prior art keywords
- address
- server
- information
- traffic analysis
- application discovery
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000003672 processing method Methods 0.000 title abstract description 18
- 238000004458 analytical method Methods 0.000 claims abstract description 89
- 238000000034 method Methods 0.000 claims description 27
- 238000012545 processing Methods 0.000 claims description 20
- 238000005206 flow analysis Methods 0.000 claims description 16
- 238000012795 verification Methods 0.000 claims description 14
- 230000004044 response Effects 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 10
- 238000004590 computer program Methods 0.000 description 9
- 238000004891 communication Methods 0.000 description 8
- 230000006870 function Effects 0.000 description 4
- 230000003993 interaction Effects 0.000 description 4
- 230000008859 change Effects 0.000 description 3
- 238000012423 maintenance Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 238000013473 artificial intelligence Methods 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000002955 isolation Methods 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000001953 sensory effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
- 239000002699 waste material Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0889—Techniques to speed-up the configuration process
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/24—Traffic characterised by specific attributes, e.g. priority or QoS
- H04L47/2408—Traffic characterised by specific attributes, e.g. priority or QoS for supporting different services, e.g. a differentiated services [DiffServ] type of service
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The disclosure provides a data processing method and device, electronic equipment and a storage medium, and relates to the field of cloud computing. The specific implementation scheme is as follows: determining address information and a target service type of the traffic analysis server based on the received application discovery data from the traffic analysis server; updating a server address set corresponding to the target service type in a service information list based on the address information of the traffic analysis server; and in the case of receiving the traffic from the data center, distributing the traffic according to the service information list. The embodiment of the disclosure can improve the traffic distribution efficiency.
Description
Technical Field
The present disclosure relates to the field of data processing technologies, and in particular, to the field of cloud computing.
Background
IDC (Internet Data Center) is the basis of current Internet services, and carries various Internet services derived from high and new technologies such as cloud computing, big Data, artificial intelligence, and the like. As the amount of internet data increases, the problem of internet data security is becoming more and more prominent. In order to meet the requirements of DDoS (Distributed Denial of Service) attack detection, intrusion detection, supervision requirements and the like, the flow of the IDC in and out needs to be copied in multiple ways and Distributed to different services for specific type of flow analysis. To reduce the size of the analysis server cluster and reduce costs, programmable switches may be used to implement traffic distribution. Generally, the programmable switch may distribute traffic based on a distribution policy configured by the operation and maintenance personnel.
Disclosure of Invention
The disclosure provides a data processing method, a data processing device, an electronic device and a storage medium.
According to an aspect of the present disclosure, there is provided a data processing method including:
determining address information and a target service type of the traffic analysis server based on the received application discovery data from the traffic analysis server;
updating a server address set corresponding to the target service type in a service information list based on the address information of the traffic analysis server;
and in the case of receiving the traffic from the data center, distributing the traffic according to the service information list.
According to another aspect of the present disclosure, there is provided a data processing method including:
sending application discovery data to the switch;
the application discovery data is used for indicating the address information of the flow analysis server and the target service type; the address information of the flow analysis server and the target service type are used for updating a server address set corresponding to the target service type in a service information list of the switch; the service information list is used to distribute traffic.
According to another aspect of the present disclosure, there is provided a data processing apparatus including:
the information determining module is used for determining the address information and the target service type of the traffic analysis server based on the received application discovery data from the traffic analysis server;
the list updating module is used for updating a server address set corresponding to the target service type in the service information list based on the address information of the traffic analysis server;
and the flow distribution module is used for distributing the flow according to the service information list under the condition of receiving the flow from the data center.
According to another aspect of the present disclosure, there is provided a data processing apparatus including:
a sending module, configured to send application discovery data to a switch;
the application discovery data is used for indicating the address information of the flow analysis server and the target service type; the address information of the flow analysis server and the target service type are used for updating a server address set corresponding to the target service type in a service information list of the switch; the service information list is used to distribute traffic.
According to another aspect of the present disclosure, there is provided an electronic device including:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to cause the at least one processor to perform the method of any of the embodiments of the present disclosure.
According to another aspect of the present disclosure, there is provided a non-transitory computer readable storage medium having stored thereon computer instructions for causing a computer to perform a method in any of the embodiments of the present disclosure.
According to another aspect of the present disclosure, there is provided a computer program product comprising a computer program which, when executed by a processor, performs the method in any of the embodiments of the present disclosure.
According to the techniques of this disclosure, a traffic analysis server may indicate to a switch address information of the traffic analysis server and a corresponding target service type by sending application discovery data. The switch may update each set of server addresses corresponding to each service type in the service information list according to the application discovery data, thereby distributing traffic of the data center using the service information list. The service information list is automatically updated and maintained by receiving and sending the discovery data, operation and maintenance personnel do not need to log in the switch to configure a distribution strategy, the cost is reduced, faults caused by manual errors are avoided, and the distribution efficiency is improved.
It should be understood that the statements in this section do not necessarily identify key or critical features of the embodiments of the present disclosure, nor do they limit the scope of the present disclosure. Other features of the present disclosure will become apparent from the following description.
Drawings
The drawings are included to provide a better understanding of the present solution and are not to be construed as limiting the present disclosure. Wherein:
fig. 1 is a schematic diagram of a data processing method according to an embodiment of the present disclosure;
FIG. 2 is a schematic diagram of a data processing method provided by another embodiment of the present disclosure;
FIG. 3 is a schematic diagram of an example application of the present disclosure;
FIG. 4 is a schematic diagram of a data processing apparatus provided by an embodiment of the present disclosure;
FIG. 5 is a schematic diagram of a data processing apparatus provided by another embodiment of the present disclosure;
FIG. 6 is a schematic diagram of a data processing apparatus provided in yet another embodiment of the present disclosure;
fig. 7 is a block diagram of an electronic device for implementing a data processing method of an embodiment of the present disclosure.
Detailed Description
Exemplary embodiments of the present disclosure are described below with reference to the accompanying drawings, in which various details of the embodiments of the disclosure are included to assist understanding, and which are to be considered as merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the present disclosure. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
Fig. 1 shows a schematic diagram of a data processing method according to an embodiment of the present disclosure. As shown in fig. 1, the data processing method may include:
step S11, determining the address information and the target service type of the traffic analysis server based on the received application discovery data from the traffic analysis server;
step S12, updating a server address set corresponding to the target service type in a service information list based on the address information of the traffic analysis server;
and step S13, distributing mirror image flow according to the service information list under the condition of receiving the flow data from the data center.
Illustratively, the above method may be implemented by a switch or a group of switches. The switch or the switch group is connected between the data center and the flow distribution server and used for acquiring the flow of the data center in and out, copying the flow to obtain multiple mirror image flows, and distributing the multiple mirror image flows to the flow analysis servers of different service types to complete the flow analysis of a specific type. Wherein the data center may include IDCs. The switch may comprise a programmable switch.
Illustratively, the application discovery data may be data for discovering an online condition of the service generated based on a preset protocol. The preset Protocol may be referred to as an Application Discovery Protocol (ADP). Accordingly, the Application Discovery Data may also be referred to as an Application Discovery Protocol Data Unit (ADPDU).
Illustratively, multiple fields of information may be included in the application discovery data. The plurality of fields includes, for example, at least one of a destination address, a source address, a protocol identification, a service identification, and the like. Wherein, the source address in the application discovery data can be used for determining the address information of the flow analysis server, and the service identification can be used for determining the target service type.
For example, the destination address, the source address, or the address information of the traffic analysis server may be a MAC (Media Access Control) address or an IP (Internet Protocol) address.
Illustratively, a plurality of server address sets corresponding to a plurality of service types may be included in the service information list, so that the switch determines the number and addresses of traffic analysis servers of one or more specific service types from the service information list, determines the number of copies of mirror copy traffic based on the number of traffic analysis servers, and distributes the traffic of the data center to the traffic analysis servers of the specific service types based on the addresses of the traffic analysis servers.
Illustratively, the traffic analysis server sends the application discovery data while online or periodically after online. The switch updates the service information list each time it receives application discovery data. Therefore, when a certain service cluster needs to be expanded and a server is online, the switch can update the service information list in time through interaction of application discovery data, so as to distribute traffic based on a traffic forwarding strategy corresponding to the updated service information list.
As can be seen, according to the data processing method of the embodiment of the present disclosure, the traffic analysis server may indicate, to the switch, the address information of the traffic analysis server and the corresponding target service type by sending the application discovery data. The switch may update each set of server addresses corresponding to each service type in the service information list according to the application discovery data, thereby distributing traffic of the data center using the service information list. The service information list is automatically updated and maintained by receiving and sending the discovery data, operation and maintenance personnel do not need to log in a switch to configure a distribution strategy, the cost is reduced, and faults caused by manual errors are avoided.
In an exemplary embodiment, the step S12, updating, in the service information list, a set of server addresses corresponding to the target service type based on the address information of the traffic analysis server, includes:
and adding the address information of the traffic analysis server in a server address set corresponding to the target service type in the service information list.
For example, the address information of the traffic analysis server is address a, and the target service type is type 1; and if the server address set corresponding to the type 1 in the service information list contains the addresses B and C, and if the address A is not contained, the address A is added to the server address set corresponding to the type 1. Then, if the traffic of the data center needs to be distributed to the traffic analysis server of type 1, at least one of the addresses a, B, and C may be determined according to the service information list, and the traffic may be distributed to the corresponding traffic analysis server.
According to the above embodiment, the updating of the service information list includes adding the address information of the traffic analysis server to a set of server addresses corresponding to the target service type. Therefore, when a newly added flow analysis server is on line, the address information of the newly added flow analysis server can be recorded in the service information list in time so as to improve the accuracy of flow distribution.
In some scenarios, the application discovery data may include not only a destination address, a source address, a protocol identifier, a service identifier, and the like, but also information validity time. The updating of the server address set in the service information list includes not only adding, deleting and modifying the addresses in the server address set, but also recording the effective time of each address in the server address set.
Specifically, in step S12, updating the server address set corresponding to the target service type in the service information list based on the address information of the traffic analysis server includes:
and updating the effective time of the address information of the traffic analysis server to the information effective time in the application discovery data in the server address set corresponding to the target service type in the service information list.
For example, when the address a is already included in the server address set corresponding to the target service type in the service information list and the valid time record of the address a is 12, if the application discovery data is received at 12. Address a is looked up in the server address set corresponding to type 1, and the validity time of address a is updated to 12.
For example, if the server address set corresponding to the target service type does not include the address information of the traffic analysis server indicated by the application discovery data, the address information of the traffic analysis server may be added to the server address set corresponding to the target service type in the service information list, and then the valid time of the address information of the traffic analysis server may be updated to the information valid time in the application discovery packet in the server address set corresponding to the target service type in the service information list.
If the server address set corresponding to the target service type includes the address information of the traffic analysis server indicated by the application discovery data, the valid time of the address information of the traffic analysis server may be directly updated to the information valid time in the application discovery packet in the server address set corresponding to the target service type in the service information list.
According to the above embodiment, the updating of the service information list includes recording the valid time of the address in the server address set. Based on this, the switch can discover that the traffic analysis server is offline in time. For example, in the case that the traffic analysis server exits the service group or a failure, a crash, or the like occurs, the switch can discover in time. The method is beneficial to timely fault isolation and flow distribution strategy change, and the change efficiency and the fault isolation efficiency are improved.
Exemplarily, the data processing method further includes:
and in response to the current time exceeding the effective time of the address information of the traffic analysis server, deleting the address information of the traffic analysis server or marking the traffic analysis server as offline in a server address set corresponding to the target service type.
For example, the valid time of the address a in the service information list is 12, and if 12.
According to the embodiment, the switch deletes the corresponding address information or marks off-line in the service information list under the condition that the traffic analysis server is found to be invalid, so that the distribution strategy can be changed, and the change efficiency is improved.
Illustratively, the application discovery data may also include rights verification information. Correspondingly, the step S11 of determining the address information and the target service type of the traffic analysis server based on the received application discovery data from the traffic analysis server includes:
under the condition that application discovery data from a traffic analysis server are received, verifying the authority of the application discovery data based on authority verification information in the application discovery data;
in case of verifying the authority to discover data by the application, address information of the traffic analysis server and a target service type are determined based on the application discovery data.
According to the embodiment, the switch can carry out authority verification on the application discovery data, and execute subsequent processing under the condition that the verification is passed. Therefore, the reliability of the service information list can be improved, and the flow distribution quality can be improved.
An embodiment of the present disclosure further provides a data processing method, as shown in fig. 2, the method may include:
step S21, sending application discovery data to the switch;
the application discovery data is used for indicating the address information and the target service type of the traffic analysis server; the address information of the flow analysis server and the target service type are used for updating a server address set corresponding to the target service type in a service information list of the switch; the service information list is used to distribute traffic from the data center.
Illustratively, the above method may be implemented by a traffic analysis server.
Exemplarily, the step S21 of sending the application discovery data to the switch may include:
and sending the application discovery data to the switch under the condition that the service is on line.
According to the embodiment, the switch can find the data sensing service to be on line in time based on the application, so that the distribution strategy can be adjusted in time, and the distribution efficiency is improved.
Illustratively, the traffic analysis server may also periodically send application discovery data to the switch.
Therefore, through the interaction between the switch and the flow analysis server, the distribution strategy can be not required to be changed manually, the distribution efficiency is improved, and the cost is reduced. A specific application example is given below.
As shown in fig. 3, the traffic analysis server 30 sends application discovery data ADPDU to the switch 31. The data plane 311 of the switch 31 receives the ADPDU and reports it to the control plane 312 of the switch 31. The control plane 312 is aware of the overall network logic based on the ADPDU and updates the service information list based on the ADPDU. After each update, the control plane 312 sends the service information list to the data plane 311,. The data plane 311 completes the traffic distribution according to the list.
Wherein the ADPDU may include a plurality of fields. Each field contains TLV (type, length, value) format information. Here, the TLV format information contains the following:
(1) A field type of 7 bits (bit) in length;
(2) Data part length information indicating a length of the data part; the length of the data part length information is 9 bits;
(3) And a data portion having a length of 0 to 511 bytes.
Specifically, the plurality of fields include:
(1) Service type identification (Server name): the field is a mandatory field, and the field type may be 0, and is used to determine the service type of the server or to determine the service cluster to which the server belongs.
(2) Information effective time (TTL): the field is a mandatory field, and the field type may be 1.
(3) Authentication information (Auth info): this field is an optional field and the field type may be 2. Only the authenticated switch will process the ADPDU.
(4) IP segment (IP range): this field is used to indicate the required detected IP segments and the unneeded switches may not send this field to reduce waste of resources.
(5) End flag (End Of ADPDU): the field is a mandatory field, and the field type may be 127, which is used to mark the end of the message.
In addition, the ADPDU may further include an extended field (Reserved), a custom field (Self-define), and the like, which supports the user to extend or customize fields in the ADPDU as required.
An exemplary ADPDU message format is as follows:
wherein, the ethertype 0x88dd indicates that the message is an ADPDU. And the data plane of the switch analyzes the received message, and forwards the message with the Ethernet type of 0x88dd to the control plane virtual network card. And the control plane monitors the virtual network card, filters the ADPDU, and performs format verification and authority verification on the ADPDU. The control plane traverses each field in the ADPDU, updates the overall state of the network, generates a new service information list and sends the new service information list to the data plane.
As implementations of the foregoing methods, an embodiment of the present disclosure further provides a data processing apparatus. As shown in fig. 4, the apparatus includes:
an information determining module 410, configured to determine address information and a target service type of the traffic analysis server based on the received application discovery data from the traffic analysis server;
a list updating module 420, configured to update a server address set corresponding to the target service type in the service information list based on the address information of the traffic analysis server;
and a traffic distribution module 430, configured to distribute traffic according to the service information list when the traffic from the data center is received.
Illustratively, as shown in FIG. 5, the list update module 420 includes:
an address adding unit 421, configured to add address information of the traffic analysis server in a server address set corresponding to the target service type in the service information list.
Illustratively, as shown in fig. 5, the application discovery data includes an information validity time; the list update module 420 includes:
a time updating unit 422, configured to update the valid time of the address information of the traffic analysis server to the information valid time in the application discovery packet in the server address set corresponding to the target service type in the service information list.
Illustratively, as shown in fig. 5, the data processing apparatus further includes:
and the information deleting module 510 is configured to delete address information of the traffic analysis server from the server address set corresponding to the target service type in response to that the current time exceeds the valid time of the address information of the traffic analysis server.
Illustratively, as shown in fig. 5, the application discovery data includes rights verification information; the information determination module 410 includes:
an authority verification unit 411 configured to verify an authority of the application discovery data based on authority verification information in the application discovery data in a case where the application discovery data is received from the traffic analysis server;
an information determining unit 412 for determining address information of the traffic analysis server and a target service type based on the application discovery data in case of verifying the authority to discover the data through the application.
An embodiment of the present disclosure further provides a data processing apparatus, and as shown in fig. 6, the apparatus includes:
a sending module 610, configured to send application discovery data to a switch;
the application discovery data is used for indicating the address information and the target service type of the traffic analysis server; the address information of the flow analysis server and the target service type are used for updating a server address set corresponding to the target service type in a service information list of the switch; the service information list is used to distribute traffic from the data center.
Illustratively, the sending module 610 is configured to:
and sending application discovery data to the switch under the condition that the service is on line.
The functions of each unit, module or sub-module in each device in the embodiments of the present disclosure may refer to the corresponding description in the above method embodiments, and are not described herein again.
The present disclosure also provides an electronic device, a readable storage medium, and a computer program product according to embodiments of the present disclosure.
Fig. 7 illustrates a schematic block diagram of an example electronic device 800 that can be used to implement embodiments of the present disclosure. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. Electronic devices may also represent various forms of mobile devices, such as personal digital processors, cellular telephones, smart phones, wearable devices, and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be examples only, and are not meant to limit implementations of the disclosure described and/or claimed herein.
As shown in fig. 7, the electronic device 700 includes a computing unit 701, which may perform various appropriate actions and processes according to a computer program stored in a Read Only Memory (ROM) 702 or a computer program loaded from a storage unit 708 into a Random Access Memory (RAM) 703. In the RAM 703, various programs and data necessary for the operation of the electronic device 700 can be stored. The calculation unit 701, the ROM 702, and the RAM 703 are connected to each other by a bus 704. An input/output (I/O) interface 705 is also connected to bus 704.
A plurality of components in the electronic device 700 are connected to the I/O interface 705, including: an input unit 706 such as a keyboard, a mouse, or the like; an output unit 707 such as various types of displays, speakers, and the like; a storage unit 708 such as a magnetic disk, optical disk, or the like; and a communication unit 709 such as a network card, a modem, a wireless communication transceiver, etc. The communication unit 709 allows the electronic device 700 to exchange information/data with other devices via a computer network such as the internet and/or various telecommunication networks.
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuitry, field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), system on a chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs that are executable and/or interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, receiving data and instructions from, and transmitting data and instructions to, a storage system, at least one input device, and at least one output device.
Program code for implementing the methods of the present disclosure may be written in any combination of one or more programming languages. These program codes may be provided to a processor or controller of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the program codes, when executed by the processor or controller, cause the functions/operations specified in the flowchart and/or block diagram to be performed. The program code may execute entirely on the machine, partly on the machine, as a stand-alone software package, partly on the machine and partly on a remote machine or entirely on the remote machine or server.
In the context of this disclosure, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. A machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on a computer having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) by which a user can provide input to the computer. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user can be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic input, speech input, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a back-end component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such back-end, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), and the Internet.
The computer system may include clients and servers. A client and server are generally remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other.
It should be understood that various forms of the flows shown above, reordering, adding or deleting steps, may be used. For example, the steps described in the present disclosure may be executed in parallel, sequentially or in different orders, and are not limited herein as long as the desired results of the technical solutions disclosed in the present disclosure can be achieved.
The above detailed description should not be construed as limiting the scope of the disclosure. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may be made in accordance with design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present disclosure should be included in the protection scope of the present disclosure.
Claims (16)
1. A method of data processing, comprising:
determining address information and a target service type of a traffic analysis server based on received application discovery data from the traffic analysis server; wherein the application discovery data is used to discover service presence;
updating a server address set corresponding to the target service type in a service information list based on the address information of the traffic analysis server;
under the condition that the flow from a data center is received, distributing the flow according to the service information list;
wherein the service information list includes a plurality of server address sets corresponding to a plurality of service types, and the distributing the traffic according to the service information list includes:
and determining the number and the address of the traffic analysis servers of at least one specific service type according to the service information list, determining the number of copies of mirror copy traffic based on the number, and distributing the traffic from the data center to the traffic analysis servers of at least one specific service type based on the address.
2. The method of claim 1, wherein the updating a set of server addresses corresponding to the target service type in a service information list based on address information of the traffic analysis server comprises:
and adding the address information of the flow analysis server in a server address set corresponding to the target service type in the service information list.
3. The method of claim 1 or 2, wherein the application discovery data comprises an information validity time;
the updating, in a service information list, a set of server addresses corresponding to the target service type based on the address information of the traffic analysis server includes:
and updating the effective time of the address information of the traffic analysis server to the effective time of the information in the application discovery data in a server address set corresponding to the target service type in a service information list.
4. The method of claim 3, further comprising:
and in response to that the current time exceeds the effective time of the address information of the traffic analysis server, deleting the address information of the traffic analysis server from the server address set corresponding to the target service type.
5. The method of claim 1 or 2, wherein the application discovery data comprises rights verification information;
the determining address information and a target service type of the traffic analysis server based on the received application discovery data from the traffic analysis server includes:
under the condition that application discovery data from a traffic analysis server are received, verifying the authority of the application discovery data based on authority verification information in the application discovery data;
and under the condition that the authority of the application discovery data is verified, determining the address information and the target service type of the traffic analysis server based on the application discovery data.
6. A method of data processing, comprising:
sending application discovery data to the switch;
the application discovery data is used for indicating the address information of the flow analysis server and the type of the target service and discovering the online condition of the service; the address information of the traffic analysis server and the target service type are used for updating a server address set corresponding to the target service type in a service information list of the switch; the service information list comprises a plurality of server address sets corresponding to a plurality of service types, and is used for determining the number and the addresses of the traffic analysis servers of at least one specific service type, determining the number of the mirror copy traffic based on the number, and distributing the traffic from the data center based on the addresses.
7. The method of claim 6, wherein the sending application discovery data to the switch comprises:
and sending the application discovery data to the switch under the condition that the service is on line.
8. A data processing apparatus comprising:
the information determining module is used for determining the address information and the target service type of the traffic analysis server based on the received application discovery data from the traffic analysis server; wherein the application discovery data is used to discover service presence;
a list updating module, configured to update a server address set corresponding to the target service type in a service information list based on address information of the traffic analysis server;
the flow distribution module is used for distributing the flow according to the service information list under the condition of receiving the flow from the data center;
wherein the service information list includes a plurality of server address sets corresponding to a plurality of service types, and the traffic distribution module is further configured to:
and determining the number and the address of the traffic analysis servers of at least one specific service type according to the service information list, determining the number of copies of mirror copy traffic based on the number, and distributing the traffic from the data center to the traffic analysis servers of at least one specific service type based on the address.
9. The apparatus of claim 8, wherein the list update module comprises:
an address adding unit, configured to add address information of the traffic analysis server to a server address set corresponding to the target service type in the service information list.
10. The apparatus of claim 8 or 9, wherein the application discovery data comprises an information validity time;
the list update module includes:
and a time updating unit, configured to update the valid time of the address information of the traffic analysis server to the information valid time in the application discovery data in a server address set corresponding to the target service type in a service information list.
11. The apparatus of claim 10, further comprising:
and the information deleting module is used for responding to the condition that the current time exceeds the effective time of the address information of the traffic analysis server, and deleting the address information of the traffic analysis server in the server address set corresponding to the target service type.
12. The apparatus according to claim 8 or 9, wherein the application discovery data comprises rights verification information;
the information determination module includes:
the permission verification unit is used for verifying the permission of the application discovery data based on permission verification information in the application discovery data under the condition that the application discovery data from a traffic analysis server is received;
an information determination unit configured to determine address information of the traffic analysis server and a target service type based on the application discovery data in a case where the authority of the application discovery data is verified.
13. A data processing apparatus comprising:
a sending module, configured to send application discovery data to a switch;
the application discovery data is used for indicating the address information of the flow analysis server and the type of the target service and discovering the online condition of the service; the address information of the traffic analysis server and the target service type are used for updating a server address set corresponding to the target service type in a service information list of the switch; the service information list comprises a plurality of server address sets corresponding to a plurality of service types, and is used for determining the number and the addresses of the traffic analysis servers of at least one specific service type, determining the number of the mirror copy traffic based on the number, and distributing the traffic from the data center based on the addresses.
14. The apparatus of claim 13, wherein the means for transmitting is configured to:
and sending the application discovery data to the switch under the condition that the service is on line.
15. An electronic device, comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of claims 1-7.
16. A non-transitory computer readable storage medium having stored thereon computer instructions for causing a computer to perform the method of any one of claims 1-7.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110399866.4A CN113114588B (en) | 2021-04-14 | 2021-04-14 | Data processing method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110399866.4A CN113114588B (en) | 2021-04-14 | 2021-04-14 | Data processing method and device, electronic equipment and storage medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN113114588A CN113114588A (en) | 2021-07-13 |
CN113114588B true CN113114588B (en) | 2023-02-17 |
Family
ID=76717792
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110399866.4A Active CN113114588B (en) | 2021-04-14 | 2021-04-14 | Data processing method and device, electronic equipment and storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113114588B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113535187B (en) * | 2021-07-16 | 2024-03-22 | 北京百度网讯科技有限公司 | Service online method, service updating method and service providing method |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104717314A (en) * | 2013-12-17 | 2015-06-17 | 腾讯科技(深圳)有限公司 | IP management method and system, client-side and server |
CN106034330A (en) * | 2015-03-17 | 2016-10-19 | 网宿科技股份有限公司 | Mobile terminal flow processing method based on content distribution network, apparatus and system thereof |
EP3399695A1 (en) * | 2017-05-05 | 2018-11-07 | Servicenow, Inc. | Unified device and service discovery across multiple network types |
CN110113188A (en) * | 2019-04-22 | 2019-08-09 | 腾讯科技(深圳)有限公司 | Across subdomain communication O&M method, total O&M server and medium |
CN110377419A (en) * | 2019-06-11 | 2019-10-25 | 北京达佳互联信息技术有限公司 | A kind of server calls method, apparatus and electronic equipment |
CN111164953A (en) * | 2017-09-29 | 2020-05-15 | 西门子股份公司 | Method and switch for providing name service in industrial automation system |
-
2021
- 2021-04-14 CN CN202110399866.4A patent/CN113114588B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104717314A (en) * | 2013-12-17 | 2015-06-17 | 腾讯科技(深圳)有限公司 | IP management method and system, client-side and server |
CN106034330A (en) * | 2015-03-17 | 2016-10-19 | 网宿科技股份有限公司 | Mobile terminal flow processing method based on content distribution network, apparatus and system thereof |
EP3399695A1 (en) * | 2017-05-05 | 2018-11-07 | Servicenow, Inc. | Unified device and service discovery across multiple network types |
CN111164953A (en) * | 2017-09-29 | 2020-05-15 | 西门子股份公司 | Method and switch for providing name service in industrial automation system |
CN110113188A (en) * | 2019-04-22 | 2019-08-09 | 腾讯科技(深圳)有限公司 | Across subdomain communication O&M method, total O&M server and medium |
CN110377419A (en) * | 2019-06-11 | 2019-10-25 | 北京达佳互联信息技术有限公司 | A kind of server calls method, apparatus and electronic equipment |
Also Published As
Publication number | Publication date |
---|---|
CN113114588A (en) | 2021-07-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
RU2562438C2 (en) | Network system and network management method | |
US9667653B2 (en) | Context-aware network service policy management | |
US9906557B2 (en) | Dynamically generating a packet inspection policy for a policy enforcement point in a centralized management environment | |
US9571569B2 (en) | Method and apparatus for determining virtual machine migration | |
US8554980B2 (en) | Triggered notification | |
US20220200844A1 (en) | Data processing method and apparatus, and computer storage medium | |
US20130332601A1 (en) | Dynamic logging | |
US10470111B1 (en) | Protocol to detect if uplink is connected to 802.1D noncompliant device | |
US20220141080A1 (en) | Availability-enhancing gateways for network traffic in virtualized computing environments | |
CN113114588B (en) | Data processing method and device, electronic equipment and storage medium | |
US9372708B2 (en) | Synchronizing multicast groups | |
US20160012008A1 (en) | Communication system, control apparatus, communication method, and program | |
CN106453367B (en) | SDN-based method and system for preventing address scanning attack | |
CN112350939B (en) | Bypass blocking method, system, device, computer equipment and storage medium | |
CN112217718A (en) | Service processing method, device, equipment and storage medium | |
CN111010362B (en) | Monitoring method and device for abnormal host | |
CN111510384A (en) | Method, electronic device and computer-readable medium for processing data generated by a service | |
US12074847B2 (en) | Advertising device inspection capabilities to enhance network traffic inspections | |
CN114978563A (en) | Method and device for blocking IP address | |
JP5333789B2 (en) | Terminal detection apparatus, server apparatus, terminal detection method, and program | |
CN109660544A (en) | Network security checking method and device | |
CN111866089A (en) | Network communication proxy method, device and computer readable storage medium | |
WO2018035770A1 (en) | Network anomaly processing method and system | |
US20240056451A1 (en) | Communication system, anomaly detection apparatus, anomaly detection method, and program | |
Adim Hafshejani | Design and Deployment of a Cloud Monitoring System for Enhanced Network Security |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |