English

Oge gara aga na ugbu a nke Mylinking™ Network Visibility

Ngwa kachasị eji enyocha ma dozie nsogbu netwọk taa bụ Switch Port Analyzer (SPAN), nke a makwaara dị ka Port mirroring. Ọ na-enye anyị ohere inyocha okporo ụzọ netwọk na bypass out of band mode na-egbochighị ọrụ na netwọk dị ndụ, ma na-eziga otu nke okporo ụzọ a na-enyocha na ngwaọrụ mpaghara ma ọ bụ nke dị anya, gụnyere Sniffer, IDS, ma ọ bụ ụdị ngwaọrụ nyocha netwọkụ ndị ọzọ.

Ụfọdụ ojiji a na-ejikarị eme ihe bụ:

• Dozie nsogbu netwọk site na ịsochi njikwa/frame data;

• Nyochaa oge na mkpọtụ site na nlekota ngwugwu VoIP;

• Nyochaa oge site na inyocha mmekọrịta netwọk;

• Chọpụta ihe ndị na-adịghị mma site n'ileba anya na okporo ụzọ netwọk.

Enwere ike igosi okporo ụzọ SPAN n'ime obodo ya na ọdụ ụgbọ mmiri ndị ọzọ dị na otu ngwaọrụ isi mmalite ahụ, ma ọ bụ gosipụta ya n'ebe dị anya na ngwaọrụ netwọk ndị ọzọ dị n'akụkụ Layer 2 nke ngwaọrụ isi mmalite (RSPAN).

Taa, anyị ga-ekwu maka teknụzụ nlekota okporo ụzọ ịntanetị dịpụrụ adịpụ nke a na-akpọ ERSPAN (Encapsulated Remote Switch Port Analyzer) nke enwere ike ibufe n'ofe IP atọ. Nke a bụ ndọtị nke SPAN gaa na Encapsulated Remote.

Ụkpụrụ ọrụ ERSPAN bụ isi

Nke mbụ, ka anyị leba anya na atụmatụ ERSPAN:

• A na-eziga otu ngwugwu nke ngwugwu ahụ site na ọdụ isi mmalite na sava ebe a na-aga maka inyocha site na Generic Routing Encapsulation (GRE). A machibidoghị ọnọdụ anụ ahụ nke sava ahụ.

• Site n'enyemaka nke njirimara User Defined Field (UDF) nke mgbawa ahụ, a na-eme mgbanwe ọ bụla nke byte 1 ruo 126 dabere na ngalaba Base site na ndepụta agbatịkwuru ọkwa ọkachamara, a na-ejikwa mkpụrụokwu nnọkọ ahụ iji mezuo ihe ngosi nke nnọkọ ahụ, dị ka TCP-ụzọ atọ aka na nnọkọ RDMA;

• Nkwado maka ịtọ ọnụego nlele ihe nlele;

• Na-akwado ogologo nkwụsịtụ ngwugwu (Mbelata ngwugwu), na-ebelata nrụgide na sava ebumnuche.

Site na njirimara ndị a, ị nwere ike ịhụ ihe kpatara ERSPAN ji bụrụ ngwaọrụ dị mkpa maka inyocha netwọkụ dị n'ime ebe data taa.

A pụrụ ịchịkọta ọrụ ndị bụ isi nke ERSPAN n'akụkụ abụọ:

• Nlele nke Oge: Jiri ERSPAN chịkọta nnọkọ TCP na Remote Direct Memory Access (RDMA) ọhụrụ niile e mepụtara na sava azụ maka ngosipụta;

• Nchọpụta nsogbu netwọkụ: Na-ejide okporo ụzọ netwọk maka nyocha mmejọ mgbe nsogbu netwọk mere.

Iji mee nke a, ngwaọrụ netwọk isi mmalite kwesịrị ịchacha okporo ụzọ mmasị nye onye ọrụ site na nnukwu iyi data, mepụta otu, ma tinye fremu ọ bụla n'ime "akpa superframe" pụrụ iche nke na-ebu ozi ndị ọzọ zuru oke ka e wee nwee ike ibuga ya na ngwaọrụ nnata nke ọma. Ọzọkwa, mee ka ngwaọrụ nnata ahụ nwee ike iwepụta ma weghachite okporo ụzọ mbụ a na-enyocha nke ọma.

Ngwaọrụ nnata nwere ike ịbụ ihe nkesa ọzọ nke na-akwado iwepụ ngwugwu ERSPAN.

Ngwugwu ERSPAN na-ekpuchi

Nyocha nke Ụdị na Usoro Ngwugwu ERSPAN

A na-eji GRE ekpuchi ngwugwu ERSPAN ma zigara ya ebe ọ bụla a ga-edegara adreesị IP site na Ethernet. A na-ejikarị ERSPAN eme ihe ugbu a na netwọk IPv4, nkwado IPv6 ga-abụkwa ihe achọrọ n'ọdịnihu.

Maka usoro nchekwa izugbe nke ERSAPN, ihe ndị a bụ njide ngwugwu enyo nke ngwugwu ICMP:

Nhazi nchekwa nke ERSAPN

Usoro ERSPAN etoola kemgbe ogologo oge, site na mmụba nke ikike ya, e mepụtala ọtụtụ ụdị, nke a na-akpọ "Ụdị ERSPAN". Ụdị dị iche iche nwere ụdị isi etiti dị iche iche.

A kọwara ya n'ọhịa Mbipụta mbụ nke isi okwu ERSPAN:

Ụdị isi okwu ERSPAN

Tinyere nke ahụ, ubi Ụdị Usoro dị na isi GRE na-egosikwa Ụdị ERSPAN dị n'ime. Ubi Ụdị Usoro 0x88BE na-egosi Ụdị ERSPAN nke Abụọ, ebe 0x22EB na-egosi Ụdị ERSPAN nke Atọ.

1. Ụdị nke Mbụ

Efere ERSPAN nke Ụdị I na-ekpuchi IP na GRE kpọmkwem n'elu isi nke etiti enyo mbụ ahụ. Encapsulation a na-agbakwụnye byte 38 n'elu etiti mbụ ahụ: 14(MAC) + 20 (IP) + 4(GRE). Uru nke usoro a bụ na o nwere obere nha isi ma na-ebelata ọnụ ahịa mbufe. Agbanyeghị, n'ihi na ọ na-edobe ubi GRE Flag na Version ka ọ bụrụ 0, ọ naghị ebu ubi ọ bụla gbasaa ma anaghị eji Ụdị I eme ihe nke ọma, yabụ ọ dịghị mkpa ịgbasa karịa.

Ụdị I bụ usoro isi GRE nke ụdị I:

Ụdị isi GRE I

2. Ụdị nke Abụọ

Na Ụdị nke Abụọ, ubi C, R, K, S, S, Recur, Flags, na Version dị na isi GRE niile bụ 0 ma e wezụga ubi S. Ya mere, a na-egosi mpaghara Nọmba Usoro na isi GRE nke Ụdị nke Abụọ. Nke ahụ bụ, Ụdị nke Abụọ nwere ike ijide n'aka na usoro nke nnata ngwugwu GRE, ka enweghị ike ịhazi ọtụtụ ngwugwu GRE na-adịghị n'usoro n'ihi nsogbu netwọk.

Ụdị nke abụọ nke GRE header bụ ndị a:

Usoro isi GRE nke abụọ

Tinyere nke ahụ, usoro ERSPAN Type II na-agbakwụnye isi ERSPAN nke 8-byte n'etiti isi GRE na etiti enyo mbụ.

Usoro isi ERSPAN maka Ụdị nke Abụọ bụ ndị a:

Usoro isi ERSPAN nke abụọ

N'ikpeazụ, ozugbo e mechara usoro onyonyo mbụ ahụ, e nwere koodu CRC (CRC) nke 4-byte Ethernet cyclic redundancy check) nke a na-eji emekarị ihe.

CRC

Ọ dị mkpa ịmara na n'ime mmejuputa ya, etiti enyo ahụ enweghị mpaghara FCS nke etiti mbụ ahụ, kama a na-agbakọ uru CRC ọhụrụ dabere na ERSPAN dum. Nke a pụtara na ngwaọrụ nnata enweghị ike ịchọpụta izi ezi nke etiti mbụ ahụ, anyị nwekwara ike iche na ọ bụ naanị etiti ndị na-emebibeghị ka a na-egosipụta.

3. Ụdị nke Atọ

Ụdị nke Atọ na-ewebata isi ihe mejupụtara buru ibu ma dịkwa mfe iji lebara ọnọdụ nlekota netwọk dị iche iche na-esiwanye ike, gụnyere mana ejedebeghị na njikwa netwọk, nchọpụta nbanye, nyocha arụmọrụ na igbu oge, na ihe ndị ọzọ. Ihe ndị a kwesịrị ịma paramita mbụ niile nke etiti enyo ahụ ma gụnye ndị na-adịghị na etiti mbụ ahụ n'onwe ya.

Isi ihe mejupụtara ERSPAN Type III nwere isi ihe dị mkpa nke 12-byte na isi ihe dị mkpa nke 8-byte nke akọwapụtara na ikpo okwu.

Usoro isi ERSPAN maka Ụdị nke Atọ bụ dịka ndị a:

Usoro isi ERSPAN nke atọ

Ọzọkwa, mgbe etiti enyo mbụ gasịrị, e nwere CRC 4-byte.

CRC

Dịka a pụrụ ịhụ site na usoro isi nke Ụdị nke Atọ, na mgbakwunye na idobe ubi Ver, VLAN, COS, T na Session ID dabere na Ụdị nke Abụọ, a na-agbakwụnye ọtụtụ ubi pụrụ iche, dịka:

• BSO: eji egosi iguzosi ike n'ezi ibu nke fremu data ndị a na-ebu site na ERSPAN. 00 bụ ezigbo fremu, 11 bụ fremu ọjọọ, 01 bụ obere fremu, 11 bụ nnukwu fremu;

• Oge akara: ebupụrụ site na elekere ngwaike nke ejikọtara ya na oge sistemụ. Ebe 32-bit a na-akwado opekata mpe 100 microsekọnd nke nhazi Timestamp;

• Ụdị Frame (P) na Ụdị Frame (FT): a na-eji nke mbụ akọwapụta ma ERSPAN nwere etiti protocol Ethernet (frame PDU), a na-ejikwa nke ikpeazụ akọwapụta ma ERSPAN nwere etiti Ethernet ma ọ bụ ngwugwu IP.

• NJ HW: ihe nchọpụta pụrụ iche nke injin ERSPAN dị n'ime sistemụ ahụ;

• Gra (Timestamp Granularity): Na-akọwapụta Granularity nke Timestamp. Dịka ọmụmaatụ, 00B na-anọchite anya Granularity microsecond 100, Granularity nanosecond 01B 100, Granularity 10B IEEE 1588, na 11B chọrọ obere isi okwu kpọmkwem maka ikpo okwu iji nweta Granularity dị elu.

• Ama Pụrụ Iche Banyere Platf ID vs. Ikpo Okwu: Ubi Ozi Pụrụ Iche Banyere Platf nwere ụdị na ọdịnaya dị iche iche dabere na uru Platf ID.

Ndepụta NJ Ọdụ Ụgbọ Mmiri

Ọ dị mkpa ịmara na enwere ike iji ụdị ubi isi dị iche iche akwadoro n'elu na ngwa ERSPAN nkịtị, ọbụna na-egosipụta okpokoloji njehie ma ọ bụ okpokoloji BDPU, ebe a na-ejigide ngwugwu Trunk mbụ na VLAN ID. Na mgbakwunye, enwere ike itinye ozi akara oge na ubi ozi ndị ọzọ na okpokoloji ERSPAN ọ bụla n'oge enyo.

Site na isi ihe ERSPAN nwere, anyị nwere ike nweta nyocha ka mma nke okporo ụzọ netwọk, wee tinye ACL kwekọrọ na usoro ERSPAN iji kwekọọ na okporo ụzọ netwọk anyị nwere mmasị na ya.

ERSPAN na-eme ka a hụ na RDMA nọ n'ọkwa dị elu.

Ka anyị were ihe atụ nke iji teknụzụ ERSPAN iji nweta onyonyo nnọkọ RDMA n'ọnọdụ RDMA:

RDMA: Ebe Nchekwa Direct Remote na-enye ihe nkwụnye netwọk nke sava A ohere ịgụ na ide Ebe Nchekwa nke sava B site na iji kaadị interface netwọk nwere ọgụgụ isi (inics) na switches, na-enweta nnukwu bandwidth, obere latency, na obere ojiji akụrụngwa. A na-ejikarị ya eme ihe n'ọtụtụ ebe na nnukwu data na ọnọdụ nchekwa kesara arụmọrụ dị elu.

RoCEv2: RDMA n'elu Converged Ethernet Version 2. E tinyere data RDMA n'ime UDP Header. Nọmba ọdụ ụgbọ mmiri ebe a na-aga bụ 4791.

Ọrụ na mmezi nke RDMA kwa ụbọchị chọrọ ịchịkọta ọtụtụ data, nke a na-eji anakọta ahịrị ntụaka mmiri kwa ụbọchị na mkpu ndị na-adịghị mma, yana ntọala maka ịchọta nsogbu ndị na-adịghị mma. Tinyere ERSPAN, enwere ike ijide nnukwu data ngwa ngwa iji nweta data dị mma maka mbugharị microsekọnd na ọnọdụ mmekọrịta protocol nke mgbawa mgbanwe. Site na ọnụ ọgụgụ data na nyocha, enwere ike nweta nyocha na amụma ịdị mma maka mbugharị RDMA site na njedebe ruo na njedebe.

Iji nweta onyonyo nnọkọ RDAM, anyị chọrọ ERSPAN ka o kwekọọ na mkpụrụokwu maka nnọkọ mmekọrịta RDMA mgbe anyị na-egosipụta okporo ụzọ, anyị kwesịkwara iji ndepụta ndị ọkachamara gbatịpụrụ.

Nkọwa mpaghara ndakọrịta ndepụta agbatịworo nke ndị ọkachamara:

UDF nwere ubi ise: okwu isi okwu UDF, ubi ntọala, ubi nkwụsị, ubi uru, na ubi ihe mkpuchi. Enwere ike iji ngụkọta UDF asatọ mee ihe site na ikike ntinye ngwaike. Otu UDF nwere ike ịha nhata ihe ruru byte abụọ.

• Okwu Mmalite UDF: UDF1... UDF8 Nwere okwu Mmalite asatọ nke ngalaba dakọtara UDF

• Ubi ntọala: na-achọpụta ọnọdụ mmalite nke ubi ndakọrịta UDF. Ihe ndị a

L4_header (dị irè maka RG-S6520-64CQ)

L5_isi (maka RG-S6510-48VS8Cq)

• Mbelata: na-egosi mbelata dabere na ubi ntọala. Uru ahụ sitere na 0 ruo 126

• Ubi uru: uru dakọtara. Enwere ike iji ya na ubi ihe mkpuchi iji hazie uru kpọmkwem a ga-ejikọta. Bit dị irè bụ byt abụọ

• Ebe mkpuchi ihu: ihe mkpuchi ihu, bit dị irè bụ baịtị abụọ

(Tinye: Ọ bụrụ na ejiri ọtụtụ ntinye mee ihe n'otu ubi dakọtara UDF, ubi ntọala na nke na-apụ apụ ga-abụrịrị otu.)

Ngwugwu isi abụọ e jikọtara ya na ọnọdụ nnọkọ RDMA bụ Ngwugwu Nkwukọrịta Mkpọchi (CNP) na Nkwenye Na-adịghị Mma (NAK):

Onye nnata RDMA na-emepụta nke mbụ mgbe ọ natara ozi ECN nke swiichi zigara (mgbe eout Buffer ruru oke), nke nwere ozi gbasara mmiri ma ọ bụ QP na-akpata mkpọchi. A na-eji nke ikpeazụ egosi na nnyefe RDMA nwere ozi nzaghachi mfu ngwugwu.

Ka anyị leba anya n'otú esi ejikọta ozi abụọ a site na iji ndepụta agbatịkwuru ọkwa ọkachamara:

CNP RDMA

ndepụta ohere ọkachamara agbatịworo rdma

ikike udp ọ bụla ọ bụla eq 4791 ọ bụlaudf 1 l4_header 8 0x8100 0xFF00(Dịka RG-S6520-64CQ si dị)

ikike udp ọ bụla ọ bụla eq 4791 ọ bụlaudf 1 l5_header 0 0x8100 0xFF00(Njikọ RG-S6510-48VS8CQ)

RDMA CNP 2

ndepụta ohere ọkachamara agbatịworo rdma

ikike udp ọ bụla ọ bụla eq 4791 ọ bụlaudf 1 l4_header 8 0x1100 0xFF00 udf 2 l4_header 20 0x6000 0xFF00(Dịka RG-S6520-64CQ si dị)

ikike udp ọ bụla ọ bụla eq 4791 ọ bụlaudf 1 l5_header 0 0x1100 0xFF00 udf 2 l5_header 12 0x6000 0xFF00(Njikọ RG-S6510-48VS8CQ)

Dịka nzọụkwụ ikpeazụ, ị nwere ike iji anya nke uche hụ oge RDMA site na itinye ndepụta ndọtị ọkachamara n'ime usoro ERSPAN kwesịrị ekwesị.

Dee n'ikpeazụ

ERSPAN bụ otu n'ime ngwaọrụ dị mkpa na netwọkụ ebe data buru ibu nke taa, okporo ụzọ netwọk dị mgbagwoju anya, yana mkpa ọrụ na mmezi netwọk na-abawanye ụba.

Site na mmụba nke O&M akpaghị aka, teknụzụ dịka Netconf, RESTconf, na gRPC bụ ihe a ma ama n'etiti ụmụ akwụkwọ O&M na netwọk akpaka O&M. Iji gRPC dị ka usoro ndabere maka izipu okporo ụzọ enyo azụ nwekwara ọtụtụ uru. Dịka ọmụmaatụ, dabere na usoro HTTP/2, ọ nwere ike ịkwado usoro mgbasa ozi n'okpuru otu njikọ ahụ. Site na koodu ProtoBuf, nha ozi na-ebelata site na ọkara ma e jiri ya tụnyere usoro JSON, na-eme ka nnyefe data dị ngwa ma rụọ ọrụ nke ọma. Chee echiche, ọ bụrụ na ị jiri ERSPAN gosipụta iyi ndị nwere mmasị wee ziga ha na sava nyocha na gRPC, ọ ga-eme ka ikike na arụmọrụ nke ọrụ na mmezi akpaka netwọk dịkwuo mma nke ukwuu?

Oge ozi: Mee-10-2022
Pịa "Enter" iji chọọ ma ọ bụ "ESC" iji mechie