ERSPAN gara aga na ugbu a nke Mylinking™ Network Visibility

Ngwa kachasị ewu ewu maka nlekota netwọkụ na nchọpụta nsogbu taa bụ Switch Port Analyzer (SPAN), nke a makwaara dị ka Port mirroring. Ọ na-enye anyị ohere inyocha okporo ụzọ netwọkụ na-agafe na ọnọdụ band na-etinyeghị aka na ọrụ dị na netwọkụ dị ndụ, ma na-eziga nnomi nke okporo ụzọ elele na ngwaọrụ mpaghara ma ọ bụ nke dịpụrụ adịpụ, gụnyere Sniffer, IDS, ma ọ bụ ụdị ngwaọrụ nyocha netwọkụ ndị ọzọ.

Ụfọdụ ojiji a na-ahụkarị bụ:

• Nchọpụta nsogbu netwọkụ site na njikwa akara/obere data;

• Nyochaa latency na jitter site na nyochaa ngwugwu VoIP;

• Nyochaa latency site na nyochaa mmekọrịta netwọk;

• Chọpụta ihe adịghị mma site na nyochaa okporo ụzọ netwọkụ.

Enwere ike egosipụta okporo ụzọ SPAN na mpaghara gaa na ọdụ ụgbọ mmiri ndị ọzọ n'otu ngwaọrụ isi mmalite, ma ọ bụ gosipụta ya na ngwaọrụ netwọkụ ndị ọzọ dị n'akụkụ Layer 2 nke ngwaọrụ isi mmalite (RSPAN).

Taa, anyị ga-ekwu maka teknụzụ nlekota okporo ụzọ ịntanetị dịpụrụ adịpụ nke a na-akpọ ERSPAN (Encapsulated Remote Switch Port Analyzer) nke enwere ike ibunye n'ofe IP atọ. Nke a bụ ndọtị nke SPAN gaa na Remote kpuchiri ekpuchi.

Ụkpụrụ ọrụ bụ isi nke ERSPAN

Nke mbụ, ka anyị leba anya na njirimara ERSPAN:

• A na-ezigara otu ngwugwu sitere na ọdụ ụgbọ mmiri gaa na nkesa ebe a na-aga maka ịtụgharị site na Generic Routing Encapsulation (GRE). Amachibidoro ọnọdụ anụ ahụ nke ihe nkesa ahụ.

• Site n'enyemaka nke njirimara akọwapụtara ubi (UDF) nke mgbawa, a na-eme ihe ọ bụla nke 1 ruo 126 bytes dabere na ngalaba Base site na ndepụta agbatị ọkachamara-ọkwa, na isiokwu ndị ahụ na-ejikọta iji ghọta ọhụụ ahụ. nke nnọkọ, dị ka TCP ụzọ atọ na nnọkọ RDMA;

• Nkwado ntọala ọnụego;

• Na-akwado ogologo nkwụsị nke ngwugwu (Packet Slicing), na-ebelata nrụgide na ihe nkesa ebumnobi.

Site na njirimara ndị a, ị nwere ike ịhụ ihe kpatara ERSPAN ji bụrụ ngwá ọrụ dị mkpa maka nlekota netwọk n'ime ebe data taa.

Enwere ike ichikota isi ọrụ ERSPAN n'akụkụ abụọ:

• Nhụta nnọkọ: Jiri ERSPAN na-anakọta oge TCP ọhụrụ na Remote Direct Memory Access (RDMA) ọhụrụ na ihe nkesa azụ maka ngosi;

• Nchọpụta nsogbu netwọkụ: Na-ewepụta okporo ụzọ netwọkụ maka nyocha mmejọ mgbe nsogbu netwọk mere.

Iji mee nke a, ngwaọrụ netwọkụ isi iyi kwesịrị ihichapụ okporo ụzọ nke mmasị onye ọrụ site na nnukwu iyi data, mee otu, ma tinye ya n'ime igbe nke ọ bụla n'ime "akpa nnukwu akpa" pụrụ iche nke na-ebu ozi ndị ọzọ zuru oke ka o wee nwee ike. a ga-ebugharị nke ọma na ngwaọrụ nnata. Ọzọkwa, mee ka ngwaọrụ nnata nwee ike wepụta ma nwetaghachi okporo ụzọ nyocha nke mbụ.

Ngwaọrụ na-anata nwere ike ịbụ ihe nkesa ọzọ na-akwado iwepụ ngwugwu ERSPAN.

Ngwunye ERSPAN na-ekpuchi

Ụdị ERSPAN na nhazi nhazi usoro

A na-etinye ngwugwu ERSPAN site na iji GRE wee ziga ya na ebe adreesị IP ọ bụla nwere ike ịgafe na Ethernet. A na-eji ERSPAN ugbu a na netwọk IPv4, yana nkwado IPv6 ga-abụ ihe achọrọ n'ọdịnihu.

Maka usoro mkpuchi izugbe nke ERSAPN, ihe a bụ ngwungwu enyo nke ngwugwu ICMP:

nhazi nke ERSAPN

Usoro ERSPAN etolitela ogologo oge, yana site n'ịkwalite ike ya, e mepụtala ọtụtụ nsụgharị, nke a na-akpọ "Ụdị ERSPAN". Ụdị dị iche iche nwere ụdị nkụnye eji isi mee dị iche iche.

A kọwapụtara ya na mpaghara ụdị mbụ nke nkụnye eji isi mee ERSPAN:

Ụdị nkụnye eji isi mee ERSPAN

Na mgbakwunye, ubi Ụdị Protocol dị na isi GRE na-egosikwa ụdị ERSPAN dị n'ime. Ụdị Ụdị Protocol 0x88BE na-egosi Ụdị ERSPAN II, na 0x22EB na-egosi Ụdị ERSPAN III.

1. Ụdị I

Ụdị ERSPAN nke Ụdị I na-ekpuchi IP na GRE ozugbo n'elu isi nke enyo mbụ. Ihe mkpuchi a na-agbakwụnye 38 bytes n'elu etiti mbụ: 14(MAC) + 20 (IP) + 4(GRE). Uru nke usoro a bụ na ọ nwere obere nkụnye eji isi mee ma belata ọnụ ahịa nnyefe. Otú ọ dị, n'ihi na ọ na-edobe GRE Flag na Version ubi na 0, ọ dịghị ebu ọ bụla ogologo ubi na-adịghị na-eji Ụdị I nke ọtụtụ ebe, n'ihi na ọ dịghị mkpa ịgbasa ọzọ.

Ụdị nkụnye eji isi mee GRE nke Ụdị I bụ nke a:

GRE nkụnye eji isi mee I

2. Ụdị II

Na Ụdị II, C, R, K, S, S, Recur, Flags na Version dị na isi GRE bụ 0 ma e wezụga mpaghara S. Ya mere, a na-egosipụta mpaghara Nọmba usoro na isi GRE nke Ụdị II. Nke ahụ bụ, Ụdị II nwere ike hụ na usoro ịnata ngwugwu GRE, nke mere na enweghị ike ịhazi ọnụ ọgụgụ buru ibu nke ngwugwu GRE n'ihi njehie netwọk.

Ụdị nkụnye eji isi mee GRE nke Ụdị II bụ nke a:

GRE nkụnye eji isi mee II

Na mgbakwunye, usoro etiti ụdị ERSPAN nke Abụọ na-agbakwunye nkụnye eji isi mee 8-byte ERSPAN n'etiti isi GRE na etiti enyo enyo izizi.

Ụdị nkụnye eji isi mee ERSPAN maka Ụdị II bụ nke a:

Ụdị nkụnye eji isi mee ERSPAN II

N'ikpeazụ, ozugbo na-eso usoro onyonyo izizi, bụ koodu nlele cyclic redundancy (CRC) ọkọlọtọ 4-byte Ethernet.

CRC

Ọ dị mma ịmara na na mmejuputa atumatu, enyo enyo enweghị mpaghara FCS nke etiti mbụ, kama a na-atụgharị uru CRC ọhụrụ dabere na ERSPAN dum. Nke a pụtara na ngwaọrụ nnata enweghị ike ịchọpụta izi ezi CRC nke etiti izizi ahụ, naanị anyị nwere ike iche na ọ bụ naanị okpomoku na-emebibeghị ka a na-egosipụta.

3. Ụdị III

Ụdị III na-ewebata nkụnye eji isi mee ihe nke ukwuu ma na-agbanwe agbanwe iji lebara ọnọdụ nleba anya netwọkụ na-esiwanye ike ma dị iche iche, gụnyere mana ọnweghị oke na njikwa netwọkụ, nchọpụta ntinye, nyocha arụmọrụ na igbu oge, na ndị ọzọ. Ihe ngosi ndị a kwesịrị ịma ihe niile mbụ nke etiti enyo ma tinye ndị na-anọghị na etiti mbụ n'onwe ya.

Ihe nkụnye eji isi mee ụdị III nke ERSPAN na-agụnye nkụnye eji isi mee 12-byte amanyere iwu na ihe isi okwu 8-byte akọwapụtara nke ọma.

Ụdị nkụnye eji isi mee ERSPAN maka Ụdị III bụ nke a:

Ụdị nkụnye eji isi mee ERSPAN III

Ọzọ, mgbe enyo enyo mbụ bụ CRC 4-byte.

CRC

Dị ka a pụrụ ịhụ site na nkụnye eji isi mee ụdị nke III, na mgbakwunye na idowe oghere Ver, VLAN, COS, T na Session ID na ndabere nke Ụdị II, a na-agbakwunye ọtụtụ ubi pụrụ iche, dị ka:

• BSO: nke a na-eji egosi ịdị n'ezi n'ezi nke fremu data ebu site na ERSPAN. 00 bụ akụkụ dị mma, 11 bụ ihe na-adịghị mma, 01 bụ obere mkpirisi, 11 bụ nnukwu etiti;

• stampụ oge: ebupụ na elekere ngwaike mekọrịtara na oge sistemụ. Mpaghara 32-bit a na-akwado opekata mpe 100 microseconds nke granularity Timestamp;

• Ụdị Ụdị (P) na Ụdị Ụdị (FT): a na-eji nke mbụ akọwa ma ERSPAN na-ebu Ethernet protocol frames (PDU frames), na nke ikpeazụ na-eji kọwaa ma ERSPAN na-ebu Ethernet okpokolo agba ma ọ bụ IP ngwugwu.

• HW ID: ihe nchọpụta pụrụ iche nke engine ERSPAN n'ime usoro;

• Gra (Timestamp Granularity): Na-akọwapụta ogo nke stampụ oge. Dịka ọmụmaatụ, 00B na-anọchite anya 100 microsecond Granularity, 01B 100 nanosecond Granularity, 10B IEEE 1588 Granularity, na 11B chọrọ ndị isi isi-kpọmkwem nke ikpo okwu iji nweta granularity dị elu.

• Platf ID vs. Platform Specific Ama: Platf Specific Info ubi nwere dị iche iche formats na ọdịnaya dabere na Platf NJ uru.

Ndekọ ID Port

Okwesiri iburu n'uche na enwere ike iji mpaghara nkụnye eji isi mee dị iche iche akwadoro na ngwa ERSPAN oge niile, ọbụlagodi okpokolo agba na-enyo enyo ma ọ bụ okpokolo agba BPDU, ka ị na-ejigide ngwugwu akpati mbụ yana ID VLAN. Na mgbakwunye, enwere ike itinye ozi stampụ igodo yana mpaghara ozi ndị ọzọ na etiti ERSPAN ọ bụla n'oge ị na-enyo enyo.

Site na nkụnye eji isi mee ihe nke ERSPAN, anyị nwere ike nweta nyocha a nụchara anụcha nke okporo ụzọ netwọkụ, wee bulie ACL kwekọrọ na usoro ERSPAN iji kwekọọ na okporo ụzọ netwọkụ anyị nwere mmasị na ya.

ERSPAN na-eme ihe ngosi nnọkọ RDMA

Ka anyị were ihe atụ nke iji teknụzụ ERSPAN iji nweta nleba anya nnọkọ RDMA na ndapụta RDMA:

RDMA: Nweta ebe nchekwa Direct Direct na-enyere ihe nkwụnye netwọkụ nke sava A aka ịgụ na dee ebe nchekwa nke ihe nkesa B site na iji kaadị interface netwọk nwere ọgụgụ isi (inics) na switches, nweta nnukwu bandwidth, obere latency, na itinye akụrụngwa dị ala. A na-eji ya n'ọtụtụ ebe na nnukwu data yana ihe ngosi nchekwa na-ekesa dị elu.

RoCEv2: RDMA n'elu Converged Ethernet Version 2. A na-etinye data RDMA n'ime isi UDP. Nọmba ọdụ ụgbọ mmiri ọ na-aga bụ 4791.

Ịrụ ọrụ kwa ụbọchị na mmezi nke RDMA chọrọ ịnakọta ọtụtụ data, nke a na-eji na-anakọta ahịrị ntụaka ọkwa mmiri kwa ụbọchị yana mkpu na-adịghị mma, yana ndabere maka ịchọta nsogbu ndị na-adịghị mma. Ejikọtara ya na ERSPAN, enwere ike ijide nnukwu data ngwa ngwa iji nweta data dị mma na-ebugharị microsecond yana ọkwa mmekọrịta protocol nke mgbawa. Site na ọnụ ọgụgụ data na nyocha, RDMA nwere ike nweta ntule nleba anya nleba anya na amụma.

Iji nweta nleba anya nnọkọ RDAM, anyị chọrọ ERSPAN ka ọ dakọtara na mkpụrụokwu maka nnọkọ mmekọrịta RDMA mgbe anyị na-egosipụta okporo ụzọ, anyị kwesịrị iji ndepụta agbatị ogologo nke ọkachamara.

Nkọwa ubi dakọtara ndepụta agbatịgoro ọkwa ọkachamara:

UDF nwere mpaghara ise: isiokwu UDF, ubi ntọala, ubi akwụghị ụgwọ, ubi uru, na ogige nkpuchi. Oke site na ikike ntinye ngwaike, ngụkọta nke UDF asatọ nwere ike iji. Otu UDF nwere ike dakọtara kacha nke bytes abụọ.

• UDF isiokwu: UDF1... UDF8 nwere mkpụrụokwu asatọ nke ngalaba jikọtara UDF

• Ogige ntọala: na-achọpụta ọnọdụ mmalite nke ubi dakọtara UDF. Ndị a

L4_header (dabere na RG-S6520-64CQ)

L5_nkụnye (maka RG-S6510-48VS8Cq)

• Nkwụsị: na-egosi nkwụghachi dabere na mpaghara ntọala. Ọnụ ahịa ya sitere na 0 ruo 126

• Uru ubi: uru dabara. Enwere ike iji ya na mpaghara nkpuchi iji hazie uru akọwapụtara nke a ga-ejikọta. Ihe bara uru bụ bytes abụọ

• Ogige nkpuchi: nkpuchi, bara uru bit bụ bytes abụọ

(Tinye: Ọ bụrụ na a na-eji ọtụtụ ndenye n'otu ubi kwekọrọ na UDF, ebe ntọala na nkwụsị ga-abụrịrị otu.)

Ihe ngwugwu igodo abụọ ejikọtara na ọkwa nnọkọ RDMA bụ ngwugwu ngosi mkpọchi (CNP) na nnabata ọjọọ (NAK):

Emepụtara nke mbụ site na nnata RDMA mgbe ọ natachara ozi ECN zitere site na mgba ọkụ (mgbe eout Buffer rutere n'ọnụ ụzọ), nke nwere ozi gbasara mgbaba ma ọ bụ QP na-akpata mkpọchi. A na-eji nke ikpeazụ gosi na nnyefe RDMA nwere ozi nzaghachi mfu ngwugwu.

Ka anyị leba anya ka anyị ga-esi kwekọọ ozi abụọ a site na iji ndepụta agbatịla ọkwa ọkachamara:

RDMA CNP

Ndepụta ohere ọkachamara agbatịla rdma

kwe ka udp ọ bụla ọ bụla eq 4791udf 1 l4_header 8 0x8100 0xFF00(dakọtara RG-S6520-64CQ)

kwe ka udp ọ bụla ọ bụla eq 4791udf 1 l5_isi 0 0x8100 0xFF00( dakọtara RG-S6510-48VS8CQ)

RDMA CNP 2

Ndepụta ohere ọkachamara agbatịla rdma

kwe ka udp ọ bụla ọ bụla eq 4791udf 1 l4_header 8 0x1100 0xFF00 udf 2 l4_header 20 0x6000 0xFF00(dakọtara RG-S6520-64CQ)

kwe ka udp ọ bụla ọ bụla eq 4791udf 1 l5_header 0 0x1100 0xFF00 udf 2 l5_header 12 0x6000 0xFF00( dakọtara RG-S6510-48VS8CQ)

Dịka nzọụkwụ ikpeazụ, ị nwere ike iji anya nke uche hụ nnọkọ RDMA site na ịtinye ndepụta ndọtị ọkachamara n'ime usoro ERSPAN kwesịrị ekwesị.

Dee n'ikpeazụ

ERSPAN bụ otu n'ime ngwaọrụ ndị dị mkpa na netwọkụ data etiti na-abawanye ụba taa, okporo ụzọ netwọkụ na-agbagwoju anya, yana ọrụ netwọk na-enwewanye ọkaibe yana chọrọ mmezi.

Site na mmụba ogo nke akpaaka O&M, teknụzụ dị ka Netconf, RESTconf, na gRPC na-ewu ewu n'etiti ụmụ akwụkwọ O&M na netwọk O&M akpaaka. Iji gRPC dị ka protocol dị n'okpuru maka izipu okporo ụzọ mirror nwekwara ọtụtụ uru. Dịka ọmụmaatụ, dabere na protocol HTTP/2, ọ nwere ike ịkwado usoro ntinye nkwanye n'okpuru otu njikọ ahụ. Site na ntinye koodu ProtoBuf, a na-ebelata ogo ozi site na ọkara ma e jiri ya tụnyere usoro JSON, na-eme ka nnyefe data ọsọ ọsọ na ịrụ ọrụ nke ọma. Cheedị echiche, ọ bụrụ na ị na-eji ERSPAN enyo iyi nwere mmasị wee ziga ha na ihe nkesa nyocha na gRPC, ọ ga-eme ka ikike na arụmọrụ nke ọrụ netwọkụ na-arụ ọrụ nke ọma dịkwuo mma?


Oge nzipu: Mee-10-2022