Igikoresho gikunze kugaragara mugukurikirana imiyoboro no gukemura ibibazo uyumunsi ni Switch Port Analyser (SPAN), izwi kandi nka Port mirroring.Iratwemerera gukurikirana urujya n'uruza rwambukiranya inzira ya bande tutabangamiye serivisi kumurongo wa Live, kandi ikohereza kopi yumuhanda ukurikiranwa kubikoresho byaho cyangwa bya kure, harimo Sniffer, IDS, cyangwa ubundi bwoko bwibikoresho byo gusesengura imiyoboro.
Bimwe mubikoreshwa bisanzwe ni:
• Gukemura ibibazo byurusobe ukurikirana igenzura / amakadiri yamakuru;
• Gusesengura ubukererwe na jitter ukurikirana paki za VoIP;
• Gusesengura ubukererwe ukurikirana imikoranire y'urusobe;
• Menya ibintu bidasanzwe ukurikirana urujya n'uruza.
Imodoka ya SPAN irashobora kwerekanwa mubindi byambu ku gikoresho kimwe, cyangwa ikerekanwa kure kubindi bikoresho byurusobe byegeranye na Layeri 2 yibikoresho bikomoka (RSPAN).
Uyu munsi tugiye kuvuga kubyerekeranye na tekinoroji ya interineti ikurikirana ya ERSPAN (Encapsulated Remote Switch Port Analyser) ishobora kwanduzwa mubice bitatu bya IP.Nukwagura SPAN kuri Encapsulated Remote.
Amahame remezo yimikorere ya ERSPAN
Icyambere, reka turebe ibiranga ERSPAN:
• Kopi yipaki iva ku cyambu yoherejwe yoherejwe kuri seriveri yerekeza aho igereranya binyuze muri Generic Routing Encapsulation (GRE).Ikibanza gifatika cya seriveri ntabwo kibujijwe.
• Hamwe nubufasha bwumukoresha wasobanuwe (UDF) ibiranga chip, offset yose ya 1 kugeza 126 bytes ikorwa hashingiwe kumurongo wa Base ukoresheje urutonde rwagutse rwinzobere, kandi ijambo ryibanze ryamasomo rihujwe kugirango tumenye amashusho. cy'isomo, nka TCP inzira-eshatu zo guhana ukuboko hamwe na RDMA;
• Gushyigikira igipimo cy'icyitegererezo;
• Shyigikira uburebure bwa paki (Gukata Packet), kugabanya umuvuduko kuri seriveri igenewe.
Hamwe nibi biranga, urashobora kubona impamvu ERSPAN nigikoresho cyingenzi cyo kugenzura imiyoboro yimbere muri data data uyumunsi.
Ibikorwa nyamukuru bya ERSPAN birashobora kuvunagurwa mubice bibiri:
• Isomo rigaragara: Koresha ERSPAN kugirango ukusanye ibyaremwe byose bishya bya TCP hamwe na Remote Direct Memory Access (RDMA) amasomo kuri seriveri yinyuma-yanyuma kugirango yerekanwe;
• Gukemura ibibazo byurusobe: Ifata traffic traffic kugirango isesengure amakosa mugihe ikibazo cyurusobe kibaye.
Kugirango ukore ibi, ibikoresho byurusobe rwibikoresho bigomba gushungura urujya n'uruza rwumukoresha kuva kumurongo munini wamakuru, gukora kopi, no gukusanya buri kopi yikopi muri "superframe kontineri" idasanzwe itwara amakuru yinyongera kuburyo ishobora guhindurwa neza kubikoresho byakira.Byongeye kandi, fasha igikoresho cyakira gukuramo no kugarura byimazeyo urujya n'uruza rwakurikiranwe.
Igikoresho cyakira gishobora kuba indi seriveri ishigikira gutandukanya paki za ERSPAN.
Ubwoko bwa ERSPAN na Package Imiterere Isesengura
Udupaki twa ERSPAN dukubiyemo GRE kandi twoherejwe kuri IP iyo ari yo yose yerekanwe kuri Ethernet.ERSPAN kuri ubu ikoreshwa cyane cyane kumurongo wa IPv4, kandi inkunga ya IPv6 izaba ibisabwa mugihe kizaza.
Kumiterere rusange ya encapsulation ya ERSAPN, ibikurikira nindorerwamo yindorerwamo ifata paki ya ICMP:
Porotokole ya ERSPAN yateye imbere mugihe kirekire, kandi hamwe no kongera ubushobozi bwayo, hashyizweho verisiyo zitandukanye, zitwa "Ubwoko bwa ERSPAN".Ubwoko butandukanye bufite imiterere yimitwe itandukanye.
Byasobanuwe mubice byambere bya verisiyo yumutwe wa ERSPAN:
Mubyongeyeho, Ubwoko bwa Porotokole Umwanya wa GRE nawo werekana Ubwoko bwa ERSPAN imbere.Ubwoko bwa Porotokole Umwanya 0x88BE yerekana ERSPAN Ubwoko bwa II, naho 0x22EB yerekana ERSPAN Ubwoko bwa III.
1. Andika I.
Ikadiri ya ERSPAN yubwoko I ikubiyemo IP na GRE hejuru yumutwe wikirahure cyambere.Iyi encapsulation yongeyeho bytes 38 hejuru yumwimerere: 14 (MAC) + 20 (IP) + 4 (GRE).Ibyiza byiyi format nuko ifite imitwe yoroheje kandi igabanya ikiguzi cyo kohereza.Ariko, kubera ko ishyiraho ibendera rya GRE na verisiyo imirima kuri 0, ntabwo itwara imirima yagutse kandi Ubwoko bwa I ntabwo bukoreshwa cyane, ntabwo rero bikenewe kwaguka cyane.
Imiterere ya GRE yimiterere yubwoko I nuburyo bukurikira:
2. Andika II
Ubwoko bwa II, C, R, K, S, S, Gusubiramo, Ibendera, na verisiyo imirima mumutwe wa GRE byose 0 usibye umurima S.Kubwibyo, Urutonde rukurikirana rwerekanwe muri GRE umutwe wubwoko bwa II.Nukuvuga, Ubwoko bwa II burashobora kwemeza gahunda yo kwakira paki za GRE, kugirango umubare munini wibicuruzwa bitari byateganijwe GRE bidashobora gutondekwa kubera ikibazo cyurusobe.
Imiterere ya GRE yimiterere yubwoko bwa II nuburyo bukurikira:
Mubyongeyeho, imiterere ya ERSPAN Ubwoko bwa II ikadiri yongeraho 8-byte umutwe wa ERSPAN hagati yumutwe wa GRE numwimerere wikirahure.
Imiterere yumutwe wa ERSPAN kubwoko bwa II nuburyo bukurikira:
Hanyuma, uhite ukurikiza ishusho yumwimerere, ni bisanzwe 4-byte ya Ethernet cyclic redundancy check (CRC) code.
Birakwiye ko tumenya ko mugushyira mubikorwa, ikadiri yindorerwamo ntabwo irimo umurima wa FCS wumurongo wambere, ahubwo agaciro gashya ka CRC karongera kubarwa hashingiwe kuri ERSPAN yose.Ibi bivuze ko igikoresho cyakira kidashobora kugenzura CRC ikosora kumurongo wambere, kandi dushobora gutekereza gusa ko amakadiri atabora gusa.
3. Andika III
Ubwoko bwa III butangiza umutwe munini kandi woroshye guhuza imitwe kugirango ukemure ibintu bigoye kandi bitandukanye byo kugenzura imiyoboro, harimo ariko ntibigarukira gusa ku micungire y'urusobe, gutahura kwinjira, gukora no gutinda gusesengura, nibindi byinshi.Aya mashusho akeneye kumenya ibipimo byose byumwimerere byerekana indorerwamo kandi akanashyiramo ibitagaragara muburyo bwambere.
Ubwoko bwa ERSPAN Ubwoko bwa III bukomatanya burimo umutwe wa 12-byte uteganijwe hamwe na 8-byte ya platifomu yihariye.
Imiterere yumutwe wa ERSPAN kubwoko bwa III nuburyo bukurikira:
Na none, nyuma yikirahure cyumwimerere ni 4-byte CRC.
Nkuko bigaragara muburyo bwimitwe yubwoko bwa III, usibye kugumana imirima ya Ver, VLAN, COS, T na Session ID hashingiwe kubwoko bwa II, imirima myinshi idasanzwe yongeweho, nka:
• BSO: ikoreshwa mu kwerekana uburinganire bwimitwaro yamakuru yatanzwe binyuze muri ERSPAN.00 ni ikadiri nziza, 11 ni ikadiri mbi, 01 ni ikadiri ngufi, 11 ni ikadiri nini;
• Igihe cyagenwe: cyoherejwe mumasaha yibyuma bihujwe nigihe cya sisitemu.Uyu murima wa 32-bit ushyigikira byibuze microseconds 100 ya graneste ya Timestamp;
• Ubwoko bwa Frame (P) nubwoko bwa Frame (FT): iyambere ikoreshwa mugusobanura niba ERSPAN itwara ama kadamu ya protocole ya Ethernet (amakadiri ya PDU), naho iyanyuma ikoreshwa mukugaragaza niba ERSPAN itwara ama frame ya Ethernet cyangwa IP packets.
• HW ID: ibiranga bidasanzwe moteri ya ERSPAN muri sisitemu;
• Gra (Timestamp Granularity): Igaragaza ubunini bwa Timestamp.Kurugero, 00B igereranya microsecond 100 Granularity, 01B 100 Nanosekond Granularity, 10B IEEE 1588 Granularity, na 11B bisaba urubuga rwihariye-imitwe kugirango ugere kuri Granularite.
• Indangamuntu ya Platf na Platform Amakuru yihariye: Imirongo yihariye yamakuru ya platform ifite imiterere itandukanye nibirimo bitewe nagaciro ka ID.
Twabibutsa ko imitwe itandukanye yimitwe ishyigikiwe hejuru irashobora gukoreshwa mubisanzwe bya ERSPAN, ndetse no kwerekana indorerwamo yibibazo cyangwa amakadiri ya BPDU, mugihe ukomeza pake yumwimerere hamwe nindangamuntu ya VLAN.Mubyongeyeho, amakuru yingenzi ya timestamp nandi makuru yamakuru arashobora kongerwaho kuri buri kintu cya ERSPAN mugihe cyo kwerekana.
Hamwe na ERSPAN yihariye yibiranga imitwe, turashobora kugera kubisesenguye bunoze bwurugendo rwurusobe, hanyuma tugashyiraho gusa ACL ijyanye na gahunda ya ERSPAN kugirango ihuze numuyoboro wurubuga dushishikajwe.
ERSPAN Ishyira mu bikorwa RDMA Isomo Kugaragara
Reka dufate urugero rwo gukoresha tekinoroji ya ERSPAN kugirango tugere kumashusho ya RDMA mumashusho ya RDMA:
RDMA.Irakoreshwa cyane mumakuru manini kandi ikora cyane ikwirakwizwa mububiko.
RoCEv2: RDMA hejuru ya verisiyo ya Ethernet verisiyo 2. Amakuru ya RDMA akubiye mumutwe wa UDP.Icyambu cyerekezo ni 4791.
Imikorere ya buri munsi no gufata neza RDMA bisaba gukusanya amakuru menshi, akoreshwa mugukusanya umurongo wamazi wa buri munsi hamwe n’impuruza zidasanzwe, kimwe nishingiro ryo kumenya ibibazo bidasanzwe.Hamwe na ERSPAN, amakuru manini arashobora gufatwa vuba kugirango abone microsecond yohereza amakuru meza hamwe na protocole imikoranire yo guhinduranya chip.Binyuze mu mibare nisesengura ryamakuru, RDMA iherezo-iherezo ryohereza ireme ryiza no guhanura birashobora kuboneka.
Kugirango tugere kumasomo ya RDAM, dukeneye ERSPAN guhuza ijambo ryibanze kubikorwa bya RDMA mugihe cyo kwerekana indorerwamo, kandi dukeneye gukoresha urutonde rwagutse rwinzobere.
Urwego rwinzobere rwagutse urutonde ruhuza ibisobanuro:
UDF igizwe nimirima itanu: Ijambo ryibanze rya UDF, umurima shingiro, offset umurima, umurima wagaciro, numwanya wa mask.Bitewe nubushobozi bwibikoresho byinjira, byose hamwe umunani UDF irashobora gukoreshwa.UDF imwe irashobora guhuza ntarengwa na byite ebyiri.
• Ijambo ryibanze rya UDF: UDF1 ... UDF8 Irimo ijambo umunani ryibanze rya UDF ihuza domaine
• Umwanya shingiro: ugaragaza umwanya wo gutangiriraho umurima uhuza UDF.Ibikurikira
L4_umutwe (birakoreshwa kuri RG-S6520-64CQ)
L5_umutwe (kuri RG-S6510-48VS8Cq)
• Offset: yerekana offset ishingiye kumurima shingiro.Agaciro kari hagati ya 0 na 126
• Agaciro k'umurima: guhuza agaciro.Irashobora gukoreshwa hamwe hamwe na mask yumurima kugirango ugene agaciro kihariye guhuzwa.Bite byemewe ni byite ebyiri
• Umwanya wa mask: mask, biti byemewe ni byite ebyiri
.
Ibipapuro bibiri byingenzi bifitanye isano na RDMA isomo ryimiterere ni Packet Notification Packet (CNP) hamwe no Gushimira (NAK):
Iyambere ikorwa nuwakiriye RDMA nyuma yo kwakira ubutumwa bwa ECN bwoherejwe na switch (mugihe eout Buffer igeze kumuryango), ikubiyemo amakuru ajyanye no gutemba cyangwa QP itera ubwinshi.Iheruka ikoreshwa mu kwerekana ihererekanyabubasha rya RDMA rifite ubutumwa bwo gusubiza paketi.
Reka turebe uko twahuza ubu butumwa bubiri ukoresheje urutonde rwagutse rwinzobere:
abahanga kwinjira-urutonde rwagutse rdma
kwemerera udp icyaricyo cyose eq 4791udf 1 l4_umutwe 8 0x8100 0xFF00(Guhuza RG-S6520-64CQ)
kwemerera udp icyaricyo cyose eq 4791udf 1 l5_umutwe 0 0x8100 0xFF00(Guhuza RG-S6510-48VS8CQ)
abahanga kwinjira-urutonde rwagutse rdma
kwemerera udp icyaricyo cyose eq 4791udf 1 l4_umutwe 8 0x1100 0xFF00 udf 2 l4_umutwe 20 0x6000 0xFF00(Guhuza RG-S6520-64CQ)
kwemerera udp icyaricyo cyose eq 4791udf 1 l5_umutwe 0 0x1100 0xFF00 udf 2 l5_umutwe 12 0x6000 0xFF00(Guhuza RG-S6510-48VS8CQ)
Nintambwe yanyuma, urashobora kwiyumvisha isomo rya RDMA mugushiraho urutonde rwabaguzi rwinzobere mubikorwa bikwiye bya ERSPAN.
Andika iheruka
ERSPAN ni kimwe mu bikoresho byingirakamaro muri iki gihe bigenda byiyongera cyane mu miyoboro y’amakuru, bigenda byoroha cyane mu muyoboro, hamwe n’ibikorwa bikenerwa cyane byo gukora no kubungabunga.
Hamwe niterambere ryiyongera rya O&M automatike, tekinoroji nka Netconf, RESTconf, na gRPC irazwi mubanyeshuri ba O&M mumashanyarazi O&M.Gukoresha gRPC nka protocole yibanze yo kohereza indorerwamo yimodoka nayo ifite ibyiza byinshi.Kurugero, rushingiye kuri protocole ya HTTP / 2, irashobora gushyigikira uburyo bwo gusunika ibintu munsi yihuza rimwe.Hamwe na kodegisi ya ProtoBuf, ingano yamakuru yagabanutseho kimwe cya kabiri ugereranije nuburyo bwa JSON, bigatuma amakuru yihuta kandi neza.Tekereza gusa, niba ukoresha ERSPAN kugirango ugaragaze indorerwamo zishimishije hanyuma ubohereze kuri seriveri yisesengura kuri gRPC, bizamura cyane ubushobozi nubushobozi bwimikorere ya neti ikora no kuyitunganya?
Igihe cyo kohereza: Gicurasi-10-2022
