Esona sixhobo sixhaphakileyo sokubeka iliso kuthungelwano kunye nokusombulula ingxaki namhlanje yiTshintshela iPort Analyzer (SPAN), ekwaziwa ngokuba yiPort mirroring.Ivumela ukuba sibeke iliso kwi-traffic yenethiwekhi kwi-bypass out of band mode ngaphandle kokuphazamisa iinkonzo kwinethiwekhi ephilayo, kwaye ithumela ikopi yetrafikhi ebekwe esweni kwizixhobo zendawo okanye ezikude, kuquka i-Sniffer, i-IDS, okanye ezinye iintlobo zezixhobo zokuhlalutya inethiwekhi.
Olunye usetyenziso oluqhelekileyo lu:
• Ukusombulula iingxaki zothungelwano ngokulandelela ulawulo/isakhelo zedatha;
• Hlalutya i-latency kunye nejitter ngokubeka esweni iipakethi zeVoIP;
• Ukuhlalutya ukubambezeleka ngokubeka iliso kunxibelelwano lwenethiwekhi;
• Khangela izinto ezingaqhelekanga ngokubeka iliso kwitrafiki yenethiwekhi.
I-SPAN Traffic inokuboniswa ekuhlaleni kwamanye amazibuko kwisixhobo somthombo omnye, okanye ijongwe ukude kwezinye izixhobo zothungelwano ezikufuphi noLeya 2 lwesixhobo somthombo (RSPAN).
Namhlanje siza kuthetha ngeTekhnoloji yokuJonga i-Intanethi ekwi-Remote ye-Intanethi ebizwa ngokuba yi-ERSPAN (I-Encapsulated Remote Switch Port Analyzer) enokuhanjiswa kwiileya ezintathu ze-IP.Olu lulongezo lwe-SPAN ukuya kwi-Ecapsulated Remote.
Imigaqo esisiseko yokusebenza ye-ERSPAN
Okokuqala, makhe sijonge kwiifitsha ze-ERSPAN:
• Ikopi yepakethi esuka kwindawo yomthombo ithunyelwa kwiseva yendawo ukuze ihlalutywe ngeGeneric Routing Encapsulation (GRE).Indawo ekhoyo yomncedisi ayithintelwanga.
Ngoncedo lweNkalo echaziweyo yomsebenzisi (i-UDF) yetshiphu, nayiphi na i-offset ye-1 ukuya kwi-126 bytes yenziwa ngokusekwe kwisizinda seSiseko ngoluhlu olwandisiweyo lwenqanaba leengcali, kunye namagama angundoqo eseshoni adityaniswa ukuze aqonde ukubonwa. yeseshoni, efana ne-TCP yeendlela ezintathu zokuxhawula izandla kunye neseshoni ye-RDMA;
• Inkxaso yokumisela ireyithi yesampulu;
• Ixhasa ubude bepakethi yokuqhawula (iPacket Slicing), ukunciphisa uxinzelelo kumncedisi ekujoliswe kuwo.
Ngezi mpawu, unokubona ukuba kutheni i-ERSPAN isisixhobo esibalulekileyo sokujonga uthungelwano ngaphakathi kumaziko edatha namhlanje.
Imisebenzi ephambili ye-ERSPAN inokushwankathelwa kwimiba emibini:
• Ukubonakala kweSeshini: Sebenzisa i-ERSPAN ukuqokelela zonke iiseshini ezenziweyo ze-TCP entsha kunye neRemote Direct Memory Access (RDMA) kwiseva esemva ukuze iboniswe;
• Usombululo lwengxaki yenethiwekhi: Ibamba itrafikhi yothungelwano kuhlalutyo lwempazamo xa kusenzeka ingxaki yenethiwekhi.
Ukwenza oku, isixhobo sothungelwano somthombo kufuneka sihluze ukugcwala komdla kumsebenzisi ukusuka kumsinga omkhulu wedatha, wenze ikopi, kwaye ugqume isakhelo sekopi nganye kwi "superframe container" ekhethekileyo ethwala ulwazi olongezelelweyo olwaneleyo ukuze ikwazi. zihanjiswe ngokuchanekileyo kwisixhobo sokwamkela.Ngaphezu koko, yenza isixhobo esifumanayo sikhuphe kwaye siphinde siphinde sifumane i-traffic ejongwe kuqala.
Isixhobo esifumanayo sinokuba yenye iseva exhasa ukuqhawula iipakethi ze-ERSPAN.
Uhlobo lwe-ERSPAN kunye noHlalutyo lweFomathi yePakeji
Iipakethi ze-ERSPAN zigqunyiwe kusetyenziswa i-GRE kwaye zithunyelwe kuyo nayiphi na indawo enokudilesi ye-IP nge-Ethernet.I-ERSPAN okwangoku isetyenziswa ikakhulu kuthungelwano lwe-IPv4, kwaye inkxaso ye-IPv6 iya kuba yimfuneko kwixesha elizayo.
Kulwakhiwo lwe-encapsulation ngokubanzi lwe-ERSAPN, oku kulandelayo sisibuko sepakethi yokuthatha iipakethi ze-ICMP:
Iprotocol ye-ERSPAN iphuhliswe kwixesha elide, kwaye ngokwandisa amandla ayo, iinguqulelo ezininzi zenziwe, ezibizwa ngokuba yi "ERSPAN Types".Iindidi ezahlukeneyo zineefomati zentloko yesakhelo ezahlukeneyo.
Ichazwe kumhlaba woguqulelo wokuqala we-ERSPAN okubhalwe ngasentla:
Ukongeza, intsimi yoHlobo lweProtocol kwi-header ye-GRE ikwabonisa uhlobo lwangaphakathi lwe-ERSPAN.Indawo yoHlobo lweProtocol 0x88BE ibonisa uhlobo lwe-ERSPAN II, kunye no-0x22EB lubonisa uhlobo lwe-ERSPAN III.
1. Uhlobo I
Isakhelo se-ERSPAN soHlobo I lufakela i-IP kunye ne-GRE ngokuthe ngqo phezu kwesihloko sesakhelo sesipili sokuqala.Le encapsulation yongeza i-38 bytes phezu kwesakhelo sokuqala: 14(MAC) + 20 (IP) + 4(GRE).Inzuzo yale fomati kukuba inobungakanani bentloko edibeneyo kwaye iyanciphisa iindleko zothumelo.Nangona kunjalo, ngenxa yokuba icwangcisa iflegi ye-GRE kunye ne-Version fields ku-0, ayithwali nayiphi na imimandla eyandisiweyo kwaye i-Type I ayisetyenziswanga ngokubanzi, ngoko akukho mfuneko yokwandisa ngakumbi.
Ifomathi yeheader ye-GRE yoHlobo I ngolu hlobo lulandelayo:
2. Uhlobo II
KuHlobo lwe-II, i-C, R, K, S, S, Recur, iiFlegi, kunye nemihlaba yoguqulelo kwi-header ye-GRE zonke ngu-0 ngaphandle kwendawo ka-S.Ke ngoko, inkalo yeNombolo yolandelelwano iboniswe kwi-GRE yentloko yoHlobo lwe-II.Oko kukuthi, Uhlobo lwe-II lunokuqinisekisa umyalelo wokufumana iipakethi ze-GRE, ukwenzela ukuba inani elikhulu leepakethi ze-GRE ezingaphandle kwe-odolo azikwazi ukulungiswa ngenxa yephutha lenethiwekhi.
Ifomathi yeheader ye-GRE yoHlobo lwe-II ngolu hlobo lulandelayo:
Ukongeza, ifomati yesakhelo se-ERSPAN Type II yongeza i-8-byte ye-ERSPAN header phakathi kwe-GRE header kunye nesakhelo sesipili sokuqala.
I-ERSPAN ifomathi yeheader yoHlobo lwe-II ngolu hlobo lulandelayo:
Ekugqibeleni, ngokukhawuleza emva kwesakhelo somfanekiso wokuqala, yikhowudi eqhelekileyo ye-4-byte Ethernet cyclic redundancy check (CRC).
Kuyaphawuleka ukuba ekuphunyezweni, isakhelo sesibuko asiqulathanga intsimi ye-FCS yesakhelo sokuqala, endaweni yoko ixabiso elitsha le-CRC liphinda libalwe ngokusekelwe kwi-ERSPAN yonke.Oku kuthetha ukuba isixhobo esifumanayo asikwazi ukuqinisekisa ukuchaneka kwe-CRC yesakhelo sokuqala, kwaye sinokucinga kuphela ukuba kuphela izakhelo ezingonakali zibonakaliswe.
3. Uhlobo III
Uhlobo lwe-III luzisa i-header enkulu kunye neguquguqukayo edibeneyo yokujongana neemeko ezikhulayo kunye neentlobo ezahlukeneyo zokubeka iliso zenethiwekhi, kubandakanywa kodwa kungaphelelanga kulawulo lwenethiwekhi, ukufumanisa ukungena, ukusebenza kunye nohlalutyo lokulibaziseka, kunye nokunye.Le miboniso idinga ukwazi zonke iiparameters zangaphambili zesakhelo sesibuko kwaye zibandakanya ezo zingekho kwisakhelo sokuqala ngokwaso.
Isihloko esihlanganisiweyo se-ERSPAN Uhlobo lwe-III lubandakanya i-header enyanzelekileyo ye-12-byte kunye ne-8-byte ye-platform-specific header ozikhethelayo.
Ifomati yeheader ye-ERSPAN yoHlobo lwe-III ngolu hlobo lulandelayo:
Kwakhona, emva kwesakhelo sesipili sokuqala yi-4-byte CRC.
Njengoko kunokubonwa kwifomathi yeheader yoHlobo lwe-III, ngaphezu kokugcina iVer, VLAN, COS, T kunye neSession ID fields ngesiseko se-Type II, iindawo ezininzi ezikhethekileyo zongezwa, ezifana:
• I-BSO: isetyenziselwa ukubonisa imfezeko yomthwalo wezakhelo zedatha ezithwalwa nge-ERSPAN.I-00 isakhelo esilungileyo, i-11 isakhelo esibi, i-01 isakhelo esifutshane, i-11 isakhelo esikhulu;
• Isitampu sexesha: sithunyelwe ngaphandle kwiwotshi yehardware edityaniswe nexesha lenkqubo.Le ntsimi ye-32-bit isekela ubuncinane i-100 microseconds ye-Timestamp granularity;
• Uhlobo lweSakhelo (P) kunye noHlobo lweSakhelo (FT) : eyokuqala isetyenziselwa ukucacisa ukuba ngaba i-ERSPAN iphethe i-Ethernet protocol frames (izakhelo zePDU), kwaye le yokugqibela isetyenziselwa ukucacisa ukuba ngaba i-ERSPAN iphethe izakhelo ze-Ethernet okanye iipakethi ze-IP.
• Isazisi se-HW: isichongi esisodwa senjini ye-ERSPAN ngaphakathi kwesixokelelwano;
• I-Gra (i-Timestamp Granularity) : Ichaza iGranularity yeSitampu sexesha.Umzekelo, i-00B imele i-100 microsecond Granularity, i-01B 100 nanosecond Granularity, i-10B IEEE 1588 Granularity, kunye ne-11B idinga ii-sub-headers ezikhethekileyo zeqonga ukuze zifezekise iGranularity ephezulu.
• I-ID ye-Platf vs. Ulwazi oluKhethekileyo lwe-Platf: Iinkalo zoLwazi oluKhethekileyo ze-Platf zinefomathi ezahlukeneyo kunye nemixholo ngokuxhomekeke kwixabiso le-ID ye-Platf.
Kufuneka kuqatshelwe ukuba iindawo ezahlukeneyo zeheader ezixhaswayo ngasentla zingasetyenziswa rhoqo kwi-ERSPAN izicelo, nezakhelo zemposiso zesipili okanye izakhelo ze-BPDU, ngelixa ugcina iphakheji ye-Trunk yoqobo kunye ne-VLAN ID.Ukongeza, ulwazi lwesitampu sexesha eliphambili kunye neminye imimandla yolwazi inokongezwa kwisakhelo ngasinye se-ERSPAN ngexesha lokujonga isipili.
Ngeeheader zemboniso ye-ERSPAN, singakwazi ukufezekisa uhlalutyo olusulungekileyo lwetrafikhi yenethiwekhi, kwaye emva koko sinyuse i-ACL ehambelanayo kwinkqubo ye-ERSPAN ukuhambelana netrafikhi yenethiwekhi esinomdla kuyo.
I-ERSPAN izalisekisa ukubonakala kweSeshini ye-RDMA
Masithathe umzekelo wokusebenzisa itekhnoloji ye-ERSPAN ukuphumeza ukubonwa kweseshoni ye-RDMA kwimeko ye-RDMA:
I-RDMA: I-Remote Memory Access ivumela i-adapter yenethiwekhi ye-server A ukuba ifunde kwaye ibhale i-Memory ye-server B ngokusebenzisa i-interface network cards (i-ics) ehlakaniphile kunye nokutshintsha, ukufezekisa i-bandwidth ephezulu, i-latency ephantsi, kunye nokusetyenziswa komthombo ophantsi.Isetyenziswa ngokubanzi kwidatha enkulu kunye neemeko eziphezulu ezisasazwayo zokugcina.
RoCEv2: I-RDMA phezu kwe-Converged Ethernet Version 2. Idatha ye-RDMA ifakwe kwi-Header ye-UDP.Inombolo yezibuko lendawo yi-4791.
Ukusebenza kwemihla ngemihla kunye nokugcinwa kwe-RDMA kufuna ukuqokelela idatha eninzi, esetyenziselwa ukuqokelela imigca yesalathiso yenqanaba lamanzi imihla ngemihla kunye nee-alamu ezingaqhelekanga, kunye nesiseko sokufumana iingxaki ezingaqhelekanga.Idityaniswe ne-ERSPAN, idatha enkulu inokubanjwa ngokukhawuleza ukufumana idatha esemgangathweni yokuhanjiswa kwe-microsecond kunye nemo yokunxibelelana kweprotocol yokutshintsha itshiphu.Ngokusebenzisa iinkcukacha-manani kunye nohlalutyo, uvavanyo lwekhwalithi yokuthunyelwa kwe-RDMA ekupheleni ukuya ekupheleni kunye nokuqikelelwa kunokufumaneka.
Ukufezekisa ukubonwa kweseshoni ye-RDAM, sidinga i-ERSPAN ukufanisa amagama angundoqo kwiiseshoni zokusebenzisana ze-RDMA xa ubonisa i-traffic ye-mirroring, kwaye kufuneka sisebenzise uluhlu olwandisiweyo lweengcali.
Inqanaba lengcaphephe elongeziweyo loluhlu oluhambelana nenkcazo yendawo:
I-UDF inamacandelo amahlanu: igama elingundoqo le-UDF, indawo yesiseko, indawo yokulinganisa, indawo yexabiso, kunye nendawo yemaski.Ukunyinwa ngumthamo wamangenelo ehardware, zizonke iiUDF ezisibhozo zingasetyenziswa.I-UDF enye inokuhambelana nobuninzi beebhayithi ezimbini.
• Igama elingundoqo le-UDF: UDF1... I-UDF8 Inamagama angundoqo asibhozo e-UDF ehambelana nommandla
• Indawo esisiseko: ichonga indawo yokuqala ye-UDF yokuthelekisa.Ezilandelayo
I-L4_header (isebenza kwi-RG-S6520-64CQ)
I-L5_header (ye-RG-S6510-48VS8Cq)
• I-Offset: ibonisa i-offset ngokusekelwe kumhlaba osisiseko.Ixabiso lisuka kwi-0 ukuya kwi-126
• Indawo yexabiso: ixabiso elihambelanayo.Ingasetyenziswa kunye nomhlaba wemaski ukuqwalasela ixabiso elithile eliza kuthelekiseka.Isuntswana elisebenzayo ziibyte ezimbini
• Indawo yemaski: imaski, isuntswana elisebenzayo ziibyte ezimbini
(Yongeza: Ukuba amangeno amaninzi asetyenziswa kwibala elinye le-UDF elithelekisekayo, isiseko kunye nemimandla yokulinganisa kufuneka ifane.)
Iipakethe ezimbini eziphambili ezinxulumene nobume beseshoni ye-RDMA yiPakethe yeSaziso sokuNxibelelana (CNP) kunye neNkolelo eNgcaciswayo (NAK):
Eyangaphambili iveliswa ngumamkeli we-RDMA emva kokufumana umyalezo we-ECN othunyelwe ngokutshintsha (xa i-eout Buffer ifikelela kumda), equlethe ulwazi malunga nokuhamba okanye i-QP ebangela ukuxinana.Le yokugqibela isetyenziselwa ukubonisa ukuhanjiswa kwe-RDMA kunomyalezo wempendulo yokulahleka kwepakethi.
Makhe sijonge indlela yokutshatisa le miyalezo mibini usebenzisa uluhlu olwandisiweyo lwenqanaba lobuchwephesha:
Uluhlu lofikelelo lwengcali eyandisiweyo rdma
vumela udp nayiphi na nayiphi na i-eq 4791udf 1 l4_header 8 0x8100 0xFF00(Ingqamana ne-RG-S6520-64CQ)
vumela udp nayiphi na nayiphi na i-eq 4791udf 1 l5_header 0 0x8100 0xFF00(Ingqamana ne-RG-S6510-48VS8CQ)
Uluhlu lofikelelo lwengcali eyandisiweyo rdma
vumela udp nayiphi na nayiphi na i-eq 4791udf 1 l4_header 8 0x1100 0xFF00 udf 2 l4_header 20 0x6000 0xFF00(Ingqamana ne-RG-S6520-64CQ)
vumela udp nayiphi na nayiphi na i-eq 4791udf 1 l5_header 0 0x1100 0xFF00 udf 2 l5_header 12 0x6000 0xFF00(Ingqamana ne-RG-S6510-48VS8CQ)
Njengenyathelo lokugqibela, unokuba nombono weseshoni ye-RDMA ngokunyusa uluhlu lolwandiso lweengcali kwinkqubo efanelekileyo ye-ERSPAN.
Bhala okokugqibela
I-ERSPAN sesinye sezixhobo eziyimfuneko kuthungelwano lwanamhlanje lwamaziko amakhulu edatha, i-traffic eyandayo yothungelwano oluntsonkothileyo, kunye nokusebenza kobugocigoci kunye neemfuno zokugcinwa kwenethiwekhi.
Ngokunyuka kweqondo le-O&M automation, ubugcisa obufana ne-Netconf, i-RESTconf, kunye ne-gRPC zidumile phakathi kwabafundi be-O&M kuthungelwano oluzenzekelayo lwe-O&M.Ukusebenzisa i-gRPC njengomgaqo osisiseko wokuthumela umva itrafikhi yesipili nako kuneengenelo ezininzi.Umzekelo, ngokusekwe kwi-HTTP/2 iprotocol, inokuxhasa indlela yokutyhala yokusasaza phantsi koqhagamshelwano olufanayo.Ngeencoding yeProtoBuf, ubungakanani bolwazi buncitshiswe ngesiqingatha xa kuthelekiswa nefomathi ye-JSON, okwenza ukuhanjiswa kwedatha ngokukhawuleza nangokufanelekileyo.Khawufan' ucinge, ukuba usebenzisa i-ERSPAN ukubonisa imijelo enomdla kwaye emva koko uyithumele kumncedisi wohlalutyo kwi-gRPC, ingaba iyakuphucula kakhulu amandla kunye nokusebenza kakuhle kwenethiwekhi kunye nokugcinwa okuzenzekelayo?
Ixesha lokuposa: May-10-2022
