Ko te taputapu tino rongonui mō te aroturuki me te rapurongoā whatunga i ēnei rā ko te Switch Port Analyzer (SPAN), e mōhiotia ana ko te Port mirroring. Mā tēnei ka taea e tātou te aroturuki i te haere o te whatunga i roto i te aratau bypass i waho o te roopu me te kore e pokanoa ki ngā ratonga i runga i te whatunga ora, ā, ka tukuna he kape o te haere e aroturukitia ana ki ngā taputapu ā-rohe, ā-mamao rānei, tae atu ki a Sniffer, IDS, me ētahi atu momo taputapu tātari whatunga.
Ko ētahi whakamahinga noa ko:
• Whakatau i ngā raruraru whatunga mā te whai i ngā anga mana/raraunga;
• Tātarihia te whakaroa me te wiri mā te aroturuki i ngā mōkihi VoIP;
• Tātarihia te whakaroa mā te aroturuki i ngā taunekeneke whatunga;
• Kitea ngā āhuatanga rerekē mā te aroturuki i ngā waka whatunga.
Ka taea te whakaata ā-rohe i te rere o te SPAN ki ētahi atu tauranga i runga i te pūrere pūtake kotahi, ka taea rānei te whakaata mamao ki ētahi atu pūrere whatunga e tata ana ki te Papa 2 o te pūrere pūtake (RSPAN).
I tēnei rā ka kōrero tātou mō te hangarau aroturuki i ngā waka Ipurangi Mamao e kiia nei ko te ERSPAN (Encapsulated Remote Switch Port Analyzer) ka taea te tuku puta noa i ngā paparanga IP e toru. He toronga tēnei o te SPAN ki te Encapsulated Remote.
Ngā mātāpono whakahaere taketake o te ERSPAN
Tuatahi, me titiro tātou ki ngā āhuatanga o ERSPAN:
• Ka tukuna he tārua o te mōkihi mai i te tauranga pūtake ki te tūmau ūnga hei tātari mā te Generic Routing Encapsulation (GRE). Kāore e herea te tauwāhi ā-tinana o te tūmau.
• Mā te āwhina o te āhuatanga Kaiwhakamahi Tautuhinga Mara (UDF) o te maramara, ka whakahaerehia tetahi tauwehenga o te 1 ki te 126 paita i runga i te rohe Pūtake mā te rārangi whānui taumata-tohunga, ā, ka tauritehia ngā kupumatua o te wātū hei whakatutuki i te whakaaturanga o te wātū, pērā i te ruru ringa TCP toru-ara me te wātū RDMA;
• Tautoko i te whakarite i te tere tauira;
• Tautoko ana i te roa o te hopunga mōkihi (Packet Slicing), ka whakaiti i te pēhanga ki runga i te tūmau ūnga.
Mā ēnei āhuatanga, ka kite koe he aha te ERSPAN he taputapu nui mō te aroturuki i ngā whatunga i roto i ngā pokapū raraunga i ēnei rā.
E rua ngā āhuatanga e whakarāpopototia ai ngā mahi matua a ERSPAN:
• Tirohanga o te Wātū: Whakamahia te ERSPAN hei kohikohi i ngā wātū TCP me te Urunga Mahara Tika Mamao (RDMA) hou katoa kua hangaia ki te tūmau o muri hei whakaatu;
• Rapurongoā whatunga: Ka hopu i ngā rerenga whatunga hei tātari hapa ina puta he raruraru whatunga.
Hei whakatutuki i tēnei, me tātari e te taputapu whatunga pūtake te rerenga raraunga e hiahiatia ana e te kaiwhakamahi mai i te awa raraunga nui, ka hanga he tārua, ka whakakōpaki i ia anga tārua ki roto i tētahi "ipu anga-rahi" motuhake e kawe ana i ngā mōhiohio tāpiri e ranea ana kia taea ai te tuku tika ki te taputapu whiwhi. Hei tāpiri, me āhei te taputapu whiwhi ki te tango me te whakaora katoa i te rerenga raraunga taketake e aroturukitia ana.
Ko te pūrere whiwhi he tūmau anō e tautoko ana i te wetewete i ngā mōkihi ERSPAN.
Te Tātari Momo me te Hōputu Mōkihi ERSPAN
Ka whakakōpakihia ngā mōkihi ERSPAN mā te whakamahi i te GRE, ā, ka tukuna atu ki tētahi ūnga wāhitau IP mā te Ethernet. I tēnei wā, e whakamahia nuitia ana te ERSPAN i runga i ngā whatunga IPv4, ā, ka hiahiatia te tautoko IPv6 ā muri ake nei.
Mō te hanganga whānui o te ERSAPN, koinei te hopukanga whakaata o ngā mōkihi ICMP:
Kua roa te whanaketanga o te kawa ERSPAN, ā, nā te whakarei ake i ōna āheinga, kua puta mai ētahi putanga, e kiia nei ko "Ngā Momo ERSPAN". He rerekē ngā whakatakotoranga pane anga o ia Momo.
Kua tautuhia i roto i te āpure Putanga tuatahi o te pane ERSPAN:
Hei tāpiritanga, ko te āpure Momo Kawa i roto i te pane GRE e tohu ana hoki i te Momo ERSPAN ā-roto. Ko te āpure Momo Kawa 0x88BE e tohu ana i te Momo ERSPAN II, ā, ko te 0x22EB e tohu ana i te Momo ERSPAN III.
1. Momo Tuatahi
Ka tākaihia e te anga ERSPAN o te Momo I te IP me te GRE ki runga tonu i te pane o te anga whakaata taketake. Ka tāpirihia e tēnei tākai he 38 paita ki runga ake i te anga taketake: 14(MAC) + 20 (IP) + 4(GRE). Ko te painga o tēnei hōputu he iti te rahi o te pane, ā, ka whakaitihia te utu tuku. Heoi, nā te mea ka whakatakotoria ngā āpure Kara me te Putanga GRE ki te 0, kāore e mau ana i ngā āpure whānui, ā, kāore te Momo I e whakamahia whānuitia, nō reira kāore he take ki te whakawhānui ake.
Ko te whakatakotoranga pane GRE o te Momo I e whai ake nei:
2. Momo II
I te Momo II, ko ngā āpure C, R, K, S, S, Recur, Flags, me te Version i roto i te pane GRE he 0 katoa engari ko te āpure S. Nō reira, ka whakaaturia te āpure Tau Raupapa i roto i te pane GRE o te Momo II. Arā, ka taea e te Momo II te whakarite i te raupapa o ngā mōkihi GRE e whiwhi ana, kia kore ai e taea te whakarōpū i te maha o ngā mōkihi GRE kāore i te raupapa nā te hapa whatunga.
Ko te whakatakotoranga pane GRE o te Momo II e whai ake nei:
Hei tāpiritanga, ka tāpirihia e te hōputu anga ERSPAN Momo II he pane ERSPAN 8-paita i waenganui i te pane GRE me te anga whakaata taketake.
Ko te hōputu pane ERSPAN mō te Momo II e whai ake nei:
Hei whakamutunga, i muri tonu mai i te anga whakaahua taketake, ko te waehere paerewa 4-paita Ethernet cyclic redundancy check (CRC).
He mea tika kia mōhiotia i roto i te whakatinanatanga, kāore te anga whakaata e whakaatu ana i te āpure FCS o te anga taketake, engari ka tatauhia anō he uara CRC hou i runga i te ERSPAN katoa. Ko te tikanga tēnei kāore e taea e te taputapu whiwhi te manatoko i te tika o te CRC o te anga taketake, ā, ka taea anake e tātou te whakaaro ko ngā anga kāore anō kia pirau ka whakaatahia.
3. Momo III
Ka whakauruhia e te Momo III he pane honohono nui ake, ngāwari ake hoki hei aro atu ki ngā horopaki aroturuki whatunga uaua haere, kanorau haere, tae atu ki te whakahaere whatunga, te kimi urutomo, te tātari mahi me te whakaroa, me ētahi atu. Me mōhio ēnei whakaaturanga ki ngā tawhā taketake katoa o te anga whakaata, tae atu ki ngā mea kāore i roto i te anga taketake tonu.
Kei roto i te pane whakauru ERSPAN Momo III he pane 12-paita e hiahiatia ana me tētahi pane iti motuhake mō te tūāpapa 8-paita.
Ko te hōputu pane ERSPAN mō te Momo III e whai ake nei:
Ano, i muri i te anga whakaata taketake he CRC 4-paita.
E kitea ana i te whakatakotoranga pane o te Momo III, hei tāpiritanga ki ngā āpure Ver, VLAN, COS, T me te Session ID i runga i te Momo II, he maha ngā āpure motuhake kua tāpirihia, pērā i:
• BSO: e whakamahia ana hei tohu i te pono o te kawenga o ngā anga raraunga e haria ana mā ERSPAN. He anga pai te 00, he anga kino te 11, he anga poto te 01, he anga nui te 11;
• Tohuwā: ka kaweake mai i te karaka taputapu kua tukutahitia ki te wā pūnaha. Ka tautokohia e tēnei āpure 32-moka te iti rawa 100 maikirohekona o te matotorutanga o te Tohuwā;
• Momo Anga (P) me te Momo Anga (FT): ka whakamahia te tuatahi hei tohu mēnā kei te kawe a ERSPAN i ngā anga kawa Ethernet (ngā anga PDU), ā, ka whakamahia te tuarua hei tohu mēnā kei te kawe a ERSPAN i ngā anga Ethernet, i ngā mōkihi IP rānei.
• HW ID: te tohu motuhake o te miihini ERSPAN i roto i te pūnaha;
• Gra (Timestamp Granularity) : E tohu ana i te Granularity o te Timestamp. Hei tauira, ko te 00B e tohu ana i te 100 microsecond Granularity, ko te 01B he 100 nanosecond Granularity, ko te 10B IEEE 1588 Granularity, me te 11B e hiahia ana i ngā pane-iti motuhake ki te tūāpapa hei whakatutuki i te Granularity teitei ake.
• Tau Tūāpapa ID vs. Ngā Mōhiohio Motuhake Tūāpapa: He rerekē ngā whakatakotoranga me ngā ihirangi o ngā āpure Mōhiohio Motuhake Tūāpapa i runga i te uara Tau Tūāpapa ID.
Me mōhio ka taea te whakamahi i ngā āpure pane e tautokona ana i runga ake nei i roto i ngā tono ERSPAN noa, tae atu ki te whakaata i ngā anga hapa, i ngā anga BPDU rānei, me te pupuri tonu i te mōkihi Trunk taketake me te VLAN ID. Hei tāpiri, ka taea te tāpiri i ngā mōhiohio tohu wā matua me ētahi atu āpure mōhiohio ki ia anga ERSPAN i te wā e whakaata ana.
Mā ngā pane āhuatanga a te ERSPAN, ka taea e tātou te whakatutuki i tētahi tātaritanga matatau ake o te hokohoko whatunga, kātahi ka tāuta noa i te ACL e rite ana ki te tukanga ERSPAN kia ōrite ki te hokohoko whatunga e hiahiatia ana e tātou.
Ka whakatinanahia e te ERSPAN te Tirohanga Wāhanga RDMA
Me tango he tauira o te whakamahi i te hangarau ERSPAN hei whakatutuki i te whakaaturanga wātū RDMA i roto i te horopaki RDMA:
RDMAMā te Urunga Mahara Tika Mamao ka taea e te urutau whatunga o te tūmau A te pānui me te tuhi i te Mahara o te tūmau B mā te whakamahi i ngā kāri atanga whatunga atamai (inics) me ngā pana, ka tutuki ai te whānui o te hononga, te iti o te whakaroa, me te iti o te whakamahinga rauemi. He whānuitia te whakamahinga i roto i ngā raraunga nui me ngā horopaki rokiroki tohatoha mahi-teitei.
RoCEv2RDMA i runga i te Itarangi Whakawhiti Putanga 2. Kei roto i te Pane UDP ngā raraunga RDMA. Ko te tau tauranga ūnga ko 4791.
Ko te whakahaere me te tiaki i te RDMA i ia rā me kohikohi i te nui o ngā raraunga, e whakamahia ana hei kohikohi i ngā rārangi tohutoro taumata wai o ia rā me ngā whakaoho rerekē, me te pūtake hoki mō te kimi i ngā raruraru rerekē. Mā te whakamahi tahi me te ERSPAN, ka taea te hopu tere i ngā raraunga nui hei whiwhi raraunga kounga tuku tere me te tūnga taunekeneke kawa o te maramara whakawhiti. Mā roto i ngā tatauranga raraunga me te tātari, ka taea te whiwhi aromatawai kounga tuku tere me te matapae RDMA.
Hei whakatutuki i te whakaaturanga o te wātū RDAM, me whakamahi tātou i te ERSPAN hei taurite i ngā kupumatua mō ngā wātū taunekeneke RDMA ina whakaata ana i te waka, ā, me whakamahi hoki i te rārangi whānui a te tohunga.
Te whakamāramatanga o te rārangi whānui taumata-tohunga mō te mara e taurite ana:
E rima ngā āpure o te UDF: te kupumatua UDF, te āpure turanga, te āpure taurite, te āpure uara, me te āpure kopare. Nā te kaha o ngā tāurunga taputapu, e waru ngā UDF ka taea te whakamahi. Ka taea e te UDF kotahi te taurite ki te rua paita te mōrahi.
• Kupumatua UDF: UDF1... UDF8 Kei roto e waru ngā kupumatua o te rohe taurite UDF
• Mara turanga: e tohu ana i te tūranga tīmatanga o te mara taurite UDF. Ko ngā mea e whai ake nei
L4_header (e pā ana ki te RG-S6520-64CQ)
L5_header (mō RG-S6510-48VS8Cq)
• Wāhi Whakakore: e tohu ana i te wāhi whakakore i runga i te āpure turanga. Kei waenga i te 0 ki te 126 te uara
• Āpure uara: uara ōrite. Ka taea te whakamahi tahi me te āpure kopare hei whirihora i te uara motuhake hei ōrite. Ko te moka tika he rua paita
• Āpure taupoki: taupoki, ko te moka tika he rua paita
(Tāpiri: Mena he maha ngā tāurunga e whakamahia ana i roto i te āpure ōrite UDF kotahi, me ōrite ngā āpure turanga me ngā āpure taurite.)
Ko ngā mōkihi matua e rua e pā ana ki te tūnga o te wātū RDMA ko te Mōkihi Pānui Pūmau (CNP) me te Whakaae Kino (NAK):
Ka whakaputaina te mea tuatahi e te kaiwhiwhi RDMA i muri i te whiwhinga o te karere ECN i tukuna e te pana (ina tae te Pūrere eout ki te paepae), kei roto ngā mōhiohio e pā ana ki te rere, te QP rānei e whakararu ana i te pupūtanga. Ka whakamahia te mea whakamutunga hei tohu he karere urupare ngaronga mōkihi kei te tuku RDMA.
Me titiro tātou me pēhea te taurite i ēnei karere e rua mā te whakamahi i te rārangi whānui taumata-tohunga:
rārangi urunga tohunga rdma kua whakawhānuihia
whakaaetia te udp tetahi tetahi tetahi tetahi eq 4791udf 1 l4_header 8 0x8100 0xFF00(E ōrite ana ki te RG-S6520-64CQ)
whakaaetia te udp tetahi tetahi tetahi tetahi eq 4791udf 1 l5_header 0 0x8100 0xFF00(E ōrite ana ki te RG-S6510-48VS8CQ)
rārangi urunga tohunga rdma kua whakawhānuihia
whakaaetia te udp tetahi tetahi tetahi tetahi eq 4791udf 1 l4_header 8 0x1100 0xFF00 udf 2 l4_header 20 0x6000 0xFF00(E ōrite ana ki te RG-S6520-64CQ)
whakaaetia te udp tetahi tetahi tetahi tetahi eq 4791udf 1 l5_header 0 0x1100 0xFF00 udf 2 l5_header 12 0x6000 0xFF00(E ōrite ana ki te RG-S6510-48VS8CQ)
Hei taahiraa whakamutunga, ka taea e koe te tiro i te wātū RDMA mā te whakauru i te rārangi toronga tohunga ki roto i te tukanga ERSPAN e tika ana.
Tuhia ki te whakamutunga
Ko te ERSPAN tētahi o ngā taputapu tino nui i roto i ngā whatunga pokapū raraunga e piki haere ana te rahi, te uaua haere o te haere o ngā raraunga ki ngā whatunga whatunga, me ngā whakaritenga whakahaere me te tiaki whatunga e piki haere ana te matatau.
I te pikinga ake o te whakahaere aunoa me te whakahaere i ngā raraunga, kua rongonui ngā hangarau pēnei i a Netconf, RESTconf, me te gRPC i waenga i ngā ākonga whakahaere me te whakahaere i ngā raraunga aunoa o te whatunga. He maha ngā painga o te whakamahi i te gRPC hei kaupapa matua mō te tuku i ngā raraunga whakaata whakamuri. Hei tauira, i runga i te kaupapa HTTP/2, ka taea e ia te tautoko i te tikanga pana rerema i raro i te hononga kotahi. Mā te whakawaehere ProtoBuf, ka whakaitihia te rahi o ngā mōhiohio ki te haurua i te whakatakotoranga JSON, ka tere ake, ka pai ake hoki te tuku raraunga. Whakaarohia, ki te whakamahi koe i te ERSPAN hei whakaata i ngā awa e hiahiatia ana, kātahi ka tukuna atu ki te tūmau tātari i runga i te gRPC, ka tino whakapai ake i te kaha me te whai huatanga o te whakahaere me te tiaki aunoa o te whatunga?
Wā tuku: Mei-10-2022
