阅读说明：本技术 一种路由追踪方法以及设备 (Route tracking method and equipment ) 是由 陈焕银 赵海峰 于 2019-10-25 设计创作，主要内容包括：本发明提供了一种路由追踪方法和设备,该设备确定对收到的ICMP回应请求报文进行三层转发；将收到的ICMP回应请求报文的生存时间减1；当收到的第二收到的ICMP回应请求报文修改后的生存时间不等于0,为第一收到的ICMP回应请求报文重新封装以太网以及VXLAN封装；收到的ICMP回应请求报文修改后的生存时间复制到其VXLAN封装的生存时间用以指示通过VXLAN隧道转发ICMP回应请求报文的路由转发跳数。(The invention provides a route tracking method and a device, wherein the device determines to carry out three-layer forwarding on a received ICMP response request message; subtracting 1 from the survival time of the received ICMP response request message; when the modified survival time of the second received ICMP response request message is not equal to 0, the Ethernet and VXLAN encapsulation is encapsulated again for the first received ICMP response request message; the modified survival time of the received ICMP echo request message is copied to the survival time encapsulated by the VXLAN so as to indicate the route forwarding hop number for forwarding the ICMP echo request message through the VXLAN tunnel.)

1. A method for route tracing, the method comprising:

determining to carry out three-layer forwarding on a first received ICMP response request message;

subtracting 1 from the survival time of the first received ICMP response request message;

when the survival time of the first received ICMP response request message after modification is equal to 0, generating a first ICMP overtime message, wherein the source IP address is a gateway IP address, and the destination IP address is the source IP address of the ICMP response request message; the source MAC address is a gateway MAC address, and the destination MAC address is an MAC address corresponding to a destination IP address of the ICMP overtime message; forwarding through an output port corresponding to the destination MAC address of the first generated ICMP overtime message;

when the modified survival time of the first received ICMP response request message is not equal to 0, repackaging an Ethernet head for the first received ICMP response request message; wherein, the source MAC address and the destination MAC address of the repackaged ethernet header of the first received ICMP echo request message are the local MAC address and the destination gateway MAC address in the public switch instance, respectively; performing first VXLAN encapsulation on the first received ICMP response request message by taking a local IP address and the IP address of the destination end gateway as repackaging; wherein the outer source IP in the first VXLAN encapsulation is a local IP address; the outer layer destination IP address is the destination end gateway IP address; copying the modified survival time of the first received ICMP echo request message to the survival time of the first VXLAN package to indicate the route forwarding hop number for forwarding the ICMP echo request message through the VXLAN tunnel; and forwarding through a tunnel outlet port of the ICMP response request message encapsulated by the first VXLAN.

2. The method of claim 1, further comprising:

determining to carry out three-layer forwarding on the first received ICMP overtime message;

determining that the destination IP address of the first received ICMP overtime message is a local IP address;

determining that the IP load part of the first received ICMP overtime message is the ICMP echo request message encapsulated by the first VXLAN;

generating an agent ICMP overtime message; wherein, the source IP address of the proxy ICMP overtime message is the source IP address of the first received ICMP overtime message; the destination IP address of the proxy ICMP overtime message is the inner layer source IP address of the ICMP response request message encapsulated by the first VXLAN; the source MAC address of the proxy ICMP overtime message is a gateway MAC address; the destination MAC address of the agent ICMP overtime message is an MAC address corresponding to the destination IP address of the agent ICMP overtime message;

and forwarding through an exit port corresponding to the destination MAC address of the proxy ICMP overtime message.

3. The method according to claim 1, characterized in that it comprises:

receiving an ICMP overtime message encapsulated by VXLAN;

executing VXLAN decapsulation on the received ICMP overtime message encapsulated by VXLAN;

determining to carry out three-layer forwarding on the ICMP overtime message after the VXLAN is unpacked;

repackaging an Ethernet header for the ICMP overtime message after the VXLAN decapsulation; wherein, the source MAC address and the destination MAC address of the repackaged Ethernet head of the ICMP overtime message after the VXLAN decapsulation are respectively the MAC addresses corresponding to the gateway MAC address and the destination IP address of the ICMP overtime message after the VXLAN encapsulation;

and forwarding the output port corresponding to the destination MAC address of the repackaged Ethernet head of the ICMP overtime message after the VXLAN decapsulation.

4. The method according to claim 1, characterized in that it comprises:

determining to execute three-layer forwarding on the received ICMP response request message encapsulated by the second VXLAN;

determining that the outer layer destination IP address of the received ICMP echo request message encapsulated by the second VXLAN is the local IP address, and subtracting 1 from the outer layer survival time of the received ICMP echo request message encapsulated by the first VXLAN;

when the outer layer survival time of the received ICMP response request message encapsulated by the first VXLAN is equal to 0, generating a second ICMP overtime message; wherein, the source IP and the destination IP address of the second generated ICMP timeout message are the outer source address and the local IP address of the received second VXLAN encapsulated ICMP echo request, respectively; the load of the second generated ICMP overtime message encapsulates the received ICMP echo request encapsulated by the second VXLAN; encapsulating an Ethernet header by using the MAC address of the next hop of the destination IP address of the second generated ICMP overtime message as the destination MAC address;

and forwarding through an exit port of the next hop MAC address of the destination IP address of the second generated ICMP timeout message.

5. The method of claim 1,

determining to execute three-layer forwarding on the received ICMP response request message encapsulated by the third VXLAN;

determining that the received outer layer destination IP address encapsulated by the second VXLAN is a local IP address, and subtracting 1 from the outer layer survival time of the received ICMP response request message encapsulated by the second VXLAN;

when the outer layer survival time is equal to 0 after the received ICMP response request message encapsulated by the second VXLAN is modified, generating a third ICMP overtime message; wherein, the source IP and the destination IP address of the third generated ICMP timeout message are the local IP address and the inner source address of the received third VXLAN encapsulated ICMP echo request, respectively; carrying out VXLAN encapsulation on the third generated ICMP overtime message, wherein the outer layer source IP address and the outer layer destination IP address of the VXLAN encapsulation of the third generated ICMP overtime message are the local IP address and the outer layer source IP address of the received third VXLAN encapsulated ICMP response request message respectively; encapsulating and forwarding an outer Ethernet header according to the MAC address of the next hop of the outer layer destination IP address encapsulated by the VXLAN of the third generated ICMP overtime message;

when the modified outer layer survival time of the received ICMP response request message encapsulated by the third VXLAN is not equal to 0, the ICMP overtime message encapsulated by the third VXLAN is de-encapsulated; determining to perform three-layer forwarding on the third decapsulated ICMP timeout message; repackaging an Ethernet header for the ICMP overtime message after the third decapsulation; wherein, the source MAC address and the destination MAC address of the repackaged ethernet header of the third decapsulated ICMP timeout message are the MAC addresses corresponding to the gateway MAC address and the received inner layer destination IP address of the third VXLAN encapsulated ICMP echo request message, respectively;

and forwarding through an output port corresponding to the destination MAC address of the repackaged ICMP overtime message after the third decapsulation.

6. A traceroute device comprising a switch chip, a processor, a memory storing computer instructions, and a plurality of interfaces,

the switching chip determines to carry out three-layer forwarding on a first received ICMP echo request message and sends the first received ICMP echo request message to the processor;

the processor executes the computer instructions stored in the memory and subtracts 1 from the lifetime of the first received ICMP echo request message; when the survival time of the first received ICMP response request message after modification is equal to 0, generating a first ICMP overtime message, wherein the source IP address is a gateway IP address, and the destination IP address is the source IP address of the ICMP response request message; the source MAC address is a gateway MAC address, and the destination MAC address is an MAC address corresponding to a destination IP address of the ICMP overtime message; sending the first generated ICMP overtime message to the exchange chip; when the modified survival time of the first received ICMP response request message is not equal to 0, repackaging an Ethernet head for the first received ICMP response request message; wherein, the source MAC address and the destination MAC address of the repackaged ethernet header of the first received ICMP echo request message are the local MAC address and the destination gateway MAC address in the public switch instance, respectively; performing first VXLAN encapsulation on the first received ICMP response request message by taking a local IP address and the IP address of the destination end gateway as repackaging; wherein the outer source IP in the first VXLAN encapsulation is a local IP address; the outer layer destination IP address is the destination end gateway IP address; copying the modified survival time of the first received ICMP echo request message to the survival time of the first VXLAN package to indicate the route forwarding hop number for forwarding the ICMP echo request message through the VXLAN tunnel; sending the ICMP response request message encapsulated by the first VXLAN to a switching chip;

and the switching chip forwards the message through an output port corresponding to the destination MAC address of the first generated ICMP overtime message and forwards the message through a tunnel output port of the ICMP response request message encapsulated by the first VXLAN.

7. The apparatus of claim 6,

the switching chip determines to carry out three-layer forwarding on a first received ICMP overtime message and sends the first received ICMP overtime message to the processor;

the processor executing computer instructions stored in the memory determining that a destination IP address of the first received ICMP timeout message is a local IP address; determining that the IP load part of the first received ICMP overtime message is the ICMP echo request message encapsulated by the first VXLAN; generating an agent ICMP overtime message; wherein, the source IP address of the proxy ICMP overtime message is the source IP address of the first received ICMP overtime message; the destination IP address of the proxy ICMP overtime message is the inner layer source IP address of the ICMP response request message encapsulated by the first VXLAN; the source MAC address of the proxy ICMP overtime message is a gateway MAC address; the destination MAC address of the agent ICMP overtime message is an MAC address corresponding to the destination IP address of the agent ICMP overtime message; sending the proxy ICMP overtime message to a switching chip;

and the switching chip forwards the message through an output port corresponding to the destination MAC address of the proxy ICMP overtime message.

8. The apparatus of claim 6,

the exchange chip receives an ICMP overtime message encapsulated by VXLAN; executing VXLAN decapsulation on the received ICMP overtime message encapsulated by VXLAN; determining to carry out three-layer forwarding on the ICMP overtime message after the VXLAN is unpacked; sending the ICMP overtime message after the VXLAN decapsulation to the processor;

the processor executes the computer instruction stored in the memory, repackages the Ethernet header for the ICMP overtime message after the VXLAN decapsulation, and sends the Ethernet header to the switching chip; wherein, the source MAC address and the destination MAC address of the repackaged Ethernet head of the ICMP overtime message after the VXLAN decapsulation are respectively the MAC addresses corresponding to the gateway MAC address and the destination IP address of the ICMP overtime message after the VXLAN encapsulation;

and the switching chip forwards the packet through an output port corresponding to the destination MAC address of the repackaged Ethernet header of the ICMP overtime message after the VXLAN decapsulation.

9. The method of claim 5,

the exchange chip receives and determines to execute three-layer forwarding on the received ICMP echo request message encapsulated by the second VXLAN, and sends the received ICMP echo request encapsulated by the second VXLAN to the processor;

the processor executes the computer instructions stored in the memory, determines that the outer layer destination IP address of the received ICMP echo request message encapsulated by the second VXLAN is not the local IP address, and subtracts 1 from the outer layer survival time of the received ICMP echo request message encapsulated by the first VXLAN; when the outer layer survival time is equal to 0 after the received ICMP response request message encapsulated by the first VXLAN is modified, generating a second ICMP overtime message; wherein, the source IP and the destination IP address of the second generated ICMP timeout message are the outer source address and the local IP address of the received second VXLAN encapsulated ICMP echo request, respectively; the load of the second generated ICMP overtime message encapsulates the received ICMP echo request encapsulated by the second VXLAN; encapsulating an Ethernet header by using the MAC address of the next hop of the destination IP address of the second generated ICMP overtime message as the destination MAC address and sending the Ethernet header to the switching chip;

and the switching chip forwards the message through an output port of the MAC address of the next hop of the destination IP address of the second generated ICMP overtime message.

10. The apparatus of claim 6,

the switching chip receives and determines to execute three-layer forwarding on the received ICMP echo request message encapsulated by the third VXLAN, and sends the received ICMP echo request message encapsulated by the third VXLAN to the processor;

the processor executes the computer instructions stored in the memory, determines that the outer layer destination IP address of the received ICMP echo request message encapsulated by the second VXLAN is a local IP address, and subtracts 1 from the modified outer layer survival time of the received ICMP echo request message encapsulated by the second VXLAN; when the outer layer survival time is equal to 0 after the received ICMP response request message encapsulated by the second VXLAN is modified, generating a third ICMP overtime message; wherein, the source IP and the destination IP address of the third generated ICMP timeout message are the local IP address and the inner source address of the received third VXLAN encapsulated ICMP echo request, respectively; carrying out VXLAN encapsulation on the third generated ICMP overtime message, wherein the outer layer source IP address and the outer layer destination IP address of the VXLAN encapsulation of the third generated ICMP overtime message are the local IP address and the outer layer source IP address of the received third VXLAN encapsulated ICMP response request message respectively; encapsulating an outer Ethernet header according to the MAC address of the next hop of the outer layer destination IP address encapsulated by the VXLAN of the third generated ICMP overtime message and transmitting the encapsulated outer Ethernet header to the switching chip;

when the modified outer layer survival time of the received ICMP response request message encapsulated by the third VXLAN is not equal to 0, the ICMP overtime message encapsulated by the third VXLAN is de-encapsulated; determining to perform three-layer forwarding on the third decapsulated ICMP timeout message; repackaging an Ethernet header for the ICMP overtime message after the third decapsulation and sending the Ethernet header to the switching chip; wherein, the source MAC address and the destination MAC address of the ethernet repackaged by the third decapsulated ICMP timeout message are the MAC addresses corresponding to the gateway MAC address and the received inner layer destination IP address of the third VXLAN encapsulated ICMP echo request message, respectively;

the switching chip forwards the message according to the output port corresponding to the MAC address of the next hop of the outer layer destination IP address of the VXLAN encapsulation of the third generated ICMP overtime message; and forwarding through an output port corresponding to the destination MAC address of the repackaged ICMP overtime message after the third decapsulation.

Technical Field

The invention relates to the technology, in particular to a route tracking method and equipment.

Background

VXLAN (Virtual Extensible Local Area Network) technology uses an existing three-layer physical Network as an Underlay Network, and a Virtual two-layer Network, i.e., an Overlay Network, is constructed on the Underlay Network. The Overlay network realizes the transfer of the second-layer message of the tenant between different sites across a three-layer network by using a three-layer forwarding path provided by the Underlay network through a packaging technology. The Underlay network is transparent to the tenants, and different sites of the same tenant behave as if they are operating in one local area network.

In a VXLAN EVPN (Ethernet Virtual Private Network) distributed Gateway networking, a VTEP (Virtual Tunnel End Point) of each site is used as a Gateway (GW) and a VSI (Virtual Switch Instance) Virtual interface is configured; the IP address and MAC address of each VSI virtual interface are the IP address and MAC address of the gateway for that VSI. In VXLAN EVPN, the same VSI virtual interface on different gateways must be configured with the same IP address and MAC address. In the distributed gateway architecture of VXLAN EVPN, when a user terminal needs to detect the same VSI arriving at different stations for the same VSI.

Currently, no effective mechanism is provided in VXLAN EVPN to enable a source user terminal to detect a routing path to a destination user terminal through route tracing. The reason is that the gateway receives an icmp (internet control Message protocol) Echo Request Message of the local source user terminal, encapsulates the Message according to the VXLAN tunnel of the public VSI, and then sends the encapsulated Message to the gateway of the destination user terminal. However, the intermediate device on the VXLAN tunnel, according to the VXLAN protocol, looks for the next hop to reach the outer destination IP address to modify the outer ethernet header outside the VXLAN header without parsing the inner icmpcho Request. Thus, the intermediate device on the VXLAN tunnel and the gateway of the user terminal can not obtain TTL (time to live) of the inner ICMP echo request message and can not feed back the ICMP overtime message for route tracking; and the TTL of the ICMP Echo Request message after the gateway of the user terminal releases the VXLAN encapsulation is not modified, so that the destination terminal can not feed back the ICMP Echo Reply (response) to execute the route tracking.

Disclosure of Invention

The invention aims to provide a route tracing method and equipment, which are used for indicating the route hop number of a route tracing protocol message forwarded on a virtual extensible local area network VXLAN tunnel so as to realize route tracing between user terminals at two ends of the VXLAN tunnel.

In order to achieve the above object, the present invention provides a route tracking method, which includes:

determining to carry out three-layer forwarding on a first received ICMP response request message;

subtracting 1 from the survival time of the first received ICMP response request message;

when the survival time of the first received ICMP response request message after modification is equal to 0, generating a first ICMP overtime message, wherein the source IP address is a gateway IP address, and the destination IP address is the source IP address of the ICMP response request message; the source MAC address is a gateway MAC address, and the destination MAC address is an MAC address corresponding to a destination IP address of the ICMP overtime message; forwarding through an output port corresponding to a destination MAC address of the first generated ICMP overtime message;

when the survival time of the modified first received ICMP response request message is not equal to 0, repackaging the Ethernet head for the first received ICMP response request message; wherein, the source MAC address and the destination MAC address of the repackaging Ethernet head of the first received ICMP response request message are a local MAC address and a destination gateway MAC address in a public switching example respectively; performing first VXLAN encapsulation on a first received ICMP response request message by taking the local IP address and the IP address of the destination end gateway as repackaging; wherein the outer source IP in the first VXLAN encapsulation is a local IP address; the outer layer destination IP address is a destination end gateway IP address; copying the modified survival time of the first received ICMP echo request message to the survival time of the first VXLAN package to indicate the route forwarding hop number for forwarding the ICMP echo request message through the VXLAN tunnel; and forwarding the ICMP response request message through a tunnel outlet port of the first VXLAN.

In order to achieve the above object, the present invention further provides a route tracing device, including a switch chip, a processor, a memory storing computer instructions, and a plurality of interfaces, where the switch chip determines to perform three-layer forwarding on a first received ICMP echo request message, and sends the first received ICMP echo request message to the processor;

the processor executes the computer instruction stored in the memory, and subtracts 1 from the survival time of the first received ICMP echo request message; when the survival time of the first received ICMP response request message after modification is equal to 0, generating a first ICMP overtime message, wherein the source IP address is a gateway IP address, and the destination IP address is the source IP address of the ICMP response request message; the source MAC address is a gateway MAC address, and the destination MAC address is an MAC address corresponding to a destination IP address of the ICMP overtime message; sending the first generated ICMP overtime message to a switching chip; when the modified survival time of the first received ICMP response request message is not equal to 0, repackaging the Ethernet head for the first received ICMP response request message; wherein, the source MAC address and the destination MAC address of the repackaging Ethernet head of the first received ICMP response request message are a local MAC address and a destination gateway MAC address in a public switching example respectively; performing first VXLAN encapsulation on a first received ICMP response request message by taking the local IP address and the IP address of the destination end gateway as repackaging; wherein the outer source IP in the first VXLAN encapsulation is a local IP address; the outer layer destination IP address is a destination end gateway IP address; copying the modified survival time of the first received ICMP echo request message to the survival time of the first VXLAN package to indicate the route forwarding hop number for forwarding the ICMP echo request message through the VXLAN tunnel; sending an ICMP response request message encapsulated by the first VXLAN to a switching chip;

and the switching chip forwards the message through an output port corresponding to the destination MAC address of the first generated ICMP overtime message and forwards the message through a tunnel output port of an ICMP response request message encapsulated by the first VXLAN.

The invention has the advantages that the intermediate device and the destination end gateway on the VXLAN tunnel can acquire and modify the forwarding hop count of the ICMP echo request message on the VXLAN tunnel, thereby enabling the intermediate device and the destination end gateway to feed back the ICMP echo response message at the correct routing hop count of the ICMP echo request message on the VXLAN tunnel, and enabling the destination end gateway to correct the survival time of the ICMP echo request message sent to the destination user terminal according to the correct routing hop count of the ICMP echo request message forwarded on the VXLAN tunnel, thereby realizing the routing tracking between the user terminals at both ends of the VXLAN tunnel.

Drawings

Fig. 1 is a schematic flow chart of a route tracing method according to an embodiment of the present invention;

FIG. 2 is a schematic diagram of a network architecture for implementing the present invention;

fig. 3A-3B are first schematic diagrams illustrating routing-tracked packet forwarding according to an embodiment of the present invention;

fig. 4A-4B are second schematic diagrams illustrating forwarding of a route-traced packet according to an embodiment of the present invention;

fig. 5 is a third schematic diagram of forwarding a route-traced packet according to an embodiment of the present invention;

fig. 6 is a schematic structural diagram of a traceroute device according to an embodiment.

Detailed Description

A detailed description will be given of a number of examples shown in a number of figures. In the following detailed description, numerous specific details are set forth in order to provide a thorough understanding of the present disclosure. Well-known methods, procedures, components and circuits have not been described in detail so as not to obscure the examples.

The term "including" as that term is used is meant to include, but is not limited to; the term "comprising" means including but not limited to; the terms "above," "within," and "below" include the instant numbers; the terms "greater than" and "less than" mean that the number is not included. The term "based on" means based on at least a portion thereof.

As shown in fig. 1, the route tracing method provided by the present invention includes the following steps:

step 101, determining to perform three-layer forwarding on a received ICMP response request message;

102, subtracting 1 from the survival time of the received ICMP response request message;

103, judging whether the survival time modified by the received ICMP response request message is equal to 0, if yes, executing step 104; if not, go to step 106;

and step 104, generating an ICMP overtime message.

In the generated ICMP timeout message, the source IP address is the gateway IP address, and the destination IP address is the source IP address of the ICMP response request message; the source MAC address is a gateway MAC address, and the destination MAC address is an MAC address corresponding to a destination IP address of the ICMP overtime message;

105, forwarding through an exit port corresponding to a destination MAC address of the ICMP overtime message;

step 106, repackaging the ethernet header for the ICMP echo request message.

The source MAC address and the destination MAC address of the repackaging Ethernet head of the ICMP response request message are a local MAC address and a destination end gateway MAC address in a public switching example respectively;

step 107, performing VXLAN encapsulation for the re-encapsulated ICMP echo request message.

Wherein, in VXLAN encapsulation of the repackaged ICMP response request message, the outer layer source IP is a local IP address; the outer layer destination IP address is a destination end gateway IP address; the VNI identification is an identification of a public switching instance.

And step 108, copying the survival time modified by the ICMP response request message to the survival time of an outer layer encapsulated by the VXLAN.

Step 109, forwarding through the tunnel exit port of the ICMP echo request message.

The method of fig. 1 has the advantages that the intermediate device and the destination gateway on the VXLAN tunnel can acquire and modify the forwarding hop count of the ICMP echo request message on the VXLAN tunnel, so that the intermediate device and the destination gateway can feed back the ICMP echo response message at the correct routing hop count of the ICMP echo request message on the VXLAN tunnel, and the destination gateway can correct the survival time of the ICMP echo request message sent to the destination user terminal according to the correct routing hop count of the ICMP echo request message forwarded on the VXLAN tunnel, thereby realizing the routing tracking between the user terminals at both ends of the VXLAN tunnel.

Fig. 2 is a schematic diagram of EVPN network architecture of VXLAN applied in the present invention, and VTEPs 21, 23 and 24 are gateways of respective sites as shown. VTEP21 and VETP23 are distributed gateways for VSI11, and the configured VSI11 virtual interfaces have the same gateway IP address IP11 and gateway MAC address MAC 12. The public switch instance VSI12 on VTEP21 and VETP23 associates VSI11, the IP address and MAC address of the VSI virtual interface of VSI12 of VTEP21 are IP121 and MAC121, respectively, and the IP address and MAC address of the VSI virtual interface of VSI12 of VTEP23 are IP122 and MAC122, respectively.

VTEP21 and VETP23 are switches or routers capable of performing three-tier forwarding, and are configured with IP addresses of 1.1.1.1 and 3.3.3.3, respectively, and router 22 with an IP address of 2.2.2.2.

The distributed gateway of the EVPN network shown in fig. 2 usually enables an ARP (address resolution Protocol) proxy mechanism, and even if a user terminal requests an address of a same segment terminal of the same VSI, the gateway responds the MAC address of the VSI virtual interface to the user. Therefore, when the user terminal passes through other terminals in the same or different network segments in the VSI, the Ethernet message is sent to the gateway for three-layer forwarding, and then is sent to the destination terminal gateway through the public VSI between the gateways.

When the user terminal T1 needs to detect a path between the user terminals T2, an ICMP echo request message with TTL ═ 1 is generated; the source IP and the destination IP addresses of the ICMP echo request message are IP1 and IP2 respectively; the source MAC address and the destination MAC address are MAC1 and MAC11, respectively. The user terminal T1 sends an ICMP response request message with TTL of 1 to VTEP 21.

VTEP21 determines to perform three-layer forwarding on the received ICMP echo request message with TTL being 1, and subtracts 1 from the lifetime of the received ICMP echo request message with TTL being 1.

The VTEP21 determines that the modified TTL of the received ICMP response request message is 0, and generates an ICMP overtime message, wherein the source IP address is a gateway IP address IP11, and the destination IP address is a source IP address IP1 of the received ICMP response request message; the source MAC address is a gateway MAC address MAC11, and the destination MAC address is a MAC address MAC1 corresponding to a destination IP address IP1 of the ICMP overtime message; and the output port corresponding to the destination MAC address MAC11 is forwarded to the user terminal T1.

The user terminal T1 prints the source IP address IP11 on the received ICMP timeout message.

As shown in fig. 3A, the user terminal T1 generates an ICMP echo request message 311 with TTL 2; the source IP address, the destination IP address, the source MAC address, and the destination MAC address of the ICMP echo request message are the same as those of the ICMP echo request message that has sent TTL 1 before.

VTEP21 determines to perform three-layer forwarding on the received ICMP echo request message 311 with TTL being 2, subtracts 1 from the lifetime of the received ICMP echo request message with TTL being 2, and repackages an ethernet header for the received ICMP echo request message 311 with MAC121 as the source MAC address and MAC122 as the destination MAC address.

The VTEP21 performs VXLAN encapsulation on the ICMP echo request message 311 repackaging the ethernet header with the local IP address 1.1.1.1 and the IP address 3.3.3.3 of the VTEP, and copies TTL ═ 1 modified by the ICMP echo request message 311 to TTL encapsulated by the outer layer VXLAN. VTEP21 sends an ICMP echo request message 312 encapsulated with TTL ═ 1VXLAN to the direct router 22 through the tunnel egress port.

As shown in fig. 3B, the router 22 receives the ICMP echo request message 312 encapsulated by the VXLAN with the outer TTL being 1, and determines to perform three-layer forwarding according to the outer IP header. It should be noted that, in the embodiment of the present invention, each device encapsulates an ethernet header according to the VXLAN protocol according to the outer layer IP header encapsulated by VXLAN, and performs three-layer forwarding according to the outer layer IP header after the outer layer ethernet header is stripped off from the received VXLAN packet. The following figures are not repeated.

Router 22 determines that the outer destination IP address of received VXLAN encapsulated ICMP echo request message 312 is not local IP address 2.2.2.2, and subtracts 1 from the outer TTL of VXLAN encapsulated ICMP echo request message 312.

As shown in fig. 3B, the router 22 determines that the TTL of the outer layer of the ICMP echo request message 312 encapsulated by VXLAN is 0, and generates an ICMP timeout message 313; the source IP and destination IP addresses of the ICMP timeout message 313 are the outer source address 1.1.1.1 and the local IP address 2.2.2.2 of the VXLAN encapsulated ICMP echo request message 312, respectively.

The ICMP timeout message 313 generated by the router 22 carries the received ICMP echo request 312 encapsulated by VXLAN. The router 22 encapsulates the ethernet header with the next-hop MAC address (1.1.1.1) of the destination IP address 1.1.1 of the ICMP timeout message as the destination MAC address, and forwards the ethernet header through the egress port of the next-hop MAC address of the destination IP address 1.1.1.1 of the ICMP timeout message 312.

For purposes of simplicity in describing embodiments of the solution, router 22 is directly connected to VTEP21, and therefore the next hop MAC address is the MAC address of VTEP21 at IP address 1.1.1.1. If there is a multi-hop routing device between the two devices, forwarding is performed according to the common three layers.

The VTEP21 receives the ICMP timeout message 313, and determines to perform three-layer forwarding on the ICMP timeout message 313 according to the MAC address corresponding to the IP address 3.3.3.3 of the VTEP as the destination MAC. VETP21 generates proxy ICMP overtime message 314; wherein, the source IP address is the source IP address 2.2.2.2 of the received ICMP overtime message; the destination IP address is the inner layer source IP address IP1 of the ICMP echo request message 312 encapsulated by VXLAN in the inner layer load; the source MAC address is the gateway MAC address MAC 11; the destination MAC address is the MAC address MAC1 corresponding to the destination IP address IP1 of the proxy ICMP timeout message 314. VTEP21 is forwarded through the egress port corresponding to the destination MAC address MAC2 of proxy ICMP timeout message 314.

The proxy ICMP timeout message 314 received by the user terminal T1 prints the source IP address IP2.2.2.2.

As shown in fig. 4A, the user terminal T1 generates an ICMP echo request message 315 with TTL ═ 3; the source IP address, the destination IP address, the source MAC address, and the destination MAC address of the ICMP echo request message are the same as those of the ICMP echo request message that has sent TTL 1 before.

VTEP21 determines to perform three-layer forwarding on the received ICMP echo request message 311 with TTL being 3, subtracts 1 from TTL of the received ICMP echo request message with TTL being 3, and repackages the ethernet header for the received ICMP echo request message 315 with MAC121 as the source MAC address and MAC122 as the destination MAC address.

The VTEP21 performs VXLAN encapsulation on the ICMP echo request message 315 for repackaging the ethernet header with the local IP address 1.1.1.1 and the IP address 3.3.3.3 of the VTEP, and copies TTL ═ 2 modified by the ICMP echo request message 315 to TTL encapsulated by the outer layer VXLAN. VTEP21 sends a VXLAN encapsulated ICMP echo request message 316 with TTL 2 through the tunneled egress port.

The router 22 receives the ICMP echo request message 316 encapsulated by the VXLAN with the outer TTL being 2, and determines to perform three-layer forwarding according to the outer IP header according to the outer ethernet header.

Router 22 determines that the outer destination IP address of received VXLAN encapsulated ICMP echo request message 312 is not local IP address 2.2.2.2, and subtracts 1 from the outer TTL of VXLAN encapsulated ICMP echo request message 312.

The router 22 determines that the outer TTL of the ICMP echo request message 312 encapsulated by VXLAN is equal to 1, and modifies the outer ethernet header according to the destination IP address 3.3.3.3 of the outer IP header. Router 22 sends VTEP23 a VXLAN encapsulated ICMP echo request message 317 with TTL 1.

VETP23 determines to perform three-layer forwarding on the ICMP echo request message 317 encapsulated by VXLAN according to the outer ethernet header. The VTEP23 determines that the outer destination IP address of the received VXLAN encapsulated ICMP echo request message 317 is the local IP address 3.3.3.3, and subtracts 1 from the outer TTL of the received VXLAN encapsulated ICMP echo request message 317.

As shown in fig. 4B, VETP23 determines that the outer TTL of the ICMP echo request message 317 encapsulated by VXLAN is equal to 0 after modification, generates an ICMP timeout message 318, and performs VXLAN encapsulation. As shown in fig. 4B, in VXLAN encapsulation of the ICMP timeout message 318, a source IP and a destination IP address are an outer source address 1.1.1.1 and a local IP address 3.3.3.3 of the VXLAN encapsulated ICMP echo request message, respectively; the source and destination IP addresses of ICMP echo request message 318 are IP1 and IP3.3.3.3, respectively.

VTEP23 encapsulates the outer ethernet header with the MAC address of the next hop of the destination IP address 1.1.1.1 of ICMP timeout message 318 via VXLAN.

In fig. 4B, VTEP3 is directly connected to router 22, and router 22 receives VXLAN encapsulated ICMP timeout message 318, determines that the ethernet header is stripped from the local MAC of the outer ethernet header, encapsulates the outer ethernet header according to the MAC address of the next hop ip3.3.3. of outer destination IP1.1.1.1, and sends VXLAN encapsulated ICMP timeout message 318 to VTEP 21.

The VTEP21 receives an ICMP timeout message 318 encapsulated by the received VXLAN from the direct connection router 22, determines that the destination MAC address of the outer layer is a local MAC address, and strips off the ethernet header of the outer layer; the ICMP timeout message 318, which is determined to be the received VXLAN encapsulated, performs VXLAN decapsulation based on the local IP address, which is the outer layer destination IP address.

VTEP21 determines that the destination MAC of the ICMP timeout message 318 after VXLAN decapsulation is the local MAC of VSI12, and performs three-layer forwarding.

The VTEP21 repackages the ethernet header for the ICMP timeout message 318 after the VXLAN decapsulation; the source MAC address and the destination MAC address are respectively a gateway MAC address MAC11 of VSI11 and a MAC address MAC1 corresponding to a destination IP address IP1 of the ICMP overtime message. The VTEP21 sends the repackaged ICMP timeout message 319 to the user terminal T1 through the egress port corresponding to the MAC 1.

ICMP timeout message 319 received by user terminal T1, print source IP address IP2.2.2.2.

As shown in fig. 5, the user terminal T1 generates an ICMP echo request message 320 with TTL; the source IP address, the destination IP address, the source MAC address, and the destination MAC address of the ICMP echo request message are the same as those of the ICMP echo request message that has sent TTL 1 before.

VTEP21 determines to perform three-layer forwarding on the received ICMP echo request message 311 with TTL being 4, subtracts 1 from the lifetime of the received ICMP echo request message with TTL being 4, and repackages the ethernet header for the received ICMP echo request message 320 with MAC121 as the source MAC address and MAC122 as the destination MAC address.

The VTEP21 performs VXLAN encapsulation on the ICMP echo request message 320 repackaging the ethernet header with the local IP address 1.1.1.1 and the IP address 3.3.3.3 of the VTEP, and copies TTL ═ 3 modified by the ICMP echo request message 320 to TTL encapsulated by the outer layer VXLAN. VTEP21 sends an ICMP echo request message 321 encapsulated by VXLAN with TTL of 3 to the directly connected router 22.

The router 22 receives the ICMP echo request message 321 encapsulated by the VXLAN with outer TTL being 3, and determines to execute three-layer forwarding according to the outer IP header according to the outer ethernet header.

Router 22 determines that the outer layer destination IP address of received VXLAN encapsulated ICMP echo request message 321 is not local IP address 2.2.2.2, and subtracts 1 from the outer layer TTL of VXLAN encapsulated ICMP echo request message 312.

The router 22 determines that the outer TTL of the ICMP echo request packet 321 encapsulated by VXLAN is 2, and modifies the outer ethernet header according to the destination IP address 3.3.3.3 of the outer IP header. Router 22 sends an ICMP echo request message 321 encapsulated by VXLAN with TTL 2 to VTEP23 directly connected.

VETP23 determines ICMP echo request message 321 encapsulated by VXLAN to execute three-layer forwarding according to the destination MAC address of outer Ethernet header being the local MAC address corresponding to IP3.3.3.3.

The VTEP23 determines that the outer layer destination IP address of the VXLAN encapsulated ICMP echo request message 321 is the local IP address 3.3.3.3, and subtracts 1 from the outer layer TTL of the received VXLAN encapsulated ICMP echo request message 317.

VETP23 determines that the outer TTL of ICMP echo request message 321 encapsulated by VXLAN is not equal to 0 after modification, and strips the VXLAN encapsulation.

VTEP23 determines to perform three-layer forwarding based on destination MAC address 122 of decapsulated ICMP echo message 321. Repackaging the Ethernet header for the decapsulated ICMP response request message 321; wherein the source MAC address is the VIS11 gateway MAC address MAC 11; the destination MAC address is the MAC address MAC2 corresponding to the inner layer destination IP address IP2 of the ICMP echo request message 321.

VTEP23 sends ICMP echo request message 322 to user terminal 22.

When receiving the ICMP echo request message 322, the user terminal T2 generates an ICMP echo response message, where the source IP address and the destination IP address are IP2 and IP1, respectively; the source MAC address and the destination MAC address are MAC2 and MAC11, respectively. The user terminal sends an ICMP echo response message to VTEP 23.

VTEP23 determines to perform three-tier forwarding, repackaging the ethernet header; where the source MAC address and destination MAC address are MAC122 and MAC121, respectively. VTEP23 encapsulates VNI12 VXLAN with IP1.1.1.1 as the destination IP address and IP3.3.3.3 as the source IP address.

VTEP23 encapsulates the foreign city ethernet header according to the MAC address of the next hop router 22 arriving at IP3.3.3.3 and sends a VXLAN encapsulated ICMP echo response message to router 22.

The router 22 receives the ICMP echo response message encapsulated by VXLAN, modifies the outer header, and sends it to VTEP 21.

The VTEP21 receives an ICMP echo response message for receiving VXLAN encapsulation from the direct connection router 22, determines that the destination MAC address of the outer layer is a local MAC address, and strips off the ethernet header of the outer layer; and determining the destination IP address of the outer layer as the local IP address, and executing the decapsulation of the VXLAN.

VTEP21 determines to perform three-layer forwarding according to the destination MAC address MAC121 of the ICMP echo response message.

VTEP21 repackages the Ethernet header for ICMP echo response message; the source MAC address is the gateway MAC address MAC11 of the VSI11, and the destination MAC address is the MAC address MAC1 corresponding to the destination IP address IP1 of the ICMP echo response message. The VTEP21 sends the repackaged ICMP response request message to the user terminal T1 through the egress port corresponding to the MAC 1.

The ICMP response message received by the user terminal T1 prints the IP address IP2 of the source.

Thus, the subscriber terminal T1 arrives at the IP address of each hop of the subscriber terminal T2, and the route tracing of the routing device between T1 and T2 is completed.

When the user terminal T2 requires route tracing to reach the routing device between the user terminals T1, the VTEP23 performs according to the scheme of VTEP21 in fig. 3A-3B, 4A-4B, 5; VTEP21 is then executed according to the scheme of VTEP23 in FIGS. 3A-3B, 4A-4B, and 5. When VTEPs 21 and 23 are acting as intermediate devices for other VXLAN tunnels, it may be performed according to the scheme of router 22 in fig. 3A-3B, 4A-4B, 5.

Fig. 6 shows a routing tracking device 600 according to an embodiment of the present invention, where the device 600 may be, but is not limited to, a three-layer switch or router, and includes a switch chip 610, a processor (CPU) 620 and a memory 630.

The switch chip 610 is connected to an interface 611 of the network device 600, and is implemented by a chip based on an ASIC (Application specific integrated Circuit) or FPGA (Field-Programmable Gate Array), and instructions stored in the memory 630 are executed by the processor 620.

The switch chip 610 determines to perform three-layer forwarding on a first received ICMP echo request message, and sends the first received ICMP echo request message to the processor 620;

processor 620 executes computer instructions stored in memory 630 to subtract 1 from the time-to-live of the first received ICMP echo request message; when the survival time of the first received ICMP response request message after modification is equal to 0, generating a first ICMP overtime message, wherein the source IP address is a gateway IP address, and the destination IP address is the source IP address of the ICMP response request message; the source MAC address is a gateway MAC address, and the destination MAC address is an MAC address corresponding to a destination IP address of the ICMP overtime message; sending the first generated ICMP timeout message to the switch chip 610; when the modified survival time of the first received ICMP response request message is not equal to 0, repackaging an Ethernet head for the first received ICMP response request message; wherein, the source MAC address and the destination MAC address of the repackaged ethernet header of the first received ICMP echo request message are the local MAC address and the destination gateway MAC address in the public switch instance, respectively; performing first VXLAN encapsulation on the first received ICMP response request message by taking a local IP address and the IP address of the destination end gateway as repackaging; wherein the outer source IP in the first VXLAN encapsulation is a local IP address; the outer layer destination IP address is the destination end gateway IP address; copying the modified survival time of the first received ICMP echo request message to the survival time of the first VXLAN package to indicate the route forwarding hop number for forwarding the ICMP echo request message through the VXLAN tunnel; sending the ICMP response request message encapsulated by the first VXLAN to a switching chip;

the switching chip 610 forwards the message through an egress port corresponding to the destination MAC address of the first generated ICMP timeout message and forwards the message through a tunnel egress port of the ICMP echo request message encapsulated by the first VXLAN.

The switching chip 610 determines to perform three-layer forwarding on a first received ICMP timeout message, and sends the first received ICMP timeout message to the processor 620;

processor 620 executes computer instructions stored in memory 630 to determine that the destination IP address of the first received ICMP timeout message is a local IP address; determining that the IP load part of the first received ICMP overtime message is the ICMP echo request message encapsulated by the first VXLAN; generating an agent ICMP overtime message; wherein, the source IP address of the proxy ICMP overtime message is the source IP address of the first received ICMP overtime message; the destination IP address of the proxy ICMP overtime message is the inner layer source IP address of the ICMP response request message encapsulated by the first VXLAN; the source MAC address of the proxy ICMP overtime message is a gateway MAC address; the destination MAC address of the agent ICMP overtime message is an MAC address corresponding to the destination IP address of the agent ICMP overtime message; sending the proxy ICMP overtime message to a switching chip;

and the switching chip 610 forwards the message through an egress port corresponding to the destination MAC address of the proxy ICMP timeout message.

The switching chip 610 receives an ICMP timeout message encapsulated by VXLAN; executing VXLAN decapsulation on the received ICMP overtime message encapsulated by VXLAN; determining to carry out three-layer forwarding on the ICMP overtime message after the VXLAN is unpacked; sending the ICMP overtime message after the VXLAN decapsulation to the processor 620;

processor 620 executes the computer instructions stored in memory 630 to repackage the ethernet header for the ICMP timeout message decapsulated by VXLAN and send it to switch chip 610; wherein, the source MAC address and the destination MAC address of the repackaged Ethernet head of the ICMP overtime message after the VXLAN decapsulation are respectively the MAC addresses corresponding to the gateway MAC address and the destination IP address of the ICMP overtime message after the VXLAN encapsulation;

and the switching chip 610 forwards the decapsulated ICMP timeout message through an egress port corresponding to the destination MAC address of the repackaged ethernet header of the VXLAN.

The switch chip 610 receives and determines to perform three-layer forwarding on the received ICMP echo request message encapsulated by the second VXLAN, and sends the received ICMP echo request encapsulated by the second VXLAN to the processor 620;

processor 620 executes the computer instructions stored in memory 630 to determine that the outer layer destination IP address of the received ICMP echo request message encapsulated by the second VXLAN is not the local IP address, and subtract 1 from the outer layer lifetime of the received ICMP echo request message encapsulated by the first VXLAN; when the outer layer survival time is equal to 0 after the received ICMP response request message encapsulated by the first VXLAN is modified, generating a second ICMP overtime message; wherein, the source IP and the destination IP address of the second generated ICMP timeout message are the outer source address and the local IP address of the received second VXLAN encapsulated ICMP echo request, respectively; the load of the second generated ICMP overtime message encapsulates the received ICMP echo request encapsulated by the second VXLAN; encapsulating an ethernet header with the MAC address of the next hop of the destination IP address of the second generated ICMP timeout message as the destination MAC address and sending the ethernet header to the switch chip 610;

and the switching chip 610 forwards the message through an exit port of the MAC address of the next hop of the destination IP address of the second generated ICMP timeout message.

The switch chip 610 receives and determines to perform three-layer forwarding on the received ICMP echo request message encapsulated by the third VXLAN, and sends the received ICMP echo request message encapsulated by the third VXLAN to the processor 620;

processor 620 executes the computer instructions stored in memory 630 to determine that the outer layer destination IP address of the received ICMP echo request message encapsulated by the second VXLAN is a local IP address, and decreases the modified outer layer lifetime of the received ICMP echo request message encapsulated by the second VXLAN by 1; when the outer layer survival time is equal to 0 after the received ICMP response request message encapsulated by the second VXLAN is modified, generating a third ICMP overtime message; wherein, the source IP and the destination IP address of the third generated ICMP timeout message are the local IP address and the inner source address of the received third VXLAN encapsulated ICMP echo request, respectively; carrying out VXLAN encapsulation on the third generated ICMP overtime message, wherein the outer layer source IP address and the outer layer destination IP address of the VXLAN encapsulation of the third generated ICMP overtime message are the local IP address and the outer layer source IP address of the received third VXLAN encapsulated ICMP response request message respectively; encapsulating an outer-layer Ethernet header according to the MAC address of the next hop of the outer-layer destination IP address encapsulated by the VXLAN of the third generated ICMP overtime message and forwarding the outer-layer Ethernet header to the switching chip 610;

when the modified outer layer survival time of the received ICMP response request message encapsulated by the third VXLAN is not equal to 0, the ICMP overtime message encapsulated by the third VXLAN is de-encapsulated; determining to perform three-layer forwarding on the third decapsulated ICMP timeout message; repackage the ethernet header for the third decapsulated ICMP timeout message and send it to the switch chip 610; wherein, the source MAC address and the destination MAC address of the ethernet repackaged by the third decapsulated ICMP timeout message are the MAC addresses corresponding to the gateway MAC address and the received inner layer destination IP address of the third VXLAN encapsulated ICMP echo request message, respectively;

the switching chip 610 forwards the packet according to the output port corresponding to the MAC address of the next hop of the outer layer destination IP address encapsulated by the VXLAN of the third generated ICMP timeout message; and forwarding through an output port corresponding to the destination MAC address of the repackaged ICMP overtime message after the third decapsulation.

The invention has the advantages that the intermediate device and the destination end gateway on the VXLAN tunnel can acquire and modify the forwarding hop count of the ICMP echo request message on the VXLAN tunnel, thereby enabling the intermediate device and the destination end gateway to feed back the ICMP echo response message at the correct routing hop count of the ICMP echo request message on the VXLAN tunnel, and enabling the destination end gateway to correct the survival time of the ICMP echo request message sent to the destination user terminal according to the correct routing hop count of the ICMP echo request message forwarded on the VXLAN tunnel, thereby realizing the routing tracking between the user terminals at both ends of the VXLAN tunnel.

The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.