CN117955875A

CN117955875A - Link monitoring method, device, equipment and storage medium

Info

Publication number: CN117955875A
Application number: CN202410172707.4A
Authority: CN
Inventors: 林健; 杨万里; 崔孝飞
Original assignee: Guangdong Oppo Mobile Telecommunications Corp Ltd
Current assignee: Guangdong Oppo Mobile Telecommunications Corp Ltd
Priority date: 2024-02-06
Filing date: 2024-02-06
Publication date: 2024-04-30

Abstract

The embodiment of the application discloses a link monitoring method, a device, equipment and a storage medium, and relates to the technical field of communication. The method comprises the following steps: determining a link to be monitored, wherein the link to be monitored is a link between a source host to be monitored and a destination host to be monitored; a first program injection instruction is sent to a target host agent of a target host to be monitored in a link to be monitored, the target host agent is used for injecting a first monitoring program into a kernel of the target host to be monitored according to the first program injection instruction, and the first monitoring program is used for counting packet loss data of a target host side to be monitored based on a calling condition of a kernel function; receiving host side packet loss data reported by a target host agent; and determining network packet loss data of the link to be monitored based on the host side packet loss data, wherein the network packet loss data is used for representing the network packet loss condition of the link to be monitored. By adopting the scheme provided by the embodiment of the application, the accuracy of link monitoring can be improved.

Description

Link monitoring method, device, equipment and storage medium

Technical Field

The embodiment of the application relates to the technical field of communication, in particular to a link monitoring method, a device, equipment and a storage medium.

Background

In the process of quality monitoring of a network link, it is often difficult to determine a fault location on the network link, and positioning is required by checking network equipment step by step.

The related art adopts an end-to-end delay statistics scheme to perform link monitoring, that is, mutual detection between host IPs (Internet Protocol, internet protocols) is realized by deploying host agents. In the event of a network failure, the IP label may be used to determine the failure area.

However, under the condition that the host side has limitation or discards the response message, the packet loss data is easy to generate errors, and the accuracy of link monitoring is difficult to ensure.

Disclosure of Invention

The embodiment of the application provides a link monitoring method, a device, equipment and a storage medium. The technical scheme is as follows:

in one aspect, an embodiment of the present application provides a link monitoring method, where the method includes:

determining a link to be monitored, wherein the link to be monitored is a link between a source host to be monitored and a destination host to be monitored;

a first program injection instruction is sent to a target host agent of the target host to be monitored in the link to be monitored, the target host agent is used for injecting a first monitoring program into a kernel of the target host to be monitored according to the first program injection instruction, and the first monitoring program is used for counting packet loss data of the target host to be monitored based on the calling condition of a kernel function;

Receiving host side packet loss data reported by the target host agent;

And determining network packet loss data of the link to be monitored based on the host side packet loss data, wherein the network packet loss data is used for representing the network packet loss condition of the link to be monitored.

In another aspect, an embodiment of the present application provides a link monitoring method, where the method includes:

Receiving a first program injection instruction sent by control equipment through a target host agent;

injecting a first monitoring program into the kernel through the target host agent based on the first program injection instruction, wherein the first monitoring program is used for counting packet loss data of the target host side to be monitored based on the calling condition of the kernel function;

and reporting the host side packet loss data to the control equipment through the destination host agent, so that the control equipment determines the network packet loss data of a link to be monitored based on the host side packet loss data, wherein the link to be monitored is a link between a source host to be monitored and a destination host to be monitored, and the network packet loss data is used for representing the network packet loss condition of the link to be monitored.

In another aspect, an embodiment of the present application provides a link monitoring apparatus, including:

The link determining module is used for determining a link to be monitored, wherein the link to be monitored is a link between a source host to be monitored and a destination host to be monitored;

the device comprises a sending module, a monitoring module and a monitoring module, wherein the sending module is used for sending a first program injection instruction to a target host agent of the target host to be monitored in the link to be monitored, the target host agent is used for injecting a first monitoring program into a kernel of the target host to be monitored according to the first program injection instruction, and the first monitoring program is used for counting packet loss data of a side of the target host to be monitored based on a calling condition of a kernel function;

the receiving module is used for receiving the host side packet loss data reported by the target host agent;

the data determining module is used for determining network packet loss data of the link to be monitored based on the host side packet loss data, wherein the network packet loss data is used for representing the network packet loss condition of the link to be monitored.

the receiving module is used for receiving a first program injection instruction sent by the control equipment through the target host agent;

The injection module is used for injecting a first monitoring program into the kernel through the target host agent based on the first program injection instruction, and the first monitoring program is used for counting packet loss data of the target host side to be monitored based on the calling condition of the kernel function;

And the reporting module is used for reporting the host side packet loss data to the control equipment through the destination host agent so that the control equipment can determine the network packet loss data of a link to be monitored based on the host side packet loss data, wherein the link to be monitored is a link between a source host to be monitored and a destination host to be monitored, and the network packet loss data is used for representing the network packet loss condition of the link to be monitored.

In another aspect, an embodiment of the present application provides a computer device, where the computer device is a control device or a host, and the computer device includes a processor and a memory, where at least one instruction is stored in the memory, and the at least one instruction is loaded and executed by the processor to implement a link monitoring method as described in the foregoing aspect.

In another aspect, embodiments of the present application provide a computer-readable storage medium storing at least one instruction that is loaded and executed by a processor to implement a link monitoring method as described in the above aspects.

In another aspect, embodiments of the present application provide a computer program product comprising computer instructions stored in a computer-readable storage medium; a processor of a terminal device reads the computer instructions from the computer readable storage medium, the processor executing the computer instructions, causing the terminal device to implement a link monitoring method as described in the above aspect.

In the embodiment of the application, the control equipment injects the first monitoring program into the target host to be monitored, so that the target host to be monitored can obtain the host side packet loss data according to the calling condition of the kernel function of the target host to be monitored, and the host side packet loss data is reported to the control equipment, so that the control equipment can eliminate the influence of the host side packet loss data in the link monitoring process, the accuracy of the network packet loss data on the link to be monitored is ensured, and the accuracy of the link monitoring is improved.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings required for the description of the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present application, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.

FIG. 1 illustrates a schematic diagram of an implementation environment provided by an exemplary embodiment of the present application;

FIG. 2 illustrates a flow chart of a method of link monitoring provided by an exemplary embodiment of the present application;

FIG. 3 is a schematic diagram illustrating an implementation of a link determination to be monitored according to an exemplary embodiment of the present application;

FIG. 4 shows a flow chart of a control device side link monitoring process provided by an exemplary embodiment of the present application;

FIG. 5 is a flow chart illustrating a process for monitoring a side chain of a destination host to be monitored according to an exemplary embodiment of the present application;

FIG. 6 illustrates a flow chart of a link monitoring process provided by an exemplary embodiment of the present application;

FIG. 7 illustrates a block diagram of a link monitoring apparatus provided in an exemplary embodiment of the present application;

Fig. 8 is a block diagram illustrating a link monitoring apparatus according to another exemplary embodiment of the present application;

fig. 9 is a schematic diagram showing a structure of a computer device according to an exemplary embodiment of the present application.

Detailed Description

For the purpose of making the objects, technical solutions and advantages of the present application more apparent, the embodiments of the present application will be described in further detail with reference to the accompanying drawings.

Referring to fig. 1, a schematic diagram of an implementation environment provided by an exemplary embodiment of the present application is shown. The implementation environment includes a control device 110, a source host 120 to be monitored, and a destination host 130 to be monitored.

The source host 120 to be monitored and the destination host 130 to be monitored, and the control device 110 and the hosts are connected through the link 140 to be monitored. The link to be monitored 140 is a data link, and the link to be monitored 140 may include network devices such as a network card, a network bridge, a router, a switch, and the like, and network connection lines, and may also include communication programs and communication protocols such as protocols of TCP/IP (Transmission Control Protocol/Internet Protocol ), UDP (User Datagram Protocol, user datagram protocol), and the like.

The control device 110 is used for controlling the source host 120 to be monitored and the destination host 130 to be monitored to perform link monitoring, and may be a workstation, a personal computing device, etc. with network device control capability. The control device 110 controls the source host 120 to be monitored to send the probe data packet, and receives the response data packet sent by the destination host 130 to be monitored. The control device 110 is further configured to send a first program injection instruction to the destination host 130 to be monitored, so as to inject a first monitoring program into a kernel of the destination host 130 to be monitored. The control device 110 is further configured to receive host-side packet loss data sent by the destination host 130 to be monitored, and further obtain network packet loss data that characterizes a network packet loss condition of the link 140 to be monitored. The control device 110 is further configured to receive kernel stack data sent by the destination host 130 to be monitored, and then determine a host side packet loss reason. The control device 110 is further configured to send a second program injection instruction to the destination host 130 to be monitored, and then receive the subdivision data sent from the destination host 130 to be monitored.

The source host 120 to be monitored is a server that sends probe packets. The source host 120 to be monitored is configured to send a probe data packet to the destination host 130 to be monitored through the link 140 to be monitored, and also configured to receive a response data packet returned by the destination host 130 to be monitored.

The destination host 130 to be monitored is a server that receives the probe packets. The destination host 130 to be monitored is configured to send a response packet to the host 120 to be monitored after receiving the probe packet sent by the source host 120 to be monitored. In the case of a packet loss at the host side, the source host 120 to be monitored cannot receive the response packet sent by the destination host 130 to be monitored. The destination host 130 to be monitored is further configured to receive a first program injection instruction sent by the control device 110, and then inject a first monitoring program into the kernel, so as to count host side packet loss data and kernel stack data according to a calling condition of a kernel function. The destination host 130 to be monitored is also configured to report host-side packet loss data and kernel stack data to the control device 110. The to-be-monitored host 130 is further configured to, after receiving the second program injection instruction, inject and execute the second monitoring program to the kernel to obtain subdivision data corresponding to the host side packet loss reason, and then report the subdivision data to the control device 110.

It should be noted that, the source host 120 to be monitored and the destination host 130 to be monitored mainly implement the above functions through respective host agents.

In the following embodiments, a link monitoring method is used for the control device 110 and the destination host 130 to be monitored.

Referring to fig. 2, a flowchart of a link monitoring method according to an exemplary embodiment of the present application is shown. The method comprises the following steps.

In step 201, the control device determines a link to be monitored, where the link to be monitored is a link between a source host to be monitored and a destination host to be monitored.

In some embodiments, the source host to be monitored sends a probe packet to the destination host to be monitored over the link to be monitored. And the target host to be monitored sends a response data packet to the source host to be monitored through the link to be monitored under the condition that the target host to be monitored receives the detection data packet. And the control equipment analyzes the packet loss condition of the data packet according to the sending and response conditions of the data packet on the link to be monitored, thereby realizing the link monitoring.

Optionally, the source host to be monitored may perform link monitoring on a single destination host to be monitored, or may perform link monitoring on at least two destination hosts to be monitored. Under the condition of carrying out link monitoring on a single target host to be monitored, the link to be monitored is a link between a source host to be monitored and the target host to be monitored. In the case of link monitoring of at least two destination hosts to be monitored, the link to be monitored determined by the control device is a link in which an abnormal detection flow exists (the detection flow is a data flow between the source host to be monitored and the destination host to be monitored). A network in which there are at least two destination hosts to be monitored is described below.

In one possible implementation, the control device controls the source host to be monitored to send probe packets to other hosts to be monitored in the network. After receiving the detection data packet, each target host to be monitored sends a response data packet to the source host to be monitored, and then the source host to be monitored stores the detection result in a fixed time, namely the response condition of the target host to be monitored, into a detection record database so as to carry out packet loss statistics subsequently. Under the condition that the abnormal detection flow is found, the control equipment determines that network faults possibly exist in a link between the source host to be monitored and the destination host to be monitored, acquires a destination IP address of the abnormal detection flow, and determines the link between the source host to be monitored and the destination host to be monitored corresponding to the destination IP address as the link to be monitored.

In one possible implementation manner, the control device counts the number of detection data packets sent by the source host to be monitored to the destination host to be monitored and the number of response data packets received by the source host to be monitored and sent by the destination host to be monitored according to detection records stored in a detection record database, and calculates the packet loss rate (the difference between the sent and received data packets of the source host to be monitored and the ratio of the sent data packets of the source host to be monitored) of the detection flow between the source host to be monitored and the destination host to be monitored. And under the condition that the packet loss rate exceeds a packet loss rate threshold value, determining the detection flow as an abnormal detection flow.

As shown in fig. 3, the control device 310 controls the source host 320 to send probe packets to the destination host 321, the destination host 322, and the destination host 323, and then receives response packets sent from the destination host 321, the destination host 322, and the destination host 323. The source host 320 to be monitored reports the record of sending the probe data packet to each destination host to be monitored by the source host 320 to be monitored to the probe record database 330, and receives the record of receiving the response data packet sent by each destination host to be monitored. Then, the control device 310 obtains the probe records from the probe record database 330, and calculates the packet loss rates of the probe flows on the link 301, the link 302, and the link 303, respectively. In the case where the packet loss rate of the probe flow on the link 302 exceeds the packet loss rate threshold, the control device 310 determines that the link 302 is a link to be monitored.

Step 202, the control device sends a first program injection instruction to a destination host agent of a destination host to be monitored in a link to be monitored, the destination host agent is used for injecting a first monitoring program into a kernel of the destination host to be monitored according to the first program injection instruction, and the first monitoring program is used for counting packet loss data of a side of the destination host to be monitored based on a calling condition of a kernel function.

In step 203, the destination host to be monitored receives the first program injection instruction sent by the control device through the destination host agent.

Step 204, the destination host to be monitored injects a first monitoring program into the kernel through the destination host agent based on the first program injection instruction, where the first monitoring program is used for counting packet loss data of the destination host to be monitored based on the calling condition of the kernel function.

In some embodiments, all hosts on a network link are deployed with a host agent. The host agent is used for realizing communication interaction between the source host to be monitored and the destination host to be monitored and management control between the control equipment and the host. The target host agent is deployed on a target host to be monitored in the link to be monitored, and is used for analyzing the first program injection instruction, and executing the program injection operation indicated by the first program injection instruction, namely injecting the first monitoring program into the kernel of the target host to be monitored.

In some embodiments, the kernel function is used to access the kernel, and the auxiliary host completes the sending, receiving, packet loss processing and other tasks of the data packet. The calling logic of the kernel function is preset by the operating system, and the operating system performs function calling according to the service requested to be called by the user program.

Because the calling condition of the kernel function is different between the condition that the target host to be monitored normally responds and the condition that the packet loss occurs, the first monitoring program can count the packet loss data of the target host to be monitored based on the calling condition of the kernel function.

Optionally, the first monitor may determine a packet loss condition according to a function name of the calling kernel function. For example, in the case of calling kfree _skb function, packet loss is determined.

Optionally, the first monitoring program may also count the number of times of calling a specific kernel function, so as to obtain packet loss data of the destination host side to be monitored. For example, the number of dropped packets is determined according to the number of calls of kfree _skb function, and the number of not dropped packets is determined according to the number of calls of consume _skb function.

Optionally, the packet loss data of the destination host side may include a total amount of packets, a number of packets lost, a source host IP address, a destination host IP address, a kernel version number, a kernel function call condition, and the like.

In step 205, the destination host to be monitored reports the host side packet loss data to the control device through the destination host agent, so that the control device determines the network packet loss data of the link to be monitored based on the host side packet loss data, where the link to be monitored is a link between the source host to be monitored and the destination host to be monitored, and the network packet loss data is used for characterizing the network packet loss condition of the link to be monitored.

In step 206, the control device receives the host side packet loss data reported by the destination host agent.

In step 207, the control device determines network packet loss data of the link to be monitored based on the host packet loss data, where the network packet loss data is used to characterize a network packet loss condition of the link to be monitored.

In some embodiments, the packet loss condition determined by the control device may be divided into a host side packet loss and a network link packet loss, so that the packet loss data counted by the control device may include host side packet loss data and network packet loss data, where the host side packet loss data is packet loss data generated by host side packet loss, and the network packet loss data is packet loss data generated by network link packet loss.

In one possible implementation manner, the control device isolates the destination host with the host-side packet loss according to the host-side packet loss data, and excludes the host-side packet loss data generated by the destination host from all the packet loss data on the link to be monitored counted by the control device, so as to obtain the network packet loss data of the link to be monitored.

Optionally, the network packet loss data may include a network packet loss number, a network packet loss rate, a network packet loss cause, a packet loss address, and the like.

Optionally, the network packet loss data may be used to record and alarm the network packet loss condition, for example, the control device generates alarm information according to the network packet loss data, so that the control device isolates the fault device or implements repair measures according to the alarm information.

Optionally, the network packet loss data may also be used to determine network quality of the data center, such as determining that the data center network quality is poor if the network packet loss rate is above a network packet loss rate threshold.

Optionally, the network packet loss data may also be used to determine a network failure area. For example, the control device determines the network quality of each link to be monitored according to the network packet loss data of the plurality of links to be monitored, and then analyzes whether the network device on the link to be monitored has a fault according to the network quality of the network device when working on each link to be monitored.

In summary, in the embodiment of the present application, the control device injects the first monitoring program into the target host to be monitored, so that the target host to be monitored can obtain the host side packet loss data according to the call condition of the kernel function of the target host to be monitored, and report the host side packet loss data to the control device, so that the control device can eliminate the influence of the host side packet loss data in the link monitoring process, ensure the accuracy of the network packet loss data on the link to be monitored, and improve the accuracy of the link monitoring.

In the above embodiment, the step of taking the control device as the execution subject may separately implement a link monitoring method referred to as a control device side, and the step of taking the destination host to be monitored as the execution subject may separately implement a link monitoring method referred to as a destination host to be monitored side. The link monitoring process on the control device side is explained below.

Referring to fig. 4, a flow chart of a control device side chain monitoring process according to an exemplary embodiment of the present application is shown. The process includes the following steps.

Step 401, determining a link to be monitored, where the link to be monitored is a link between a source host to be monitored and a destination host to be monitored.

For the embodiment of this step, reference may be made to step 201, which is not described herein.

Step 402, a first program injection instruction is sent to a destination host agent of a destination host to be monitored in a link to be monitored, the destination host agent is used for injecting a first monitoring program into a kernel of the destination host to be monitored according to the first program injection instruction, and the first monitoring program is used for counting packet loss data of a side of the destination host to be monitored based on a calling condition of a kernel function.

Alternatively, the first monitoring program may be generated by the destination host or may be generated by the control device. The control device may take one of two implementations when performing the program injection.

First, a first monitoring program is generated by a control device.

The implementation may include the following sub-steps.

And step 1, generating a first monitoring program based on the target kernel function and the host IP address of the source host to be monitored, wherein the first monitoring program is used for counting the times of calling the target kernel function to perform packet loss processing on the data packet sent by the source host to be monitored.

In some embodiments, when the kernel calls the target kernel function and the source IP address of the detection flow is the host IP address of the source host to be monitored, the first monitoring program counts the number of times that the target kernel function is called to perform packet loss processing on the data packet sent by the source host to be monitored.

Regarding the generation manner of the first monitoring program, in one possible implementation manner, the control device fills the program template with the target kernel function and the host IP address of the source host to be monitored, and generates the first monitoring program.

In some embodiments, the target kernel function is a kernel function called for packet loss processing in a kernel protocol stack. And the kernel utilizes a skb (struct sk_buff) data structure to manage the data packet in the process of receiving and transmitting the data packet. The kernel calls kfree _skb function to discard the data packet under the error condition, and calls consume _skb function to release skb data structure normally.

Alternatively, the target kernel function may be a kfree _skb function. The first monitoring program is used for counting the number of times of packet loss processing of data packets sent by the source host to be monitored by calling the kfree _skb function under the condition that the kernel calls the kfree _skb function and the source IP address of the detection flow is the host IP address of the source host to be monitored.

And 2, the control equipment sends a first program injection instruction containing a first monitoring program to the target host agent.

In one possible embodiment, after generating the first monitoring program, the control device brings the first monitoring program into a first program injection instruction, and then sends the first program injection instruction to the destination host agent of the destination host to be monitored. The target host agent extracts the first monitor program from the first program injection instruction after receiving the first program injection instruction, and then injects the first monitor program into the kernel.

Second, the first monitoring program is generated by the destination host.

Alternatively, the control device may send a first program injection instruction containing the target parameter to the destination host agent, which is configured to generate the first monitoring program based on the target parameter.

In one possible implementation, the target host agent extracts the target parameter from the first program injection instruction after receiving the first program injection instruction sent by the control device. And then, the target host to be monitored fills the target parameters into the program template to obtain a first monitoring program.

Further, the target parameters may include a target kernel function and a host IP address of the source host to be monitored. The control device sends a first program injection instruction containing a target kernel function and a host IP address of a source host to be monitored to a target host agent, wherein the target host agent is used for generating a first monitoring program based on the target kernel function and the host IP address.

In one possible implementation manner, after receiving a first program injection instruction sent by the control device, the destination host agent extracts the target kernel function and the host IP address of the source host to be monitored from the first program injection instruction, and fills in a program template to obtain a first monitoring program.

In some embodiments, the first monitor is a program that can track call cases of kernel functions. Alternatively, the first monitor may track kernel function calls using a debug tool that is native to the operating system kernel, such as ftrace tools of the Linux kernel. Optionally, the first monitor may also implement tracing of kernel functions by extending kernel functions, for example, writing the first monitor using eBPF (extended Berkeley PACKET FILTER, extended berkeley filter) technology, so as to trace kernel functions called by the Linux kernel. Optionally, the first monitoring program may also be a custom program, which is not described in detail in the embodiments of the present application.

In some embodiments, since the kernel versions on different hosts are different, the first monitor needs to adapt to the kernel environment to avoid perturbation to the kernel. In addition, the technical threshold for implementing program injection into the kernel is high, i.e. the technician is required to have deep knowledge of the kernel. In order to improve the convenience and safety of the first monitor program being injected into the kernel, the embodiment of the application uses eBPF program as the first monitor program to be injected into the kernel of the target host.

In some embodiments, eBPF programs can not only expand kernel functions to track kernel functions, but also withdraw kernel functions from the kernel, and maintain kernel stability. Compared with other technologies of injecting programs into the kernel to track kernel functions, eBPF programs have higher security. eBPF programs can be written based on the C language, and development convenience is high.

In one possible implementation, the eBPF program stores the collected packet loss data in kernel space in a eBPF map structure. And the destination host agent outside the kernel acquires eBPF packet loss data counted by the program through access eBPF map.

And step 403, receiving host side packet loss data reported by the target host agent.

Step404, determining network packet loss data of the link to be monitored based on the host side packet loss data, wherein the network packet loss data is used for representing the network packet loss condition of the link to be monitored.

This step may include the following steps.

Step 1, acquiring link packet loss data reported by a source host to be monitored in the running process of a first monitoring program.

In some embodiments, in the running process of the first monitoring program, the destination host to be monitored on each link uses the first monitoring program injected into the kernel to obtain the host side packet loss data, and the source host to be monitored counts the link packet loss data according to the response condition of the destination host to be monitored on each link. The link packet loss data refers to packet loss data of all links where the source host to be monitored is located.

In one possible implementation manner, the control device counts packet loss data reported by the source host to be monitored in the detection record database, and obtains link packet loss data.

And 2, correcting the link packet loss data based on the host side packet loss data to obtain the network packet loss data.

In some embodiments, the link packet loss data reported by the source host to be monitored includes packet loss data generated by host side packet loss and packet loss data generated by link side packet loss. Because the packet loss data generated by the packet loss of the host side counted by the source host to be monitored corresponds to the packet loss data of the host side counted by the destination host to be monitored, the control device can identify the packet loss data generated by the packet loss reason of the host side from the link packet loss data according to the packet loss data of the host side.

In one possible implementation manner, the control device obtains link packet loss data reported by a source host to be monitored in a fixed monitoring duration, obtains host side packet loss data reported by a destination host to be monitored in the same time, and then removes packet loss data generated by a host side packet loss reason from the link packet loss data according to the host side packet loss data to obtain network packet loss data.

In the embodiment of the application, the control equipment obtains the network packet loss data representing the network packet loss condition of the link to be monitored by sending the first program injection instruction to the target host to be monitored, then removing the packet loss condition generated by the packet loss reason of the host side on the link after receiving the host side packet loss data, thereby improving the accuracy of the packet loss data on the link to be monitored from end to end and further improving the accuracy of the control equipment for alarming the link packet loss condition.

In some embodiments, the first monitoring program counts packet loss data within the monitoring duration. In order to reduce the influence of the first monitoring program on the kernel, the stability of the kernel is maintained, and the first monitoring program is retracted under the condition that the running time reaches the monitoring time, namely the injection of the first monitoring program is canceled.

Optionally, the first monitoring program may be retracted by an instruction sent by the control device. And under the condition that the program injection time length of the first monitoring program reaches the monitoring time length, the control equipment sends a retraction instruction to the target host agent, and the target host agent is used for performing program injection retraction based on the retraction instruction.

Optionally, the first monitoring program may be retracted by the destination host agent of the destination host to be monitored, that is, the control device includes the monitoring duration in the first program injection instruction and sends the monitoring duration to the destination host agent. The target host agent is used for performing program injection retraction under the condition that the program injection duration of the first monitoring program reaches the monitoring duration.

Further, in the case that the first monitoring program is eBPF programs and the target host agent performs program injection and retraction, the target host to be monitored releases eBPF map in the kernel space.

According to the scheme provided by the embodiment, the first monitoring program is retracted, so that the first monitoring program is prevented from influencing the kernel, and the stability of the kernel is maintained.

Optionally, the first monitoring program may be used to record kernel stack data in addition to counting packet loss data. The control device may determine a host side packet loss reason according to the kernel stack data.

In some embodiments, the kernel stack data may include kernel functions called by the kernel and offsets of the kernel functions. Illustratively, the kernel stack data printed by the first monitor is as follows:

kfree_skb+1

dev_hard_start_xmit+262

sch_direct_xmit+282

__dev_queue_xmit+1169

dev_queue_xmit+16

neigh_resolve_output+285

ip_finish_output+636

ip_output+115

ip_local_out_sk+55

ip_send_skb+22

ip_push_pending_frames+51

icmp_push_reply+238

icmp_send+1280

__udp4_lib_rcv+2582

udp_rcv+26

ip_local_deliver_finish+189

ip_local_deliver+89

ip_rcv_finish+144

ip_rcv+697

__netif_receive_skb_core+1833

__netif_receive_skb+24

netif_receive_skb_internal+64

napi_gro_receive+216

i40e_clean_rx_irq+974

i40e_napi_poll+830

net_rx_action+623

__do_softirq+245

call_softirq+28

do_softirq+101

irq_exit+261

__irqentry_text_start+86

ret_from_intr+0

cpuidle_idle_call+222

arch_cpu_idle+14

cpu_startup_entry+330

start_secondary+503

start_cpu+5

The process of the control device determining the host side packet loss cause includes the following steps.

Step one, receiving kernel stack data reported by a target host agent.

Optionally, when the host side packet loss data is reported by the target host to be monitored, the core stack data and the host side packet loss data are reported to the control device together, so that the control device determines a packet loss reason corresponding to the host side packet loss data.

In a possible implementation manner, in the case that the first monitor program is eBPF programs, eBPF programs in the kernel record packet loss data and kernel stack data, and then the destination host agent stores the packet loss data and the kernel stack data according to eBPF map structure and reports the packet loss data and the kernel stack data to the controller.

Optionally, the kernel stack data may be additionally reported when the control device needs to determine the reason for the host side packet loss.

And step two, determining the host side packet loss reason of the target host to be monitored based on the kernel stack data.

Optionally, the control device may input the kernel stack data into the packet loss analysis model, to obtain a host side packet loss reason output by the packet loss analysis model. The packet loss analysis model is obtained based on sample kernel stack data and packet loss reason labels corresponding to the sample kernel stack data.

Optionally, the control device may also establish a packet loss reason knowledge base, and analyze the host side packet loss reason by querying the packet loss reason knowledge base, so as to improve the efficiency of determining the host side packet loss reason.

Alternatively, in the case where it is difficult to determine the host-side packet loss cause, the control device may print the kernel stack data, and then manually analyze by a network expert, thereby determining the host-side packet loss cause. Furthermore, the control device can use the host side packet loss reason to supplement a packet loss reason knowledge base, or train a packet loss analysis model, so as to improve the accuracy of the control device in determining the host side packet loss reason.

In some embodiments, the control device may further analyze the cause of the packet loss at the host side, including the following steps.

First, a second program injection instruction is sent to the destination host agent. The target host agent is used for injecting a second monitoring program into the kernel of the target host to be monitored according to a second program injection instruction, and the second monitoring program is used for counting subdivision data corresponding to the host side packet loss reason based on the calling condition of the kernel function.

In some embodiments, the subdivision data corresponding to the host-side packet loss cause may represent detailed information of the host-side packet loss cause, and since subdivision data corresponding to different host-side packet loss causes may be different, specific content of subdivision data needs to be determined according to specific host-side packet loss cause.

It should be noted that, the subdivision data corresponding to the host-side packet loss cause may or may not exist. For example, the subdivision data in the ICMP (Internet Control Message Protocol ) reply speed limit case may be a speed limit threshold, and in the case that the destination host is configured to not allow sending of the reply data packet, the host side packet loss cause has no subdivision data.

Optionally, the second program injection instruction may include a target parameter, so that the destination host agent generates the second monitoring program based on the target parameter. The second program injection instruction may include a second monitoring program, which is generated by the control device.

In some embodiments, the second monitoring program counts packet loss data within the monitoring duration. In order to reduce the influence of the second monitoring program on the kernel, the kernel stability is maintained, and the second monitoring program is retracted, namely the injection of the second monitoring program is canceled, when the running time reaches the monitoring time.

Optionally, the second monitoring program may be retracted by an instruction sent by the control device. And under the condition that the program injection time length of the second monitoring program reaches the monitoring time length, the control equipment sends a retraction instruction to the target host agent, and the target host agent is used for performing program injection retraction based on the retraction instruction.

Optionally, the second monitoring program may be retracted by the destination host agent of the destination host to be monitored, that is, the control device includes the monitoring duration in the second program injection instruction and sends the monitoring duration to the destination host agent. The target host agent is used for performing program injection retraction under the condition that the program injection duration of the second monitoring program reaches the monitoring duration.

In some embodiments, the second monitor is different from the kernel function monitored by the first monitor. The target kernel function monitored by the first monitoring program can determine that the packet loss condition exists at the host side, so that the packet loss data at the host side is counted according to the calling times of the target kernel function. The kernel function monitored by the second monitoring program is a kernel function related to the packet loss reason at the host side, and the kernel function may not be used for determining whether the destination host loses the packet. The second monitoring program counts the subdivision data corresponding to the packet loss reason of the host side by monitoring the calling condition of the kernel function, so that the further analysis of the packet loss reason of the host side is realized.

For example, the kernel function monitored by the first monitoring program may be kfree _skb function, which characterizes that the host side packet loss is caused by the error of the destination host; the kernel function monitored by the second monitor may include an ICMP send function for determining if there is an ICMP answer speed limit condition at the host side.

And step two, receiving subdivision data corresponding to the host side packet loss reason reported by the target host agent.

In some embodiments, after receiving the subdivision data, the control device may further analyze the cause of packet loss at the host side based on the subdivision data, so as to improve accuracy of positioning the cause of packet loss at the host side by the control device.

In the embodiment of the application, the control equipment determines the packet loss reason of the host side according to the kernel stack data recorded by the first monitoring program. Further, the control equipment further analyzes the packet loss reason at the host side by using the subdivision data counted by the second monitoring program, so that the accuracy of positioning the packet loss reason at the host side is improved, and the difficulty of determining the packet loss reason of the link to be monitored by the control equipment is reduced.

Referring to fig. 5, a flowchart of a process for monitoring a side link of a destination host to be monitored according to an exemplary embodiment of the present application is shown. The process includes the following steps.

Step 501, receiving, by a destination host agent, a first program injection instruction sent by a control device.

Step 502, based on the first program injection instruction, injecting a first monitoring program into the kernel through the destination host agent, where the first monitoring program is configured to count packet loss data of the destination host to be monitored based on the calling condition of the kernel function.

For the description of the destination host agent and the first program injection instruction, reference may be made to the above steps 203 to 204, which are not repeated in the embodiment of the present application.

Optionally, the first program injection instruction may include a target parameter, so that the destination host agent generates the first monitoring program based on the target parameter. The injection process of the first monitoring procedure may include the following steps.

1, A first monitoring program is generated by a destination host agent based on target parameters contained in a first program injection instruction.

In one possible implementation manner, after receiving a first program injection instruction sent by the control device, the target host agent of the target host to be monitored extracts a target parameter from the first program injection instruction, and fills the target parameter into the program template to obtain the first monitoring program.

And 2, injecting a first monitoring program into the kernel through the target host agent.

Because eBPF has higher security, can carry out the security extension to the kernel, can also maintain kernel stability through the back-off procedure, so in some possible embodiments, first monitor program is eBPF program, and the destination host computer that waits to monitor uses eBPF technique to inject first monitor program into the kernel.

Optionally, the first program injection instruction may also include a first monitoring program, where the first monitoring program is generated by the control device.

In some embodiments, the target parameters include a target kernel function and a host IP address of the source host to be monitored. The target kernel function is a kernel function called by packet loss in a kernel protocol stack. The injection process of the first monitoring procedure may comprise the following sub-steps.

1. And generating a first monitoring program through a target host agent based on the target kernel function and the host IP address of the source host to be monitored, wherein the first monitoring program is used for counting the times of calling the target kernel function to perform packet loss processing on the data packet sent by the source host to be monitored.

Regarding the generation manner of the first monitoring program, in one possible implementation manner, the target kernel function and the host IP address of the source host to be monitored are filled in the program template by the target host agent to generate the first monitoring program.

In some embodiments, the kernel uses a skb (structsk_buff) data structure for packet management during the process of transceiving packets. Wherein, the kernel calls kfree _skb function to discard the packet in case of error.

2. The first monitor program included in the first program injection instruction is injected into the kernel through the destination host agent.

Because eBPF has high security, in some possible embodiments, the first monitor is eBPF, and the host agent uses eBPF to inject the first monitor into the kernel.

In step 503, the host side packet loss data is reported to the control device through the destination host agent, so that the control device determines the network packet loss data of the link to be monitored based on the host side packet loss data, where the link to be monitored is a link between the source host to be monitored and the destination host to be monitored, and the network packet loss data is used for characterizing the network packet loss condition of the link to be monitored.

For the description of the network packet loss data and the host-side packet loss data, refer to the above steps 205 to 207, and the description of this embodiment of the present application is omitted.

In the embodiment of the application, after the target host agent injects the first monitoring program into the kernel, the target host to be monitored counts the host side packet loss data according to the calling condition of the kernel function called by packet loss in the kernel protocol stack, and then reports the host side packet loss data to the control equipment, so that the control equipment can eliminate the influence of the host side packet loss data in the link monitoring process, the accuracy of the network packet loss data on the link to be monitored is ensured, and the accuracy of the link monitoring is improved.

Optionally, the first program injection instruction may include a monitoring duration. After the first monitoring program is injected into the kernel, the target host to be monitored performs program injection and withdrawal through the target host agent under the condition that the program injection time length of the first monitoring program reaches the monitoring time length.

Optionally, the destination host to be monitored may also receive a retraction instruction sent by the control device through the destination host agent. The method comprises the steps of receiving a first monitoring program, wherein the first monitoring program comprises a program injection time length and a program withdrawal time length, and sending a withdrawal instruction under the condition that the program injection time length of the first monitoring program reaches the monitoring time length. Then, the target host to be monitored performs program injection retraction through the target host agent based on the retraction instruction.

In some embodiments, the first monitor is further configured to record kernel stack data. And the target host to be monitored reports the kernel stack data to the control equipment through the target host agent so that the control equipment determines the host side packet loss reason of the target host to be monitored based on the kernel stack data.

In some embodiments, the control device injects instructions into the second program sent by the destination host to be monitored according to the host-side packet loss cause, in a case where it is determined that the host-side packet loss cause needs to be further located. The target host to be monitored may execute the following steps when receiving the second program injection instruction.

Step 1, receiving a second program injection instruction sent by the control equipment through the target host agent.

Step 2, based on a second program injection instruction, injecting a second monitoring program into the kernel through the target host agent, wherein the second monitoring program is used for counting subdivision data corresponding to the packet loss reason of the host side based on the calling condition of the kernel function.

Step 3, the destination host agent reports the subdivision data corresponding to the host side packet loss reason to the control equipment.

In the embodiment of the application, the destination host to be monitored determines the host side packet loss reason according to the kernel stack data recorded by the first monitoring program. Furthermore, the target host to be monitored reports the subdivision data counted by the second monitoring program to the control equipment, so that the control equipment can further analyze the packet loss reason at the host side by utilizing the subdivision data, the accuracy of locating the packet loss reason at the host side is improved, and the difficulty of determining the packet loss reason of the link to be monitored by the control equipment is reduced.

Referring to fig. 6, a flow chart of a link monitoring process provided by an exemplary embodiment of the present application is shown. The process includes the following steps.

In step 601, the control device sends a first program injection instruction to the target host to be monitored according to the IP address of the target host of the abnormal detection flow.

In some embodiments, in the event that the control device monitors the abnormal detection flow, the control device first determines a destination host IP address of the abnormal detection flow, and then determines a destination host to be monitored according to the destination host IP address. The abnormal detection flow is a detection flow with the packet loss rate exceeding a threshold value, which is sent by the source host to be monitored to the destination host to be monitored. After the target host to be monitored is determined, the control equipment sends a first program injection instruction to the target host to be monitored so as to inject a first monitoring program into the kernel of the target host to be monitored.

In step 602, a destination host agent of a destination host to be monitored receives a program injection instruction.

The program injection instructions include a first program injection instruction and a second program injection instruction.

The first program injection instruction is used for injecting a first monitoring program into the kernel of the target host, and the first monitoring program is used for counting the packet loss data at the host side and the kernel stack data. The first monitoring procedure is the eBPF procedure.

The second program injection instruction is used for injecting a second monitoring program into the kernel of the target host, and the second monitoring program is used for counting subdivision data corresponding to the packet loss reason of the host side. The second monitoring procedure is the eBPF procedure.

In step 603, the destination host agent injects eBPF the program into the kernel.

In some embodiments, the kernel is an integral part of the operating system for managing operating system processes, memory, device drivers, etc. It should be noted that, because the kernel technology of the Linux operating system is mature and stable and the open source is free, the embodiment of the application uses the kernel of the Linux operating system as an example.

Under the condition of receiving a first program injection instruction, the target host agent injects eBPF programs of statistical host side packet loss data and kernel stack data, namely a first monitoring program, into the Linux kernel.

Under the condition that a second program injection instruction is received, the target host agent injects eBPF programs of subdivision data corresponding to the packet loss reason of the statistical host side, namely a second monitoring program, into the Linux kernel.

Step 604, the destination host to be monitored determines whether the kfree _skb function is called in the Linux kernel protocol stack, and detects whether the source IP address of the stream is the host IP address of the source host to be monitored.

Step 605 is executed when kfree _skb function is called and the source IP address of the detected flow is the host IP address of the source host to be monitored; otherwise, step 606 is performed.

Step 605, under the condition that kfree _skb function is called and the source IP address of the detected flow is the host IP address of the source host to be monitored, the destination host to be monitored performs data statistics.

Under the condition that a target host agent injects a first monitoring program into the kernel, the target host to be monitored counts the packet loss data at the host side and the kernel stack data; under the condition that the target host agent injects a second monitoring program into the kernel, the target host to be monitored counts subdivision data corresponding to the packet loss reason of the host side.

In step 606, the destination host to be monitored does not perform data statistics.

In step 607, the destination host to be monitored updates eBPF map based on the statistics.

Under the condition that the host side packet loss data and the kernel stack data are obtained through statistics, the target host to be monitored stores the host side packet loss data and the kernel stack data into a kernel space in a eBPF map structure.

Under the condition that the statistics is carried out to obtain the subdivision data, the target host to be monitored stores the subdivision data into the kernel space in a eBPF map structure.

In step 608, the destination host to be monitored reports the statistical data to the control device through the destination host agent.

In step 609, the control device saves the statistics.

In step 610, the destination host to be monitored is returned eBPF to the process through the destination host agent.

In some embodiments, the control device controls the destination host agent to pull back eBPF the program if the runtime of eBPF the program reaches the monitor duration. Alternatively, the control device may send a retraction instruction to the destination host agent instructing the destination host agent to retract eBPF the program.

Optionally, the control device may further include the monitoring duration in a program injection instruction. After receiving the program injection instruction, the target host agent extracts the monitoring duration from the program injection instruction, and then withdraws eBPF the program if the running time of eBPF the program reaches the monitoring duration.

In addition, in the case of the retirement eBPF procedure, step 607 is also performed to update eBPF map the structure, i.e. release eBPF map in kernel space.

In step 611, the control device analyzes the host-side packet loss reason.

Alternatively, in the case where it is difficult to determine the host-side packet loss cause, the control device may print the kernel stack data and then perform human analysis by a network expert to determine the host-side packet loss cause. The host side packet loss reason can be used for supplementing a packet loss reason knowledge base or training a packet loss analysis model, so that the accuracy of determining the host side packet loss reason by the control equipment is improved.

In step 612, the control device establishes a packet loss reason knowledge base when the host side packet loss reason is obtained.

In some embodiments, the packet loss reason knowledge base is used for assisting the control device to query the host side packet loss reason according to the kernel stack data, so as to improve the determination speed of the host side packet loss reason.

In step 613, the control device controls the destination host agent to perform the secondary program injection.

Optionally, in case of obtaining the host side packet loss reason, the control device may further analyze the host side packet loss reason through secondary program injection, so as to improve accuracy of the host side packet loss reason.

In some embodiments, in the case that the secondary program injection is determined, the control device sends a second program injection instruction to the destination host agent, and then repeatedly executes steps 602 to 612, which are not described herein.

Referring to fig. 7, a block diagram of a link monitoring apparatus according to an exemplary embodiment of the present application is shown. The device comprises the following modules.

The link determining module 701 is configured to determine a link to be monitored, where the link to be monitored is a link between a source host to be monitored and a destination host to be monitored;

A sending module 702, configured to send a first program injection instruction to a destination host agent of the destination host to be monitored in the link to be monitored, where the destination host agent is configured to inject a first monitoring program into a kernel of the destination host to be monitored according to the first program injection instruction, and the first monitoring program is configured to count packet loss data of the destination host to be monitored based on a call condition of a kernel function;

A receiving module 703, configured to receive host side packet loss data reported by the destination host agent;

The data determining module 704 is configured to determine network packet loss data of the link to be monitored based on the host-side packet loss data, where the network packet loss data is used to characterize a network packet loss condition of the link to be monitored.

Optionally, the sending module 702 is further configured to:

Sending the first program injection instruction containing the first monitoring program to the target host agent;

Or alternatively, the first and second heat exchangers may be,

And sending the first program injection instruction containing target parameters to the target host agent, wherein the target host agent is used for generating the first monitoring program based on the target parameters.

Optionally, the sending module 702 is further configured to:

Generating a first monitoring program based on a target kernel function and a host IP address of the source host to be monitored, wherein the first monitoring program is used for counting the times of calling the target kernel function to perform packet loss processing on a data packet sent by the source host to be monitored;

The sending the first program injection instruction containing target parameters to the target host agent includes:

Sending the first program injection instruction comprising a target kernel function and a host IP address of the source host to be monitored to the target host agent, wherein the target host agent is used for generating the first monitoring program based on the target kernel function and the host IP address;

The target kernel function is a kernel function called by packet loss in a kernel protocol stack.

Optionally, the first monitoring program is eBPF programs, and the target kernel function is kfree _skb function.

Optionally, the device further comprises a retraction module for:

And under the condition that the program injection time length of the first monitoring program reaches the monitoring time length, sending a retraction instruction to the target host agent, wherein the target host agent is used for performing program injection retraction based on the retraction instruction.

Optionally, the first program injection instruction includes a monitoring duration, and the target host agent is configured to perform program injection retraction when the program injection duration of the first monitoring program reaches the monitoring duration.

Optionally, the first monitor is further configured to record kernel stack data;

the apparatus further comprises a cause determination module for:

receiving the kernel stack data reported by the target host agent;

and determining the host side packet loss reason of the target host to be monitored based on the kernel stack data.

Optionally, the cause determining module is further configured to:

And inputting the kernel stack data into a packet loss analysis model to obtain the host side packet loss reason output by the packet loss analysis model, wherein the packet loss analysis model is obtained based on sample kernel stack data and packet loss reason labels corresponding to the sample kernel stack data.

Optionally, the cause determining module is further configured to:

A second program injection instruction is sent to the target host agent, the target host agent is used for injecting a second monitoring program into the kernel of the target host to be monitored according to the second program injection instruction, and the second monitoring program is used for counting subdivision data corresponding to the packet loss reason at the host side based on the calling condition of a kernel function;

And receiving subdivision data corresponding to the host side packet loss reason reported by the target host agent.

Optionally, the data determining module 704 is further configured to:

Acquiring link packet loss data reported by the source host to be monitored in the running process of the first monitoring program;

And correcting the link packet loss data based on the host side packet loss data to obtain the network packet loss data.

Referring to fig. 8, a block diagram of a link monitoring apparatus according to another exemplary embodiment of the present application is shown. The device comprises the following modules.

A receiving module 801, configured to receive, by using a destination host agent, a first program injection instruction sent by a control device;

An injection module 802, configured to inject, based on the first program injection instruction, a first monitoring program into the kernel through the destination host agent, where the first monitoring program is configured to count packet loss data of a destination host to be monitored based on a call condition of the kernel function;

And the reporting module 803 is configured to report, by using the destination host agent, host-side packet loss data to the control device, so that the control device determines network packet loss data of a link to be monitored based on the host-side packet loss data, where the link to be monitored is a link between a source host to be monitored and the destination host to be monitored, and the network packet loss data is used to characterize a network packet loss condition of the link to be monitored.

Optionally, the injection module 802 is further configured to:

injecting the first monitoring program contained in the first program injection instruction into a kernel through the target host agent;

Or alternatively, the first and second heat exchangers may be,

Generating the first monitoring program by the target host agent based on target parameters contained in the first program injection instruction; and injecting the first monitoring program into the kernel through the target host agent.

Optionally, the target parameter includes a target kernel function and a host IP address of the source host to be monitored, where the target kernel function is a kernel function called by packet loss in a kernel protocol stack;

the injection module 802 is further configured to:

And generating the first monitoring program through the target host agent based on the target kernel function and the host IP address of the source host to be monitored, wherein the first monitoring program is used for counting the times of calling the target kernel function to perform packet loss processing on the data packet sent by the source host to be monitored.

Optionally, the monitoring program is eBPF programs, and the target kernel function is kfree _skb function.

Optionally, the first program injection instruction includes a monitoring duration;

the device also comprises a retraction module for:

and under the condition that the program injection time length of the first monitoring program reaches the monitoring time length, performing program injection and retraction through the target host agent.

Optionally, the retraction module is further configured to:

Receiving a retraction instruction sent by the control equipment through the target host agent, wherein the retraction instruction is sent when the program injection duration of the first monitoring program reaches the monitoring duration;

and based on the retraction instruction, performing program injection retraction through the target host agent.

the apparatus further comprises a cause determination module for:

and reporting the kernel stack data to the control equipment through the destination host agent so that the control equipment can determine the host side packet loss reason of the destination host to be monitored based on the kernel stack data.

Optionally, the cause determining module is further configured to:

receiving a second program injection instruction sent by the control equipment through the target host agent;

Based on the second program injection instruction, the target host agent is used for injecting a second monitoring program into the kernel, and the second monitoring program is used for counting subdivision data corresponding to the host side packet loss reason based on the calling condition of the kernel function;

And the destination host agent reports the subdivision data corresponding to the host side packet loss reason to the control equipment.

It should be noted that, in the apparatus provided in the foregoing embodiment, only the division of the functional modules is illustrated, and in practical application, the functional allocation may be performed by different functional modules according to needs, that is, the internal structure of the apparatus is divided into different functional modules, so as to perform all or part of the functions described above. In addition, the apparatus and the method embodiments provided in the foregoing embodiments belong to the same concept, and detailed implementation processes of the method embodiments are described in the method embodiments, which are not repeated herein.

Referring to fig. 9, a schematic diagram of a computer device according to an exemplary embodiment of the present application is shown. The computer device may be a personal computer or a server or the like, and may include one or more of the following: a processor 901 and a memory 902.

Optionally, the processor 901 connects various parts within the overall electronic device using various interfaces and lines, performing various functions of the electronic device and processing data by executing or executing instructions, programs, code sets, or instruction sets stored in the memory 902, and invoking data stored in the memory 902. Alternatively, the processor 901 may be implemented in at least one hardware form of digital signal Processing (DIGITAL SIGNAL Processing, DSP), field-Programmable gate array (Field-Programmable GATE ARRAY, FPGA), programmable logic array (Programmable Logic Array, PLA). The processor 901 may integrate one or a combination of several of a central processing unit (Central Processing Unit, CPU), an image processor (Graphics Processing Unit, GPU), a neural network processor (Neural-network Processing Unit, NPU), and baseband chips, etc. The CPU mainly processes an operating system, a user interface, an application program and the like; the GPU is used for rendering and drawing the content required to be displayed by the touch display screen; the NPU is used for realizing an artificial intelligence (ARTIFICIAL INTELLIGENCE, AI) function; the baseband chip is used for processing wireless communication. It will be appreciated that the baseband chip may not be integrated into the processor 901 and may be implemented by a single chip.

The Memory 902 may include a random access Memory (Random Access Memory, RAM) or a Read-Only Memory (ROM). Optionally, the memory 902 includes a non-transitory computer readable medium (non-transitory computer-readable storage medium). Memory 902 may be used to store instructions, programs, code, sets of codes, or instruction sets. The memory 902 may include a stored program area and a stored data area, wherein the stored program area may store instructions for implementing an operating system, instructions for at least one function (such as a touch function, a sound playing function, an image playing function, etc.), instructions for implementing the various method embodiments described below, etc.; the storage data area may store data (e.g., audio data, phonebook) created according to the use of the electronic device, etc.

In addition, those skilled in the art will appreciate that the structures of the computer devices shown in the above-described figures are not limiting and that a computer device may include more or fewer components than shown, or may combine certain components, or a different arrangement of components.

Embodiments of the present application also provide a computer readable storage medium storing at least one instruction that is loaded and executed by a processor to implement the link monitoring method according to the above embodiments.

Embodiments of the present application also provide a computer program product comprising computer instructions stored in a computer-readable storage medium, from which a processor obtains the computer instructions, and the processor executes the computer instructions to implement the link monitoring method according to the embodiments described above.

Those skilled in the art will appreciate that in one or more of the examples described above, the functions described in the embodiments of the present application may be implemented in hardware, software, firmware, or any combination thereof. When implemented in software, these functions may be stored on or transmitted over as one or more instructions or code on a computer-readable storage medium. Computer-readable storage media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one place to another. A storage media may be any available media that can be accessed by a general purpose or special purpose computer.

The foregoing description of the preferred embodiments of the present application is not intended to limit the application, but rather, the application is to be construed as limited to the appended claims.

Claims

1. A method of link monitoring, the method comprising:

Receiving host side packet loss data reported by the target host agent;

2. The method of claim 1, wherein the sending a first program injection instruction to a destination host agent of the destination host to be monitored in the link to be monitored comprises:

Or alternatively, the first and second heat exchangers may be,

3. The method of claim 2, wherein prior to said sending the first program injection instructions containing the first monitor program to the destination host agent, the method comprises:

4. A method as claimed in claim 3, wherein the first monitoring program is eBPF programs and the target kernel function is a kfree _skb function.

5. The method according to any one of claims 1 to 4, wherein after the sending of the first program injection instruction to the destination host agent of the destination host to be monitored in the link to be monitored, the method further comprises:

6. The method according to any one of claims 1 to 4, wherein the first program injection instruction includes a monitoring duration, and the destination host agent is configured to perform program injection retraction when the program injection duration of the first monitoring program reaches the monitoring duration.

7. The method of any one of claims 1 to 4, wherein the first monitor is further configured to record kernel stack data;

The method further comprises the steps of:

receiving the kernel stack data reported by the target host agent;

8. The method of claim 7, wherein determining a host-side packet loss cause of the destination host to be monitored based on the kernel stack data comprises:

9. The method of claim 7, wherein the method further comprises:

10. The method according to any one of claims 1 to 4, wherein the determining network packet loss data of the link to be monitored based on the host-side packet loss data includes:

11. A method of link monitoring, the method comprising:

12. The method of claim 11, wherein the injecting, by the destination host agent, the first monitor program into the kernel based on the first program injection instructions comprises:

Or alternatively, the first and second heat exchangers may be,

13. The method of claim 12, wherein the target parameters include a target kernel function and a host IP address of the source host to be monitored, the target kernel function being a kernel function called by packet loss in a kernel protocol stack;

the generating, by the destination host agent, the first monitoring program based on the target parameter included in the first program injection instruction includes:

14. The method of claim 13, wherein the first monitor program is a eBPF program and the target kernel function is a kfree _skb function.

15. The method of any one of claims 11 to 14, wherein the first program injection instructions comprise a monitoring duration;

after the first monitoring program is injected into the kernel through the target host agent based on the first program injection instruction, the method further comprises:

16. The method of any of claims 11 to 14, wherein after injecting a first monitor program into a kernel by the destination host agent based on the first program injection instruction, the method further comprises:

17. The method of any one of claims 11 to 14, wherein the first monitor is further configured to record kernel stack data;

The method further comprises the steps of:

18. The method of claim 17, wherein the method further comprises:

19. A link monitoring apparatus, the apparatus comprising:

20. A link monitoring apparatus, the apparatus comprising:

21. A computer device, characterized in that it is a control device or a host, comprising a processor and a memory, in which at least one instruction is stored, which is loaded and executed by the processor to implement the link monitoring method according to any one of claims 1 to 10, or the link monitoring method according to any one of claims 11 to 18.

22. A computer readable storage medium storing at least one instruction for loading and execution by a processor to implement a link monitoring method according to any one of claims 1 to 10 or a link monitoring method according to any one of claims 11 to 18.

23. A computer program product, the computer program product comprising computer instructions stored in a computer readable storage medium; a processor of a terminal device reads the computer instructions from the computer readable storage medium, the processor executing the computer instructions, causing the terminal device to implement the link monitoring method of any one of claims 1 to 10 or the link monitoring method of any one of claims 11 to 18.