Movatterモバイル変換

[0]ホーム
URL:

CN113194004A - Network topology construction method and device, and network change processing method and device - Google Patents

Network topology construction method and device, and network change processing method and deviceDownload PDF

Info

Publication number
CN113194004A
CN113194004ACN202110554998.XACN202110554998ACN113194004ACN 113194004 ACN113194004 ACN 113194004ACN 202110554998 ACN202110554998 ACN 202110554998ACN 113194004 ACN113194004 ACN 113194004A
Authority
CN
China
Prior art keywords
network
devices
information
network topology
network connection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110554998.XA
Other languages
Chinese (zh)
Other versions
CN113194004B (en
Inventor
李家炎
满欣
屠彧
曹璐
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Industrial and Commercial Bank of China Ltd ICBC
Original Assignee
Industrial and Commercial Bank of China Ltd ICBC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Industrial and Commercial Bank of China Ltd ICBCfiledCriticalIndustrial and Commercial Bank of China Ltd ICBC
Priority to CN202110554998.XApriorityCriticalpatent/CN113194004B/en
Publication of CN113194004ApublicationCriticalpatent/CN113194004A/en
Application grantedgrantedCritical
Publication of CN113194004BpublicationCriticalpatent/CN113194004B/en
Activelegal-statusCriticalCurrent
Anticipated expirationlegal-statusCritical

Links

Images

Classifications

Landscapes

Abstract

The present disclosure provides a network topology construction method, including: acquiring configuration information of each device in a plurality of devices of a real network, wherein the plurality of devices comprise a first device and a second device, and the configuration information comprises a communication link list and an interface information list; determining a first network connection relationship between a plurality of first devices based on the communication link list; determining a second network connection relationship among the plurality of second devices and between the second devices and the first device based on the interface information list; and adding the first network connection relation and the second network connection relation to the initial network topology to obtain a target network topology. In addition, the present disclosure also provides a network change processing method, a network topology constructing apparatus, a network change processing apparatus, an electronic device, a storage medium, and a computer program product. The method, the device, the equipment and the product provided by the disclosure can be used in the technical field of communication networks, the financial field or other fields.

Description

Network topology construction method and device, and network change processing method and device
Technical Field
The present disclosure relates to the field of communication network technologies, and in particular, to a network topology construction method, a network change processing method, a network topology construction apparatus, a network change processing apparatus, an electronic device, a storage medium, and a computer program product.
Background
With the development of cloud computing and hardware technology, the internal environment of the data center becomes more complex.
In the process of implementing the inventive concept disclosed by the present disclosure, the inventor finds that a data center has network devices of multiple manufacturers and multiple versions, and communication protocols supported by different network devices are different, so that it is difficult to construct a comprehensive and accurate network topology.
Disclosure of Invention
In view of the above, the present disclosure provides a network topology construction method, a network change processing method, a network topology construction apparatus, a network change processing apparatus, an electronic device, a storage medium, and a computer program product.
One aspect of the present disclosure provides a network topology construction method, including:
acquiring configuration information of each device in a plurality of devices of a real network, wherein the plurality of devices comprise a first device supporting a preset communication protocol and a second device not supporting the preset communication protocol, the configuration information of the first device comprises a communication link list and an interface information list, and the configuration information of the second device comprises the interface information list; determining a first network connection relationship among a plurality of the first devices based on the communication link list; determining a second network connection relationship among the plurality of second devices and between the second devices and the first device based on the interface information list; and adding the first network connection relation and the second network connection relation to an initial network topology to obtain a target network topology.
According to an embodiment of the present disclosure, the communication link list includes a plurality of communication links established between the first devices based on the preset communication protocol; the determining a first network connection relationship between the first devices based on the communication link list includes: and determining a first network connection relationship between the first devices based on the plurality of communication links.
According to an embodiment of the present disclosure, the interface information list includes interface address information of each port of the first device or the second device; the determining a second network connection relationship between the second devices and the first device based on the interface information list includes: acquiring a subnet mask of the port from the interface address information of the port; determining the network segment to which the port belongs according to the subnet mask, wherein a network connection relation exists between all ports belonging to the same network segment; and integrating the network connection relations existing in all the network segments to obtain second network connection relations among the second devices and between the second devices and the first devices.
According to an embodiment of the present disclosure, further comprising: determining a third network connection relationship between the first device or the second device and another device based on the interface description information when the interface information list of the first device or the second device includes the interface description information; and adding the third network connection relationship to the target network topology.
According to an embodiment of the present disclosure, further comprising: and verifying the target network topology according to traffic information, wherein the traffic information comprises historical traffic information among ports of a plurality of devices in the real network and simulated traffic information among the ports of the plurality of devices in the target network topology.
According to an embodiment of the present disclosure, the verifying the target network topology according to the traffic information includes: matching the historical flow information with the simulated flow information to obtain a matching result; determining that the target network topology is constructed under the condition that the matching result is consistent; and modifying the network connection relation in the target network topology based on the historical traffic information and the simulated traffic information when the matching result is inconsistent.
Another aspect of the present disclosure provides a network change processing method, including: acquiring a network change scheme and a user intention, wherein the network change scheme comprises a configuration instruction; inputting the configuration instruction into the target network topology to obtain a network change result; and verifying the network change result based on the user intention so as to determine the network change processing strategy of the real network.
According to an embodiment of the present disclosure, the verifying the network change result based on the user intention to determine the network change processing policy of the real network includes: inputting the network change plan into the real network to change the network of the real network when the network change result meets the user intention; and feeding back error prompt information and modification opinions of the network change scheme under the condition that the network change result does not accord with the user intention.
Another aspect of the present disclosure provides a network topology constructing apparatus, which includes a first obtaining module, a first determining module, a second determining module, and a first executing module. Wherein: a first obtaining module, configured to obtain configuration information of each device in a plurality of devices of a real network, where the plurality of devices include a first device that supports a preset communication protocol and a second device that does not support the preset communication protocol, the configuration information of the first device includes a communication link list and an interface information list, and the configuration information of the second device includes the interface information list; a first determining module, configured to determine a first network connection relationship among the plurality of first devices based on the communication link list; a second determining module, configured to determine, based on the interface information list, second network connection relationships among the plurality of second devices and between the second devices and the first device; and the first execution module is used for adding the first network connection relation and the second network connection relation to an initial network topology to obtain a target network topology.
Another aspect of the present disclosure provides a network change processing apparatus, which includes a second obtaining module, a second executing module, and a second verifying module. Wherein: the second acquisition module is used for acquiring a network change scheme and user intention, wherein the network change scheme comprises a configuration instruction; the second execution module is used for inputting the configuration instruction into the target network topology to obtain a network change result; and the second verification module is used for verifying the network change result based on the user intention so as to determine the network change processing strategy of the real network.
Another aspect of the present disclosure provides an electronic device including: one or more processors; memory to store one or more instructions, wherein the one or more instructions, when executed by the one or more processors, cause the one or more processors to implement a method as described above.
Another aspect of the present disclosure provides a computer-readable storage medium storing computer-executable instructions for implementing the method as described above when executed.
Another aspect of the disclosure provides a computer program product comprising computer executable instructions for implementing the method as described above when executed.
According to the embodiment of the disclosure, the network connection relationship among the multiple devices is determined through the communication link information established among the multiple devices in the real network and the interface address information of the multiple devices, and the network connection relationship is added to the initial network topology to complete the construction of the network topology. By adopting the technical means, the problem that part of equipment in the network does not support the preset communication protocol and is ignored when the network topology is built is at least partially solved, so that the integrity of the built network topology is effectively improved.
Drawings
The above and other objects, features and advantages of the present disclosure will become more apparent from the following description of embodiments of the present disclosure with reference to the accompanying drawings, in which:
fig. 1 schematically illustrates anexemplary system architecture 100 to which a network topology construction method may be applied, according to an embodiment of the present disclosure;
FIG. 2 schematically illustrates a flow diagram of a networktopology construction method 200 in accordance with an embodiment of the present disclosure;
FIG. 3 schematically illustrates a flow diagram of a networktopology construction method 300 according to another embodiment of the present disclosure;
FIG. 4 schematically illustrates a flow diagram of a networkchange processing method 400 according to an embodiment of the disclosure;
5A-5C schematically illustrate diagrams of target network topologies before and after a change in accordance with an embodiment of the present disclosure;
fig. 6 schematically shows a block diagram of a networktopology construction apparatus 600 according to an embodiment of the present disclosure;
fig. 7 schematically shows a block diagram of a networkchange handling device 700 according to an embodiment of the present disclosure;
fig. 8 schematically shows a block diagram of an electronic device adapted to implement a network topology construction method and a network change handling method according to an embodiment of the present disclosure.
Detailed Description
Hereinafter, embodiments of the present disclosure will be described with reference to the accompanying drawings. It should be understood that the description is illustrative only and is not intended to limit the scope of the present disclosure. In the following detailed description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of the embodiments of the disclosure. It may be evident, however, that one or more embodiments may be practiced without these specific details. Moreover, in the following description, descriptions of well-known structures and techniques are omitted so as to not unnecessarily obscure the concepts of the present disclosure.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure. The terms "comprises," "comprising," and the like, as used herein, specify the presence of stated features, steps, operations, and/or components, but do not preclude the presence or addition of one or more other features, steps, operations, or components.
All terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art unless otherwise defined. It is noted that the terms used herein should be interpreted as having a meaning that is consistent with the context of this specification and should not be interpreted in an idealized or overly formal sense.
Where a convention analogous to "at least one of A, B and C, etc." is used, in general such a construction is intended in the sense one having skill in the art would understand the convention (e.g., "a system having at least one of A, B and C" would include but not be limited to systems that have a alone, B alone, C alone, a and B together, a and C together, B and C together, and/or A, B, C together, etc.). Where a convention analogous to "A, B or at least one of C, etc." is used, in general such a construction is intended in the sense one having skill in the art would understand the convention (e.g., "a system having at least one of A, B or C" would include but not be limited to systems that have a alone, B alone, C alone, a and B together, a and C together, B and C together, and/or A, B, C together, etc.).
With the rapid development of cloud technology, the internal environment of a data center becomes more and more complex, and the scale and complexity of a production network formed by all devices in the data center also increase, so that when the configuration of the production network is changed, whether a logic error exists in a configuration change instruction cannot be judged. On the other hand, the complex equipment environment puts higher demands on network operation and maintenance personnel, and the network operation and maintenance personnel cannot judge in advance whether the configuration change instruction causes negative influence on the production network or not and whether the configuration change instruction meets the change expectation or not.
Therefore, in the related art, a simulation method is often adopted to verify a network change scheme in advance, for example, a simulation network identical to a production network is constructed, but the method has high equipment cost and maintenance cost; or, simulation software is used for simulating a production network, and a network change scheme is verified through a computer instruction, but because multiple manufacturers and multiple versions of equipment exist in the data center, the method is easily limited by equipment compatibility when applied, and partial equipment does not have mirror images of the equipment in the simulation software, so that the cost for constructing the equipment in the software is greatly increased.
In view of the above, the inventor constructs a 1: 1 network topology by collecting network device configurations and constructing the network topology based on the digital twin technology of the intended network, and then correcting the topology by additional information. After the network topology is built, the network change scheme is verified by using a digital twin technology, so that whether the change scheme is in accordance with expectation or not is verified by the network in advance, and a logic error of the network change scheme is discovered in advance.
Specifically, embodiments of the present disclosure provide a network topology construction method, a network change processing method, a network topology construction apparatus, a network change processing apparatus, an electronic device, a storage medium, and a computer program product. The network topology construction method comprises the following steps: acquiring configuration information of each device in a plurality of devices of a real network, wherein the plurality of devices comprise a first device supporting a preset communication protocol and a second device not supporting the preset communication protocol, the configuration information of the first device comprises a communication link list and an interface information list, and the configuration information of the second device comprises an interface information list; determining a first network connection relationship between a plurality of first devices based on the communication link list; determining a second network connection relationship among the plurality of second devices and between the second devices and the first device based on the interface information list; and adding the first network connection relation and the second network connection relation to the initial network topology to obtain a target network topology.
The network topology construction method and device, and the network change processing method and device provided by the embodiments of the present disclosure can be used in the technical field of communication networks and the financial field, for example, the method and device can be used for constructing a network topology corresponding to a bank machine room, and predicting the effect of configuration change when device configuration change is performed in the machine room. The method and the device provided by the embodiment of the disclosure can also be used in any fields except the technical field of communication networks and the financial field, and the application field of the method and the device provided by the embodiment of the disclosure is not limited.
Fig. 1 schematically illustrates anexemplary system architecture 100 to which the network topology construction method may be applied, according to an embodiment of the present disclosure. It should be noted that fig. 1 is only an example of a system architecture to which the embodiments of the present disclosure may be applied to help those skilled in the art understand the technical content of the present disclosure, and does not mean that the embodiments of the present disclosure may not be applied to other devices, systems, environments or scenarios.
As shown in fig. 1, asystem architecture 100 according to this embodiment may include areal network 110, anetwork topology 120, and aterminal device 130. Thereal network 110 includesnetwork devices 111, 112, and 113, andnetwork connections 114, 115, and 116 between the network devices; included innetwork topology 120 arepoints 121, 122, and 123 for representing network devices, andedges 124, 125, and 126 for representing network connections.
Network devices 111, 112, and 113 may include servers, gateways, routers, and other communication-capable devices.Network connections 114, 115, and 116 betweennetwork devices 111, 112, and 113 may be established via various communication protocols, wired or wireless.
Theterminal device 130 may be various electronic devices having a display screen and supporting communication functions, including but not limited to smart phones, tablet computers, laptop portable computers, desktop computers, and the like.
A user may use theterminal device 130 to obtain configuration information for thereal network 110 and build thenetwork topology 120 based on the obtained configuration information. Thepoints 121, 122, and 123 in the constructednetwork topology 120 correspond to thenetwork devices 111, 112, and 113 in thereal network 110 one to one, and theedges 124, 125, and 126 in thenetwork topology 120 correspond to thenetwork connections 114, 115, and 116 in thereal network 110 one to one.
It should be noted that the network topology construction method provided by the embodiment of the present disclosure may be generally executed by theterminal device 130. Accordingly, the network topology constructing apparatus provided by the embodiment of the present disclosure may be generally disposed in theterminal device 130. The network topology construction method provided by the embodiment of the present disclosure may also be executed by a server or a server cluster capable of communicating with theterminal device 130. Correspondingly, the network topology constructing apparatus provided in the embodiment of the present disclosure may also be disposed in a server or a server cluster capable of communicating with theterminal device 130.
It should be understood that the number of network devices and terminal devices in fig. 1 is merely illustrative, and that any number of network devices and terminal devices may be present, as desired.
Fig. 2 schematically illustrates a flow chart of a networktopology construction method 200 according to an embodiment of the present disclosure.
As shown in FIG. 2, themethod 200 includes operations S210-S240.
In operation S210, configuration information of each of a plurality of devices of a real network is acquired. The plurality of devices include a first device supporting a preset communication protocol and a second device not supporting the preset communication protocol, the configuration information of the first device includes a communication link list and an interface information list, and the configuration information of the second device includes an interface information list.
In operation S220, a first network connection relationship between a plurality of first devices is determined based on the communication link list.
In operation S230, a second network connection relationship between the plurality of second devices, between the second devices and the first device, is determined based on the interface information list.
In operation S240, the first network connection relationship and the second network connection relationship are added to the initial network topology, resulting in a target network topology.
According to embodiments of the present disclosure, the real network may comprise a production network of a data center.
According to embodiments of the present disclosure, a device may include a physical entity, such as a computer, switch, bridge, router, gateway, etc., capable of connecting into a network.
According to embodiments of the present disclosure, a device may support multiple communication protocols, such as the TCP/IP protocol, the NETBEUI protocol, the IPX/SPX protocol, the LLDP protocol, the CDP protocol, and so forth. The compatibility of different devices with different communication protocols also varies, for example, the CDP protocol is a proprietary two-layer network protocol that can only run on designated devices. The devices may establish wired or wireless communication links based on a communication protocol to establish a network connection.
According to the embodiment of the disclosure, the communication link established by the two devices based on one communication protocol can be stored in the communication link list corresponding to the communication protocol in the configuration information of the two devices.
According to an embodiment of the present disclosure, the interface information list of the device may include information such as an IP address, a subnet mask, a gateway, a network number, and a broadcast address of the device.
According to embodiments of the present disclosure, a point that is a mirror image of each device in the real network may be included in the initial network topology. And adding the first network connection relation determined by the communication link list and the first network connection relation determined by the interface information list into the initial network topology as edges to obtain a target network topology 1: 1 with the real network.
According to the embodiment of the disclosure, the network connection relationship among the multiple devices is determined through the communication link information established among the multiple devices in the real network and the interface address information of the multiple devices, and the network connection relationship is added to the initial network topology to complete the construction of the network topology. By adopting the technical means, the problem that part of equipment in the network does not support the preset communication protocol and is ignored when the network topology is built is at least partially solved, so that the integrity of the built network topology is effectively improved.
Fig. 3 schematically illustrates a flow chart of a networktopology construction method 300 according to another embodiment of the present disclosure.
As shown in FIG. 3, themethod 300 includes operations S301-S308.
In operation S301, configuration information of each of a plurality of devices of a real network is acquired. The plurality of devices include a first device supporting a preset communication protocol and a second device not supporting the preset communication protocol, the configuration information of the first device includes a communication link list and an interface information list, and the configuration information of the second device includes an interface information list.
In operation S302, a first network connection relationship between a plurality of first devices is determined based on the communication link list.
In operation S303, a second network connection relationship between the plurality of second devices, between the second devices and the first device, is determined based on the interface information list.
In operation S304, it is determined whether interface description information is included in the interface information list. In the case where it is determined that the interface description information is included in the interface information list, operation S305 is performed.
In operation S305, a third network connection relationship between the plurality of devices is determined based on the interface description information.
In operation S306, the first network connection relationship, the second network connection relationship, and the third network connection are added to the initial network topology, so as to obtain a target network topology.
In operation S307, it is verified whether the target network topology is completely constructed. In case it is determined that the target network topology is not completely constructed, operation S308 is performed. And under the condition that the target network topology is determined to be constructed, ending the network topology construction process.
In operation S308, a network connection relationship in the target network topology is modified based on the historical traffic information and the simulated traffic information.
According to an embodiment of the present disclosure, the communication link list may include a plurality of communication links established between the first devices based on a preset communication protocol. The preset communication protocol may be, for example, LLDP communication protocol, CDP communication protocol, or the like.
According to an embodiment of the present disclosure, in a case where a communication link exists between two first devices, it can be considered that a network connection relationship exists between the two first devices. Traversing the communication links of all the first devices may determine a first network connection relationship between the first devices.
According to an embodiment of the present disclosure, the interface address information of each port of the device may be included in the interface information list. According to the interface address information of the port, the subnet mask of the port can be determined, so that the network segment to which the port belongs can be determined. Because all ports belonging to the same network segment have network connection relations, the network connection relations existing in all network segments are integrated by traversing all network segments, and then the second network connection relation among the devices can be determined.
According to an embodiment of the present disclosure, the interface description information may include a name specification of the port, for example, the name specification may be a name of a device that requires adding, to a port name, names of other ports and ports having network connections with the port. Based on the naming convention and the port name, a third network connection relationship between ports of different devices may be determined to supplement the target network topology.
According to the embodiment of the disclosure, the target network topology can be verified according to the traffic information. The traffic information may include historical traffic information between ports of a plurality of devices in a real network and simulated traffic information between ports of a plurality of devices in a target network topology. And matching the historical flow information with the simulated flow information to obtain a matching result. For example, in the historical traffic information, if port a receives a packet with a size of 10KB sent by port b in each communication, in the simulation traffic information, if port a and port b are normally connected in the target network topology, port a should also receive a packet with a size of 10KB sent by port b in each simulation communication. And under the condition that the matching result is inconsistent, detecting and modifying the connection relationship between the device A to which the port a belongs and other devices and the connection relationship between the device B to which the port B belongs and other devices so as to modify the network connection relationship in the target network topology.
Fig. 4 schematically illustrates a flow diagram of a networkchange processing method 400 according to an embodiment of the disclosure.
As shown in FIG. 4, themethod 400 includes operations S410-S430.
In operation S410, a network change scenario and a user intention are acquired. The network change scheme comprises a configuration instruction.
In operation S420, a configuration instruction is input into the target network topology, and a network change result is obtained.
In operation S430, the network change result is verified based on the user intention to determine a network change processing policy of the real network.
According to an embodiment of the present disclosure, the target network topology may be a network topology constructed according tomethod 200 ormethod 300.
According to an embodiment of the present disclosure, the network change scheme may include a plurality of configuration instructions, and the configuration instructions may include quiescing a designated port of a designated device, modifying an Access Control List (ACL) of the device, and the like.
According to an embodiment of the present disclosure, the network change scheme and the user intention may be in one-to-one correspondence, and the user intention may be a verification step in the network change scheme. For example, if the network change scheme includes a configuration instruction of an access control list of a newly added switch, the user intention includes verifying whether the access control list is valid, that is, whether a specific IP is allowed to pass through a firewall of the switch, which may be expressed as: disp ac name Interactive | inc permit ip source 84.105.38.00.0.0.255.
According to the embodiment of the disclosure, the network change scheme can be converted into the configuration instruction by simulating a routing protocol and the like.
According to an embodiment of the present disclosure, a mathematical model may be generated using an open source model and a formal verification algorithm, and the configuration instructions may be simulated using the mathematical model. For example, the access control list of device a defines the following behavior: when the port a of the device a is called, if the port a can be matched with the corresponding access control list, the corresponding information is forwarded from the port d of the device a, otherwise, the corresponding information is discarded. The mathematical model can be represented using a transfer function T as: t (condition in, port a) ═ (condition 1, port d) or ═ other, null. The above equation indicates that condition 1 is satisfied, i.e. port a matches the access control list, the corresponding information is forwarded from port d, otherwise, the corresponding information is thrown to null (i.e. meaning that the corresponding information is discarded).
According to the embodiment of the disclosure, after the target network topology is changed, a data packet may be input into the target network topology to determine reachability, isolation, and the like of the target network topology, so as to determine whether a network change result meets a user intention.
According to an embodiment of the present disclosure, the network change handling policy may include: when the verification result is that the network change result is consistent with the user intention, determining that the network change scheme can be executed in the real network; and when the verification result is that the network change result is inconsistent with the user intention, modifying the network change scheme.
According to the embodiment of the disclosure, the network change scheme is verified in the target network topology, and the network change strategy of the real network is determined according to the verification result, so that the influence of the network change scheme and whether the network change scheme meets the expectation before the network change is carried out on the real network can be judged in advance, and the operation and maintenance cost of the real network and the probability of production accidents caused by errors of the change scheme are effectively reduced.
Fig. 5A-5C schematically illustrate diagrams of target network topologies before and after a change according to an embodiment of the disclosure.
FIG. 5A shows a schematic diagram of a data path in a target network topology including devices P1, P2, P3, P4, P5, P6, and P7 as points in the network topology and an inter-device connection relationship E as an edge in the network topology, according to an embodiment of the present disclosurep1-p2、Ep1-p3、Ep2-p4、Ep2-p5、Ep3-p4、Ep3-p5、Ep4-p6、Ep5-p6And Ep6-p7. The start point of the data path is device P1 and the end point is device P7.
According to the embodiment of the disclosure, the input of the change configuration instruction can be performed for any one device in the data path, and the reachability verification and isolation verification are performed in other devices in the data path to determine whether the network change scheme meets the user intention.
For example, a configuration instruction to quiesce the device P4 is input in the device P1, and the corresponding user intends to isolate the device P4. After the configuration command is executed, each port of the device P4 is disconnected from the network with other devices, resulting in a changed network topology, as shown in fig. 5B. It can be seen from the combination of fig. 5A and 5B that the connection is switched after the network change is madeSeries Ep2-p4、Ep3-p4And Ep4-p6Is disconnected, the data path is changed, and other devices in the network topology do not have any network connection with the device P4, which meets the user's intention.
According to the embodiment of the disclosure, in the case that the network change result meets the user's intention, the network change scheme may be input into the real network to perform network change of the real network.
For another example, for the data path in fig. 5A, if the configuration instruction of the muting device P6 is executed, the corresponding user intends to isolate the device P6 and maintain reachability of the device P1 to device P7 communication. After the configuration instruction is executed, the connection relationship E between the device P6 and other devicesp4-p6、Ep5-p6And Ep6-p7Is disconnected as shown in fig. 5C. However, after the network change, the device P7 has no network connection relationship with other devices in the data path, so the devices P1 to P7 do not have the accessibility of communication, and the network change scheme does not meet the user intention.
According to the embodiment of the disclosure, in the case that the network change result does not meet the user's intention, information of a logic error, a static error, and the like in the network change scheme can be fed back to a user, and a modification opinion can be given. For example, for the network change schemes of fig. 5A to 5C, a modification opinion may be given to add a configuration instruction to establish a network connection relationship of the device P7 to the device P4 or the device P5 in the network change scheme.
Fig. 6 schematically shows a block diagram of a networktopology constructing apparatus 600 according to an embodiment of the present disclosure.
As shown in fig. 6, the networktopology constructing apparatus 600 includes a first obtainingmodule 610, a first determiningmodule 620, a second determiningmodule 630 and a first executingmodule 640.
The first obtainingmodule 610 is configured to obtain configuration information of each device in a plurality of devices of a real network, where the plurality of devices include a first device that supports a preset communication protocol and a second device that does not support the preset communication protocol, the configuration information of the first device includes a communication link list and an interface information list, and the configuration information of the second device includes an interface information list.
A first determiningmodule 620, configured to determine a first network connection relationship among the plurality of first devices based on the communication link list.
A second determiningmodule 630, configured to determine, based on the interface information list, second network connection relationships among the plurality of second devices and between the second devices and the first device.
The first executingmodule 640 is configured to add the first network connection relationship and the second network connection relationship to the initial network topology to obtain a target network topology.
According to the embodiment of the disclosure, the network connection relationship among the multiple devices is determined through the communication link information established among the multiple devices in the real network and the interface address information of the multiple devices, and the network connection relationship is added to the initial network topology to complete the construction of the network topology. By adopting the technical means, the problem that part of equipment in the network does not support the preset communication protocol and is ignored when the network topology is built is at least partially solved, so that the integrity of the built network topology is effectively improved.
According to the embodiment of the disclosure, the communication link list includes a plurality of communication links established between the first devices based on a preset communication protocol; thefirst determination module 620 is further configured to: a first network connection relationship between first devices is determined based on a plurality of communication links.
According to an embodiment of the present disclosure, the interface information list includes interface address information of each port of the first device or the second device; thesecond determination module 630 includes a first determination unit, a second determination unit, and a third determination unit, wherein: the first determining unit is used for acquiring a subnet mask of the port from the interface address information of the port; the second determining unit is used for determining the network segment to which the port belongs according to the subnet mask, wherein the network connection relationship exists among all the ports belonging to the same network segment; and the second determining unit is used for integrating the network connection relations existing in all the network segments to obtain second network connection relations between the second devices and the first devices.
According to an embodiment of the present disclosure, theapparatus 600 further comprises a third determination module comprising a fourth determination unit and a fifth determination unit, wherein: a third determining module, configured to determine, based on the interface description information, a third network connection relationship between the first device or the second device and another device when the interface information list of the first device or the second device includes the interface description information; and a fourth determining module for adding the third network connection relationship to the target network topology.
According to an embodiment of the present disclosure, theapparatus 600 further comprises a first authentication module. The first verification module is used for verifying the target network topology according to the traffic information, wherein the traffic information comprises historical traffic information among ports of a plurality of devices in a real network and simulated traffic information among the ports of the plurality of devices in the target network topology.
According to an embodiment of the present disclosure, a first authentication module includes a first authentication unit, a second authentication unit, and a third authentication unit. The first verification unit is used for matching the historical flow information with the simulated flow information to obtain a matching result; the second verification unit is used for determining that the target network topology is constructed under the condition that the matching result is consistent; and the third verification unit is used for modifying the network connection relation in the target network topology based on the historical traffic information and the simulated traffic information under the condition that the matching result is inconsistent.
Fig. 7 schematically shows a block diagram of a networkchange processing apparatus 700 according to an embodiment of the present disclosure.
As shown in fig. 7, the networkchange processing apparatus 700 includes a second acquiringmodule 710, a second executingmodule 720, and asecond verifying module 730.
A second obtainingmodule 710, configured to obtain a network change scheme and a user intention, where the network change scheme includes a configuration instruction.
A second executingmodule 720, configured to input the configuration instruction into the target network topology, so as to obtain a network change result.
Asecond verification module 730, configured to verify the network change result based on the user intention to determine a network change handling policy of the real network.
According to the embodiment of the disclosure, the network change scheme is verified in the target network topology, and the network change strategy of the real network is determined according to the verification result, so that the influence of the network change scheme and whether the network change scheme meets the expectation before the network change is carried out on the real network can be judged in advance, and the operation and maintenance cost of the real network and the probability of production accidents caused by errors of the change scheme are effectively reduced.
According to an embodiment of the present disclosure, thesecond authentication module 730 includes a fourth authentication unit and a fifth authentication unit. The fourth verification unit is used for inputting the network change scheme into the real network to change the network of the real network under the condition that the network change result conforms to the user intention; and a fifth verification unit, configured to feed back error prompt information and modification opinions of the network change plan when the network change result does not meet the user intention.
Any number of modules, sub-modules, units, sub-units, or at least part of the functionality of any number thereof according to embodiments of the present disclosure may be implemented in one module. Any one or more of the modules, sub-modules, units, and sub-units according to the embodiments of the present disclosure may be implemented by being split into a plurality of modules. Any one or more of the modules, sub-modules, units, sub-units according to embodiments of the present disclosure may be implemented at least in part as a hardware circuit, such as a Field Programmable Gate Array (FPGA), a Programmable Logic Array (PLA), a system on a chip, a system on a substrate, a system on a package, an Application Specific Integrated Circuit (ASIC), or may be implemented in any other reasonable manner of hardware or firmware by integrating or packaging a circuit, or in any one of or a suitable combination of software, hardware, and firmware implementations. Alternatively, one or more of the modules, sub-modules, units, sub-units according to embodiments of the disclosure may be at least partially implemented as a computer program module, which when executed may perform the corresponding functions.
It should be noted that, a network topology constructing device and a network change processing device in the embodiment of the present disclosure are corresponding to a network topology constructing method and a network change processing method in the embodiment of the present disclosure, and the description of the network topology constructing device and the network change processing device refers to the network topology constructing method and the network change processing method in detail, which is not described herein again.
Fig. 8 schematically shows a block diagram of an electronic device adapted to implement a network topology construction method and a network change handling method according to an embodiment of the present disclosure. The electronic device shown in fig. 8 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present disclosure.
As shown in fig. 8, a computerelectronic device 800 according to an embodiment of the present disclosure includes aprocessor 801 which can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM)802 or a program loaded from astorage section 808 into a Random Access Memory (RAM) 803. Theprocessor 801 may include, for example, a general purpose microprocessor (e.g., a CPU), an instruction set processor and/or associated chipset, and/or a special purpose microprocessor (e.g., an Application Specific Integrated Circuit (ASIC)), among others. Theprocessor 801 may also include onboard memory for caching purposes. Theprocessor 801 may include a single processing unit or multiple processing units for performing different actions of the method flows according to embodiments of the present disclosure.
In theRAM 803, various programs and data necessary for the operation of theelectronic apparatus 800 are stored. Theprocessor 801, the ROM802, and theRAM 803 are connected to each other by abus 804. Theprocessor 801 performs various operations of the method flows according to the embodiments of the present disclosure by executing programs in the ROM802 and/orRAM 803. Note that the programs may also be stored in one or more memories other than the ROM802 andRAM 803. Theprocessor 801 may also perform various operations of method flows according to embodiments of the present disclosure by executing programs stored in the one or more memories.
Electronic device 800 may also include input/output (I/O)interface 805, input/output (I/O)interface 805 also connected tobus 804, according to an embodiment of the present disclosure.Electronic device 800 may also include one or more of the following components connected to I/O interface 805: aninput portion 806 including a keyboard, a mouse, and the like; anoutput section 807 including a signal such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; astorage portion 808 including a hard disk and the like; and acommunication section 809 including a network interface card such as a LAN card, a modem, or the like. Thecommunication section 809 performs communication processing via a network such as the internet. Adrive 810 is also connected to the I/O interface 805 as necessary. Aremovable medium 811 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on thedrive 810 as necessary, so that a computer program read out therefrom is mounted on thestorage section 808 as necessary.
According to embodiments of the present disclosure, method flows according to embodiments of the present disclosure may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable storage medium, the computer program containing program code for performing the method illustrated by the flow chart. In such an embodiment, the computer program can be downloaded and installed from a network through thecommunication section 809 and/or installed from theremovable medium 811. The computer program, when executed by theprocessor 801, performs the above-described functions defined in the system of the embodiments of the present disclosure. The systems, devices, apparatuses, modules, units, etc. described above may be implemented by computer program modules according to embodiments of the present disclosure.
The present disclosure also provides a computer-readable storage medium, which may be contained in the apparatus/device/system described in the above embodiments; or may exist separately and not be assembled into the device/apparatus/system. The computer-readable storage medium carries one or more programs which, when executed, implement the method according to an embodiment of the disclosure.
According to an embodiment of the present disclosure, the computer-readable storage medium may be a non-volatile computer-readable storage medium. Examples may include, but are not limited to: a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
For example, according to embodiments of the present disclosure, a computer-readable storage medium may include the ROM802 and/orRAM 803 described above and/or one or more memories other than the ROM802 andRAM 803.
Embodiments of the present disclosure also include a computer program product comprising a computer program containing program code for performing the method provided by the embodiments of the present disclosure, when the computer program product runs on an electronic device, the program code is configured to enable the electronic device to implement the network topology construction method and the network change processing method provided by the embodiments of the present disclosure.
The computer program, when executed by theprocessor 801, performs the above-described functions defined in the system/apparatus of the embodiments of the present disclosure. The systems, apparatuses, modules, units, etc. described above may be implemented by computer program modules according to embodiments of the present disclosure.
In one embodiment, the computer program may be hosted on a tangible storage medium such as an optical storage device, a magnetic storage device, or the like. In another embodiment, the computer program may also be transmitted in the form of a signal on a network medium, distributed, downloaded and installed viacommunication section 809, and/or installed fromremovable media 811. The computer program containing program code may be transmitted using any suitable network medium, including but not limited to: wireless, wired, etc., or any suitable combination of the foregoing.
In accordance with embodiments of the present disclosure, program code for executing computer programs provided by embodiments of the present disclosure may be written in any combination of one or more programming languages, and in particular, these computer programs may be implemented using high level procedural and/or object oriented programming languages, and/or assembly/machine languages. The programming language includes, but is not limited to, programming languages such as Java, C + +, python, the "C" language, or the like. The program code may execute entirely on the user computing device, partly on the user device, partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider).
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions. Those skilled in the art will appreciate that various combinations and/or combinations of features recited in the various embodiments and/or claims of the present disclosure can be made, even if such combinations or combinations are not expressly recited in the present disclosure. In particular, various combinations and/or combinations of the features recited in the various embodiments and/or claims of the present disclosure may be made without departing from the spirit or teaching of the present disclosure. All such combinations and/or associations are within the scope of the present disclosure.
The embodiments of the present disclosure have been described above. However, these examples are for illustrative purposes only and are not intended to limit the scope of the present disclosure. Although the embodiments are described separately above, this does not mean that the measures in the embodiments cannot be used in advantageous combination. The scope of the disclosure is defined by the appended claims and equivalents thereof. Various alternatives and modifications can be devised by those skilled in the art without departing from the scope of the present disclosure, and such alternatives and modifications are intended to be within the scope of the present disclosure.

Claims (13)

CN202110554998.XA2021-05-202021-05-20Network topology construction method and device, and network change processing method and deviceActiveCN113194004B (en)

Priority Applications (1)

Application NumberPriority DateFiling DateTitle
CN202110554998.XACN113194004B (en)2021-05-202021-05-20Network topology construction method and device, and network change processing method and device

Applications Claiming Priority (1)

Application NumberPriority DateFiling DateTitle
CN202110554998.XACN113194004B (en)2021-05-202021-05-20Network topology construction method and device, and network change processing method and device

Publications (2)

Publication NumberPublication Date
CN113194004Atrue CN113194004A (en)2021-07-30
CN113194004B CN113194004B (en)2023-04-07

Family

ID=76984529

Family Applications (1)

Application NumberTitlePriority DateFiling Date
CN202110554998.XAActiveCN113194004B (en)2021-05-202021-05-20Network topology construction method and device, and network change processing method and device

Country Status (1)

CountryLink
CN (1)CN113194004B (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
CN113778938A (en)*2021-08-312021-12-10上海阵量智能科技有限公司Method and device for determining network-on-chip topological structure and chip
CN113890831A (en)*2021-10-202022-01-04中国联合网络通信集团有限公司 A method, device and storage medium for simulating network equipment
CN114465907A (en)*2022-03-172022-05-10中国联合网络通信集团有限公司 Network topology discovery method, device and storage medium
CN114520765A (en)*2022-01-132022-05-20锐捷网络股份有限公司Automatic configuration method and device of equipment
CN115484169A (en)*2022-09-092022-12-16山石网科通信技术股份有限公司Method, device and system for constructing network topology structure
CN115514586A (en)*2022-11-242022-12-23河北纬坤电子科技有限公司Access control policy configuration method and electronic equipment
CN116248573A (en)*2022-12-012023-06-09中国联合网络通信集团有限公司Link splicing method, device and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
EP2672657A1 (en)*2012-06-052013-12-11ABB Research Ltd.Device and method for verifying communication redundancy in an automation network
CN108055207A (en)*2017-10-262018-05-18北京天元创新科技有限公司A kind of network topology cognitive method and device
CN110247784A (en)*2018-03-072019-09-17北京京东尚科信息技术有限公司The method and apparatus for determining network topology structure
EP3772199A1 (en)*2019-08-022021-02-03Siemens AktiengesellschaftDeterministic network emulator and method for emulating a network

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
CN111953507B (en)*2019-05-172022-06-28中移(苏州)软件技术有限公司Network topology discovery method and device and computer storage medium
CN111858254B (en)*2020-07-242023-08-22中国工商银行股份有限公司Data processing method, device, computing equipment and medium

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
EP2672657A1 (en)*2012-06-052013-12-11ABB Research Ltd.Device and method for verifying communication redundancy in an automation network
CN108055207A (en)*2017-10-262018-05-18北京天元创新科技有限公司A kind of network topology cognitive method and device
CN110247784A (en)*2018-03-072019-09-17北京京东尚科信息技术有限公司The method and apparatus for determining network topology structure
EP3772199A1 (en)*2019-08-022021-02-03Siemens AktiengesellschaftDeterministic network emulator and method for emulating a network

Cited By (12)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
CN113778938A (en)*2021-08-312021-12-10上海阵量智能科技有限公司Method and device for determining network-on-chip topological structure and chip
CN113778938B (en)*2021-08-312024-03-12上海阵量智能科技有限公司Method, device and chip for determining network-on-chip topology structure
CN113890831A (en)*2021-10-202022-01-04中国联合网络通信集团有限公司 A method, device and storage medium for simulating network equipment
CN113890831B (en)*2021-10-202024-02-13中国联合网络通信集团有限公司Method, device and storage medium for simulating network equipment
CN114520765A (en)*2022-01-132022-05-20锐捷网络股份有限公司Automatic configuration method and device of equipment
CN114520765B (en)*2022-01-132025-01-28锐捷网络股份有限公司 Automatic configuration method and device for equipment
CN114465907A (en)*2022-03-172022-05-10中国联合网络通信集团有限公司 Network topology discovery method, device and storage medium
CN114465907B (en)*2022-03-172023-07-18中国联合网络通信集团有限公司 Network topology discovery method, device and storage medium
CN115484169A (en)*2022-09-092022-12-16山石网科通信技术股份有限公司Method, device and system for constructing network topology structure
CN115514586A (en)*2022-11-242022-12-23河北纬坤电子科技有限公司Access control policy configuration method and electronic equipment
CN115514586B (en)*2022-11-242023-03-21河北纬坤电子科技有限公司Access control policy configuration method and electronic equipment
CN116248573A (en)*2022-12-012023-06-09中国联合网络通信集团有限公司Link splicing method, device and storage medium

Also Published As

Publication numberPublication date
CN113194004B (en)2023-04-07

Similar Documents

PublicationPublication DateTitle
CN113194004B (en)Network topology construction method and device, and network change processing method and device
US20170300402A1 (en)Mock server and extensions for application testing
US7827531B2 (en)Software testing techniques for stack-based environments
CN111177617A (en)Web direct operation and maintenance method and device based on operation and maintenance management system and electronic equipment
US20240356763A1 (en)Signature Extraction and Verification Per-File for Debugging
US10212034B1 (en)Automated network change management
US20060026463A1 (en)Methods and systems for validating a system environment
US20230073891A1 (en)Multifunctional application gateway for security and privacy
CN108306959A (en)A kind of method, apparatus and storage medium of remote upgrade CPLD firmwares
US20150302040A1 (en)Enabling testing of production systems without affecting customer data sets system and method
CN108304318A (en)The test method and terminal device of equipment compatibility
US20250156162A1 (en)Resource constraint aware deep learning model optimization for serverless-based inference systems
US20250168239A1 (en)Service response method and apparatus, device, and storage medium
CN106471470A (en) Method and device for model-driven affinity-based network function
CN116974906A (en)Code verification method, device, computer equipment and storage medium
CN111782420A (en)Information processing method, device, equipment and medium based on Java Web framework
CN115168162A (en)Multi-gray-scale issuing method and device based on ingress controller in container environment and storage medium
CN114640614A (en)RPC interface automatic test method, system, electronic equipment, medium and product
CN112667508A (en)Mock method, system and device based on user-defined Mock platform and storage medium
CN118568707A (en)Information interaction method, apparatus, device, storage medium and program product
CN112527678A (en)Method, apparatus, device and storage medium for testing protocol
US12360875B2 (en)Systems, apparatuses, methods, and computer program products for generating one or more monitoring operations
CN111447273A (en)Cloud processing system and data processing method based on cloud processing system
CN117375879A (en) A redundant detection method, device, electronic equipment and storage medium
CN116264538A (en) Data processing method, device, equipment and computer storage medium

Legal Events

DateCodeTitleDescription
PB01Publication
PB01Publication
SE01Entry into force of request for substantive examination
SE01Entry into force of request for substantive examination
GR01Patent grant
GR01Patent grant
[8]ページ先頭
©2009-2025 Movatter.jp