CN114553691B - Method, device and equipment for creating network configuration template and network configuration - Google Patents
Method, device and equipment for creating network configuration template and network configurationDownload PDFInfo
- Publication number
- CN114553691B CN114553691BCN202210455222.7ACN202210455222ACN114553691BCN 114553691 BCN114553691 BCN 114553691BCN 202210455222 ACN202210455222 ACN 202210455222ACN 114553691 BCN114553691 BCN 114553691B
- Authority
- CN
- China
- Prior art keywords
- configuration
- template
- address
- network configuration
- real
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034methodMethods0.000titleclaimsabstractdescription64
- 230000004044responseEffects0.000claimsabstractdescription8
- 241000485286PortaliaSpecies0.000claimsdescription16
- 238000004590computer programMethods0.000claimsdescription16
- 238000003860storageMethods0.000claimsdescription14
- 230000006399behaviorEffects0.000claimsdescription4
- 238000013519translationMethods0.000claimsdescription4
- 238000004891communicationMethods0.000description11
- 230000008569processEffects0.000description10
- 238000010586diagramMethods0.000description9
- 230000006870functionEffects0.000description9
- 230000003068static effectEffects0.000description9
- 238000009826distributionMethods0.000description7
- 238000013439planningMethods0.000description7
- 238000012545processingMethods0.000description7
- 238000007726management methodMethods0.000description6
- 238000012986modificationMethods0.000description5
- 230000004048modificationEffects0.000description5
- 230000009471actionEffects0.000description3
- 238000012544monitoring processMethods0.000description3
- 230000003287optical effectEffects0.000description3
- 238000005192partitionMethods0.000description3
- 230000001960triggered effectEffects0.000description3
- 230000009286beneficial effectEffects0.000description2
- 238000012217deletionMethods0.000description2
- 230000037430deletionEffects0.000description2
- 230000010354integrationEffects0.000description2
- 230000003993interactionEffects0.000description2
- 238000004519manufacturing processMethods0.000description2
- 238000005259measurementMethods0.000description2
- 230000007246mechanismEffects0.000description2
- 238000012795verificationMethods0.000description2
- 238000003491arrayMethods0.000description1
- 238000013473artificial intelligenceMethods0.000description1
- 238000012550auditMethods0.000description1
- 230000001413cellular effectEffects0.000description1
- 230000007547defectEffects0.000description1
- 238000013461designMethods0.000description1
- 238000005516engineering processMethods0.000description1
- 239000011521glassSubstances0.000description1
- 230000006872improvementEffects0.000description1
- 230000001788irregularEffects0.000description1
- 239000004973liquid crystal related substanceSubstances0.000description1
- 238000010801machine learningMethods0.000description1
- 238000012423maintenanceMethods0.000description1
- 238000013507mappingMethods0.000description1
- 239000000203mixtureSubstances0.000description1
- 239000013307optical fiberSubstances0.000description1
- 230000008447perceptionEffects0.000description1
- 239000004065semiconductorSubstances0.000description1
- 230000001953sensory effectEffects0.000description1
- 238000000638solvent extractionMethods0.000description1
- 238000006467substitution reactionMethods0.000description1
- 230000009466transformationEffects0.000description1
- 230000000007visual effectEffects0.000description1
- 239000002699waste materialSubstances0.000description1
Images
Classifications
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
- H04L41/084—Configuration by using pre-existing information, e.g. using templates or copying from other elements
- H04L41/0843—Configuration by using pre-existing information, e.g. using templates or copying from other elements based on generic templates
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/22—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks comprising specially adapted graphical user interfaces [GUI]
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Human Computer Interaction (AREA)
- Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Small-Scale Networks (AREA)
Abstract
Description
Technical Field
The present application relates to the field of data processing technologies of power systems, and in particular, to a method for creating a network configuration template, an apparatus for creating a network configuration template, an electronic device, and a computer-readable storage medium.
Background
In order to meet the increasing power consumption demand of residents, a new substation is required by a power supply station. In the process, field implementers need to perform network configuration on network equipment deployed in the newly-built substation. Due to the special requirements of the power industry, network devices are deployed in the intranet. In addition, the power supply bureau has a high requirement on the security of the network environment, so the configuration content is various, including: the method comprises the following steps of network segment division of intranet equipment, IP allocation, a switch, a firewall, an encryption device routing table, a firewall NAT, a firewall, an encryption machine strategy, encryption machine tunnel configuration, equipment information connected with each internet access of the switch and the like. At present, each station depends on a manual configuration method, and time and labor are wasted. And because the horizontal levels of the implementing personnel are not uniform, the drawing is often simply configured for saving trouble, and the problems of non-standard and inaccurate information exist.
Disclosure of Invention
The application provides a method, a device and equipment for creating a network configuration template and network configuration, and aims to solve the problems of time and labor waste, irregular information and inaccuracy caused by manual configuration of network equipment of a transformer substation.
According to a first aspect of the present application, there is provided a method for creating a network configuration template, the method being applied in a network configuration system, the method comprising:
responding to a new template operation initiated by a first user, and displaying a new template page;
receiving template basic information which is input by a first user in the new template page and is associated with the network configuration template to be created;
determining a template frame corresponding to the template basic information, and displaying the template frame, wherein the template frame comprises configuration items related to the template basic information, and the configuration items are used for configuring network equipment in the power station at least as follows: service configuration and IP address configuration;
acquiring template configuration information input by a first user for each configuration item, wherein the template configuration information at least comprises: service network segment information corresponding to the service configuration and IP address numbers of all service systems corresponding to the IP address configuration;
and generating a network configuration template according to the template configuration information and the template framework.
According to a second aspect of the present application, there is provided a method for network configuration, the method being applied in a network configuration system, the method comprising:
responding to a triggering behavior of a second user, acquiring a previously configured template list of a site where the second user is located, and displaying the template list;
determining a target network configuration template selected by the second user from the template list;
generating a network configuration page based on the target network configuration template, and displaying the network configuration page;
responding to the operation of the second user in the network configuration page, determining network configuration information, wherein the network configuration information at least comprises a starting IP address, the starting IP address is used for determining an IP address set when a network configuration scheme is generated, and each IP address in the IP address set is used for replacing a corresponding IP address number;
and generating a network configuration scheme according to the target network configuration template and the network configuration information.
According to a third aspect of the present application, there is provided an apparatus for creating a network configuration template, the apparatus being applied in a network configuration system, the apparatus comprising:
the new template page display module is used for responding to a new template operation initiated by a first user and displaying a new template page;
the template basic information receiving module is used for receiving template basic information which is input by a first user in the newly-built template page and is associated with the network configuration template to be built;
the template frame display module is used for determining a template frame corresponding to the template basic information and displaying the template frame, the template frame comprises configuration items related to the template basic information, and the configuration items are used for at least configuring the network equipment in the power station as follows: service configuration and IP address configuration;
the template configuration information acquisition module is used for acquiring template configuration information input by a first user for each configuration item, and the template configuration information at least comprises: service network segment information corresponding to the service configuration and IP address numbers of all service systems corresponding to the IP address configuration;
and the network configuration template generation module is used for generating a network configuration template according to the template configuration information and the template framework.
According to a fourth aspect of the present application, there is provided an apparatus for network configuration, the apparatus being applied in a network configuration system, the apparatus comprising:
the template list acquisition module is used for responding to the triggering behavior of a second user, acquiring a previously configured template list of a site where the second user is located and displaying the template list;
a target network configuration template determining module, configured to determine a target network configuration template selected by the second user from the template list;
the network configuration page display module is used for generating a network configuration page based on the target network configuration template and displaying the network configuration page;
a network configuration information determining module, configured to determine network configuration information in response to an operation of the second user in the network configuration page, where the network configuration information at least includes a starting IP address, the starting IP address is used to determine an IP address set when a network configuration scheme is generated, and each IP address in the IP address set is used to replace a corresponding IP address number;
and the network configuration scheme generation module is used for generating a network configuration scheme according to the target network configuration template and the network configuration information.
According to a fifth aspect of the present application, there is provided an electronic apparatus comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein,
the memory stores a computer program executable by the at least one processor, the computer program being executable by the at least one processor to enable the at least one processor to perform the method of any of the embodiments of the application.
According to a sixth aspect of the present application, there is provided a computer-readable storage medium having stored thereon computer instructions for causing a processor to perform the method of any of the embodiments of the present application when executed.
In this embodiment, when a first user needs to create a network configuration template, the first user may first input template basic information in a newly created template page that is displayed, and then the system determines a corresponding template frame according to the template basic information and displays the template frame, where the template frame includes multiple configuration items related to the template basic information, and the configuration items are used to perform at least service configuration and IP address configuration on network devices in an electrical power site, so that the first user may input corresponding template configuration information according to the configuration items, including service segment information corresponding to the service configuration, IP address numbers of various service systems corresponding to the IP address configuration, and the system may generate the network configuration template according to the template configuration information and the template frame filled by the first user. In the whole process of generating the network configuration template, the equipment configuration network configuration templates of the substations with different voltage levels are analyzed according to the standard formulated by managers and by combining the logic relationship among the configuration information of each network equipment under the intranet environment, so that the configuration accuracy is determined by the logic relationship among the configuration information on one hand, and the configuration compliance is determined according to the management standard on the other hand.
In addition, through a preset template list, a user can select a required target network configuration template, basic network configuration information is determined through a network configuration page, then the system can combine the network configuration information with the target network configuration template to generate a set of network configuration schemes which are in accordance with the standard and are aimed at multiple intranet devices, so that the network configuration information of the multiple intranet devices is uniformly configured, and the efficiency of configuring the network devices in batches is improved. Meanwhile, data integration is performed in advance according to the logical relation among the fields in the network configuration template, which is equivalent to that sixty-seven-component work is completed in advance, so that the labor consumption and information deviation caused by manual intervention are reduced, and meanwhile, in order to meet the actual requirement, the restrictive deletion and modification on the basis of a compliance scheme are supported.
It should be understood that the statements in this section do not necessarily identify key or critical features of the embodiments of the present application, nor do they limit the scope of the present application. Other features of the present application will become apparent from the following description.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a flowchart of a method for creating a template of a network configuration according to an embodiment of the present application;
fig. 2 is a schematic diagram of a new template page provided in an embodiment of the present application;
fig. 3 is a flowchart of a method for configuring a network according to a second embodiment of the present application;
fig. 4 is a schematic diagram of a network configuration page provided in the second embodiment of the present application;
fig. 5 is a schematic structural diagram of an apparatus for creating a network configuration template according to a third embodiment of the present application;
fig. 6 is a schematic structural diagram of an apparatus configured in a network according to a fourth embodiment of the present application;
fig. 7 is a schematic structural diagram of an electronic device according to a fifth embodiment of the present application.
Detailed Description
In order to make the technical solutions better understood by those skilled in the art, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only partial embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
It should be noted that the terms "first," "second," and the like in the description and claims of this application and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the application described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Example one
Fig. 1 is a flowchart of a method for creating a template of a network configuration according to an embodiment of the present application. The method and the device can be applied to a network configuration system, and the embodiment can be applied to a scene of a user-defined network configuration template. As shown in fig. 1, the method may include the steps of:
and step 110, responding to a new template building operation initiated by the first user, and displaying a new template building page.
In one implementation, the functionality of the add-on template is provided in a network configuration system (hereinafter "system"), which may be embodied by an "add-on template" portal. And the first user clicks the 'newly-added template' inlet to indicate that the first user initiates the operation of newly-added template. When the system detects the operation of the new template, a new template page can be displayed to the first user.
Wherein the first user can be a user with a template creation authority. In implementation, after a user logs in the system, the system may first verify whether the user has the right to create a new template. If the current user has the authority of creating the new template, the entry of the 'new template' can be set to be in a clickable state, otherwise, the entry of the 'new template' is set to be in an un-clickable state, for example, the entry is set to be in a gray level state.
It should be noted that, regarding the verification manner of the system for verifying whether the user has the authority of creating the template, this embodiment is not limited, and for example, the matching verification may be performed through a white list mechanism, a condition matching mechanism, and the like.
And step 120, receiving the template basic information which is input by the first user in the new template page and is associated with the network configuration template to be created.
Specifically, the newly created template page may include basic information filling items associated with the template configuration for filling out basic information of the template. For example, as shown in fig. 2, the basic information filling items contained in the new template page may include, but are not limited to: and adding a template name, a voltage level, a switch deployment mode and the like. In the filling item of the "newly added template name", the first user may fill a desired template name according to the filling specification, for example, the template name may include information such as a site name of the power supply station, a template creation time, and the like; the "voltage class" filling item can provide a voltage class list for a first user to select, the first user pops up the voltage class list when clicking a pull-down button, and the voltage class list comprises voltage classes commonly used by the power supply station, such as 35kV, 110kV, 220kV, 500kV and the like; the "switch deployment mode" filling item may provide a switch deployment mode list for the first user to select, the first user clicks the pull-down button to pop up the switch deployment mode list, and the deployment modes in the switch deployment mode list may be set by related personnel according to experience, and may include deployment modes such as "i area and ii area share interconnected switches", "i area deploys real-time switches, and ii area deploys non-real-time switches". The first user can select a proper voltage class and a proper switch deployment mode according to the actual situation of the station. Wherein, the area I is also called as real time area and is a control production area; the area II is called non-real time area and non-control production area.
After the first user fills in template basic information such as a newly-added template name, a voltage level, a switch deployment mode and the like in a newly-built template page, a function key of 'template creation' is triggered, and then the template basic information can be submitted to a network configuration system.
In practice, the template frame presented to the first user may be different according to the template basic information. For example, the system may present different template frames to the first user according to different voltage classes or switch deployments. The system analyzes the template basic information input by the first user, so that a template frame matched with the voltage level selected by the first user and the switch deployment mode is generated, and the template frame is displayed to the first user. The template frame page can display template basic information such as the template name, the voltage level, the switch deployment mode and the like filled by the first user.
The template framework can comprise a plurality of configuration items, and the configuration items are used for configuring network equipment in the power station at least as follows: the system comprises service configuration, IP address configuration, interconnection interface planning, switch configuration, firewall configuration, encryption machine configuration and the like, wherein the IP address configuration further comprises real-time IP address configuration and non-real-time IP address configuration, the real-time IP address configuration is used for carrying out IP address configuration on a real-time service network segment, and the non-real-time IP address configuration is used for carrying out IP address configuration on a non-real-time service network segment.
In a further example, each configuration item may further include a plurality of configuration fields, each configuration field having an associated configuration listing available for selection, such that the first user need only make a selection or a small amount of fill-in to complete the template creation.
In creating the network configuration template, the first user may select or fill in appropriate field values from the configuration list of the drop down list for each configuration field in each configuration item.
In one embodiment, step 140 may include the steps of:
and responding to the operation of the first user in the displayed service configuration page, and determining service network segment information of the service configuration page, wherein the service network segment information comprises a real-time service segment mask and a non-real-time service segment mask input by the first user.
The configuration item of the service configuration is used for determining an intranet IP address set, configuration fields of the configuration item include real-time service segment configuration and non-real-time service segment configuration, and a first user can select a real-time service segment mask corresponding to a real-time service segment and a non-real-time service segment mask corresponding to a non-real-time service segment from a plurality of mask addresses given by a field pull-down list during configuration.
In one embodiment, step 140 may further include the steps of:
and responding to the operation of the first user in the displayed real-time IP address configuration page, determining a real-time IP address number set corresponding to the real-time service segment mask, determining a real-time service system selected by the first user from a preset service list, and distributing real-time IP address numbers to the real-time service systems according to the real-time IP address number set.
Responding to the operation of the first user in the displayed non-real-time IP address configuration page, determining a non-real-time IP address number set corresponding to the non-real-time service segment mask, determining a non-real-time service system selected by the first user from a preset service list, and distributing the non-real-time IP address number to each non-real-time service system according to the non-real-time IP address number set.
Specifically, the configuration modes of the two configuration items of the real-time IP address configuration and the non-real-time IP address configuration are similar, and the difference is that the former allocates addresses to the real-time service segments, and the latter allocates addresses to the non-real-time service segments, so as to allocate IP address numbers to the service systems associated with each network device. Both configurations include VLAN partitioning and IP allocation. In the item of the real-time service distribution address configuration or the non-real-time service distribution address configuration, the first user can add new VLAN information or IP information by clicking a "new" button in the item page. In the VLAN splitting function, the included configuration fields may include, for example, VLAN ID (VLAN identification), start address, mask, end address, gateway, remarks, and the like. The VLAN ID is determined according to substation specifications, such as 199, 100, and the like. The mask input by the mask field is a real-time traffic segment mask or a non-real-time traffic segment mask configured in the traffic segment address configuration (i.e., traffic configuration). According to the mask in the mask field, the system can calculate the IP address number set, i.e. which IP address numbers are in the IP address number set. For example, if the mask is "255.255.255.240/28", 32 IP address numbers can be calculated. In this embodiment, the IP address in the template is replaced with an IP address number, rather than a specific IP address. Assuming that the 32 IP address numbers calculated above are divided into two VLANs, each VLAN has 16 IP address numbers, such that the start-stop address number of the first VLAN can be denoted as IP-1 and the end address number as IP-16, and the start-stop address number of the second VLAN can be denoted as IP-17 and the end address number as IP-32. In other embodiments, the service segment corresponding to the current mask may also be a real-time service segment or a non-real-time service segment, and the service segment information may be marked in the starting address number and the ending address number, for example, the real-time service segment IP-1, the real-time service segment IP-16, and the like. The gateway may be one of the IP address numbers selected by the first user from the IP address numbers corresponding to the current VLAN ID.
The IP assignment function is configured to assign IP to the service system for the IP address number set included in each VLAN ID in the VLAN partition, and configuration fields included in the function may include, for example, a VLAN ID, a service system/interconnection device, a communication host & port, a device type, an IP address, a subnet mask, a gateway, a remark, and the like. Wherein, the options in the VLAN ID field are derived from VLAN IDs in VLAN division; the options of the service system/interconnection equipment field are derived from a service list and an interconnection equipment list, and the first user can select a service system from the service list or select network equipment from the interconnection equipment list; the options of the IP address field are derived from the IP address number corresponding to the current VLAN ID in the VLAN division; the options in the subnet mask field are derived from the mask values in the VLAN partition; the gateway field option is also derived from the gateway value in the VLAN partition; the equipment type is determined according to the value of the field of the service system/the interconnected equipment; the field value of the communication host & port may be a value filled in by the first user.
The service list may include service system names commonly used in the power industry and service types corresponding to the service system names. For example, the service system name may include service system names commonly used in the power industry, such as a fault oscilloscope, a communication power supply system, a traveling wave distance measurement system, a scheduling command device, an electric quantity acquisition system, an online monitoring system, a remote operation and maintenance system, a power transformation and physical distribution system, a sensing system, an alarm system, and the like; the traffic type may include real-time traffic type, non-real-time traffic type, and the like.
The interconnection device list includes interconnection device information commonly used in the power industry, and the interconnection device information may include, for example, a device name, a device type, and the like. The device type may be, for example, a firewall, a router, an encryptor, a switch, etc. In one embodiment, step 140 may further include the steps of:
and responding to the operation of the first user in the displayed interconnection interface planning page, and determining the numbers of the network ports of the switches respectively connected with the two interconnected network devices.
Specifically, the present embodiment is used for interconnection interface planning configuration, and this configuration project is used for interconnection interface planning and switch interface planning. In the interconnection interface planning, the first user may newly create a switch port number to which the two interconnected network devices to be configured are connected through a "new" button in the corresponding page, which may include, but is not limited to, the following fields: the device name of the local terminal, the local terminal interface (namely the local terminal network port number), the name of the opposite terminal device, the opposite terminal interface (namely the opposite terminal network port number), the interconnection VLAN, the remark and the like. The options of the local terminal device name and the opposite terminal device name are derived from options of a service system/interconnection device field in real-time IP address configuration and non-real-time IP address configuration, and a first user can select from the options; the option of interconnecting VLANs is also derived from VLAN IDs in real-time IP address configuration and non-real-time IP address configuration; the home terminal interface and the opposite terminal interface may be switch network port numbers corresponding to the home terminal device or the opposite terminal device, which are filled after the first user selects the home terminal device or the opposite terminal device.
In the switch interface planning, the first user may newly create an interface of the interconnected switch to be configured through a "new" button in the corresponding page, which may include, but is not limited to, the following fields: interconnection VLAN, interface of current exchanger, name and description of opposite terminal device. The options of the interconnection VLAN are also VLAN IDs from real-time IP address configuration and non-real-time IP address configuration; the interface of the current switch can be the network port number of the current switch filled by the user; the option for the peer device name is derived from the options for the business system/interconnect device fields in the real-time IP address configuration as well as the non-real-time IP address configuration.
In an embodiment, in the IP address configuration, a device type corresponding to each real-time service system or non-real-time service system may be further determined from a preset device list, where the device type includes a switch, a firewall, and an encryption engine. And then determining a switch list, a firewall list and an encryption machine list according to the device type. Step 140 may further include the steps of:
and generating a corresponding switch configuration page aiming at each switch in the switch list, responding to the operation of the first user in the displayed switch configuration page, and performing routing configuration on the current switch, wherein the routing configuration comprises the steps of determining the routing address name and the routing address network segment of the current switch according to a preset address list, and determining the equipment name and the IP address number of the next hop equipment.
Specifically, the switch configuration item is used for performing static routing configuration on the interconnected switches. The system can automatically identify the item of which the equipment type is the switch in the two configuration items of the real-time IP address configuration and the non-real-time IP address configuration, and generate a corresponding switch configuration page aiming at each switch. The first user may click on the "add" button of the switch configuration page to add new routing configurations, and the associated configuration fields may include, but are not limited to: destination address name, destination address network segment, next hop device name, next hop address, remarks, etc. Specifically, the destination address name (also called routing address name) is a common address in the master management station, and thus is well defined in the address list, the first user may select from the address list, and the destination address network segment may be obtained in the same manner. For the backhaul route, the first user may set the destination address as a service backhaul route, where the service backhaul route refers to a network segment range that is divided by the system according to the service segment address. The next hop device name refers to the device name of the next hop device of the route, the first user can select from the devices distributed in the items of real-time IP address configuration and non-real-time IP address configuration, and after the next hop device is determined, the system automatically backfills the next hop address according to the IP address numbers distributed to the devices in the items of real-time IP address configuration and non-real-time IP address configuration.
The address list may include IP address information commonly used in the power industry, and the IP address information may include IP address names and address network segments corresponding to the IP address names. The IP address name can be an address name of power equipment of the main station, such as a xxx main station non-real-time encryption device, a non-real-time traveling wave distance measurement main station, a xxx main station online monitoring route, a xxx non-real-time situation awareness main station and the like; the address network segments may include an a-plane address network segment and a B-plane address network segment.
In one embodiment, step 140 may further include the steps of:
generating a corresponding firewall configuration page for each firewall in the firewall list, responding to the operation of the first user in the displayed firewall configuration page, and performing routing configuration, Network Address Translation (NAT) configuration and policy configuration on the current firewall, wherein the routing configuration comprises the steps of determining the routing address name and the routing address network segment of the current firewall according to a preset routing list, and determining the equipment name and the IP address number of the next hop equipment; the NAT configuration comprises the steps of determining the real-time IP address number and the non-real-time IP address number of a service system corresponding to the current firewall; the policy configuration comprises the steps of determining a source IP address number, a protocol, a port alias and a destination IP address number of a service system corresponding to the current firewall, wherein the port alias is selected from a preset port list.
Specifically, the firewall configuration item is used for performing static routing configuration, NAT (Network Address Translation) configuration, and policy configuration on the interconnection firewall. The system can automatically identify the items of real-time IP address configuration and non-real-time IP address configuration, wherein the equipment type is the item of the firewall, and generates a corresponding firewall configuration page for each firewall. The first user may perform static routing configuration, NAT configuration, and policy configuration in the firewall configuration page. Similar to the static route configuration of the switch, the configuration field for performing the static route configuration of the firewall at least includes: the configuration mode of each field can refer to the configuration mode of the switch.
The associated configuration fields of the NAT configuration may include, but are not limited to: real-time IP address number, non-real-time IP address, remark and the like of a service system to which the current firewall belongs. Since the IP address is configured with this item to divide the service segment address, the first user is required to manually select the IP address number of the same service in different service segments (real-time service segment and non-real-time service segment).
The associated configuration fields of the policy configuration may include, but are not limited to: system name, source address, protocol, port, destination address, etc. Since most of services under the transformer substation scene are similar, a large number of general services are predefined in a service list, a first user can manually select a service system name corresponding to each policy according to the service list, and for a source IP address number and a destination IP address number of the policy, as a source address and a destination address of a firewall policy are frequently common addresses in a management master station, the firewall policy is well defined in the address list, and at the moment, the firewall policy can be directly selected in the address list range.
The port list includes port information commonly used in the power industry, and the port information may include, for example, port alias, port number, port protocol (such as tcp, udp, any, etc.), associated service, and the like. Wherein, the associated service refers to the service system name associated with the current port alias.
In one embodiment, step 140 may further include the steps of:
generating a corresponding encryption machine configuration page aiming at each encryption machine in the encryption machine list, responding to the operation of the first user in the displayed encryption machine configuration page, and performing routing configuration, tunnel configuration and strategy configuration on the current encryption machine, wherein the routing configuration comprises the steps of determining the routing address name and the routing address network segment of the current encryption machine according to a preset routing list, and determining the equipment name and the IP address number of the next hop equipment; the tunnel configuration comprises the steps of determining the tunnel home terminal IP address number, the tunnel opposite terminal IP address number, the tunnel period and the tunnel capacity of each tunnel of the current encryption machine; the policy configuration comprises the steps of determining a source IP address number, a protocol, a port alias and a destination IP address number of a service system corresponding to the current encryption machine, wherein the port alias is selected from a preset port list.
Specifically, the encryption device configuration item is used for performing static routing configuration, tunnel configuration and policy configuration on the interconnection encryption device configuration. The system can automatically identify the item of which the equipment type is the encryption machine in the two items of real-time IP address configuration and non-real-time IP address configuration, and generate a corresponding encryption machine configuration page aiming at each encryption machine. The first user can perform static route configuration, tunnel configuration and policy configuration in the encryption equipment configuration page. Similar to the static route configuration of the switch, the configuration field for static route configuration of the encryption equipment at least includes: the configuration mode of each field can refer to the configuration mode of the switch.
The associated configuration fields of the tunnel configuration may include, but are not limited to: tunnel number, tunnel mode, tunnel home terminal address, tunnel peer terminal address, tunnel period, tunnel capacity, etc. Wherein, the tunnel period and the tunnel capacity are usually defaults, do not need to be filled in and support modification. And the tunnel number is manually filled in by the first user. According to the actual scene needs, two tunnel modes of encryption and plaintext are built in. In terms of the home terminal address and the opposite terminal address of the tunnel, since the home terminal address and the opposite terminal address of the tunnel in an actual scene may be the IP address of the device allocated to the service, or may be some general master station addresses, the template provides two input sources here, one is the IP address number of each device defined in the service allocation address configuration item, and the other is the fixed IP address or address network segment in the address list, and the first user needs to manually select the home terminal address and the opposite terminal address corresponding to each tunnel.
The associated configuration fields of the policy configuration may include, but are not limited to: system name, source address, protocol, port, destination address, etc. The policy configuration method for the encryption engine may refer to the policy configuration method for the firewall, and is not described herein again.
Since most of services under the transformer substation scene are similar, a large number of general services are predefined in a service list, a first user can manually select a service system name corresponding to each strategy according to the service list, and for a source address and a destination address of the strategy, the source address and the destination address of the strategy of the encryption machine are frequently common addresses in a management main station, so that the source address and the destination address are well defined in the address list, and at the moment, the source address and the destination address are directly selected in the address list range.
And 150, generating a network configuration template according to the template configuration information and the template framework.
In implementation, when the first user completes configuration of each configuration item, generation of the network configuration template may be triggered. Specifically, in an embodiment, a preview function may be further set in the template frame page, and when the preview function is triggered by the first user, the system may collectively display the template configuration information filled in by the first user for the first user to check, where the template configuration information may be modified in the first user checking process. After the check is correct, the first user clicks the save button, and the template frame filled with the template configuration information can be saved as the network configuration template. In addition, the first user may modify a template name of the network configuration template.
After the network configuration template is generated in the above manner, it can be known which host IP exists in one network configuration template, which route exists in the switch, which policy exists in the firewall and the encryption machine, which services the NAT configuration belongs to respectively, and the like. Therefore, most data are configured in the template, and the scheme can be generated quickly by only carrying out a small amount of processing when the template is used for generating the scheme.
In this embodiment, when a first user needs to create a network configuration template, the first user may first input template basic information in a newly created template page that is displayed, and then the system determines a corresponding template frame according to the template basic information and displays the template frame, where the template frame includes multiple configuration items related to the template basic information, and the configuration items are used to perform at least service configuration and IP address configuration on network devices in an electrical power site, so that the first user may input corresponding template configuration information according to the configuration items, including service segment information corresponding to the service configuration, IP address numbers of various service systems corresponding to the IP address configuration, and the system may generate the network configuration template according to the template configuration information and the template frame filled by the first user. In the whole process of generating the network configuration template, the equipment configuration network configuration templates of the substations with different voltage levels are analyzed according to the standard formulated by managers and by combining the logic relationship among the configuration information of each network equipment under the intranet environment, so that the configuration accuracy is determined by the logic relationship among the configuration information on one hand, and the configuration compliance is determined according to the management standard on the other hand.
Example two
Fig. 3 is a flowchart of a method for configuring a network according to a second embodiment of the present application. The method can be applied to a network configuration system and a scene of uniformly generating a configuration scheme for a plurality of network devices of a site. As shown in fig. 3, the method may include the steps of:
The second user in this embodiment may be the same user as the first user in the first embodiment, or may be a different user, which is not limited in this embodiment.
In one implementation, the second user may view a previously created template list in a network configuration system (hereinafter "system") at the site where the second user is located, the template list including one or more network configuration templates. For example, a "template list" entry may be provided in the network configuration system, and when a second user clicks the "template list" entry, a site where the second user is located may be determined first, and then a template list pre-configured for the site is obtained from a template library, and the template list is presented to the second user.
When the template list is presented, key information of each network configuration template may be presented, where the key information may illustratively include a template name, a voltage class, a switch deployment manner, an associated service (such as a security system, a perception system, a telemechanical system, an online monitoring system, and the like). Of course, the embodiment is not limited to the above-mentioned key information, and those skilled in the art may set other key information according to actual requirements.
In practice, in order to facilitate the second user to quickly find a desired network configuration template, a search bar may be further set in the template list display page, and the second user may search keywords such as a template name, a voltage level, a switch deployment mode, and an associated service in the search bar.
When the network configuration template is selected, the template list display page may further provide a selection button for each network configuration template, and when a trigger of a second user on the selection button of a certain network configuration template is detected, it indicates that the second user selects the network configuration template, and the selected network configuration template may be referred to as a target network configuration template.
In implementation, after the second user selects the target network configuration template, the system may generate a network configuration page based on the template name of the target network configuration template. The network configuration page is then presented to a second user.
The network configuration information at least comprises a starting IP address, the starting IP address is used for determining an IP address set when a network configuration scheme is generated, and each IP address in the IP address set is used for replacing a corresponding IP address number.
In one embodiment, the starting IP address includes a real-time starting IP address and a non-real-time starting IP address, and step 230 further includes the following steps:
determining a real-time IP address set corresponding to the real-time IP address number set according to the real-time initial IP address;
determining a non-real-time IP address set corresponding to the non-real-time IP address number set according to the non-real-time initial IP address; determining a service system related to the target network configuration template, forming a service list, and displaying the service list; detecting a target service system selected by the second user from the service list; receiving an authoring date entered by the second user.
For example, an exemplary network configuration page is shown in fig. 4, and the network configuration page includes three configuration processes of "filling out the initial IP", "confirming the related service", and "confirming the editing date". In the configuration page of "fill in initial IP", the second user may input the initial IP address of the real-time traffic segment (i.e. the real-time initial IP address) and the initial IP address of the non-real-time traffic segment (i.e. the non-real-time initial IP address), and click "next" to enter "to confirm that the configuration process of the traffic is involved". The initial IP address filled in the configuration page of the "filling initial IP" is a specific IP address, not an IP address number.
In addition, the second user may also fill in a template type in the configuration page of "fill in initial IP", where the template type is a plane type corresponding to the template, and the plane type may include a single plane and a double plane. The difference between the two schemes is that the single plane generates one group of IP distribution schemes, the double plane generates two groups of IP distribution schemes, and the logic relation of the IP distribution schemes newly added by the double plane is consistent with that of the IP distribution schemes of the single plane, but the initial IP addresses are different.
And in the configuration page of 'confirming related services', the service system related to the template target network configuration template is shown to the second user, and the second user can select the service with the network access condition as the target service system. Clicking the next step enters a configuration process of 'confirming and compiling date', and the second user fills the compiling date in the configuration page of 'confirming and compiling date' and clicks a 'confirm' button to finish the input of the network configuration information.
When the method is realized, the system takes the real-time initial IP address of the real-time service segment input by the second user as the first IP address of the real-time service segment, and takes the non-real-time initial IP address of the non-real-time service segment input by the second user as the first IP address of the non-real-time service segment. And then, calculating a real-time IP address set of the real-time service segment according to the rule of the IP addresses (which can be obtained according to observation of an actual scheme, the IP addresses of the field devices always have a logical relationship, such as backward extension on the basis of the initial IP) and the number of the IP addresses of the real-time IP address number set configured in the current target network configuration template. And calculating the non-real-time IP address set of the non-real-time service segment according to the rule of the IP addresses and the number of the IP addresses of the non-real-time IP address number set configured in the current target network configuration template.
When the second user inputs network configuration information, the system may combine the network configuration information with the selected target network configuration template to generate a network configuration scheme.
In one embodiment, step 250 may further include the steps of:
modifying the target network configuration template according to the network configuration information as follows, and taking the modified target network configuration template as a network configuration scheme:
1) replacing each real-time IP address number in the target network configuration template with a corresponding real-time IP address; and replacing each non-real-time IP address number in the target network configuration template with a corresponding non-real-time IP address.
Because the IP addresses in the target network configuration template are IP address numbers, after all the specific IP addresses in the intranet IP set are determined, the system can replace the intranet IP address numbers in the template into actual specific IP addresses one by one according to the logical mapping relation in the target network configuration template.
It should be noted that, if the target network configuration template further includes a port alias, the port alias may also be replaced with an actual port number. If the target network configuration template also includes an IP address alias, the IP address alias may also be replaced with the actual IP address.
2) And deleting the configuration information related to other service systems except the target service system from the target network configuration template.
In the aspect of service, after the user selects the target service system, the system can compare the existing service system related in the target network configuration template with the target service system, and then eliminate the configuration information corresponding to the service system which is not selected.
3) And updating the cover page date in the target network configuration template to be the editing date.
The target network configuration template also includes a cover date, which is modified to the composition date entered by the second user when the network configuration scheme is generated using the target network configuration template.
The generated network configuration scheme may be presented to a second user who may export the network configuration scheme through an export function in the page. The network configuration scheme may be provided for the relevant personnel to perform network configuration reference, and may also be provided for the auditor to perform audit, which is not limited in this embodiment.
In this embodiment, through a pre-configured template list, a user may select a desired target network configuration template, then determine basic network configuration information through a network configuration page, and then the system combines the network configuration information and the target network configuration template to generate a set of network configuration schemes meeting the specification and aiming at multiple intranet devices, so as to implement unified configuration of the network configuration information of the multiple intranet devices, and improve the efficiency of configuring the network devices in batches. Meanwhile, data integration is performed in advance according to the logical relation among the fields in the network configuration template, which is equivalent to that sixty-seven-component work is completed in advance, so that the labor consumption and information deviation caused by manual intervention are reduced, and meanwhile, in order to meet the actual requirement, the restrictive deletion and modification on the basis of a compliance scheme are supported.
EXAMPLE III
Fig. 5 is a schematic structural diagram of an apparatus for creating a network configuration template according to a third embodiment of the present application, where the apparatus may be applied to a network configuration system, and may include the following modules:
a new templatepage display module 310, configured to respond to a new template operation initiated by a first user, and display a new template page;
a template basicinformation receiving module 320, configured to receive template basic information that is input by the first user in the new template page and is associated with the network configuration template to be created;
a templateframe display module 330, configured to determine a template frame corresponding to the template basic information, and display the template frame, where the template frame includes configuration items related to the template basic information, and the configuration items are used to configure at least the following network devices in the power station: service configuration and IP address configuration;
the template configuration information obtaining module 340 is configured to obtain template configuration information input by the first user for each configuration item, where the template configuration information at least includes: service network segment information corresponding to the service configuration and IP address numbers of all service systems corresponding to the IP address configuration;
a network configurationtemplate generating module 350, configured to generate a network configuration template according to the template configuration information and the template framework.
In one embodiment, the IP address configuration comprises a real-time IP address configuration and a non-real-time IP address configuration; the template configuration information obtaining module 340 is specifically configured to:
responding to the operation of the first user in the displayed service configuration page, and determining service network segment information of the service configuration page, wherein the service network segment information comprises a real-time service segment mask code and a non-real-time service segment mask code input by the first user;
responding to the operation of the first user in a displayed real-time IP address configuration page, determining a real-time IP address number set corresponding to the real-time service segment mask, determining a real-time service system selected by the first user from a preset service list, and distributing real-time IP address numbers to the real-time service systems according to the real-time IP address number set;
responding to the operation of the first user in the displayed non-real-time IP address configuration page, determining a non-real-time IP address number set corresponding to the non-real-time service segment mask, determining a non-real-time service system selected by the first user from a preset service list, and distributing the non-real-time IP address number to each non-real-time service system according to the non-real-time IP address number set.
In one embodiment, the configuration item is further configured to configure the network device as follows: switch configuration, firewall configuration and encryption machine configuration;
the template configuration information obtaining module 340 is further configured to:
in the IP address configuration, aiming at each real-time service system or non-real-time service system, determining a corresponding equipment type from a preset equipment list, wherein the equipment type comprises a switch, a firewall and an encryption machine;
determining a switch list, a firewall list and an encryption machine list according to the equipment type;
generating a corresponding switch configuration page for each switch in the switch list, responding to the operation of the first user in the displayed switch configuration page, and performing routing configuration on the current switch, wherein the routing configuration comprises the steps of determining the routing address name and the routing address network segment of the current switch according to a preset address list, and determining the equipment name and the IP address number of the next hop equipment;
generating a corresponding firewall configuration page for each firewall in the firewall list, responding to the operation of the first user in the displayed firewall configuration page, and performing routing configuration, Network Address Translation (NAT) configuration and policy configuration on the current firewall, wherein the routing configuration comprises the steps of determining the routing address name and the routing address network segment of the current firewall according to a preset routing list, and determining the equipment name and the IP address number of the next hop equipment; the NAT configuration comprises the steps of determining the real-time IP address number and the non-real-time IP address number of a service system corresponding to the current firewall; the policy configuration comprises the steps of determining a source IP address number, a protocol, a port alias and a destination IP address number of a service system corresponding to the current firewall, wherein the port alias is selected from a preset port list;
generating a corresponding encryption machine configuration page aiming at each encryption machine in the encryption machine list, responding to the operation of the first user in the displayed encryption machine configuration page, and performing routing configuration, tunnel configuration and strategy configuration on the current encryption machine, wherein the routing configuration comprises the steps of determining the routing address name and the routing address network segment of the current encryption machine according to a preset routing list, and determining the equipment name and the IP address number of the next hop equipment; the tunnel configuration comprises the steps of determining the tunnel home terminal IP address number, the tunnel opposite terminal IP address number, the tunnel period and the tunnel capacity of each tunnel of the current encryption machine; the policy configuration comprises the steps of determining a source IP address number, a protocol, a port alias and a destination IP address number of a service system corresponding to the current encryption machine, wherein the port alias is selected from a preset port list.
The device for creating the network configuration template provided by the embodiment of the application can execute the method for creating the network configuration template provided by any embodiment of the application, and has the corresponding functional modules and beneficial effects of the execution method.
Example four
Fig. 6 is a schematic structural diagram of a network configuration apparatus according to a fourth embodiment of the present application, where the apparatus may be applied to a network configuration system, and may include the following modules:
a templatelist obtaining module 410, configured to, in response to a triggering action of a second user, obtain a previously configured template list of a site where the second user is located, and display the template list;
a target network configurationtemplate determining module 420, configured to determine a target network configuration template selected by the second user from the template list;
a network configurationpage display module 430, configured to generate a network configuration page based on the target network configuration template, and display the network configuration page;
a network configuration information determining module 440, configured to determine network configuration information in response to an operation of the second user in the network configuration page, where the network configuration information at least includes a starting IP address, and the starting IP address is used to determine an IP address set when a network configuration scheme is generated, and each IP address in the IP address set is used to replace a corresponding IP address number;
a network configurationscheme generating module 450, configured to generate a network configuration scheme according to the target network configuration template and the network configuration information.
In one embodiment, the starting IP address comprises a real-time starting IP address and a non-real-time starting IP address; the target network configuration template comprises a real-time IP address number set and a non-real-time IP address number set;
the network configuration information determining module 440 is specifically configured to:
determining a real-time IP address set corresponding to the real-time IP address number set according to the real-time initial IP address;
determining a non-real-time IP address set corresponding to the non-real-time IP address number set according to the non-real-time initial IP address;
determining a service system related to the target network configuration template, forming a service list, and displaying the service list;
detecting a target service system selected by the second user from the service list;
receiving an authoring date entered by the second user.
In an embodiment, the network configurationscheme generating module 450 is specifically configured to:
modifying the target network configuration template according to the network configuration information as follows, and taking the modified target network configuration template as a network configuration scheme:
replacing each real-time IP address number in the target network configuration template with a corresponding real-time IP address;
replacing each non-real-time IP address number in the target network configuration template with a corresponding non-real-time IP address;
deleting the configuration information related to other service systems except the target service system from the target network configuration template;
and updating the cover page date in the target network configuration template to be the editing date.
The network configuration device provided by the embodiment of the application can execute the network configuration method provided by any embodiment of the application, and has corresponding functional modules and beneficial effects of the execution method.
EXAMPLE five
Fig. 7 shows a schematic structural diagram of anelectronic device 10 that may be used to implement method embodiments of the present application. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital assistants, cellular phones, smart phones, wearable devices (e.g., helmets, glasses, watches, etc.), and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be examples only, and are not meant to limit implementations of the present application that are described and/or claimed herein.
As shown in fig. 7, theelectronic device 10 includes at least oneprocessor 11, and a memory communicatively connected to the at least oneprocessor 11, such as a Read Only Memory (ROM) 12, a Random Access Memory (RAM) 13, and the like, wherein the memory stores a computer program executable by the at least one processor, and theprocessor 11 can perform various suitable actions and processes according to the computer program stored in the Read Only Memory (ROM) 12 or the computer program loaded from astorage unit 18 into the Random Access Memory (RAM) 13. In theRAM 13, various programs and data necessary for the operation of theelectronic apparatus 10 can also be stored. Theprocessor 11, theROM 12, and theRAM 13 are connected to each other via abus 14. An input/output (I/O)interface 15 is also connected tobus 14.
A number of components in theelectronic device 10 are connected to the I/O interface 15, including: aninput unit 16 such as a keyboard, a mouse, or the like; anoutput unit 17 such as various types of displays, speakers, and the like; astorage unit 18 such as a magnetic disk, an optical disk, or the like; and acommunication unit 19 such as a network card, modem, wireless communication transceiver, etc. Thecommunication unit 19 allows theelectronic device 10 to exchange information/data with other devices via a computer network such as the internet and/or various telecommunication networks.
Theprocessor 11 may be a variety of general and/or special purpose processing components having processing and computing capabilities. Some examples ofprocessor 11 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various specialized Artificial Intelligence (AI) computing chips, various processors running machine learning model algorithms, a Digital Signal Processor (DSP), and any suitable processor, controller, microcontroller, or the like. Theprocessor 11 performs the various methods and processes described above, such as the methods described in embodiment one or embodiment two.
In some embodiments, the method of embodiment one or embodiment two may be implemented as a computer program tangibly embodied in a computer-readable storage medium, such asstorage unit 18. In some embodiments, part or all of the computer program may be loaded and/or installed onto theelectronic device 10 via theROM 12 and/or thecommunication unit 19. When the computer program is loaded intoRAM 13 and executed byprocessor 11, one or more steps of the method described in embodiment one or embodiment two above may be performed. Alternatively, in other embodiments, theprocessor 11 may be configured by any other suitable means (e.g., by means of firmware) to perform the method described in embodiment one or embodiment two.
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuitry, Field Programmable Gate Arrays (FPGAs), Application Specific Integrated Circuits (ASICs), Application Specific Standard Products (ASSPs), system on a chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs that are executable and/or interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, receiving data and instructions from, and transmitting data and instructions to, a storage system, at least one input device, and at least one output device.
A computer program for implementing the methods of the present application may be written in any combination of one or more programming languages. These computer programs may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the computer programs, when executed by the processor, cause the functions/acts specified in the flowchart and/or block diagram block or blocks to be performed. A computer program can execute entirely on a machine, partly on a machine, as a stand-alone software package partly on a machine and partly on a remote machine or entirely on a remote machine or server.
In the context of this application, a computer readable storage medium may be a tangible medium that can contain, or store a computer program for use by or in connection with an instruction execution system, apparatus, or device. A computer readable storage medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. Alternatively, the computer readable storage medium may be a machine readable signal medium. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on an electronic device having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) by which a user can provide input to the electronic device. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user can be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic, speech, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a back-end component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such back-end, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), Wide Area Networks (WANs), blockchain networks, and the internet.
The computing system may include clients and servers. A client and server are generally remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server can be a cloud server, also called a cloud computing server or a cloud host, and is a host product in a cloud computing service system, so that the defects of high management difficulty and weak service expansibility in the traditional physical host and VPS service are overcome.
It should be understood that various forms of the flows shown above may be used, with steps reordered, added, or deleted. For example, the steps described in the present application may be executed in parallel, sequentially, or in different orders, as long as the desired results of the technical solution of the present application can be achieved, and the present invention is not limited thereto.
The above-described embodiments should not be construed as limiting the scope of the present application. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may be made in accordance with design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present application shall be included in the protection scope of the present application.
Claims (10)
1. A method for creating a network configuration template, wherein the method is applied to a network configuration system, and the method comprises the following steps:
responding to a new template operation initiated by a first user, and displaying a new template page;
receiving template basic information which is input by a first user in the new template page and is associated with the network configuration template to be created;
determining a template frame corresponding to the template basic information, and displaying the template frame, wherein the template frame comprises configuration items related to the template basic information, and the configuration items are used for configuring network equipment in the power station at least as follows: service configuration and IP address configuration;
acquiring template configuration information input by a first user for each configuration item, wherein the template configuration information at least comprises: service network segment information corresponding to the service configuration and IP address numbers of all service systems corresponding to the IP address configuration;
and generating a network configuration template according to the template configuration information and the template framework.
2. The method of claim 1, wherein the IP address configuration comprises a real-time IP address configuration and a non-real-time IP address configuration; the obtaining of the template configuration information of the first user for each configuration input includes:
responding to the operation of the first user in the displayed service configuration page, and determining service network segment information of the service configuration page, wherein the service network segment information comprises a real-time service segment mask code and a non-real-time service segment mask code input by the first user;
responding to the operation of the first user in a displayed real-time IP address configuration page, determining a real-time IP address number set corresponding to the real-time service segment mask, determining a real-time service system selected by the first user from a preset service list, and distributing real-time IP address numbers to the real-time service systems according to the real-time IP address number set;
responding to the operation of the first user in the displayed non-real-time IP address configuration page, determining a non-real-time IP address number set corresponding to the non-real-time service segment mask, determining a non-real-time service system selected by the first user from a preset service list, and distributing the non-real-time IP address number to each non-real-time service system according to the non-real-time IP address number set.
3. The method of claim 2, wherein the configuration item is further configured to configure the network device as follows: switch configuration, firewall configuration and encryption machine configuration;
the obtaining of the template configuration information input by the first user for each configuration further includes:
in the IP address configuration, aiming at each real-time service system or non-real-time service system, determining a corresponding equipment type from a preset equipment list, wherein the equipment type comprises a switch, a firewall and an encryption machine;
determining a switch list, a firewall list and an encryption machine list according to the equipment type;
generating a corresponding switch configuration page for each switch in the switch list, responding to the operation of the first user in the displayed switch configuration page, and performing routing configuration on the current switch, wherein the routing configuration comprises the steps of determining the routing address name and the routing address network segment of the current switch according to a preset address list, and determining the equipment name and the IP address number of the next hop equipment;
generating a corresponding firewall configuration page for each firewall in the firewall list, responding to the operation of the first user in the displayed firewall configuration page, and performing routing configuration, Network Address Translation (NAT) configuration and policy configuration on the current firewall, wherein the routing configuration comprises the steps of determining the routing address name and the routing address network segment of the current firewall according to a preset routing list, and determining the equipment name and the IP address number of the next hop equipment; the NAT configuration comprises the steps of determining the real-time IP address number and the non-real-time IP address number of a service system corresponding to the current firewall; the policy configuration comprises the steps of determining a source IP address number, a protocol, a port alias and a destination IP address number of a service system corresponding to the current firewall, wherein the port alias is selected from a preset port list;
generating a corresponding encryption machine configuration page aiming at each encryption machine in the encryption machine list, responding to the operation of the first user in the displayed encryption machine configuration page, and performing routing configuration, tunnel configuration and strategy configuration on the current encryption machine, wherein the routing configuration comprises the steps of determining the routing address name and the routing address network segment of the current encryption machine according to a preset routing list, and determining the equipment name and the IP address number of the next hop equipment; the tunnel configuration comprises the steps of determining the tunnel home terminal IP address number, the tunnel opposite terminal IP address number, the tunnel period and the tunnel capacity of each tunnel of the current encryption machine; the policy configuration comprises the steps of determining a source IP address number, a protocol, a port alias and a destination IP address number of a service system corresponding to the current encryption machine, wherein the port alias is selected from a preset port list.
4. A method for network configuration, which is applied to a network configuration system, and comprises the following steps:
responding to a triggering behavior of a second user, acquiring a previously configured template list of a site where the second user is located, and displaying the template list;
determining a target network configuration template selected by the second user from the template list;
generating a network configuration page based on the target network configuration template, and displaying the network configuration page;
responding to the operation of the second user in the network configuration page, determining network configuration information, wherein the network configuration information at least comprises a starting IP address, the starting IP address is used for determining an IP address set when a network configuration scheme is generated, and each IP address in the IP address set is used for replacing a corresponding IP address number;
and generating a network configuration scheme according to the target network configuration template and the network configuration information.
5. The method of claim 4, wherein the starting IP address comprises a real-time starting IP address and a non-real-time starting IP address; the target network configuration template comprises a real-time IP address number set and a non-real-time IP address number set;
the determining network configuration information in response to the operation of the second user in the network configuration page includes:
determining a real-time IP address set corresponding to the real-time IP address number set according to the real-time initial IP address;
determining a non-real-time IP address set corresponding to the non-real-time IP address number set according to the non-real-time initial IP address;
determining a service system related to the target network configuration template, forming a service list, and displaying the service list;
detecting a target service system selected by the second user from the service list;
receiving an authoring date entered by the second user.
6. The method of claim 5, wherein generating a network configuration scheme according to the target network configuration template and the network configuration information comprises:
modifying the target network configuration template according to the network configuration information as follows, and taking the modified target network configuration template as a network configuration scheme:
replacing each real-time IP address number in the target network configuration template with a corresponding real-time IP address;
replacing each non-real-time IP address number in the target network configuration template with a corresponding non-real-time IP address;
deleting the configuration information related to other service systems except the target service system from the target network configuration template;
and updating the cover page date in the target network configuration template to be the editing date.
7. An apparatus for creating a network configuration template, the apparatus being applied in a network configuration system, the apparatus comprising:
the new template page display module is used for responding to a new template operation initiated by a first user and displaying a new template page;
the template basic information receiving module is used for receiving template basic information which is input by a first user in the newly-built template page and is associated with the network configuration template to be built;
the template frame display module is used for determining a template frame corresponding to the template basic information and displaying the template frame, the template frame comprises configuration items related to the template basic information, and the configuration items are used for at least configuring the network equipment in the power station as follows: service configuration and IP address configuration;
the template configuration information acquisition module is used for acquiring template configuration information input by a first user for each configuration item, and the template configuration information at least comprises: service network segment information corresponding to the service configuration and IP address numbers of all service systems corresponding to the IP address configuration;
and the network configuration template generation module is used for generating a network configuration template according to the template configuration information and the template framework.
8. An apparatus for network configuration, the apparatus being applied in a network configuration system, the apparatus comprising:
the template list acquisition module is used for responding to the triggering behavior of a second user, acquiring a previously configured template list of a site where the second user is located and displaying the template list;
a target network configuration template determining module, configured to determine a target network configuration template selected by the second user from the template list;
the network configuration page display module is used for generating a network configuration page based on the target network configuration template and displaying the network configuration page;
a network configuration information determining module, configured to determine network configuration information in response to an operation of the second user in the network configuration page, where the network configuration information at least includes a starting IP address, the starting IP address is used to determine an IP address set when a network configuration scheme is generated, and each IP address in the IP address set is used to replace a corresponding IP address number;
and the network configuration scheme generation module is used for generating a network configuration scheme according to the target network configuration template and the network configuration information.
9. An electronic device, characterized in that the electronic device comprises:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein,
the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the method of any one of claims 1-6.
10. A computer-readable storage medium storing computer instructions for causing a processor to perform the method of any one of claims 1-6 when executed.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210455222.7ACN114553691B (en) | 2022-04-28 | 2022-04-28 | Method, device and equipment for creating network configuration template and network configuration |
| PCT/CN2022/144058WO2023207202A1 (en) | 2022-04-28 | 2022-12-30 | Method and apparatus for creating network configuration template, method and apparatus for network configuration, and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210455222.7ACN114553691B (en) | 2022-04-28 | 2022-04-28 | Method, device and equipment for creating network configuration template and network configuration |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114553691A CN114553691A (en) | 2022-05-27 |
| CN114553691Btrue CN114553691B (en) | 2022-07-29 |
Family
ID=81666958
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210455222.7AActiveCN114553691B (en) | 2022-04-28 | 2022-04-28 | Method, device and equipment for creating network configuration template and network configuration |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN114553691B (en) |
| WO (1) | WO2023207202A1 (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114553691B (en)* | 2022-04-28 | 2022-07-29 | 广东电网有限责任公司东莞供电局 | Method, device and equipment for creating network configuration template and network configuration |
| CN115865609A (en)* | 2022-12-01 | 2023-03-28 | 城云科技(中国)有限公司 | Associated service positioning method and device suitable for network equipment |
| CN116866311A (en)* | 2023-08-09 | 2023-10-10 | 中国建设银行股份有限公司 | Method, system and related equipment for automatically distributing IPv6 address |
| CN117793151B (en)* | 2024-02-28 | 2024-04-30 | 深圳桑达银络科技有限公司 | Distributed network security monitoring system and method based on cloud computing |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1956394A (en)* | 2006-11-13 | 2007-05-02 | 杭州华为三康技术有限公司 | Method and device for network equipment service configuration |
| WO2009028098A1 (en)* | 2007-08-31 | 2009-03-05 | Fujitsu Limited | Configuration information generation device, configuration information generation method, program, and recording medium |
| CN107846313A (en)* | 2017-10-30 | 2018-03-27 | 中国联合网络通信集团有限公司 | A kind of method and the network equipment of network service template generation |
| CN109474467A (en)* | 2018-11-15 | 2019-03-15 | 上海携程商务有限公司 | Network automatically management method, device, storage medium and electronic equipment |
| CN110661670A (en)* | 2019-10-21 | 2020-01-07 | 中国民航信息网络股份有限公司 | Network equipment configuration management method and device |
| CN111371595A (en)* | 2020-02-25 | 2020-07-03 | 深信服科技股份有限公司 | Network security deployment method, device, equipment and readable storage medium |
| CN111835794A (en)* | 2020-09-17 | 2020-10-27 | 腾讯科技(深圳)有限公司 | Firewall policy control method and device, electronic equipment and storage medium |
| CN113660126A (en)* | 2021-08-18 | 2021-11-16 | 奇安信科技集团股份有限公司 | Networking file generation method, networking method and networking device |
| CN114036443A (en)* | 2021-11-29 | 2022-02-11 | 北京百度网讯科技有限公司 | Page generation method and device |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8595625B2 (en)* | 2007-10-09 | 2013-11-26 | Tellabs San Jose, Inc. | Method and apparatus to automate configuration of network entities |
| CN106682144B (en)* | 2016-12-20 | 2018-07-13 | 深圳壹账通智能科技有限公司 | page display method and device |
| CN110865807B (en)* | 2018-08-27 | 2024-06-18 | 京东科技控股股份有限公司 | System, method, device and storage medium for creating active page |
| CN113971191A (en)* | 2020-07-23 | 2022-01-25 | 腾讯科技(深圳)有限公司 | Data import method and device and computer readable storage medium |
| CN114553691B (en)* | 2022-04-28 | 2022-07-29 | 广东电网有限责任公司东莞供电局 | Method, device and equipment for creating network configuration template and network configuration |
- 2022
- 2022-04-28CNCN202210455222.7Apatent/CN114553691B/enactiveActive
- 2022-12-30WOPCT/CN2022/144058patent/WO2023207202A1/ennot_activeCeased
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1956394A (en)* | 2006-11-13 | 2007-05-02 | 杭州华为三康技术有限公司 | Method and device for network equipment service configuration |
| WO2009028098A1 (en)* | 2007-08-31 | 2009-03-05 | Fujitsu Limited | Configuration information generation device, configuration information generation method, program, and recording medium |
| CN107846313A (en)* | 2017-10-30 | 2018-03-27 | 中国联合网络通信集团有限公司 | A kind of method and the network equipment of network service template generation |
| CN109474467A (en)* | 2018-11-15 | 2019-03-15 | 上海携程商务有限公司 | Network automatically management method, device, storage medium and electronic equipment |
| CN110661670A (en)* | 2019-10-21 | 2020-01-07 | 中国民航信息网络股份有限公司 | Network equipment configuration management method and device |
| CN111371595A (en)* | 2020-02-25 | 2020-07-03 | 深信服科技股份有限公司 | Network security deployment method, device, equipment and readable storage medium |
| CN111835794A (en)* | 2020-09-17 | 2020-10-27 | 腾讯科技(深圳)有限公司 | Firewall policy control method and device, electronic equipment and storage medium |
| CN113660126A (en)* | 2021-08-18 | 2021-11-16 | 奇安信科技集团股份有限公司 | Networking file generation method, networking method and networking device |
| CN114036443A (en)* | 2021-11-29 | 2022-02-11 | 北京百度网讯科技有限公司 | Page generation method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114553691A (en) | 2022-05-27 |
| WO2023207202A1 (en) | 2023-11-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN114553691B (en) | Method, device and equipment for creating network configuration template and network configuration | |
| CN101414935B (en) | Method and system for generating test case | |
| CN110708178B (en) | Network deployment method and device | |
| CN104133953B (en) | Intelligent substation secondary design system | |
| CN110719209B (en) | Cluster network configuration method, system, equipment and readable storage medium | |
| CN112217656B (en) | Method and device for synchronizing configuration information of network equipment in SD-WAN (secure digital-to-Wide area network) system | |
| CN109086213B (en) | Commercial vehicle network test management system and method based on distributed system | |
| CN113723810A (en) | Graph database-based power grid modeling method | |
| CN112333672B (en) | Method and device for opening UPF network element of 5G core network | |
| CN112422330B (en) | Method for managing enterprise network IPv6 intergrating migration full life cycle | |
| CN115827051A (en) | Software integration management system, method and server | |
| CN112613626B (en) | Method and device for monitoring running state of standby system and computer equipment | |
| CN107146165B (en) | A kind of distribution network planning data management method and system | |
| CN108256034A (en) | Data migration method and equipment | |
| CN107146166B (en) | An auxiliary system for distribution network planning | |
| CN106200563B (en) | A kind of numerical control device state acquisition and apparatus control system and method | |
| CN116401800B (en) | A method and device for checking primary wiring diagram of smart grid plant | |
| CN117520163A (en) | Application system management method, device, storage medium and electronic device | |
| CN116582441A (en) | Bandwidth adjustment method, device, equipment and storage medium | |
| CN109547448A (en) | The dual system data general-purpose matching process determined based on pathname and double identifier mechanisms | |
| CN115599397A (en) | Application issuing method, device, equipment and storage medium | |
| CN115689490A (en) | Method and device for managing power equipment | |
| CN112260892B (en) | Management method, system, terminal and storage medium for dispatching nodes of power distribution system | |
| CN115686594A (en) | Terminal automatic operation and maintenance management system and method | |
| CN111222013B (en) | A marketing and distribution model management method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |