CN111654399A - Networking method, device and equipment based on SD-WAN and storage medium - Google Patents
Networking method, device and equipment based on SD-WAN and storage medium Download PDFInfo
- Publication number
- CN111654399A CN111654399A CN202010511737.5A CN202010511737A CN111654399A CN 111654399 A CN111654399 A CN 111654399A CN 202010511737 A CN202010511737 A CN 202010511737A CN 111654399 A CN111654399 A CN 111654399A
- Authority
- CN
- China
- Prior art keywords
- wan
- terminal equipment
- domain information
- transmission domain
- central node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4633—Interconnection of networks using encapsulation techniques, e.g. tunneling
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0893—Assignment of logical groups to network elements
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a networking method, a networking device, networking equipment and a storage medium based on an SD-WAN (secure digital-Wide area network), wherein the method comprises the following steps: determining local terminal equipment and opposite terminal equipment which need to be networked in the SD-WAN; respectively acquiring transmission domain information of each WAN port of the local terminal equipment and transmission domain information of each WAN port of the opposite terminal equipment; the transmission domain information is used for representing the service requirement of a WAN port; judging whether the local terminal equipment and the opposite terminal equipment have the same transmission domain information; if the transmission domain information is the same, a tunnel is established between the WAN ports with the same transmission domain information in the local terminal equipment and the opposite terminal equipment; the invention can realize flexible networking and configure the special service to the appointed tunnel, thereby realizing the logical isolation of the service.
Description
Technical Field
The invention relates to the technical field of internet, in particular to a networking method, a networking device, networking equipment and a storage medium based on an SD-WAN (secure digital-Wide area network).
Background
SD-WAN, a software-defined wide area network, is a service formed by applying SDN technology to a wide area network scenario, and is used to connect enterprise networks, data centers, internet applications, and cloud services in a wide geographic area. In the prior art, when a terminal device needs to join an SD-WAN network, networking configuration needs to be performed between the terminal device and other devices in the SD-WAN network so that the terminal device can join the SD-WAN network; traditional networking is realized by randomly assembling tunnels between WAN (Wide Area Network) ports of two devices, and if a certain service needs to be independently ensured to occupy a specified tunnel or is completed in a specified operator, a large number of service strategies need to be configured for realization, and when the demands are more, relatively large pressure is generated on maintenance of the strategies in the later period.
Disclosure of Invention
The invention aims to provide a networking method, a networking device, networking equipment and a storage medium based on an SD-WAN (secure digital-Wide area network), which can realize flexible networking and configure special services to a specified tunnel so as to realize the logical isolation of the services.
According to one aspect of the invention, a SD-WAN-based networking method is provided, which is applied to a controller of a SD-WAN, and comprises:
determining local terminal equipment and opposite terminal equipment which need to be networked in the SD-WAN;
respectively acquiring transmission domain information of each WAN port of the local terminal equipment and transmission domain information of each WAN port of the opposite terminal equipment; the transmission domain information is used for representing the service requirement of a WAN port;
judging whether the local terminal equipment and the opposite terminal equipment have the same transmission domain information;
if the transmission domain information is the same, a tunnel is established between the local terminal equipment and the WAN ports with the same transmission domain information in the opposite terminal equipment.
Optionally, before determining the home terminal device and the peer terminal device that need to be networked in the SD-WAN, the method further includes:
and when detecting that new equipment is added into the SD-WAN, configuring corresponding transmission domain information for each WAN port of the new equipment according to the service requirement of each WAN port of the new equipment.
Optionally, the determining the home terminal device and the peer terminal device that need to be networked in the SD-WAN specifically includes:
when the local terminal equipment is a central node of the SD-WAN, determining other central nodes in the SD-WAN as the opposite terminal equipment;
and when the local terminal equipment is a branch node of the SD-WAN, determining the opposite terminal equipment from all central nodes and other branch nodes of the SD-WAN according to the networking relationship including the branch node.
Optionally, the method further includes:
judging whether WAN port information of the networked target equipment changes or not;
and if so, sending the WAN port information after the target equipment is changed to other equipment which is networked with the target equipment.
Optionally, the method further includes:
creating a central node group, and adding at least two central nodes in the SD-WAN into the central node group;
setting priorities from 0 to N for each central node in the central node group respectively; when the priority is 0, representing that the central node does not participate in networking;
for a branch node of the SD-WAN, a tunnel is established between the branch node and each non-0-priority central node in the set of central nodes.
Optionally, the method further includes:
when the priority of one central node in the central node group is changed from 0 to non-0, a tunnel is established between the branch node and the central node;
and when the priority of one central node in the central node group is changed from 0 to 0, deleting the tunnel between the branch node and the central node.
In order to achieve the above object, the present invention further provides a SD-WAN-based networking device, applied to a controller of a SD-WAN, the device including:
the determining module is used for determining local terminal equipment and opposite terminal equipment which need to be networked in the SD-WAN;
an obtaining module, configured to obtain transmission domain information of each WAN port of the local device and transmission domain information of each WAN port of the opposite device, respectively; the transmission domain information is used for representing the service requirement of a WAN port;
the judging module is used for judging whether the local terminal equipment and the opposite terminal equipment have the same transmission domain information;
and the networking module is used for establishing a tunnel between the WAN ports with the same transmission domain information in the local terminal equipment and the opposite terminal equipment if the WAN ports have the same transmission domain information.
Optionally, the apparatus further comprises:
and the configuration module is used for configuring corresponding transmission domain information for each WAN port of the new equipment according to the service requirements of each WAN port of the new equipment when the new equipment is detected to be added into the SD-WAN.
In order to achieve the above object, the present invention further provides a computer device, which specifically includes: a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the steps of the SD-WAN based networking method introduced above when executing the computer program.
In order to achieve the above object, the present invention also provides a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the SD-WAN based networking method introduced above.
According to the networking method, the networking device, the networking equipment and the storage medium based on the SD-WAN, different transmission domain information is configured for each WAN port of the equipment, and a tunnel is established between the WAN ports with the same transmission domain information between the equipment at two ends, so that the visualization of the tunnel between the equipment at two ends is realized; the specific use of a certain tunnel can be well distinguished through the transmission domain information, and a special service can be dispatched to the tunnel related to the appointed transmission domain information, so that the logical isolation of the service is realized, and the safety of the service is guaranteed.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
fig. 1 is an alternative flowchart of a SD-WAN based networking method according to an embodiment of the present invention;
fig. 2 is a schematic diagram of an alternative configuration of the SD-WAN based networking device according to the second embodiment;
fig. 3 is a schematic diagram of an alternative hardware architecture of the computer device according to the third embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example one
The embodiment of the invention provides a networking method based on an SD-WAN (secure digital-to-WAN), which is applied to a controller of the SD-WAN, and as shown in figure 1, the method specifically comprises the following steps:
step S101: and determining the local terminal equipment and the opposite terminal equipment which need to be networked in the SD-WAN.
The home terminal equipment is newly added into the SD-WAN network, or the home terminal equipment is equipment which needs to be subjected to networking configuration again in the SD-WAN network;
it should be noted that when a certain device is added to the SD-WAN network, networking configuration needs to be performed between the device and other devices in the SD-WAN network; when the device role or service requirement of a certain device in the SD-WAN network changes, the device needs to be subjected to networking configuration again; wherein, the device role includes: a central node and a branch node.
Specifically, step S101 includes:
when the local terminal equipment is a central node of the SD-WAN, determining other central nodes in the SD-WAN as the opposite terminal equipment;
and when the local terminal equipment is a branch node of the SD-WAN, determining the opposite terminal equipment from all central nodes and other branch nodes of the SD-WAN according to the networking relationship including the branch node.
In this embodiment, one central node in the SD-WAN network needs to be networked with other central nodes in the SD-WAN network; in addition, the networking relationship is information set by a user in advance according to network planning, and the networking relationship comprises an initial branch node, a termination branch node and a central node passing from the initial branch node to the termination branch node.
Step S102: respectively acquiring transmission domain information of each WAN port of the local terminal equipment and transmission domain information of each WAN port of the opposite terminal equipment; the transmission domain information is used for representing the service requirement of the WAN port.
Specifically, before step S102, the method further includes:
and when detecting that new equipment is added into the SD-WAN, configuring corresponding transmission domain information for each WAN port of the new equipment according to the service requirement of each WAN port of the new equipment.
Further, the transmission domain information includes: service type information, service security level information and service operator information;
configuring corresponding transmission domain information for each WAN port of the new device according to the service requirements of each WAN port of the new device, specifically comprising:
aiming at the new equipment, when the service requirement of one WAN port is to transmit the service of the specified type through the WAN port, configuring service type information corresponding to the service of the specified type for the WAN port;
when the service requirement of a WAN port is that a service with a specified security level is transmitted through the WAN port, configuring service security level information corresponding to the specified security level for the WAN port;
when the service requirement of a WAN port is that the WAN port transmits under a specified operator, configuring service operator information corresponding to the specified operator for the WAN port.
In this embodiment, the service requirements of each WAN port are distinguished by the transmission domain information, so that the service requirements of each WAN port are visualized.
Step S103: and judging whether the local terminal equipment and the opposite terminal equipment have the same transmission domain information.
Step S104: if the transmission domain information is the same, a tunnel is established between the local terminal equipment and the WAN ports with the same transmission domain information in the opposite terminal equipment.
In this embodiment, a certain type of service may be transmitted in a specified tunnel through transmitting domain information, or a service with a higher security level requirement may be transmitted in a specified tunnel, so as to ensure security of service transmission, and also ensure that a certain service is completed in a specified operator. In the embodiment, different transmission domain information is configured for each WAN port of the device, and a tunnel is established between the WAN ports of the devices at the two ends according to the transmission domain information, so that the tunnel between the devices at the two ends is visualized; the specific use of a certain tunnel can be well distinguished through the transmission domain information, and a special service can be dispatched to the tunnel related to the appointed transmission domain information, so that the logical isolation of the service is realized, and the safety of the service is guaranteed.
It should be further noted that, in practical applications, if there is no special requirement for the networking configuration of the two-end devices, all WAN ports of the two-end devices may be configured with the same transmission domain information, so that a tunnel may be established between the WAN ports of the two-end devices according to the existing networking manner.
Specifically, the method further comprises:
judging whether WAN port information of the networked target equipment changes or not;
and if so, sending the WAN port information after the target equipment is changed to other equipment which is networked with the target equipment.
Furthermore, the method further comprises:
detecting networking relation formed by the networked devices;
when detecting that a new device is added to the networking relationship, establishing a tunnel between the device and each WAN port of other devices in the networking relationship according to the modes from the step S101 to the step S104;
and when detecting that the equipment is deleted from the networking relationship, deleting the tunnel between the equipment and other equipment in the networking relationship.
Further, the method further comprises:
step A1: creating a central node group, and adding at least two central nodes in the SD-WAN into the central node group;
step A2: setting priorities from 0 to N for each central node in the central node group respectively; when the priority is 0, representing that the central node does not participate in networking;
step A3: for a branch node of the SD-WAN, a tunnel is established between the branch node and each non-0-priority central node in the set of central nodes.
In this embodiment, a plurality of available central nodes are put into one central node group to be managed and used, so that the branch nodes can be directly connected with the central node group without individually selecting the central node to be connected. In addition, in this embodiment, corresponding priority information is set for each central node in the central node group: 0 to N, and N is a positive integer greater than 2. When the priority of one central node is 0, the central node does not participate in networking; the priorities 1 to N represent that if the branch nodes can reach through a plurality of central nodes, the service paths of the branch nodes after accessing the central nodes are determined by the priorities; the branch node preferentially uses the central node with the maximum priority level to carry out service transmission, and when the central node with the maximum priority level cannot work, the service transmission can be automatically switched to the central node with the second priority level, and so on.
Still further, the method further comprises:
when the priority of one central node in the central node group is changed from 0 to non-0, a tunnel is established between the branch node and the central node;
and when the priority of one central node in the central node group is changed from 0 to 0, deleting the tunnel between the branch node and the central node.
In this embodiment, if it is desired to remove the networking between a central node and a branch node in the central node group, the priority of the central node may be modified to 0, and therefore, the central node may delete the networking between the central node and all the branch nodes; if a certain central node in the central node group is required to participate in networking, the priority of the central node is modified to be not 0. Therefore, when the priorities of the central nodes in the central node group change, the corresponding adjustment of the tunnel is caused; if the priority of one central node in the central node group is adjusted from 0 to non-0, adding tunnels between the central node and each branch node which refers to the central node group; if the priority of a central node in the central node group is adjusted from 0 to 0, the tunnel between the central node and each branch node referring to the central node group is deleted.
Example two
The embodiment of the invention provides a networking device based on an SD-WAN (secure digital-to-WAN), which is applied to a controller of the SD-WAN, and as shown in figure 2, the networking device specifically comprises the following components:
1) a determining module 201, configured to determine a local device and an opposite device that need to be networked in the SD-WAN.
Specifically, the local terminal device is a device newly added to the SD-WAN network, or the local terminal device is a device in the SD-WAN network that needs to be configured again;
it should be noted that when a certain device is added to the SD-WAN network, networking configuration needs to be performed between the device and other devices in the SD-WAN network; when the device role or service requirement of a certain device in the SD-WAN network changes, the device needs to be subjected to networking configuration again; wherein, the device role includes: a central node and a branch node.
Further, the determining module 201 is specifically configured to:
when the local terminal equipment is a central node of the SD-WAN, determining other central nodes in the SD-WAN as the opposite terminal equipment;
and when the local terminal equipment is a branch node of the SD-WAN, determining the opposite terminal equipment from all central nodes and other branch nodes of the SD-WAN according to the networking relationship including the branch node.
In this embodiment, one central node in the SD-WAN network needs to be networked with other central nodes in the SD-WAN network; in addition, the networking relationship is information set by a user in advance according to network planning, and the networking relationship comprises an initial branch node, a termination branch node and a central node passing from the initial branch node to the termination branch node.
2) An obtaining module 202, configured to obtain transmission domain information of each WAN port of the local device and transmission domain information of each WAN port of the opposite device respectively; the transmission domain information is used for representing the service requirement of the WAN port.
Specifically, the apparatus further comprises:
and the configuration module is used for configuring corresponding transmission domain information for each WAN port of the new equipment according to the service requirements of each WAN port of the new equipment when the new equipment is detected to be added into the SD-WAN.
Further, the transmission domain information includes: service type information, service security level information and service operator information;
wherein the configuration module is specifically configured to:
aiming at the new equipment, when the service requirement of one WAN port is to transmit the service of the specified type through the WAN port, configuring service type information corresponding to the service of the specified type for the WAN port;
when the service requirement of a WAN port is that a service with a specified security level is transmitted through the WAN port, configuring service security level information corresponding to the specified security level for the WAN port;
when the service requirement of a WAN port is that the WAN port transmits under a specified operator, configuring service operator information corresponding to the specified operator for the WAN port.
In this embodiment, the service requirements of each WAN port are distinguished by the transmission domain information, so that the service requirements of each WAN port are visualized.
3) The determining module 203 is configured to determine whether the local device and the peer device have the same transmission domain information.
4) The networking module 204 is configured to establish a tunnel between the WAN ports having the same transmission domain information in the local terminal device and the opposite terminal device if the WAN ports have the same transmission domain information.
In this embodiment, a certain type of service may be transmitted in a specified tunnel through transmitting domain information, or a service with a higher security level requirement may be transmitted in a specified tunnel, so as to ensure security of service transmission, and also ensure that a certain service is completed in a specified operator. In the embodiment, different transmission domain information is configured for each WAN port of the device, and a tunnel is established between the WAN ports of the devices at the two ends according to the transmission domain information, so that the tunnel between the devices at the two ends is visualized; the specific use of a certain tunnel can be well distinguished through the transmission domain information, and a special service can be dispatched to the tunnel related to the appointed transmission domain information, so that the logical isolation of the service is realized, and the safety of the service is guaranteed.
Further, the apparatus further comprises:
the synchronization module is used for judging whether WAN port information of the networked target equipment changes or not; and if so, sending the WAN port information after the target equipment is changed to other equipment which is networked with the target equipment.
Further, the apparatus further comprises:
the central module is used for creating a central node group and adding at least two central nodes in the SD-WAN into the central node group; setting priorities from 0 to N for each central node in the central node group respectively; when the priority is 0, representing that the central node does not participate in networking; for a branch node of the SD-WAN, a tunnel is established between the branch node and each non-0-priority central node in the set of central nodes.
In this embodiment, a plurality of available central nodes are put into one central node group to be managed and used, so that the branch nodes can be directly connected with the central node group without individually selecting the central node to be connected. In addition, in this embodiment, corresponding priority information is set for each central node in the central node group: 0 to N, and N is a positive integer greater than 2. When the priority of one central node is 0, the central node does not participate in networking; the priorities 1 to N represent that if the branch nodes can reach through a plurality of central nodes, the service paths of the branch nodes after accessing the central nodes are determined by the priorities; the branch node preferentially uses the central node with the maximum priority level to carry out service transmission, and when the central node with the maximum priority level cannot work, the service transmission can be automatically switched to the central node with the second priority level, and so on.
Still further, the apparatus further comprises:
an updating module, configured to establish a tunnel between the branch node and the central node when the priority of one central node in the central node group is changed from 0 to non-0; and when the priority of one central node in the central node group is changed from 0 to 0, deleting the tunnel between the branch node and the central node.
In this embodiment, if it is desired to remove the networking between a central node and a branch node in the central node group, the priority of the central node may be modified to 0, and therefore, the central node may delete the networking between the central node and all the branch nodes; if a certain central node in the central node group is required to participate in networking, the priority of the central node is modified to be not 0. Therefore, when the priorities of the central nodes in the central node group change, the corresponding adjustment of the tunnel is caused; if the priority of one central node in the central node group is adjusted from 0 to non-0, adding tunnels between the central node and each branch node which refers to the central node group; if the priority of a central node in the central node group is adjusted from 0 to 0, the tunnel between the central node and each branch node referring to the central node group is deleted.
EXAMPLE III
The embodiment also provides a computer device, such as a smart phone, a tablet computer, a notebook computer, a desktop computer, a rack server, a blade server, a tower server or a rack server (including an independent server or a server cluster composed of a plurality of servers) capable of executing programs, and the like. As shown in fig. 3, the computer device 30 of the present embodiment includes at least but is not limited to: a memory 301, a processor 302 communicatively coupled to each other via a system bus. It is noted that FIG. 3 only shows the computer device 30 having components 301 and 302, but it is understood that not all of the shown components are required and that more or fewer components may be implemented instead.
In this embodiment, the memory 301 (i.e., the readable storage medium) includes a flash memory, a hard disk, a multimedia card, a card-type memory (e.g., SD or DX memory, etc.), a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a read-only memory (ROM), an electrically erasable programmable read-only memory (EEPROM), a programmable read-only memory (PROM), a magnetic memory, a magnetic disk, an optical disk, and the like. In some embodiments, the storage 301 may be an internal storage unit of the computer device 30, such as a hard disk or a memory of the computer device 30. In other embodiments, the memory 301 may also be an external storage device of the computer device 30, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), or the like, provided on the computer device 30. Of course, the memory 301 may also include both internal and external storage devices for the computer device 30. In the present embodiment, the memory 301 is generally used for storing an operating system and various types of application software installed in the computer device 30. In addition, the memory 301 may also be used to temporarily store various types of data that have been output or are to be output.
Processor 302 may be a Central Processing Unit (CPU), controller, microcontroller, microprocessor, or other data Processing chip in some embodiments. The processor 302 generally serves to control the overall operation of the computer device 30.
Specifically, in this embodiment, the processor 302 is configured to execute the SD-WAN based networking method program stored in the processor 302, and when executed, the SD-WAN based networking method program implements the following steps:
determining local terminal equipment and opposite terminal equipment which need to be networked in the SD-WAN;
respectively acquiring transmission domain information of each WAN port of the local terminal equipment and transmission domain information of each WAN port of the opposite terminal equipment; the transmission domain information is used for representing the service requirement of a WAN port;
judging whether the local terminal equipment and the opposite terminal equipment have the same transmission domain information;
if the transmission domain information is the same, a tunnel is established between the local terminal equipment and the WAN ports with the same transmission domain information in the opposite terminal equipment.
The specific embodiment process of the above method steps can be referred to in the first embodiment, and the detailed description of this embodiment is not repeated here.
Example four
The present embodiments also provide a computer readable storage medium, such as a flash memory, a hard disk, a multimedia card, a card type memory (e.g., SD or DX memory, etc.), a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a Read Only Memory (ROM), an Electrically Erasable Programmable Read Only Memory (EEPROM), a Programmable Read Only Memory (PROM), a magnetic memory, a magnetic disk, an optical disk, a server, an App application mall, etc., having stored thereon a computer program that when executed by a processor implements the method steps of:
determining local terminal equipment and opposite terminal equipment which need to be networked in the SD-WAN;
respectively acquiring transmission domain information of each WAN port of the local terminal equipment and transmission domain information of each WAN port of the opposite terminal equipment; the transmission domain information is used for representing the service requirement of a WAN port;
judging whether the local terminal equipment and the opposite terminal equipment have the same transmission domain information;
if the transmission domain information is the same, a tunnel is established between the local terminal equipment and the WAN ports with the same transmission domain information in the opposite terminal equipment.
The specific embodiment process of the above method steps can be referred to in the first embodiment, and the detailed description of this embodiment is not repeated here.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner.
The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.
Claims (10)
1. An SD-WAN-based networking method, applied to a controller of an SD-WAN, comprises the following steps:
determining local terminal equipment and opposite terminal equipment which need to be networked in the SD-WAN;
respectively acquiring transmission domain information of each WAN port of the local terminal equipment and transmission domain information of each WAN port of the opposite terminal equipment; the transmission domain information is used for representing the service requirement of a WAN port;
judging whether the local terminal equipment and the opposite terminal equipment have the same transmission domain information;
if the transmission domain information is the same, a tunnel is established between the local terminal equipment and the WAN ports with the same transmission domain information in the opposite terminal equipment.
2. The SD-WAN-based networking method according to claim 1, wherein before determining a home device and an opposite device in the SD-WAN that need to be networked, the method further comprises:
and when detecting that new equipment is added into the SD-WAN, configuring corresponding transmission domain information for each WAN port of the new equipment according to the service requirement of each WAN port of the new equipment.
3. The SD-WAN-based networking method according to claim 1, wherein the determining a home terminal device and an opposite terminal device that need to be networked in the SD-WAN specifically includes:
when the local terminal equipment is a central node of the SD-WAN, determining other central nodes in the SD-WAN as the opposite terminal equipment;
and when the local terminal equipment is a branch node of the SD-WAN, determining the opposite terminal equipment from all central nodes and other branch nodes of the SD-WAN according to the networking relationship including the branch node.
4. The SD-WAN based networking method of claim 1, further comprising:
judging whether WAN port information of the networked target equipment changes or not;
and if so, sending the WAN port information after the target equipment is changed to other equipment which is networked with the target equipment.
5. The SD-WAN based networking method of claim 1, further comprising:
creating a central node group, and adding at least two central nodes in the SD-WAN into the central node group;
setting priorities from 0 to N for each central node in the central node group respectively; when the priority is 0, representing that the central node does not participate in networking;
for a branch node of the SD-WAN, a tunnel is established between the branch node and each non-0-priority central node in the set of central nodes.
6. The SD-WAN based networking method of claim 5, further comprising:
when the priority of one central node in the central node group is changed from 0 to non-0, a tunnel is established between the branch node and the central node;
and when the priority of one central node in the central node group is changed from 0 to 0, deleting the tunnel between the branch node and the central node.
7. An SD-WAN-based networking device, applied to a controller of an SD-WAN, the device comprising:
the determining module is used for determining local terminal equipment and opposite terminal equipment which need to be networked in the SD-WAN;
an obtaining module, configured to obtain transmission domain information of each WAN port of the local device and transmission domain information of each WAN port of the opposite device, respectively; the transmission domain information is used for representing the service requirement of a WAN port;
the judging module is used for judging whether the local terminal equipment and the opposite terminal equipment have the same transmission domain information;
and the networking module is used for establishing a tunnel between the WAN ports with the same transmission domain information in the local terminal equipment and the opposite terminal equipment if the WAN ports have the same transmission domain information.
8. The SD-WAN based networking device of claim 7, wherein the device further comprises:
and the configuration module is used for configuring corresponding transmission domain information for each WAN port of the new equipment according to the service requirements of each WAN port of the new equipment when the new equipment is detected to be added into the SD-WAN.
9. A computer device, the computer device comprising: memory, processor and computer program stored on the memory and executable on the processor, characterized in that the processor implements the steps of the method of any of claims 1 to 6 when executing the computer program.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method of any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010511737.5A CN111654399B (en) | 2020-06-08 | 2020-06-08 | Networking method, device, equipment and storage medium based on SD-WAN |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010511737.5A CN111654399B (en) | 2020-06-08 | 2020-06-08 | Networking method, device, equipment and storage medium based on SD-WAN |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111654399A true CN111654399A (en) | 2020-09-11 |
| CN111654399B CN111654399B (en) | 2022-10-18 |
Family
ID=72349048
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010511737.5A Active CN111654399B (en) | 2020-06-08 | 2020-06-08 | Networking method, device, equipment and storage medium based on SD-WAN |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111654399B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113518104A (en) * | 2021-03-11 | 2021-10-19 | 网宿科技股份有限公司 | Data message processing method, transfer equipment and system |
| CN113572642A (en) * | 2021-07-23 | 2021-10-29 | 奇安信科技集团股份有限公司 | Networking method, device and system |
| CN113630276A (en) * | 2021-08-16 | 2021-11-09 | 迈普通信技术股份有限公司 | Main/standby switching control method and device and DVPN network system |
| CN115834274A (en) * | 2023-02-14 | 2023-03-21 | 广东奥飞数据科技股份有限公司 | SD-WAN (secure digital-wide area network) rapid networking method |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102938741A (en) * | 2012-10-30 | 2013-02-20 | 汉柏科技有限公司 | Method and system for controlling internet protocol security (IPSEC) load sharing |
| CN104301230A (en) * | 2014-10-10 | 2015-01-21 | 杭州华三通信技术有限公司 | Message forwarding method and device |
| CN108011907A (en) * | 2016-10-31 | 2018-05-08 | 华为技术有限公司 | The resource allocation methods and device of adapted telecommunication net |
| CN108989210A (en) * | 2017-06-02 | 2018-12-11 | 中兴通讯股份有限公司 | A kind of tunnel selecting method and software defined network controller based on strategy |
| CN110290093A (en) * | 2018-03-19 | 2019-09-27 | 杭州达乎科技有限公司 | The SD-WAN network architecture and network-building method, message forwarding method |
| WO2020081947A1 (en) * | 2018-10-19 | 2020-04-23 | Futurewei Technologies, Inc. | Secure sd-wan port information distribution |
-
2020
- 2020-06-08 CN CN202010511737.5A patent/CN111654399B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102938741A (en) * | 2012-10-30 | 2013-02-20 | 汉柏科技有限公司 | Method and system for controlling internet protocol security (IPSEC) load sharing |
| CN104301230A (en) * | 2014-10-10 | 2015-01-21 | 杭州华三通信技术有限公司 | Message forwarding method and device |
| CN108011907A (en) * | 2016-10-31 | 2018-05-08 | 华为技术有限公司 | The resource allocation methods and device of adapted telecommunication net |
| CN108989210A (en) * | 2017-06-02 | 2018-12-11 | 中兴通讯股份有限公司 | A kind of tunnel selecting method and software defined network controller based on strategy |
| CN110290093A (en) * | 2018-03-19 | 2019-09-27 | 杭州达乎科技有限公司 | The SD-WAN network architecture and network-building method, message forwarding method |
| WO2020081947A1 (en) * | 2018-10-19 | 2020-04-23 | Futurewei Technologies, Inc. | Secure sd-wan port information distribution |
Non-Patent Citations (2)
| Title |
|---|
| RUBÉN E. MORA-HUIRACOCHA; PABLO L. GALLEGOS-SEGOVIA; PAÚL E. VIN: ""Implementation of a SD-WAN for the interconnection of two software defined data centers"", 《 2019 IEEE COLOMBIAN CONFERENCE ON COMMUNICATIONS AND COMPUTING (COLCOM)》 * |
| 夏国鹏: ""一种面向融合SD-WAN广域网接入设计及其加速技术研究"", 《中国优秀博硕士学位论文全文数据库(硕士)信息科技辑》 * |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113518104A (en) * | 2021-03-11 | 2021-10-19 | 网宿科技股份有限公司 | Data message processing method, transfer equipment and system |
| CN113572642A (en) * | 2021-07-23 | 2021-10-29 | 奇安信科技集团股份有限公司 | Networking method, device and system |
| CN113572642B (en) * | 2021-07-23 | 2024-05-10 | 奇安信科技集团股份有限公司 | Networking method, device and system |
| CN113630276A (en) * | 2021-08-16 | 2021-11-09 | 迈普通信技术股份有限公司 | Main/standby switching control method and device and DVPN network system |
| CN113630276B (en) * | 2021-08-16 | 2024-04-09 | 迈普通信技术股份有限公司 | Main-standby switching control method and device and DVPN network system |
| CN115834274A (en) * | 2023-02-14 | 2023-03-21 | 广东奥飞数据科技股份有限公司 | SD-WAN (secure digital-wide area network) rapid networking method |
| CN115834274B (en) * | 2023-02-14 | 2023-04-18 | 广东奥飞数据科技股份有限公司 | SD-WAN (secure digital-wide area network) rapid networking method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111654399B (en) | 2022-10-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111654399B (en) | Networking method, device, equipment and storage medium based on SD-WAN | |
| CN108769258B (en) | Method and apparatus for hosting blockchain network to blockchain application platform | |
| CN110266763B (en) | Method, system and storage medium for implementing block chain network interconnected across network segments | |
| CN111935110B (en) | Method and device for controlling permission of tenant to access container instance | |
| CN112217656B (en) | Method and device for synchronizing configuration information of network equipment in SD-WAN (secure digital-to-Wide area network) system | |
| CN109361525B (en) | Method, device, control terminal and medium for restarting distributed deployment of multiple services | |
| CN109391673A (en) | A kind of method, system and the terminal device of management update file | |
| CN105490843A (en) | Information processing method and system | |
| CN104468594A (en) | Data request method, device and system | |
| CN110855746A (en) | Middleware management method, electronic device and storage medium | |
| CN103716400A (en) | Method and system for achieving mobile working based on virtual machine | |
| CN111353136B (en) | Method and device for processing operation request | |
| CN110620706A (en) | Processing method and equipment | |
| CN112804099A (en) | Parameter batch configuration method and device, computer equipment and readable storage medium | |
| CN110888892A (en) | Block synchronization method, device and storage medium | |
| CN115604103A (en) | Configuration method and device of cloud computing system, storage medium and electronic equipment | |
| CN111447080B (en) | Private network decentralization control method, device and computer readable storage medium | |
| CN113312669B (en) | Password synchronization method, device and storage medium | |
| CN111654398B (en) | Configuration updating method and device, computer equipment and readable storage medium | |
| CN114567678A (en) | Resource calling method and device of cloud security service and electronic equipment | |
| CN110971716B (en) | Address configuration method, device, system and computer readable storage medium | |
| CN111124445B (en) | Home gateway upgrading method and home gateway | |
| EP2564552B1 (en) | Network management in a communications network | |
| CN105939214B (en) | Method and device for realizing network card function | |
| CN104902022B (en) | Distributed file acquisition method and distributed file acquisition system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: Room 332, 3 / F, Building 102, 28 xinjiekouwei street, Xicheng District, Beijing 100088 Applicant after: Qianxin Technology Group Co.,Ltd. Applicant after: Qianxin Wangshen information technology (Beijing) Co.,Ltd. Address before: Room 332, 3 / F, Building 102, 28 xinjiekouwei street, Xicheng District, Beijing 100088 Applicant before: Qianxin Technology Group Co.,Ltd. Applicant before: LEGENDSEC INFORMATION TECHNOLOGY (BEIJING) Inc. |
|
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |