CN113190368A

CN113190368A - Method, device and system for realizing table item check and computer storage medium

Info

Publication number: CN113190368A
Application number: CN202010080717.7A
Authority: CN
Inventors: 曹彦萍; 张震伟; 张伟
Original assignee: Huawei Technologies Co Ltd
Current assignee: Huawei Technologies Co Ltd
Priority date: 2020-01-14
Filing date: 2020-02-05
Publication date: 2021-07-30

Abstract

The application discloses a method, a device and a system for realizing table item inspection and a computer storage medium, belonging to the technical field of networks. The network equipment acquires a checking instruction, wherein the checking instruction comprises the identification of the table entry to be checked in the first software table. The network device checks whether an item which is the same as the item to be checked exists in a first hardware table of the network device based on the checking instruction, wherein the type of the first hardware table is the same as that of the first software table. The network equipment outputs a checking result, wherein the checking result comprises a first checking result of the table entry to be checked. In the application, the network equipment performs consistency check on the software table and the hardware table aiming at the specific table items to be checked based on the check instruction, so that the consumed processing resources are less, and the check flexibility is higher.

Description

Method, device and system for realizing table item check and computer storage medium

The present application claims priority from the chinese patent application, entitled "a method, apparatus and system for performing table entry checking," filed 202010036403.7, 14/01/2020, the entire contents of which are incorporated herein by reference.

Technical Field

The present application relates to the field of network technologies, and in particular, to a method, an apparatus, a system, and a computer storage medium for implementing entry checking.

Background

Common fault types in the communication network include configuration type faults, table entry type faults, hardware type faults, congestion type faults, attack type faults, state type faults, resource type faults, non-network side faults and the like. The entry-like failure includes a service interruption caused by inconsistency of a software table and a hardware table in the network device. The software table is used for storing configuration data, and the hardware table is used for storing operation data of the chip.

At present, a timer is usually started at a Software Development Kit (SDK) side, and a network device is triggered regularly to check whether a software table and a hardware table of the network device are consistent in a full traversal manner. If the hardware table of the network equipment is inconsistent with the software table, the network equipment refreshes the hardware table to keep the hardware table consistent with the software table.

However, the network device checks the consistency of the software table and the hardware table in a full traversal manner at present, which causes the processing resource consumption of the network device to be large and the checking flexibility to be low.

Disclosure of Invention

The application provides a method, a device and a system for realizing table item checking and a computer storage medium, which can solve the problems of higher processing resource consumption and lower checking flexibility in the process of checking the consistency of a software table and a hardware table by network equipment at present.

In a first aspect, a method for implementing table entry checking is provided. The method comprises the following steps: the network equipment acquires a checking instruction, wherein the checking instruction comprises the identification of the table entry to be checked in the first software table. The network device checks whether an item which is the same as the item to be checked exists in a first hardware table of the network device based on the checking instruction, wherein the type of the first hardware table is the same as that of the first software table. The network equipment outputs a checking result, wherein the checking result comprises a first checking result of the table entry to be checked. The first hardware table is located in a forwarding chip of the network device.

In the application, because the check instruction obtained by the network device includes the identifier of the table entry to be checked in the first software table, the network device can perform consistency check on the software table and the hardware table aiming at the specific table entry to be checked based on the check instruction.

Optionally, after the network device obtains the checking instruction, the network device obtains, based on the checking instruction, an associated entry of the entry to be checked in a second software table, where the type of the second software table is different from the type of the first software table. The network device checks whether an entry identical to the associated entry exists in a second hardware table of the network device, the type of the second hardware table being identical to the type of the second software table. The checking result output by the network device also comprises a second checking result of the association table entry.

In the application, because the associated table entry fault of the table entry to be checked may cause the table entry to be checked to be inconsistent in the software table and the hardware table, the network device checks the consistency of the associated table entry of the table entry to be checked in the software table and the hardware table, and the accuracy of locating the fault table entry can be improved.

Optionally, the network device obtains the checking instruction, including: the network device receives the checking instruction sent by the management device. The network equipment outputs the checking result, including: the network device sends the check result to the management device. Optionally, the management device is a controller or an analyzer.

Optionally, after the network device sends the check result to the management device, the network device receives an account checking instruction sent by the management device, where the account checking instruction includes a type of the fault table and an identifier of a fault entry in the fault table. When the fault table entry comprises a table entry to be checked, the network device updates the first hardware table, so that the updated first hardware table has the table entry which is the same as the table entry to be checked. When the fault table entry comprises an associated table entry of the table entry to be checked in the second software table, the network device updates the second hardware table, so that the updated second hardware table has the same table entry as the associated table entry. The type of the second software table is different from that of the first software table, and the type of the second hardware table is the same as that of the second software table.

In the application, the network device only needs to execute the corresponding steps according to the instruction issued by the management device, for example, the consistency check of the software table and the hardware table is performed on the table entry to be checked according to the check instruction issued by the management device, the corresponding hardware table is updated according to the reconciliation instruction issued by the management device, the network device does not need to make a decision by itself, and the processing resource of the network device is further saved.

Optionally, after the network device checks whether an entry that is the same as the entry to be checked exists in the first hardware table of the network device based on the check instruction, when the first entry does not exist in the first hardware table, the network device writes the entry to be checked into the first hardware table, where an identifier of the first entry is the same as an identifier of the entry to be checked. When the first hardware table has a first table entry and the first table entry is different from the table entry to be checked, the network device updates the first table entry by using the table entry to be checked, so that the updated first table entry is the same as the table entry to be checked. The network device updates the first table entry by using the table entry to be checked, and the method comprises the following steps: the network device replaces the first table entry with the table entry to be checked, or the network device modifies the first table entry according to the table entry to be checked.

Optionally, after the network device checks whether an entry identical to the associated entry exists in a second hardware table of the network device, when the second hardware table does not exist, the network device writes the associated entry into the second hardware table, where an identifier of the second entry is identical to an identifier of the associated entry. When a second table entry exists in the second hardware table and the second table entry is different from the associated table entry, the network device updates the second table entry by using the associated table entry, so that the updated second table entry is the same as the associated table entry.

Optionally, the identifier of the entry to be checked includes a key value of the entry to be checked in the first software table. The key value can uniquely identify the table entry to be checked in the first software table.

Optionally, the check instruction further comprises a type of the first software table.

Optionally, the first software table is an ARP table, a forwarding table, a routing table, or a MAC table.

Optionally, the first check result includes a type of the first software table, an identifier of the table entry to be checked, and a fault type of the table entry to be checked.

In a second aspect, a method for implementing table entry checking is provided, where the method includes: the management device sends a checking instruction to the target network device, wherein the checking instruction comprises an identifier of an item to be checked in a first software table of the target network device, the checking instruction is used for instructing the target network device to check whether an item which is the same as the item to be checked exists in a first hardware table of the target network device, and the type of the first hardware table is the same as that of the first software table. The management device receives a checking result sent by the target network device, wherein the checking result comprises a first checking result of the target network device to-be-checked table entry.

Optionally, the management device is an analyzer or a controller.

In one implementation, when the management device is an analyzer, the sending, by the management device, a check instruction to the target network device includes: the analyzer sends a check instruction to the target network device through the controller. Optionally, the analyzer sends a notification message to the controller, where the notification message includes an identifier of the target network device and an identifier of the table entry to be checked, so as to notify the controller to instruct the target network device to check whether the same table entry as the table entry to be checked exists in the hardware table of the target network device, that is, notify the controller to send a check instruction to the target network device. Or, the analyzer sends a check instruction to the controller, and the controller forwards the check instruction to the target network device. Of course, the analyzer may also send the checking instruction directly to the target network device.

In another implementation, when the management device is a controller, the sending, by the management device, a check instruction to the target network device includes: the controller sends the checking instruction directly to the target network device. Optionally, the controller sends the check instruction to the target network device after receiving the notification message sent by the analyzer and including the identifier of the target network device and the identifier of the entry to be checked.

Optionally, the management device determines the target network device before the management device sends the checking instruction to the target network device. The management device determines an entry to be checked in a first software table of the target network device. The management device may be an analyzer.

Optionally, the determining, by the management device, an implementation procedure of the target network device includes: when a transmission path of a target message in a communication network is an abnormal flow path, the management device determines to-be-determined fault equipment on a normal flow path based on the abnormal flow path and the normal flow path, wherein the normal flow path is a history path of successful communication process between a source end device of the target message and a destination end device of the target message based on a history message. When the management equipment cannot determine the fault equipment in the equipment to be determined, the management equipment determines the equipment to be determined as target network equipment. Optionally, the target message is a TCP control message.

Optionally, the determining, by the management device, an implementation procedure of an entry to be checked in a first software table in the target network device includes: and the management equipment determines the corresponding table entry of the target message in the first software table as the table entry to be checked. The table entry to be checked may be an entry in the target network device for forwarding the target packet.

In the method and the system, the management equipment can be positioned to the equipment with the fault to be determined, when the communication network has a fault, the equipment with the fault to be determined only needs to check the consistency of the software table and the hardware table, and other network equipment in the communication network does not need to check the consistency of the software table and the hardware table, so that the processing resources of normal network equipment are saved. In addition, the management device can also determine the item to be checked of the device to be checked, so that the device to be checked only needs to check the consistency of the software table and the hardware table aiming at the item to be checked, and compared with the prior method of adopting a full traversal mode to check the consistency of the software table and the hardware table in the network device, the network device consumes less processing resources and has higher checking flexibility.

Optionally, the first check result includes a type of the first software table, an identifier of the table entry to be checked, and a fault type of the table entry to be checked, and after the management device receives the check result sent by the target network device, the management device determines whether the table entry to be checked is faulty based on the first check result. After determining that the table item to be checked is in fault, the management device sends a reconciliation instruction to the target network device, wherein the reconciliation instruction comprises the type of the first software table and the identification of the table item to be checked. The reconciliation instruction is used for instructing the target network equipment to update the first hardware table, so that the updated first hardware table has the same table entry as the table entry to be checked. The analyzer may determine whether the table entry to be checked is faulty based on the first checking result, and send a reconciliation instruction to the target network device through the controller after determining that the table entry to be checked is faulty.

Optionally, the checking result further includes a second checking result of an associated entry of the entry to be checked in a second software table, where the type of the second software table is different from the type of the first software table.

Optionally, the second check result includes a type of the second software table, an identifier of the associated table entry, and a fault type of the associated table entry, and after the management device receives the check result sent by the target network device, the management device determines whether the associated table entry is faulty based on the second check result. After determining that the association table entry fails, the management device sends a reconciliation instruction to the target network device, wherein the reconciliation instruction comprises the type of the second software table and the identifier of the association table entry. The tie-out instruction is used for instructing the target network device to update the second hardware table, so that an entry which is the same as the associated entry exists in the updated second hardware table, and the type of the second hardware table is the same as that of the second software table. The analyzer may determine whether the association table entry is faulty based on the second check result, and send a reconciliation instruction to the target network device through the controller after determining that the association table entry is faulty.

Optionally, the reconciliation instruction sent by the management device after determining that the entry to be checked is faulty based on the first check result, and the reconciliation instruction sent after determining that the associated entry is faulty based on the second check result may be the same reconciliation instruction or different reconciliation instructions. That is, one tie-out instruction may include a plurality of types of fault tables and identifications of fault entries in the fault tables, or each tie-out instruction includes a type of a fault table and an identification of a fault entry in the fault table.

In a third aspect, an apparatus for implementing table entry checking is provided. The apparatus comprises a plurality of functional modules that interact to implement the method of the first aspect and its embodiments described above. The functional modules can be implemented based on software, hardware or a combination of software and hardware, and the functional modules can be combined or divided arbitrarily based on specific implementation.

In a fourth aspect, an apparatus for implementing table entry checking is provided. The apparatus comprises a plurality of functional modules, which interact to implement the method of the second aspect and its embodiments described above. The functional modules can be implemented based on software, hardware or a combination of software and hardware, and the functional modules can be combined or divided arbitrarily based on specific implementation.

In a fifth aspect, a network device is provided, which includes: a processor and a memory;

the memory for storing a computer program, the computer program comprising program instructions;

the processor is configured to invoke the computer program to implement the method for implementing entry checking according to any one of the first aspect.

In a sixth aspect, there is provided a management device comprising: a processor and a memory;

the processor is configured to invoke the computer program to implement the method for implementing entry checking according to any of the second aspects.

In a seventh aspect, a system for implementing entry checking is provided, where the system includes a network device in a communication network, and the network device includes the apparatus for implementing entry checking according to the third aspect.

Optionally, the system further includes a management device, the management device is connected to the network device, and the management device includes the apparatus for implementing entry checking according to the fourth aspect.

Optionally, the management device comprises an analyzer and/or a controller.

In an eighth aspect, a computer storage medium is provided, where the computer storage medium stores instructions that, when executed by a processor of a network device, implement the method for implementing entry checking according to any one of the first aspect; alternatively, the instructions, when executed by a processor of a management device, implement a method for implementing entry checking as described in any of the second aspects.

In a ninth aspect, there is provided a chip comprising programmable logic and/or program instructions that, when run, implement the method of the first aspect and its embodiments or the method of the second aspect and its embodiments.

The beneficial effect that technical scheme that this application provided brought includes at least:

in the method and the system, the management equipment can be positioned to the equipment with the fault to be determined, when the communication network has a fault, the equipment with the fault to be determined only needs to check the consistency of the software table and the hardware table, and other network equipment in the communication network does not need to check the consistency of the software table and the hardware table, so that the processing resources of normal network equipment are saved. In addition, the management device can also determine the item to be checked of the device to be checked, so that the device to be checked only needs to check the consistency of the software table and the hardware table aiming at the item to be checked, and compared with the prior method of adopting a full traversal mode to check the consistency of the software table and the hardware table in the network device, the network device consumes less processing resources and has higher checking flexibility. In addition, the network device only needs to execute the corresponding steps according to the instruction issued by the management device, for example, the consistency check of the software table and the hardware table is performed on the table entry to be checked according to the check instruction issued by the management device, the corresponding hardware table is updated according to the reconciliation instruction issued by the management device, the network device does not need to make a decision by itself, and the processing resource of the network device is further saved.

Drawings

Fig. 1 is a schematic structural diagram of a system for implementing entry checking according to an embodiment of the present application;

FIG. 2 is a schematic structural diagram of another system for implementing entry checking according to an embodiment of the present application;

fig. 3 is a flowchart illustrating a method for implementing entry checking according to an embodiment of the present application;

FIG. 4 is a flowchart illustrating another method for checking entries according to an embodiment of the present application;

FIG. 5 is a schematic diagram comparing a normal flow path with an abnormal flow path according to an embodiment of the present application;

FIG. 6 is a schematic diagram comparing a normal flow path with an abnormal flow path according to an embodiment of the present application;

FIG. 7 is a schematic structural diagram of an apparatus for implementing entry checking according to an embodiment of the present application;

FIG. 8 is a schematic structural diagram of another apparatus for implementing entry checking according to an embodiment of the present application;

FIG. 9 is a schematic structural diagram of another apparatus for implementing entry checking according to an embodiment of the present application;

fig. 10 is a block diagram of an apparatus for implementing entry checking according to an embodiment of the present application.

Detailed Description

To make the objects, technical solutions and advantages of the present application more clear, embodiments of the present application will be described in further detail below with reference to the accompanying drawings.

Fig. 1 is a schematic structural diagram of a system for implementing entry checking according to an embodiment of the present application. As shown in fig. 1, the system includes network devices 101a-101d (collectively referred to as network devices 101) in a communication network. The number of network devices in fig. 1 is merely illustrative and is not intended to limit the communication network provided by the embodiments of the present application.

The communication network provided in the embodiment of the present application may be a Data Center Network (DCN), a metropolitan area network, a wide area network, a campus area network, a Virtual Local Area Network (VLAN), a virtual extended local area network (VXLAN), or the like, and the type of the communication network is not limited in the embodiment of the present application. Network device 101 may be a switch or router, etc. The network device 101 provided by the embodiment of the present application has a forwarding chip built therein. The forwarding chip not only provides a forwarding function, but also supports the inquiry and modification of chip operation data. The hardware table in the network device is located in a forwarding chip of the network device, and the hardware table comprises chip operation data.

For example, the communication network in fig. 1 may be a fat tree or leaf-spine topology network, where network device 101a and network device 101b are spine switches, and network device 101c and network device 101d are leaf switches. The number of uplinks per leaf switch equals the number of spine switches, and the number of downlinks per spine switch equals the number of leaf switches. The leaf switch is used to access the workstation (including the terminal, server or virtual machine, etc.) to the communication network.

Optionally, fig. 2 is a schematic structural diagram of another system for implementing entry checking according to an embodiment of the present application. As shown in fig. 2, on the basis of the system shown in fig. 1, a management device 102 is further included in the system. The management device 102 is connected to each network device 101 in the communication network via a wired network or a wireless network. The dotted line in the figure indicates that the management apparatus 102 is connected to the network apparatus 101.

The management device 102 may be a server, a server cluster composed of several servers, or a cloud computing service center. Optionally, the management device 102 includes a collector, an analyzer, and/or a controller. The collector, the analyzer and the controller can be physical servers or virtual servers. The collector, analyzer and controller may be separate servers or may be integrated in the same server. The collector is used for collecting and analyzing information of messages transmitted in the communication network, equipment data of each network equipment in the communication network and the like, and storing analysis results in the database for the analyzer to use. Optionally, the device data comprises management plane data, data plane data and/or control plane data. The management surface data comprises configuration data, an alarm log and the like; the data plane data includes an Address Resolution Protocol (ARP) table, a Media Access Control (MAC) table, a forwarding info base (forwarding info base), a Routing Info Base (RIB), a tunnel state table (VXLAN network), a port state, and the like; the control plane data includes Central Processing Unit (CPU) data, memory data, Link Layer Discovery Protocol (LLDP) state, Border Gateway Protocol (BGP) state, Open Shortest Path First (OSPF) state, and the like, and BGP and OSPF are both routing protocols. The analyzer is used for analyzing the communication state of the communication network based on the database, for example, fault location of the communication network is carried out; the analyzer is also used for sending a notification message to the controller to notify the controller to issue an instruction to the network equipment. The controller is used for sending instructions to the network equipment and receiving instruction execution results returned by the network equipment.

Fig. 3 is a flowchart illustrating a method for implementing entry checking according to an embodiment of the present application. The method can be applied to the system for realizing the table entry check shown in FIG. 1. As shown in fig. 3, the method includes:

step 301, the network device obtains a checking instruction.

The check instruction includes an identification of an entry to be checked in the first software table. The check instruction may also include a type of the first software table. Optionally, the first software table is an ARP table, a forwarding table, a routing table, or a MAC table.

Optionally, the identifier of the entry to be checked includes a key value of the entry to be checked in the first software table, where the key value can uniquely identify the entry to be checked in the first software table. The key value of the entry to be checked in the first software table is the content of the key field of the entry to be checked in the first software table. Optionally, the key value of the entry to be checked in the first software table includes a Virtual Private Network (VPN) index and routing information. Of course, only the VPN index may be used as the identifier of the entry to be checked, and at this time, the entry to be checked, which is obtained by the network device based on the checking instruction, includes one or more entries having the same VPN index. The identifier of the entry to be checked may further include a part of entry content of the entry to be checked in the first software table.

Illustratively, the first software table is an ARP table, and the identification of the entries to be checked may include a VPN index and an IP address. Optionally, the VPN index is an L2VPN index (corresponding to a two-layer forwarding domain) or an L3VPN index (corresponding to a three-layer forwarding domain). Here, the two-layer forwarding domain may also be referred to as a Bridge Domain (BD), and the three-layer forwarding domain may also be referred to as a Virtual Local Area Network (VLAN).

Optionally, the check instruction obtained by the network device may be sent by the management device, or may also be manually input.

Optionally, the network device obtains the check instruction through a Command Line Interface (CLI) and/or a network configuration interface (NETCONF), and the embodiment of the present application does not limit the type of the interface for the network device to obtain the check instruction.

Step 302, the network device checks whether there is an entry in the first hardware table of the network device that is the same as the entry to be checked based on the checking instruction.

The first hardware table is of the same type as the first software table. Reasons for inconsistencies between hardware and software tables of the same type typically include: hard table entry does not exist, hard table entry field errors, hard table entry residuals and/or associated entry exceptions, etc. Wherein a hard table entry field error generally means that the hard table entry is different from the corresponding soft table entry, for example, a bit jump of the hard table entry may cause a hard table entry field error. Hard table entry residuals are typically caused by corresponding soft table entry misses.

Optionally, when the first entry does not exist in the first hardware table, the network device writes the table entry to be checked into the first hardware table. When the first hardware table has a first table entry and the first table entry is different from the table entry to be checked, the network device updates the first table entry by using the table entry to be checked, so that the updated first table entry is the same as the table entry to be checked. The identifier of the first table entry is the same as the identifier of the table entry to be checked. The network equipment updates the first table item by adopting the table item to be checked, and the method comprises the following steps: the network device replaces the first table entry with the table entry to be checked, or the network device modifies the first table entry according to the table entry to be checked.

Optionally, the network device queries whether a corresponding entry exists in the first hardware table of the forwarding chip according to the identifier of the entry to be checked. The network device updates the first hardware table of the forwarding chip by modifying an Application Programming Interface (API) of the forwarding chip.

In the embodiment of the present application, when the table entry to be checked in the first software table has an associated table entry in another software table, the network device performs steps 303 to 304; when the table to be checked entry in the first software table does not have an associated entry in the other software tables, the network device directly performs step 305.

Step 303, the network device obtains the associated table entry of the table entry to be checked in the second software table based on the checking instruction.

The second software table is of a different type than the first software table. Alternatively, the network device may obtain the associated entries of the entry to be checked in all other software tables except the first software table. In the embodiment of the present application, the second software table generally refers to other software tables different from the first software table, and the second software table may include one or more software tables different from the first software table.

Optionally, when the first software table is an ARP table, a routing table, or a forwarding table, the second software table may include an egress interface table.

Step 304, the network device checks whether there is an entry in the second hardware table of the network device that is the same as the associated entry.

The second hardware table is of the same type as the second software table. For the explanation of this step, reference may be made to the related explanation of step 302 above, and the description of the embodiments of the present application is omitted here.

Optionally, when the second entry does not exist in the second hardware table, the network device writes the association entry into the second hardware table. When a second table entry exists in the second hardware table and the second table entry is different from the associated table entry, the network device updates the second table entry by using the associated table entry, so that the updated second table entry is the same as the associated table entry. And the identifier of the second table entry is the same as the identifier of the associated table entry.

Step 305, the network device outputs the checking result.

The checking result comprises a first checking result of the table entry to be checked. Optionally, when the entry to be checked in the first software table has an associated entry in the second software table, the check result further includes a second check result for the associated entry. That is, the check result output by the network device may include the check results corresponding to all the entries checked by the network device.

Optionally, the first check result includes a type of the first software table, an identifier of the table item to be checked, and a fault type of the table item to be checked; the second checking result comprises the type of the second software table, the identification of the associated table entry of the table entry to be checked in the second software table and the fault type of the associated table entry. Wherein, the fault type of the entry can be represented by a fault code. Exemplarily, the fault code is "0", which indicates that the corresponding entry is normal; the fault code is "1", indicating that the corresponding entry is faulty. Alternatively, the check result may also indicate the cause of the failure of the entry. Exemplarily, the fault code is "1", which indicates that the fault reason of the corresponding entry is that the hard table entry does not exist; the fault code is '2', which indicates that the fault reason of the corresponding table entry is a hard table entry field error; and so on. Of course, the fault type of the entry may also be represented by letters, character strings, or characters, which is not limited in this embodiment.

By way of example, assume that the network device outputs the following checking results: (ARP, VPN1+ IP1, "2"), then: the hardware table corresponding to the ARP table of the network device has a hard table entry field error with a VPN index of 1 and an IP address of IP 1.

Alternatively, when the inspection instruction acquired by the network device is manually input, the network device outputs the inspection result, which may include: the network equipment outputs the checking result to the display equipment connected with the network equipment for the display equipment to display; or when the network device has the display function, the network device can display the inspection result on the network device, so that the operation and maintenance personnel can check and solve the fault. When the check instruction acquired by the network device is sent by the management device, the network device outputs a check result, including: the network device sends the check result to the management device.

To sum up, in the method for implementing table entry checking provided in the embodiment of the present application, since the checking instruction obtained by the network device includes the identifier of the table entry to be checked in the first software table, the network device may perform consistency checking on the software table and the hardware table for the specific table entry to be checked based on the checking instruction.

Fig. 4 is a flowchart illustrating another method for checking an entry according to an embodiment of the present application. The method can be applied to the system for realizing the table entry check shown in FIG. 2. As shown in fig. 4, the method includes:

step 401, the management device determines an entry to be checked in a first software table of the target network device.

For the type of the first software table and the relevant explanation of the to-be-checked table item, reference may be made to the relevant explanation in step 301, and details of the embodiment of the present application are not repeated herein.

Optionally, the management device determines a target network device in the communication network before determining the to-be-checked table entry in the first software table of the target network device, where the target network device refers to a network device that needs to perform consistency check of the software table and the hardware table. Optionally, the implementation process of the management device determining the target network device in the communication network includes:

in step S11, when the transmission path of the target packet in the communication network is an abnormal flow path, the management device determines a device to be failed on the normal flow path based on the abnormal flow path and the normal flow path.

Optionally, each network device in the communication network that receives the target packet generates a mirror packet of the target packet, and sends the mirror packet to the management device, and the management device determines a transmission path of the target packet according to the mirror packet sent by each network device. When the communication process based on the target message between the source end device of the target message and the destination end device of the target message fails, the management device determines that the transmission path of the target message is an abnormal flow path. In this embodiment, the target packet may be a Transmission Control Protocol (TCP) Control packet.

The normal flow path is a history path based on the success of the communication process of the history packet between the source end device of the target packet and the destination end device of the target packet. The history message may be a message transmitted before the target message, for example, may be a history TCP control message transmitted before the target message. The management device may store a normal flow path between a source device of one or more target packets and a destination device of the target packets, where the normal flow path may be obtained after determining, based on a mirror packet of a certain historical TCP control packet, that a communication process between the source device and the destination device based on the historical TCP control packet is successful. When the management device comprises a plurality of normal flow paths, the management device can determine to-be-determined fault devices on the normal flow paths based on the abnormal flow paths and the normal flow paths with the generation time closest to the transmission time of the target message; or, when the management device includes multiple normal flow paths, the management device may calculate a path matching degree between each normal flow path and the abnormal flow path, and determine the device to be failed on the normal flow path based on the normal flow path with the highest path matching degree with the abnormal flow path. The path matching degree of the normal flow path and the abnormal flow path is positively correlated with the length of the target path, the target path is a continuous path which starts from the source end of the normal flow path and the source end of the abnormal flow path, and the normal flow path is matched with the abnormal flow path. For example, if the abnormal flow path is a-b-c-d-e, the normal flow path is a-b-c-f, and the target path is a-b-c.

Illustratively, fig. 5 is a schematic diagram comparing a normal flow path with an abnormal flow path provided by an embodiment of the present application. As shown in fig. 5, the number of network devices in the abnormal flow path is different from the number of network devices in the normal flow path, and the normal flow path sequentially includes: network device A, network device B, network device C and network device D; the abnormal flow path sequentially comprises: network device a, network device B, and network device C. Fig. 6 is a schematic diagram comparing a normal flow path with an abnormal flow path according to an embodiment of the present application. As shown in fig. 6, the network devices on the abnormal flow path are different from the network devices on the normal flow path, and the normal flow path sequentially includes: network device A, network device B, network device C and network device D; the abnormal flow path sequentially comprises: network device a, network device B, network device E, and network device F. The transmission path provided by the embodiment of the present application does not include a source end device and a destination end device, and the illustration is only used for schematic illustration.

In the embodiment of the present application, the last network device on the normal flow path that is the same as the last network device on the abnormal flow path may be determined as a breakpoint device. In general, a transmission path of a target message should be the normal flow path, and a fault of a breakpoint device on the normal flow path may cause a target message to be switched from the normal flow path to an abnormal flow path for transmission, or a fault of a downstream device of the breakpoint device (for example, a message sent by the breakpoint device cannot be received), and also cause a target message to be switched from the normal flow path to the abnormal flow path for transmission, that is, both the breakpoint device on the normal flow path and the downstream device of the breakpoint device may be fault devices, so that the management device may determine the breakpoint device on the normal flow path and the downstream device of the breakpoint device as fault devices to be determined, thereby improving accuracy of fault location.

For example, referring to fig. 5, the breakpoint device on the normal flow path is network device C, and the management device may determine network device C and network device D on the normal flow path as the devices to be failed. For another example, referring to fig. 6, the breakpoint device on the normal flow path is network device B, and the management device may determine network device B and network device C on the normal flow path as the devices to be failed.

In step S12, when the management device cannot determine a faulty device among the devices to be faulty, the management device determines the device to be faulty as the target network device.

Optionally, the management device acquires first device data of the device to be determined with fault at a normal time (corresponding to a normal flow path) and second device data of the device to be determined with fault at an abnormal time (corresponding to an abnormal flow path). When the management device cannot determine the faulty device in the devices to be faulty according to the first device data and the second device data, for example, the second device data of the devices to be faulty is unchanged relative to the first device data, so that the management device cannot determine an obvious faulty device, the management device may determine that the software table and the hardware table in the devices to be faulty are suspected to be inconsistent. Therefore, the management device may determine the device to be determined as the target network device, that is, it is necessary to perform consistency check on the software table and the hardware table on the device to be determined.

Optionally, after the management device determines the device to be failed as the target network device, the management device determines the entry corresponding to the target packet in the first software table as the entry to be checked in the first software table. The table entry to be checked may be an entry in the target network device for forwarding the target packet. Illustratively, the first software table is an ARP table. When the target message is forwarded in the second layer, the management equipment can determine the items to be checked in the ARP table according to the target MAC address of the target message; when the target message is forwarded in three layers, the management device can determine the items to be checked in the ARP table according to the destination IP address of the target message.

Of course, the management device may also determine the entry to be checked in the first software table of the target network device in other manners, which is not limited in this embodiment of the application.

In the embodiment of the application, the management equipment can be positioned to the equipment with the fault to be determined, when the communication network has a fault, the equipment with the fault to be determined only needs to check the consistency of the software table and the hardware table, and other network equipment in the communication network does not need to check the consistency of the software table and the hardware table, so that the processing resources of normal network equipment are saved. In addition, the management device can also determine the item to be checked of the device to be checked, so that the device to be checked only needs to check the consistency of the software table and the hardware table aiming at the item to be checked, and compared with the prior method of adopting a full traversal mode to check the consistency of the software table and the hardware table in the network device, the network device consumes less processing resources and has higher checking flexibility.

Step 402, the management device sends a checking instruction to the target network device.

For the relevant explanation of the checking instruction, reference may be made to the relevant explanation in step 301, and details of the embodiment of the present application are not repeated herein. Optionally, the checking instruction further includes an identifier of the target network device. The checking instruction is used for instructing the target network device to check whether the first hardware table of the target network device has the same table entry as the table entry to be checked. The type of the first hardware table is the same as the type of the first software table. The identification of the target network device may be information that can uniquely identify the target network device, such as an IP address, a MAC address, or a hardware address of the target network device.

Optionally, the management device sends the check instruction to the target network device through the CLI or NETCONF interface.

Step 403, the target network device checks whether there is an entry in the first hardware table of the target network device that is the same as the entry to be checked based on the checking instruction.

In the embodiment of the present application, when the table entry to be checked in the first software table has an associated table entry in another software table, the target network device performs steps 404 to 405; when the table to be checked entry in the first software table does not have an associated entry in the other software tables, the target network device directly performs step 406.

Step 404, the target network device obtains the associated table entry of the table entry to be checked in the second software table based on the checking instruction.

The implementation process of this step may refer to step 303, which is not described herein again.

Step 405, the target network device checks whether there is an entry in the second hardware table of the target network device that is the same as the associated entry.

The second hardware table is of the same type as the second software table. For the explanation of this step, reference may be made to the related explanation of step 403, and details of the embodiment of this application are not repeated herein.

Step 406, the target network device sends the checking result to the management device.

The content of the inspection result may refer to the related explanation in step 305, and the embodiment of the present application is not described herein again. Optionally, the checking result further includes an identifier of the target network device.

Step 407, the management device determines the fault table in the target network device and the fault table entry in the fault table based on the checking result.

In the embodiment of the present application, the check result includes a first check result for the entry to be checked in the first software table. Optionally, the first check result includes a type of the first software table, an identifier of the table entry to be checked, and a fault type of the table entry to be checked. After receiving the checking result sent by the target network device, the management device may determine whether the entry to be checked fails based on the first checking result.

For example, referring to the example in step 305, assuming that the first software table is an ARP table, the VPN index of the entry to be checked in the ARP table is VPN1 and the IP address is IP1, the first check result is: (ARP, VPN1+ IP1, "2"). The management device may determine, according to the first check result, that the hard table entry field of the hardware table corresponding to the ARP table of the target network device has a VPN1 VPN index and an IP address IP1 is incorrect, that is, the hard table entry fails. Further, the management device determines that the fault table in the target network device includes an ARP table, and the fault entry includes an ARP entry in the ARP table with a VPN index of VPN1 and an IP address of IP 1.

Optionally, the check result further includes a second check result of the associated entry of the entry to be checked in the second software table. Optionally, the second check result includes a type of the second software table, an identifier of the associated entry, and a fault type of the associated entry. After the management device receives the checking result sent by the target network device, it may determine whether the association table entry is failed based on the second checking result.

For another example, referring to the example in step 305, assuming that the second software table is an Interface output table, the key value of the associated entry in the Interface output table is Interface1, and the second check result is: (Interface, Interface1, "0"), the management device may determine, according to the second check result, that the key value in the hardware table corresponding to the Interface table of the target network device is the hardware table entry of Interface1, that is, it determines that the associated entry of the entry to be checked is normal.

In this embodiment of the present application, when the management device determines that the entry to be checked and all associated entries of the entry to be checked are not faulty, the management device may determine that a fault occurring in the communication network is a non-network side fault or an unknown fault.

Step 408, the management device sends a reconciliation instruction to the target network device.

The reconciliation instruction includes a type of the fault table and an identification of a fault entry in the fault table.

In a first possible implementation manner, the check result includes a first check result for an entry to be checked in the first software table. After determining that the table item to be checked is faulty, the management device sends a reconciliation instruction to the target network device, wherein the reconciliation instruction comprises the type of the first software table and the identifier of the table item to be checked, and the reconciliation instruction is used for indicating the target network device to update the first hardware table, so that the updated first hardware table has the table item which is the same as the table item to be checked.

In a second possible implementation manner, the check result includes a first check result of the entry to be checked in the first software table and a second check result of the associated entry of the entry to be checked in the second software table. After determining that the table entry to be checked is normal and the associated table entry is in fault, the management device sends a reconciliation instruction to the target network device, wherein the reconciliation instruction comprises the type of the second software table and the identifier of the associated table entry, and the reconciliation instruction is used for indicating the target network device to update the second hardware table, so that the updated second hardware table has the table entry which is the same as the associated table entry.

In a third possible implementation manner, the check result includes a first check result of the entry to be checked in the first software table and a second check result of the associated entry of the entry to be checked in the second software table. After determining that both the table entry to be checked and the associated table entry are in fault, the management device sends a reconciliation instruction to the target network device, wherein the reconciliation instruction comprises the type of the first software table, the identifier of the table entry to be checked, the type of the second software table and the identifier of the associated table entry, the reconciliation instruction is used for indicating the target network device to update the first hardware table, so that the updated first hardware table has the table entry which is the same as the table entry to be checked, and the reconciliation instruction is also used for indicating the target network device to update the second hardware table, so that the updated second hardware table has the table entry which is the same as the associated table entry.

Optionally, the reconciliation instruction sent by the management device to the target network device may include the types of all fault tables and the identifications of the fault entries in the fault tables. Or, when the target network device includes a plurality of fault tables, the management device may also send a plurality of reconciliation instructions to the target network device, where each reconciliation instruction includes a type of a fault table and an identifier of a fault entry in the fault table. For example, in the third possible implementation manner, the management device may send two reconciliation instructions to the target network device, where one reconciliation instruction includes the type of the first software table and the identifier of the table entry to be checked, and the other reconciliation instruction includes the type of the second software table and the identifier of the associated table entry.

Step 409, the target network device updates the reconciliation instruction to indicate the updated hardware table.

Optionally, when the tie-out instruction includes the type of the first software table and the identifier of the table entry to be checked, the target network device updates the first hardware table, so that the table entry which is the same as the table entry to be checked exists in the updated first hardware table.

Wherein, the target network device updates the first hardware table, including: when the first table entry does not exist in the first hardware table, the target network device writes the table entry to be checked into the first hardware table. When the first hardware table has a first table entry and the first table entry is different from the table entry to be checked, the target network device updates the first table entry by using the table entry to be checked, so that the updated first table entry is the same as the table entry to be checked. The identifier of the first table entry is the same as the identifier of the table entry to be checked.

Optionally, when the tie-out instruction includes the type of the second software table and the identifier of the associated table entry, the target network device updates the second hardware table, so that the updated first hardware table has the same table entry as the table entry to be checked.

Wherein the target network device updating the second hardware table comprises: when the second table entry does not exist in the second hardware table, the target network device writes the associated table entry into the second hardware table. When a second table entry exists in the second hardware table and the second table entry is different from the associated table entry, the target network device updates the second table entry by using the associated table entry, so that the updated second table entry is the same as the associated table entry. And the identifier of the second table entry is the same as the identifier of the associated table entry.

In the embodiment of the application, the network device only needs to execute the corresponding steps according to the instruction issued by the management device, for example, consistency check of the software table and the hardware table is performed on the table entry to be checked according to the check instruction issued by the management device, the corresponding hardware table is updated according to the reconciliation instruction issued by the management device, a decision by the network device is not needed, and the processing resource of the network device is further saved.

Optionally, the steps executed by the management device in the embodiment of the present application may be completed cooperatively by the collector, the analyzer, and the controller. The collector collects and analyzes information of a target message transmitted in the communication network, equipment data of each network equipment in the communication network and the like, and stores analysis results in the database. The analyzer determines a target network device needing to carry out consistency check on a software table and a hardware table in the communication network based on the database, and determines an item to be checked in the software table of the target network device. The analyzer sends a notification message to the controller, where the notification message includes the identifier of the target network device and the identifier of the table entry to be checked, so as to notify the controller to instruct the target network device to check whether the same table entry as the table entry to be checked exists in the hardware table of the network device. The controller sends a checking instruction to the target network equipment and receives a checking result returned by the target network equipment. The controller sends the check result returned by the target network device to the analyzer, and the analyzer determines the fault table in the target network device and the fault table entry in the fault table according to the check result to obtain a fault conclusion, and stores the fault conclusion in the database. The fault conclusion includes: a location of the fault in the communication network (i.e., a faulty device), a type of the fault table, an identification of the fault entry, a fault type of the fault entry and/or a corresponding fault flow, and so forth. The analyzer sends the fault conclusion to the controller after obtaining the fault conclusion. And the controller decides whether to send a reconciliation instruction to the network equipment according to the fault conclusion. Further, after the analyzer determines that the fault in the communication network is recovered according to the information collected by the collector, for example, the analyzer may determine that the fault in the communication network is recovered according to the packet transmission path, and the analyzer marks the corresponding fault in the database as recovered. Alternatively, the analyzer and the controller may be integrated in one device.

To sum up, in the method for implementing entry checking provided by the embodiment of the present application, the management device may locate the device to be checked, when a fault occurs in the communication network, only the device to be checked needs to perform consistency checking on the software table and the hardware table, and other network devices in the communication network do not need to perform consistency checking on the software table and the hardware table, so that processing resources of normal network devices are saved. In addition, the management device can also determine the item to be checked of the device to be checked, so that the device to be checked only needs to check the consistency of the software table and the hardware table aiming at the item to be checked, and compared with the prior method of adopting a full traversal mode to check the consistency of the software table and the hardware table in the network device, the network device consumes less processing resources and has higher checking flexibility. In addition, the network device only needs to execute the corresponding steps according to the instruction issued by the management device, for example, the consistency check of the software table and the hardware table is performed on the table entry to be checked according to the check instruction issued by the management device, the corresponding hardware table is updated according to the reconciliation instruction issued by the management device, the network device does not need to make a decision by itself, and the processing resource of the network device is further saved.

The order of steps of the method for realizing table entry checking provided by the embodiment of the application can be properly adjusted. The steps may also be increased or decreased according to the situation, for example, in the method for implementing entry checking shown in fig. 3, step 303 and step 304 may not be executed; in the method of implementing entry checking as shown in FIG. 4, steps 404 and 405 may not be performed. Any method that can be easily conceived by a person skilled in the art within the technical scope disclosed in the present application is covered by the protection scope of the present application, and thus the detailed description thereof is omitted.

Fig. 7 is a schematic structural diagram of an apparatus for implementing entry checking according to an embodiment of the present application. The method can be applied to the network device 101 in the system for implementing entry checking shown in fig. 1 or fig. 2. As shown in fig. 7, the apparatus 70 includes:

a receiving module 701, configured to obtain a checking instruction, where the checking instruction includes an identifier of an entry to be checked in the first software table.

The processing module 702 is configured to check, based on the checking instruction, whether an entry that is the same as the entry to be checked exists in a first hardware table of the network device, where a type of the first hardware table is the same as a type of the first software table.

The output module 703 is configured to output a check result, where the check result includes a first check result of the to-be-checked table entry.

Optionally, the processing module 702 is further configured to:

based on the checking instruction, acquiring an associated table entry of the table entry to be checked in a second software table, wherein the type of the second software table is different from that of the first software table; and checking whether an item which is the same as the associated item exists in a second hardware table of the network equipment, wherein the type of the second hardware table is the same as that of the second software table, and the checking result also comprises a second checking result of the associated item.

Optionally, the receiving module 701 is configured to receive a check instruction sent by the management device; and an output module 703, configured to send the check result to the management device.

Optionally, the receiving module 701 is further configured to receive an account checking instruction sent by the management device, where the account checking instruction includes a type of the fault table and an identifier of a fault entry in the fault table; the processing module 702 is further configured to, when the fault table entry includes a table entry to be checked, update the first hardware table, so that the updated first hardware table has a table entry that is the same as the table entry to be checked; the processing module 702 is further configured to, when the fault entry includes an associated entry of the entry to be checked in the second software table, update the second hardware table, so that an entry that is the same as the associated entry exists in the updated second hardware table, a type of the second software table is different from a type of the first software table, and the type of the second hardware table is the same as the type of the second software table.

Optionally, the processing module 702 is further configured to, when a first entry does not exist in the first hardware table, write the entry to be checked into the first hardware table, where an identifier of the first entry is the same as an identifier of the entry to be checked; the processing module 702 is further configured to, when a first entry exists in the first hardware table and the first entry is different from the to-be-checked entry, update the first entry by using the to-be-checked entry, so that the updated first entry is the same as the to-be-checked entry.

Optionally, the processing module 702 is further configured to, when a second entry does not exist in the second hardware table, write the associated entry into the second hardware table, where an identifier of the second entry is the same as an identifier of the associated entry; the processing module 702 is further configured to update the second entry with the associated entry when the second entry exists in the second hardware table and the second entry is different from the associated entry, so that the updated second entry is the same as the associated entry.

Optionally, the identifier of the entry to be checked includes a key value of the entry to be checked in the first software table.

To sum up, in the apparatus for implementing table entry checking provided in the embodiment of the present application, since the checking instruction obtained by the network device through the receiving module includes the identifier of the table entry to be checked in the first software table, the network device can perform the consistency check of the software table and the hardware table for the specific table entry to be checked through the processing module based on the checking instruction.

Fig. 8 is a schematic structural diagram of another apparatus for implementing entry checking according to an embodiment of the present application. May be applied to the management device 102 in a system implementing entry checking as shown in fig. 2. As shown in fig. 8, the apparatus 80 includes:

a sending module 801, configured to send a check instruction to a target network device, where the check instruction includes an identifier of an entry to be checked in a first software table of the target network device, and the check instruction is used to instruct the target network device to check whether an entry that is the same as the entry to be checked exists in a first hardware table of the target network device, and a type of the first hardware table is the same as that of the first software table.

The receiving module 802 is configured to receive a check result sent by the target network device, where the check result includes a first check result of the target network device on the to-be-checked entry.

Optionally, as shown in fig. 9, the apparatus 80 further comprises: a processing module 803.

Optionally, the processing module 803 is configured to determine a target network device; the processing module 803 is further configured to determine an entry to be checked in the first software table of the target network device.

Optionally, the processing module 803 is further configured to:

when a transmission path of a target message in a communication network is an abnormal flow path, determining equipment to be determined with a fault on a normal flow path based on the abnormal flow path and the normal flow path, wherein the normal flow path is a history path which is successful in a communication process based on a history message between source end equipment of the target message and destination end equipment of the target message; and when the management equipment cannot determine the fault equipment in the equipment to be determined, determining the equipment to be determined as the target network equipment.

Optionally, the processing module 803 is further configured to: and determining the corresponding table entry of the target message in the first software table as the table entry to be checked.

Optionally, the first check result includes a type of the first software table, an identifier of the table entry to be checked, and a fault type of the table entry to be checked. The processing module 803 is configured to determine whether the entry to be checked fails based on the first check result; the sending module 801 is further configured to send a reconciliation instruction to the target network device after determining that the table entry to be checked is faulty, where the reconciliation instruction includes a type of the first software table and an identifier of the table entry to be checked, and the reconciliation instruction is used to instruct the target network device to update the first hardware table, so that the table entry that is the same as the table entry to be checked exists in the updated first hardware table.

Optionally, the second check result includes a type of the second software table, an identifier of the associated entry, and a fault type of the associated entry. A processing module 803, configured to determine whether the associated table entry fails based on the second check result; the sending module 801 is further configured to send an account checking instruction to the target network device after determining that the associated entry is faulty, where the account checking instruction includes a type of the second software table and an identifier of the associated entry, and the account checking instruction is used to instruct the target network device to update the second hardware table, so that an entry that is the same as the associated entry exists in the updated second hardware table, and the type of the second hardware table is the same as the type of the second software table.

To sum up, in the apparatus for implementing entry checking provided in the embodiment of the present application, the management device may be located to the device to be checked through the processing module, when a fault occurs in the communication network, only the device to be checked needs to perform consistency check on the software table and the hardware table, and other network devices in the communication network do not need to perform consistency check on the software table and the hardware table, so that processing resources of normal network devices are saved. In addition, the management device can also determine the item to be checked of the device to be checked through the processing module, so that the device to be checked only needs to check the consistency of the software table and the hardware table aiming at the item to be checked, and compared with the prior method of performing the consistency check on the software table and the hardware table in the network device in a full traversal mode, the management device consumes less processing resources and has higher checking flexibility. In addition, the network device only needs to execute the corresponding steps according to the instruction issued by the management device, for example, the consistency check of the software table and the hardware table is performed on the table entry to be checked according to the check instruction issued by the management device, the corresponding hardware table is updated according to the reconciliation instruction issued by the management device, the network device does not need to make a decision by itself, and the processing resource of the network device is further saved.

With regard to the apparatus in the above-described embodiment, the specific manner in which each module performs the operation has been described in detail in the embodiment related to the method, and will not be elaborated here.

An embodiment of the present application provides a system for implementing entry checking, where the system includes a network device in a communication network, and the network device includes an apparatus for implementing entry checking as shown in fig. 7.

Optionally, the system further includes a management device, the management device is connected to the network device, and the management device includes an apparatus for implementing entry checking as shown in fig. 8 or fig. 9. Optionally, the management device comprises an analyzer and/or a controller.

An embodiment of the present application provides a network device, including: a processor and a memory;

the processor is configured to invoke the computer program to implement the method for checking an entry shown in fig. 3 or the steps performed by the network device in the method for checking an entry shown in fig. 4.

An embodiment of the present application provides a management device, including: a processor and a memory;

the processor is configured to invoke the computer program to implement the steps executed by the management device in the method for implementing entry checking shown in fig. 4.

Illustratively, fig. 10 is a block diagram of an apparatus for implementing entry checking according to an embodiment of the present application. The device for realizing table entry check can be a network device or a management device. As shown in fig. 10, the apparatus 100 includes: a processor 1001 and a memory 1002.

A memory 1002 for storing a computer program comprising program instructions;

a processor 1001, configured to invoke the computer program, and when the processor is located in a network device, implement the steps performed by the network device in the method for implementing entry checking shown in fig. 3 or the method for implementing entry checking shown in fig. 4; when the processor is located in the management device, the steps performed by the management device in the method for implementing entry checking shown in fig. 4 are implemented.

Optionally, the control device 100 further comprises a communication bus 1003 and a communication interface 1004.

The processor 1001 includes one or more processing cores, and the processor 1001 executes various functional applications and data processing by running a computer program.

The memory 1002 may be used to store computer programs. Alternatively, the memory may store an operating system and application program elements required for at least one function. The operating system may be a Real Time eXceptive (RTX) operating system, such as LINUX, UNIX, WINDOWS, or OS X.

The communication interface 1004 may be plural, and the communication interface 1004 is used for communication with other devices. For example, in this embodiment of the present application, the communication interface of the network device may be configured to send the inspection result to the management device, and the communication interface of the management device may be configured to send the inspection instruction and the reconciliation instruction to the network device.

The memory 1002 and the communication interface 1004 are connected to the processor 1001 via a communication bus 1003, respectively.

An embodiment of the present application further provides a computer storage medium, where instructions are stored on the computer storage medium, and when the instructions are executed by a processor of a network device, the method for implementing entry checking as shown in fig. 3 or the method for implementing entry checking as shown in fig. 4 are implemented, where the steps are executed by the network device; alternatively, the steps performed by the management device in the method for implementing entry checking as shown in fig. 4 are implemented when the instructions are executed by the processor of the management device.

It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program instructing relevant hardware, where the program may be stored in a computer-readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.

In the embodiments of the present application, the terms "first", "second", and "third" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.

The term "and/or" in this application is only one kind of association relationship describing the associated object, and means that there may be three kinds of relationships, for example, a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" herein generally indicates that the former and latter related objects are in an "or" relationship.

The above description is only exemplary of the present application and is not intended to limit the present application, and any modifications, equivalents, improvements, etc. made within the spirit and principles of the present application are intended to be included within the scope of the present application.

Claims

1. A method for implementing table entry checking, the method comprising:

the network equipment acquires a checking instruction, wherein the checking instruction comprises an identifier of a table item to be checked in a first software table;

the network device checks whether an item identical to the item to be checked exists in a first hardware table of the network device based on the checking instruction, wherein the type of the first hardware table is identical to that of the first software table;

and the network equipment outputs a checking result, wherein the checking result comprises a first checking result of the table entry to be checked.

2. The method of claim 1, wherein after the network device obtains the checking instruction, the method further comprises:

the network equipment acquires the associated table entry of the table entry to be checked in a second software table based on the checking instruction, wherein the type of the second software table is different from that of the first software table;

the network device checks whether an entry identical to the associated entry exists in a second hardware table of the network device, the type of the second hardware table is identical to that of the second software table, and the checking result further includes a second checking result of the associated entry.

3. The method according to claim 1 or 2, wherein the network device obtains the checking instruction, comprising:

the network equipment receives the check instruction sent by the management equipment;

the network device outputs the checking result, including:

and the network equipment sends the check result to the management equipment.

4. The method according to any one of claims 1 to 3, wherein after the network device sends the check result to the management device, the method further comprises:

the network equipment receives an account checking instruction sent by management equipment, wherein the account checking instruction comprises the type of a fault table and the identifier of a fault table item in the fault table;

when the fault table entry comprises the table entry to be checked, the network equipment updates the first hardware table, so that the table entry which is the same as the table entry to be checked exists in the updated first hardware table;

when the fault table entry comprises an associated table entry of the table entry to be checked in a second software table, the network device updates the second hardware table, so that the updated second hardware table has a table entry which is the same as the associated table entry, the type of the second software table is different from that of the first software table, and the type of the second hardware table is the same as that of the second software table.

5. The method according to any of claims 1 to 3, wherein after the network device checks whether the same entry as the entry to be checked exists in the first hardware table of the network device based on the checking instruction, the method further comprises:

when a first table entry does not exist in the first hardware table, the network device writes the table entry to be checked into the first hardware table, wherein the identifier of the first table entry is the same as that of the table entry to be checked;

when the first table entry exists in the first hardware table and the first table entry is different from the table entry to be checked, the network device updates the first table entry by using the table entry to be checked, so that the updated first table entry is the same as the table entry to be checked.

6. The method of claim 2, wherein after the network device checks whether the same entry as the association entry exists in a second hardware table of the network device, the method further comprises:

when a second table entry does not exist in the second hardware table, the network device writes the association table entry into the second hardware table, and the identifier of the second table entry is the same as the identifier of the association table entry;

when the second hardware table has the second table entry and the second table entry is different from the associated table entry, the network device updates the second table entry by using the associated table entry, so that the updated second table entry is the same as the associated table entry.

7. The method according to any of claims 1 to 6, wherein the identifier of the entry to be checked comprises a key value of the entry to be checked in the first software table.

8. The method of any of claims 1 to 7, wherein the checking instructions further comprise a type of the first software table.

9. The method according to any of claims 1 to 8, wherein said first software table is an address resolution protocol, ARP, forwarding, routing or media access control, MAC, table.

10. The method according to any of claims 1 to 9, wherein the first checking result includes a type of the first software table, an identifier of the entry to be checked, and a fault type of the entry to be checked.

11. A method for implementing table entry checking, the method comprising:

the management device sends a checking instruction to a target network device, wherein the checking instruction comprises an identifier of an item to be checked in a first software table of the target network device, the checking instruction is used for instructing the target network device to check whether an item which is the same as the item to be checked exists in a first hardware table of the target network device, and the type of the first hardware table is the same as that of the first software table;

and the management equipment receives a checking result sent by the target network equipment, wherein the checking result comprises a first checking result of the target network equipment on the table entry to be checked.

12. The method of claim 11, wherein before the management device sends the checking instruction to the target network device, the method further comprises:

the management device determines the target network device;

and the management equipment determines the table entry to be checked in the first software table of the target network equipment.

13. The method of claim 12, wherein the managing device determining the target network device comprises:

when a transmission path of a target message in a communication network is an abnormal flow path, the management device determines to-be-determined fault equipment on the normal flow path based on the abnormal flow path and the normal flow path, wherein the normal flow path is a history path of successful communication process between a source end device of the target message and a destination end device of the target message based on a history message;

when the management equipment cannot determine the fault equipment in the equipment to be failed, the management equipment determines the equipment to be failed as the target network equipment.

14. The method of claim 13, wherein the managing device determining the checklist entry in the first software table in the target network device comprises:

and the management equipment determines the corresponding table entry of the target message in the first software table as the table entry to be checked.

15. The method according to any one of claims 11 to 14, wherein the first check result includes a type of the first software table, an identifier of the entry to be checked, and a fault type of the entry to be checked, and after the management device receives the check result sent by the target network device, the method further includes:

the management device determines whether the item to be checked is faulty or not based on the first check result;

after determining that the table item to be checked is faulty, the management device sends a reconciliation instruction to the target network device, wherein the reconciliation instruction comprises the type of the first software table and the identifier of the table item to be checked, and the reconciliation instruction is used for indicating the target network device to update the first hardware table, so that the updated first hardware table has the table item which is the same as the table item to be checked.

16. The method according to any of claims 11 to 15, wherein said checking result further includes a second checking result of an associated entry of said entry to be checked in a second software table, and a type of said second software table is different from a type of said first software table.

17. The method of claim 16, wherein the second check result includes a type of the second software table, an identification of the association table entry, and a fault type of the association table entry, and after the management device receives the check result sent by the target network device, the method further comprises:

the management equipment determines whether the associated table entry fails or not based on the second check result;

after determining that the association table entry is failed, the management device sends a reconciliation instruction to the target network device, where the reconciliation instruction includes a type of the second software table and an identifier of the association table entry, and the reconciliation instruction is used to instruct the target network device to update a second hardware table, so that an entry identical to the association table entry exists in the updated second hardware table, and the type of the second hardware table is identical to the type of the second software table.

18. An apparatus for implementing table entry checking, applied to a network device, the apparatus comprising:

the system comprises a receiving module, a checking module and a checking module, wherein the receiving module is used for acquiring a checking instruction, and the checking instruction comprises an identifier of a table item to be checked in a first software table;

a processing module, configured to check, based on the check instruction, whether an entry that is the same as the entry to be checked exists in a first hardware table of the network device, where a type of the first hardware table is the same as a type of the first software table;

and the output module is used for outputting a checking result, wherein the checking result comprises a first checking result of the table entry to be checked.

19. The apparatus of claim 18, wherein the processing module is further configured to:

based on the checking instruction, acquiring an associated table entry of the table entry to be checked in a second software table, wherein the type of the second software table is different from that of the first software table;

checking whether an entry identical to the associated entry exists in a second hardware table of the network device, wherein the type of the second hardware table is identical to the type of the second software table, and the checking result further includes a second checking result for the associated entry.

20. The apparatus of claim 18 or 19,

the receiving module is used for receiving the checking instruction sent by the management equipment;

and the output module is used for sending the check result to the management equipment.

21. The apparatus of any one of claims 18 to 20,

the receiving module is further configured to receive an account checking instruction sent by the management device, where the account checking instruction includes a type of a fault table and an identifier of a fault table entry in the fault table;

the processing module is further configured to update the first hardware table when the fault table entry includes the table entry to be checked, so that the updated first hardware table has a table entry that is the same as the table entry to be checked;

the processing module is further configured to update the second hardware table when the fault entry includes an associated entry of the entry to be checked in the second software table, so that an entry the same as the associated entry exists in the updated second hardware table, a type of the second software table is different from a type of the first software table, and the type of the second hardware table is the same as the type of the second software table.

22. The apparatus of any one of claims 18 to 21,

the processing module is further configured to, when a first entry does not exist in the first hardware table, write the entry to be checked into the first hardware table, where an identifier of the first entry is the same as an identifier of the entry to be checked;

the processing module is further configured to update the first entry with the entry to be checked when the first entry exists in the first hardware table and the first entry is different from the entry to be checked, so that the updated first entry is the same as the entry to be checked.

23. The apparatus of claim 19,

the processing module is further configured to write the associated table entry into the second hardware table when a second table entry does not exist in the second hardware table, where an identifier of the second table entry is the same as an identifier of the associated table entry;

the processing module is further configured to update the second entry with the associated entry when the second entry exists in the second hardware table and the second entry is different from the associated entry, so that the updated second entry is the same as the associated entry.

24. The apparatus according to any of claims 18 to 23, wherein the identifier of the entry to be checked comprises a key value of the entry to be checked in the first software table.

25. The apparatus of any of claims 18 to 24, wherein the checking instructions further comprise a type of the first software table.

26. The apparatus of any of claims 18 to 25, wherein the first software table is an address resolution protocol, ARP, forwarding, routing, or media access control, MAC, table.

27. The apparatus according to any of claims 18 to 26, wherein the first checking result includes a type of the first software table, an identification of the entry to be checked, and a fault type of the entry to be checked.

28. An apparatus for implementing table entry checking, applied to a management device, the apparatus comprising:

a sending module, configured to send a checking instruction to a target network device, where the checking instruction includes an identifier of an entry to be checked in a first software table of the target network device, and the checking instruction is used to instruct the target network device to check whether an entry that is the same as the entry to be checked exists in a first hardware table of the target network device, where a type of the first hardware table is the same as a type of the first software table;

a receiving module, configured to receive a check result sent by the target network device, where the check result includes a first check result of the target network device on the entry to be checked.

29. The apparatus of claim 28, further comprising:

a processing module for determining the target network device;

the processing module is further configured to determine an entry to be checked in the first software table of the target network device.

30. The apparatus of claim 29, wherein the processing module is further configured to:

when a transmission path of a target message in a communication network is an abnormal flow path, determining to-be-determined fault equipment on a normal flow path based on the abnormal flow path and the normal flow path, wherein the normal flow path is a history path which is successful in a communication process based on a history message between a source end equipment of the target message and a destination end equipment of the target message;

when the management equipment cannot determine the fault equipment in the equipment to be failed, determining the equipment to be failed as the target network equipment.

31. The apparatus of claim 30, wherein the processing module is further configured to:

and determining the corresponding table entry of the target message in the first software table as the table entry to be checked.

32. The apparatus according to any of claims 28 to 31, wherein the first checking result includes a type of the first software table, an identification of the entry to be checked, and a fault type of the entry to be checked, and the apparatus further comprises:

the processing module is used for determining whether the item to be checked is in fault or not based on the first checking result;

the sending module is further configured to send a reconciliation instruction to the target network device after determining that the to-be-checked table entry is faulty, where the reconciliation instruction includes a type of the first software table and an identifier of the to-be-checked table entry, and the reconciliation instruction is used to instruct the target network device to update the first hardware table, so that an entry that is the same as the to-be-checked table entry exists in the updated first hardware table.

33. The apparatus according to any of claims 28 to 32, wherein said checking result further comprises a second checking result of an associated entry of said entry to be checked in a second software table, and a type of said second software table is different from a type of said first software table.

34. The apparatus of claim 33, wherein the second check result comprises a type of the second software table, an identification of the association table entry, and a failure type of the association table entry, the apparatus further comprising:

the processing module is used for determining whether the associated table entry fails or not based on the second check result;

the sending module is further configured to send an account checking instruction to the target network device after determining that the associated entry is faulty, where the account checking instruction includes a type of the second software table and an identifier of the associated entry, and the account checking instruction is used to instruct the target network device to update the second hardware table, so that an entry that is the same as the associated entry exists in the updated second hardware table, and the type of the second hardware table is the same as the type of the second software table.

35. A network device, comprising: a processor and a memory;

the processor is configured to invoke the computer program to implement the method for implementing entry checking according to any one of claims 1 to 10.

36. A management device, comprising: a processor and a memory;

the processor, configured to invoke the computer program to implement the method for implementing entry checking according to any of claims 11 to 17.

37. A system for implementing entry checking, characterized in that the system comprises a network device in a communication network, and the network device comprises the apparatus for implementing entry checking according to any claim 18 to 27.

38. The system according to claim 37, further comprising a management device, wherein the management device is connected to the network device, and the management device comprises the apparatus for implementing entry checking according to any of claims 28 to 34.

39. The system of claim 38, wherein the management device comprises an analyzer and/or a controller.

40. A computer storage medium having stored thereon instructions that, when executed by a processor of a network device, implement a method of implementing entry checking according to any one of claims 1 to 10; or, when said instructions are executed by a processor of a management device, implementing a method of implementing entry checking according to any of claims 11 to 17.