The network management system of SNMP passing through NAT and implementation method
Technical field
The present invention relates to network management technology, especially relate to a kind of network management system and implementation method of SNMP passing through NAT.
Background technology
Along with the high speed development of the Internet and telecommunications industry, the disparate networks communication equipment extensively covers each place, has formed numerous catenets, yet these catenets have brought very big challenge for the management of Virtual network operator.Catenet comprises multiple network equipment, integrating multi network operating system, the application service of operation multiple network.In order to guarantee the efficient operation of network system, the operation conditions of whole network system is monitored and managed, just need to build the real-time system that network operation situation is monitored, the management platform that can control the whole network operation conditions.
Each device fabrication commercial city provides network management system separately at present, and by Simple Network Management Protocol (SNMP, Simple Network Management Protocol) the long-range network equipment is managed.Network management based on SNMP comprises three parts: network management system, functions such as system security management, Topology Management, device configuration management, fault management, performance management, log management, system management, the management of activating business mainly are provided, accept user's operation, administration agent is carried out associative operation and the result is turned back to user interface by the interface; The equipment of being managed, it is network element, as router, access server, switch, bridge, HUBS, main frame or printer etc., network element is provided with the SNMP agency, sets up the management information bank MIB of this network element and sends logon message according to the instruction of timer one time every the specific time; The NAT converting unit receives the logon message that the network element be attached thereto is sent, with the private ip in this logon message be converted to himself publicly-owned IP and publicly-owned port numbers after transmit.
As described below about the communication process that NMS is unified between the webmaster SNMP agency:
The SNMP agency's that L10, network management system at first will be known in a large number in advance IP address adds the local information storehouse earlier, thus structure management ip address storehouse.
L20, network management system construct the request message of SNMP and send to the IP address that SNMP acts on behalf of, and wait for its response when certain SNMP agency is managed.
L30, SNMP agency receives after the SNMP request message that management platform sends, and the response message of SNMP is returned to the IP address of management platform.
L40, network management system parse facility information, and carry out respective handling according to facility information after receiving the SNMP response message that returns, and finish corresponding interface display or operation.
In sum, the supervisory communications between network management system and the SNMP agency are patterns of question-response formula in fact, and network management system asks that the SNMP agency answers.Prerequisite is the IP address that network management system has been known the SNMP agency in advance.
Under normal circumstances, NMS unify SNMP agency all be in together one can the IP network of intercommunication in, can directly intercom mutually between the IP address separately, carry out the webmaster management this moment and do not have big problem.
But, because domestic IP address number is limited, often when real network IP disposes, a large amount of SNMP agencies have been assigned with private IP address, and network management system is gathered around and is had plenty of public ip address, has adopted the gateway device of network enabled address transition (NAT) to connect (referring to Fig. 1) between the two.Under this deployment scenario, SNMP agency's private IP address externally is sightless, so network management system can't act on behalf of direct communication with SNMP, thereby can't realize webmaster.
Summary of the invention
Technical problem to be solved by this invention is to allow the network management system that has public ip address can manage the SNMP agency who has private IP address easily, disposes time province IP address thereby reach network management, solves the problem of present shortage of ip address.
In order to solve the problems of the technologies described above, the technical solution adopted in the present invention provides a kind of network management system of the SNMP of realization passing through NAT, comprises some equipment of being managed, some network address translation unit and network management system NMS.The described equipment of being managed, promptly network element is provided with a SNMP agency and a timer in this network element, and described SNMP agency sets up the management information bank MIB of this network element and sends logon message according to the instruction of timer one time every the specific time; Described network address translation unit receives the logon message that the network element be attached thereto is sent, with the private ip in this logon message be converted to himself publicly-owned IP and publicly-owned port numbers after transmit; Described network management system NMS is provided with a SNMP information container and a poll monitor, the private IP address, SNMP agency that this SNMP information container comprises unique physics MAC Address of being used to store the SNMP agency, SNMP agency after through the NAT conversion public ip address and the SNMP agency through the mapping table of the publicly-owned udp port in NAT conversion back number, NMS receives the logon message that comprises publicly-owned IP in this network address translation unit self and publicly-owned port numbers of the network address translation unit forwards that is attached thereto under the instruction of poll monitor.
In the such scheme, the described equipment of being managed is router, access server, switch, bridge, HUBS, main frame or printer.
The present invention also provides the implementation method of SNMP passing through NAT in the above-mentioned network management system, and the technical scheme of this method may further comprise the steps:
Set up the management information bank MIB of this network element on S10, the SNMP agency in network element, the publicly-owned IP of the NAT unit that configuration is attached thereto, purpose IP as the timing logon message, start a timer simultaneously, the timed sending logon message is given the NAT unit, logon message comprises SNMP agency's private IP address at least, unique MAC Address, and current time in system and device type information also keep the NAT unit not aging for the keep-alive of NAT conversion clauses and subclauses;
S20, logon message are finished network address translation by the NAT unit, and promptly NAT is converted to public ip address and publicly-owned udp port with private IP address in the logon message and udp port, and follow-up administrative message is sent to this public ip address and udp port number;
S30, be provided with a SNMP information container in the network management system, comprise the unique physics MAC Address that is used to store the SNMP agency, SNMP agency's private IP address, SNMP agency after through the NAT conversion public ip address and the SNMP agency through the mapping table of the publicly-owned udp port in NAT conversion back number, after receiving through the logon message after the NAT conversion, therefrom extract unique physics MAC Address, whether search in the existing information in the SNMP information container has this physics MAC Address, if have, then with the private IP address of acting on behalf of in the registration message message, through the public ip address after the NAT conversion and publicly-owned udp port information updating relevant position in the container; If do not find corresponding physical MAC Address items for information, newly-built clauses and subclauses in the SNMP information container then are then with physics MAC Address, agency's private IP address, number write the SNMP information container through the public ip address after the NAT conversion and publicly-owned udp port;
The content of the logon message that S40, network management system send according to SNMP, the corresponding contents in the real-time renewal SNMP information container.
S50, when the user selects a network element to operate in network management system, network management system is searched its SNMP agency's private IP address, public ip address and the publicly-owned udp port after the conversion, execution in step S60 according to this network element MAC Address in the SNMP information container; If when not having the corresponding information that meets the demands in the SNMP information container, return the information of reporting an error to the operation user;
S60, network management system structure SNMP solicited message, send to public ip address and publicly-owned udp port after the conversion, after arriving the NAT unit, NAT is converted to actual private ip and the udp port that SNMP acts on behalf of again to its public ip address and publicly-owned udp port, arrives the SNMP agency;
After S70, SNMP agency receives request message, return the SNMP response message after treatment, arrive network management system through after the conversion once more of NAT, network management system is given the user content of response message by displaying interface, finishes bookkeeping.
The present invention, set up and to comprise in the network element globally unique MAC Address and carry out Network Recognition and management by the SNMP information container is set among the NMS, efficiently solve network management system with public ip address the utilance that has improved the SNMP message that has for SNMP agency with private IP address, reduced the number of communications of duplicate message, can reduce the influence of network delay simultaneously management system speed at management platform and equipment.
Description of drawings
Fig. 1 is an existing network management system schematic diagram;
Fig. 2 is the structural representation of the network management system of SNMP passing through NAT of the present invention;
Fig. 3 is the network management system implementation method flow chart of SNMP passing through NAT of the present invention.
Embodiment
For making the purpose, technical solutions and advantages of the present invention clearer, the present invention is described in further detail below in conjunction with drawings and the specific embodiments.Should be appreciated that specific embodiment described herein only in order to explanation the present invention, and be not used in qualification the present invention.
Fig. 2 as shown in Figure 2, the present invention includes some equipment of being managed, some network address translation unit and network management system NMS for the structural representation of the network management system of SNMP passing through NAT of the present invention.The described equipment of being managed, it is network element, can be router, access server, switch, bridge, HUBS, main frame or printer, be provided with a SNMP agency and a timer in this network element, described SNMP agency sets up the management information bank MIB of this network element and sends logon message according to the instruction of timer one time every the specific time; Described network address translation unit receives the logon message that the network element be attached thereto is sent, with the private ip in this logon message be converted to himself publicly-owned IP and publicly-owned port numbers after transmit; Described network management system NMS is provided with a SNMP information container and a poll monitor, the private IP address, SNMP agency that this SNMP information container comprises unique physics MAC Address of being used to store the SNMP agency, SNMP agency after through the NAT conversion public ip address and the SNMP agency through the mapping table of the publicly-owned udp port in NAT conversion back number, NMS receives the logon message that comprises publicly-owned IP in this network address translation unit self and publicly-owned port numbers of the network address translation unit forwards that is attached thereto under the instruction of poll monitor.
The present invention is provided with a SNMP information container in NMS, the SNMP information container comprises that a storage SNMP acts on behalf of mapping table and poll monitor of return information.The SNMP information container decides the fetch equipment real time information still to read the corresponding information of preserving in the SNMP information container according to the needs of NMS; The poll monitor then is that the content in the SNMP information container is carried out the timing cleaning, deletes overtime information and discharges resource.
Fig. 3 is the network management system implementation method flow chart of SNMP passing through NAT of the present invention, and as shown in Figure 3, the technical scheme of this method may further comprise the steps:
Set up the management information bank MIB of this network element on S10, the SNMP agency in network element, the publicly-owned IP of the NAT unit that configuration is attached thereto, purpose IP as the timing logon message, start a timer simultaneously, the timed sending logon message is given the NAT unit, logon message comprises SNMP agency's private IP address, unique MAC Address, current time in system and device type information at least; Public ip address and port that timer is carried out once to the network management system correspondence every certain period of time send registration message, and the purpose of timed sending has two: one make way between SNMP agency and the network management system, to carry out network address translation NAT unit aging for the keep-alive of NAT conversion clauses and subclauses; The 2nd, when SNMP agency's private IP address changes, can announce timely to network management system;
S20, logon message are finished network address translation by the NAT unit, and promptly NAT is converted to public ip address and publicly-owned udp port with private IP address in the logon message and udp port, and follow-up administrative message is sent to this public ip address and udp port number;
S30, be provided with a SNMP information container in the network management system, comprise the unique physics MAC Address that is used to store the SNMP agency, SNMP agency's private IP address, SNMP agency after through the NAT conversion public ip address and the SNMP agency through the mapping table of the publicly-owned udp port in NAT conversion back number, after receiving through the logon message after the NAT conversion, therefrom extract unique physics MAC Address, whether search in the existing information in the SNMP information container has this physics MAC Address, if have, then with the private IP address of acting on behalf of in the registration message message, through the public ip address after the NAT conversion and publicly-owned udp port information updating relevant position in the container; If do not find corresponding physical MAC Address items for information, newly-built clauses and subclauses in the SNMP information container then are then with physics MAC Address, agency's private IP address, number write the SNMP information container through the public ip address after the NAT conversion and publicly-owned udp port;
The content of the logon message that S40, network management system send according to SNMP, the corresponding contents in the real-time renewal SNMP information container.
S50, when the user selects a network element to operate in network management system, network management system is searched its SNMP agency's private IP address, public ip address and the publicly-owned udp port after the conversion, execution in step S60 according to this network element MAC Address in the SNMP information container; If when not having the corresponding information that meets the demands in the SNMP information container, return the information of reporting an error to the operation user;
S60, network management system structure SNMP solicited message, send to public ip address and publicly-owned udp port after the conversion, after arriving the NAT unit, NAT is converted to actual private ip and the udp port that SNMP acts on behalf of again to its public ip address and publicly-owned udp port, arrives the SNMP agency;
After S70, SNMP agency receives request message, return the SNMP response message after treatment, arrive network management system through after the conversion once more of NAT, network management system is given the user content of response message by displaying interface, finishes bookkeeping.
Though among Fig. 3 only example a network element and a NAT unit, but the present invention can be applied to a plurality of network element and a plurality of NAT unit fully, all deposit the MAC Address and the private ip of this network element among the MIB in each network list, after NAT conversion, be mapped to respectively among the NMS in the information container mapping table, thereby realize the management of a plurality of network element.
The above only is preferred embodiment of the present invention, not in order to restriction the present invention, all any modifications of being made within the spirit and principles in the present invention, is equal to and replaces and improvement etc., all should be included within protection scope of the present invention.