CN110855456B

CN110855456B - Network change method and equipment

Info

Publication number: CN110855456B
Application number: CN201810948787.2A
Authority: CN
Inventors: 周维; 阎璐; 许辉; 程飙; 王彦坤; 曹伟; 张铭; 吴鑫
Original assignee: Alibaba Group Holding Ltd
Current assignee: Alibaba Group Holding Ltd
Priority date: 2018-08-20
Filing date: 2018-08-20
Publication date: 2022-09-30
Anticipated expiration: 2038-08-20
Also published as: CN110855456A

Abstract

The application provides a network change method and equipment, which can obtain a change scheme comprising at least one change step when network change is realized, and after a configuration command in each change step is obtained, the configuration command corresponding to each change step in the change scheme can be sequentially sent to network equipment according to the sequence of the change steps, so that the network equipment executes the configuration command corresponding to each change step according to the sequence, and sequentially finishes each change step. Therefore, the complicated network change process can be split into a plurality of steps, so that the change process can be controlled in a fine granularity mode, the change process is smoother, the monitoring alarm capacity is integrated, faults are sensed quickly, and the network change process is rolled back automatically.

Description

Network change method and equipment

Technical Field

The present application relates to the field of information technologies, and in particular, to a method and an apparatus for network change.

Background

Compared with a server, storage or other changes, the network change has the outstanding characteristics of various scenes, high complexity, extremely wide fault influence range and difficult source tracing. Once network failure is caused by change, the service index is dropped if the change is small, and the machine room is offline if the change is large, and the carried service is paralyzed. Such failures not only cause direct or indirect economic losses, but may even have negative social impact on products and companies.

With the rapid increase of network scale, the demand of network change will increase rapidly, and the demand of network stability guarantee and service expansion will be directly converted into high-frequency massive network change. The traditional changing method is greatly challenged by massive network changing requirements, and the following problems are revealed from two aspects of efficiency and stability: 1. the manual change operation efficiency is low, the change process depends on the experience of a network worker, the change process cannot be controlled in a fine granularity mode, and misoperation and even faults are easy to occur. 2. Experience accumulation and operation specification all offline maintenance are difficult to manage and lack strong constraints. 3. There is a lack of effective management at various stages of the overall lifecycle of network changes. 4. The change execution process is uncontrollable, the execution process is basically in a black box state, and the execution condition of the change cannot be known. 5. And when the change process has problems, the quick positioning and fault recovery capabilities are lacked.

Disclosure of Invention

An object of the present application is to provide a method and an apparatus for network change, so as to solve the problem that fine-grained control cannot be performed on a change process.

In order to achieve the above object, the present application provides a network changing method, including:

determining a change scheme of network change, wherein the change scheme comprises at least one change step required for changing a current network to a target network;

acquiring a configuration command in each change step;

and sending the configuration command corresponding to each change step in the change scheme to the network equipment according to the sequence of the change steps, so that the network equipment executes the configuration command corresponding to each change step according to the sequence, and each change step is completed.

An embodiment of the present application further provides a network change device, where the network change device includes:

the network change management system comprises scheme generating device for determining a change scheme of network change, wherein the change scheme comprises at least one change step required for changing a current network to a target network;

configuration acquisition means for acquiring a configuration command in each change step;

and the configuration issuing device is used for sending the configuration command corresponding to each change step in the change scheme to the network equipment according to the sequence of the change steps, so that the network equipment executes the configuration command corresponding to each change step according to the sequence to complete each change step.

Furthermore, an embodiment of the present application further provides a computing device, including a memory for storing computer program instructions and a processor for executing the computer program instructions, wherein the computer program instructions, when executed by the processor, trigger the device to execute the network change method.

In a network change scheme provided by the application, a change scheme including at least one change step can be obtained when a network change is implemented, and after a configuration command in each change step is obtained, the configuration command corresponding to each change step in the change scheme can be sent to network equipment according to the sequence of the change steps, so that the network equipment executes the configuration command corresponding to each change step according to the sequence, and each change step is completed. Therefore, the complicated network change process can be divided into a plurality of steps, so that the change process can be controlled in a fine granularity mode, the change process is smoother, and influences and risks brought by network change are reduced.

Drawings

Other features, objects and advantages of the present application will become more apparent upon reading of the following detailed description of non-limiting embodiments thereof, made with reference to the accompanying drawings in which:

fig. 1 is a processing flow chart of a network changing method according to an embodiment of the present application;

FIG. 2 is a schematic diagram of a current network and a target network when a network is configured in an embodiment of the present application;

fig. 3 is a schematic diagram of a modification in configuring a network according to an embodiment of the present application;

FIG. 4 is a flowchart of the processing performed during the configuration process in the embodiment of the present application;

FIG. 5 is a flowchart illustrating a process performed during each modification step according to the sequence of the modification steps in the embodiment of the present application;

fig. 6 is a schematic view of a visual view provided by a network change method according to an embodiment of the present application;

FIG. 7 is a flowchart of a process for generating a network model according to an embodiment of the present application;

FIG. 8 is a topology diagram of a physical topology layer in a network according to an embodiment of the present application;

FIG. 9 is a topology diagram of logical topology layers in a network according to an embodiment of the present application;

fig. 10 is a topology diagram of a BGP protocol topology layer in a network according to an embodiment of the present application;

fig. 11 is a schematic structural diagram of a network change device according to an embodiment of the present application;

FIG. 12 is a schematic structural diagram of a computing device according to an embodiment of the present application;

the same or similar reference numbers in the drawings identify the same or similar elements.

Detailed Description

The present application is described in further detail below with reference to the attached figures.

In a typical configuration of the present application, the terminal, the devices serving the network each include one or more processors (CPUs), input/output interfaces, network interfaces, and memory.

The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.

Computer-readable media, which include both non-transitory and non-transitory, removable and non-removable media, may implement the information storage by any method or technology. The information may be computer readable instructions, data structures, program means, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Disks (DVD) or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device.

The embodiment of the application provides a network change method, which can obtain a change scheme comprising at least one change step, and can split a complex network change process into a plurality of steps when network change is carried out, so that the change process can be controlled in a fine granularity manner, the change process is smoother, and the influence and risk brought by network change are reduced. In the embodiment of the present application, the execution subject of the above method may include, but is not limited to, implementations such as a network host, a single network server, multiple network server sets, or a computer set based on cloud computing. Here, the Cloud is made up of a large number of hosts or web servers based on Cloud Computing (Cloud Computing), which is a type of distributed Computing, one virtual computer consisting of a collection of loosely coupled computers.

Fig. 1 illustrates a network changing method provided in an embodiment of the present application, where the method includes:

step S101, determining a change scheme of network change. The current network refers to a network before network change is carried out, and the target network is an expected network after the network change is finished.

In one embodiment of the present application, the change scheme may be determined according to a flow chart of network change, wherein the change scheme includes at least one change step required to change the current network to the target network. The flow chart may consist of nodes representing the alteration steps and links between nodes representing the order of the alteration steps with the direction of the links. For example, two change steps may be respectively represented between the node a and the node B, and the connection line between the node a and the node B may be a connection line with an arrow, if the arrow direction points from the node a to the node B, the sequence of the two change steps is to execute the change step corresponding to the node a first and then execute the change step corresponding to the node B, and when there is only one change step in the change scheme, the flowchart may be composed of only one node without including the connection line representing the sequence of the change step.

The traditional idea of determining a change scheme during network change is to implement a complex change SOP (Standard Operating Procedure) in the form of a script or a program, but the objective situation that the actual level difference of an operator is large determines that the method makes the learning curve of a user very steep, and is difficult to maintain and expand. In the solution of this embodiment, when determining the change scheme, the change scheme may be determined according to the flow chart of the network change, so that the process of creating the change scheme may be specified. For example, an operator of a network change may be provided with an editing function of a flowchart, so that the operator may input a change SOP in the form of a flowchart using the editing function, and implement the change scheme by changing steps and sequences involved in the flowchart. Compared with the traditional scheme, the method has the advantages of strong readability, easiness in maintenance and flexibility in expansion, and the efficiency of obtaining the change scheme can be greatly improved.

In an embodiment of the present application, the change scheme may be determined according to difference information of each topology layer in the first network model of the current network and the second network model of the target network. The first network model and the second network model comprise a plurality of topology layers, the topology layers are used for describing topology relation information between network devices in the network, the incidence relation among the topology layers corresponds to the dependency sequence of data layer-by-layer encapsulation during data transmission, therefore, difference information between the current network and the target network can be rapidly and accurately determined based on the network model, and the difference information corresponds to configuration variables related to the network devices required to be used in the configuration command during the network change.

And the change scheme includes at least one change step required to change the current network to the target network. For convenience of illustration, taking one of the topology layers as an example, fig. 2 shows a topological relationship of the topology layer corresponding to BGP (Border Gateway Protocol) in the network model, where nodes WAN, DC1 and DC2 respectively represent network devices, 210 represents a BGP Protocol topology layer in the network model of the current network, and 240 represents a BGP Protocol topology layer in the network model of the target network, and by comparing the topology layer 210 and the topology layer 240, difference information of the topology layer before and after network change can be determined, so as to determine a change scheme. The change scheme includes at least one change Step required for changing the current network to the target network, and still taking the topology layer as an example, three change steps, Step1, Step2 and Step3, shown in fig. 3, may be included.

Here, it should be understood by those skilled in the art that, while the topology layer corresponding to the BGP protocol changes, other topology layers may also need to be changed accordingly. The specific changed content is related to the architecture of the actual network, for example, a topology layer corresponding to an LACP (Link Aggregation Control Protocol) needs to change an Aggregation policy of a Link, a forwarding path in a Segment Routing Protocol topology layer may also be changed correspondingly, and other topology layer changes may also have corresponding changing steps.

Step S102, obtaining the configuration command in each change step. The configuration command required to be used in each step is related to the difference information of the network model before and after each change step is completed, and the difference information is the configuration variable corresponding to each change step and can be used for generating the configuration command.

For example, taking fig. 2 as an example, since a new node MAN needs to be added, and the topological relationships between the node WAN and the DCs 1 and DC2 change, in the first network model and the second network model, a BGP protocol topology layer generates differences, for example, the partition of an autonomous system, the neighbor relationship needs to be changed, the routing policy needs to be changed, and the changed difference information needs to be implemented by changing the configuration, so that there are corresponding configuration variables.

In an actual scenario, because different vendors have different standards, when network devices of different vendors implement the same configuration operation, configuration commands of the network devices may be different, so that configuration command templates of the vendors may be stored in advance, when a configuration command for a device of a certain vendor needs to be generated, a configuration command template related to the vendor of the network device is obtained according to a network device corresponding to the configuration variable, and then a variable value in the configuration command template is replaced by the configuration variable to be changed, so that a configuration command related to the vendor of the network device may be generated quickly.

Step S103, sending the configuration command corresponding to each change step in the change scheme to the network device according to the sequence of the change steps, so that the network device executes the configuration command corresponding to each change step according to the sequence, and thus, each change step is completed.

In the modification, each modification Step corresponding to the same topology layer needs to be executed in a specific order to ensure that the network modification can be smoothly and smoothly completed, for example, three modification steps Step1, Step2 and Step3 shown in fig. 3. For a plurality of changing steps corresponding to different topology layers, the order of the plurality of changing steps corresponding to different topology layers can be determined according to the association relationship among the plurality of topology layers. For example, for topology layers of LACP and BGP, the two are two-layer and three-layer protocols, respectively, when data is encapsulated, a TCP header is encapsulated first, and then an IP header is encapsulated, and the dependency sequence during data encapsulation is adjacent, so that the BGP topology layer and the LACP topology layer have an association relationship. Therefore, generally, in the step of changing the LACP topology layer and the BGP topology layer, the step of changing the topology layer of the lower protocol is performed first, and then the step of changing the topology layer of the upper protocol is performed according to the association relationship between the protocols.

Taking the changing scheme shown in fig. 3 as an example, the configuration command corresponding to the changing Step1 may be first sent to the network device, so that the network device executes the configuration command to complete the changing Step1, where the topology relationship of the BGP topology layer in the network is changed to 220. In an actual scenario, one change step may include changes of multiple topology layers, which are performed sequentially or synchronously according to an association relationship between the topology layers, for example, topology layers corresponding to other protocols depending on the BGP protocol need to be performed after the change of the BGP protocol topology layers is completed or synchronously, and since the network change mode corresponding to each topology layer is similar, it is sufficient to issue a corresponding configuration command for execution by the network device, and therefore details are not described here.

After the changing Step1 is completed, sending the configuration command corresponding to the changing Step2 to the network device, so that the network device executes the configuration command to complete the changing Step2, at this time, the topological relation of the BGP topological layer in the network changes to 230, and then the topological relation of the BGP topological layer in the network changes to the middle BGP topological layer 240 in the target network after the changing Step 4. Therefore, the current network is gradually transited to the target network, the complex network change process can be divided into a plurality of steps, and the change process can be controlled in a fine granularity mode, so that the change process is smoother, and the influence and risk brought by network change are reduced.

In the method provided by the embodiment of the application, when the plurality of configuration commands corresponding to the same change step are sent to the network devices, the configuration commands for different network devices can be sent to the corresponding network devices in parallel, so that the configuration change tasks of different network devices can be executed concurrently. For example, in fig. 3, in the process of changing the topological relation from 210 to 220, 4 network devices are involved, namely, nodes WAN, MAN, DC1 and DC2, and each network device needs to perform a corresponding configuration command to change the topological relation from 210 to 220. At this time, the corresponding configuration commands may be transmitted in parallel to nodes WAN, MAN, DC1, and DC2 so that they may be executed concurrently. Compared with the manual network change, the network change method has the advantages that the operator needs to log in the network equipment and input the configuration command, so that the action of the same operator is necessarily serial operation, fine control is guaranteed, and the execution efficiency of change is greatly improved.

And sending the configuration command corresponding to each change step in the change scheme to the network equipment according to the sequence of the change steps, so that the network equipment executes the configuration command corresponding to each change step according to the sequence, and if one change step has a problem, for example, a certain configuration of a certain network equipment is not modified successfully, the subsequent change steps cannot be performed at this time. Thus, the network in the transitional state can be checked at the completion of each step to ensure that each change step is completed correctly. Fig. 4 shows a process flow for checking during configuration, comprising the following process steps:

step S401, sending a configuration command corresponding to a change step in the change scheme to a network device according to the sequence of the change step, so that the network device executes the configuration command corresponding to the change step according to the sequence. For example, the configuration command corresponding to the first change Step1 is sent first, after the network device executes and passes the check, the configuration command corresponding to the second change Step2 is sent, and so on until all the configuration commands corresponding to the change steps are sent.

Step S402, checking the network change result corresponding to the change step.

Step S403, if the verification is passed, determining that the change step is completed, and processing the next change step in order.

And step S404, if the verification is not passed, controlling the network equipment to cancel the network change corresponding to the change step.

In an embodiment of the present application, when checking a result of a network change, the following method may be adopted: first, a third network model of the current network after the configuration command is executed is obtained, for example, a network in a transition state is formed after the change Step1 in fig. 3 is actually completed, and a third network model corresponding to the network may be obtained after the configuration command is executed, where the third network model may represent a result of an actual network change.

In an ideal situation, if the changing Step1 is successfully completed, an expected network change result will be formed, and the network model corresponding to the result can be denoted as the fourth network model. Comparing the third network model to a fourth network model expected after the altering step is completed. If the third network model and the fourth network model are consistent, it indicates that the configuration command in the change step has been successfully executed, so that the change step can be determined to be completed, and the next change step is processed again in the sequence from step S401 until all change steps are completed.

If the third network model is not consistent with the fourth network model, it indicates that the configuration command in the changing step is not executed smoothly, and at this time, the network device may be controlled to cancel the configuration command corresponding to the changing step to recover to the initial state before changing. At this time, the configuration command may be selected to be re-executed, and the network change corresponding to the configuration command may be attempted to be continued. Therefore, by means of checking after each change step, atomicity of each change step can be guaranteed, and uncontrollable network change caused by problems of partial changes can be avoided.

In an actual scenario, various services deployed in a network may depend on an interconnection environment provided by the network, so that an external service of each service may be affected in a network change process, for example, a service index abnormality is caused. Therefore, in the solution of the embodiment of the present application, service index information related to the network device may be monitored, and if the service index information is abnormal after a certain change step is completed, it indicates that the change step may affect a service dependent on the network device, and the network device may be controlled to cancel the network change corresponding to the change step.

In order to ensure atomicity of each change step, 5 configuration commands including a load command (do), an activate command (activate), a freeze command (deactivate), a delete command (undo), and a check command (check) are obtained when the configuration commands are generated. For example, taking the BGP protocol as an example, when configuring BGP routes for a network device, the load command (do) may be a command for loading the configuration information in the network device and is in an invalid state.

Router bgp${Local ASN}

neighbor${PeerIP}peer-group

neighbor${PeerIP}remote-as${PeerASN}

neighbor${PeerIP}route-policy${PeerName}_IN in

neighbor${PeerIP}route-policy${PeerName}_OUT out

The activate command (activate) may be a command to validate the loaded configuration.

neighbor${PeerIP}activate

The freeze command (deactivate) may be a command to invalidate the validated configuration.

no neighbor${PeerIP}activate

The delete command (undoo) may be a command to delete the loaded configuration, ensuring that the configuration of the network device is restored to the initial state prior to configuration loading.

Router bgp${Local ASN}

no neighbor${PeerIP}peer-group

The check command (check) may be a command for checking the configuration that has been validated, checking whether the configuration is correct.

show ipbgp neighbors${PeerIP}

The { } represents configuration variables in the configuration command, and by generating the configuration command, the configuration command corresponding to any change step can be ensured to cover all key functions when being generated, the check can be performed after the configuration of the network change takes effect, and a rollback scheme is searched without rush when a fault occurs, so that the integrity and the fault recovery capability of the change scheme are ensured before the change is executed.

Therefore, in the network changing method according to the embodiment of the present application, in the process of sending the configuration command corresponding to each change step in the change scheme to the network device according to the sequence of the change steps, so that the network device executes the configuration command corresponding to each change step according to the sequence, and completes each change step, the process flow shown in fig. 5 may be adopted:

step S501, sending the loading command and the activation command corresponding to the changing step to a network device, so that the network device executes the loading command and the activation command corresponding to the changing step to implement network change.

Step S502, sending the check command corresponding to the change step to the network device, so that the network device executes the check command corresponding to the change step, and verifies the result of the network change.

Step S503, if the verification is passed, determining that the change step is completed, and processing the next change step in sequence.

Step S504, if the verification fails, the freezing command and the deleting command corresponding to the changing step are sent to the network device, so that the network device executes the freezing command and the deleting command corresponding to the changing step, and the network change realized by the loading command and the activating command is cancelled.

In a conventional network change mode, an operator needs to log in a plurality of network devices at the same time to perform operation and state check of a configuration command, and pay attention to a plurality of tool platforms at the same time, so as to quickly sense and roll back when a change triggers a fault. Under the condition that the network change task is complex, human errors such as errors in copy and paste commands, neglect of key alarm information and the like are easily introduced by the method. On the other hand, if the tasks of network change are all executed by the script program, the change process becomes a black box system for the operator, and the risk in each change process cannot be sensed.

In order to solve the above problem, in the network changing method provided in the embodiment of the present application, a visual view may also be generated for each changing step, and the visual view may be provided to a user. The visualization view is used to indicate the completion of the change step, taking a change scheme of a network change as an example, where the change scheme includes N change steps, and the visualization view may include N visualization frames corresponding to each change step, for example, fig. 6 is a partial content of a visualization view, where the visualization view includes two

visualization frames

610 and 620, and the visualization frames "automation task [ 14 ] flow recovery and flow check" and "automation task [ 15 ] open monitor-link and OPS" for the two strain change steps, respectively. After the change step corresponding to the visualization box 610 is completed, the visualization box may change the displayed content (e.g., add a completed mark, change a color, etc.), so that the user may clearly know the completion of the change step.

In the visualization, an FSM (Finite element State Machine) may be used, so that the completion of each change step corresponds to a State in the Finite element State Machine, and the Finite element State Machine switches states when a change step is completed, whereby the completion of the change scenario may be automatically tracked by a change of State of the FSM. In the embodiment of the present application, when generating the visual view related to each change step, the current state of the finite element state machine may be acquired first, and then the visual view related to each change step may be generated according to the current state of the finite element state machine. Taking the visual view of fig. 6 as an example, states 1 to 15 of the FSM respectively represent the situation that the first 1 to 15 change steps in the change scheme are all completed, and at this time, if the 14 th change step, "automation task [ 14 ]" flow recovery and flow inspection "is completed, the finite element state may be switched, and the state 13 is switched to the state 14, so that the current state of the finite element state machine may be obtained as the state 14. In accordance with the current state, the visualization housing 610 in the generated visualization view can change the displayed content, indicating that the change procedure "automation task [ 14 ] of the flow rate recovery and flow rate check" corresponding to the visualization housing 610 is completed.

In addition, in the solution of the embodiment of the present application, when the first network model of the current network is obtained, the first network model may be automatically generated based on the configuration information and the preset rule by obtaining the configuration information of each network device in the current network. The second network model of the target network may be obtained by a network administrator through direct modification on the basis of the first network model, or may be automatically generated based on the required configuration information of the target network and a preset rule.

When the network model is automatically generated based on the configuration information of the network and the preset rule, the process flow shown in fig. 7 may be adopted, which includes the following steps:

step S701, obtaining configuration information of the network. In practical scenarios, a network includes a plurality of network devices, where the network devices refer to devices used for implementing data interconnection in the network, and may include, for example, repeaters, bridges, routers, gateways, firewalls, switches, and the like, and the number of the network devices is determined according to the size of the network, and for a large-scale network, the number of the network devices included in the network is also very large.

When the configuration information of the network is obtained, the configuration text of each network device in the network may be obtained first. The configuration text is generally stored in the form of a configuration file, so that each network device can retrieve its current configuration file, or a database (such as a configuration center of the network) storing the configuration files of each network device in the same network can retrieve the configuration files, and then read the corresponding configuration text from the configuration files. Since the configuration information may form a configuration text in a specific format, after the configuration file is read, the configuration text may be parsed to obtain the configuration information of each network device. For example, the content of a certain part in the configuration text is as follows:

IPADDR＝192.168.0.110

NETMASK＝255.255.255.0

BROADCAST＝192.168.0.255

GATEWAY＝192.168.0.1

DNS1＝202.202.202.222

DNS2＝222.222.222.222

it has a format, for example, the content in the form of "x.x.x.x" after "IPADDR is an IP address, and the content in the form of" x.x.x.x "after" NETMASK is a subnet mask. Therefore, by analyzing the part of the configuration text, it can be known that the configuration information related to the network device is: the IP address is 192.168.0.110, the subnet mask is 255.255.255.0, the broadcast address is 192.168.0.255, the gateway address is 192.168.0.1, and the domain name system addresses are 202.202.202.222 and 222.222.222.222. Here, it should be understood by those skilled in the art that the content included in the configuration text is only an example, the configuration text in an actual scenario will include more content, and the content included in the configuration text corresponding to different network devices will also be different because different network devices play different roles in the network.

After parsing the obtained configuration information, the network device may be associated to obtain the configuration information of the obtained network. When associating the network devices, the information that can describe the association relationship between the network devices in the configuration information may be used, for example, a routing table may determine to which network device a network device sends a data packet when receiving the data packet, so that it may be determined that an association may exist between two network devices. By associating network devices within the network, the configuration information of each network device can be combined, thereby obtaining the configuration information of the entire network in which the network devices are located.

Step S702, according to the configuration information of the network, determining a plurality of topology layers in a network model corresponding to the network.

In an actual scenario, the topology layer at least includes a physical topology layer and a protocol topology layer, and in order to generate the physical topology layer and the protocol topology layer, the configuration information of the network at least includes a physical link between network devices, a protocol used for data transmission between the network devices, a connection path between the network devices with respect to the protocol, and attributes of the protocol, so that the physical topology layer can be determined according to the physical link between the network devices, and a plurality of protocol topology layers can be determined according to the protocol used for data transmission between the network devices, the connection path between the network devices with respect to the protocol, and the attributes of the protocol. The physical topology layer is configured to describe topology relationship information between the network devices on a physical link, for example, whether two network devices are connected through a communication cable, and the protocol topology layer is configured to describe topology relationship information between the network devices with respect to a corresponding protocol, for example, whether two network devices are in a Neighbor relationship (Neighbor relationship) on the protocol, where information included in each topology layer may be represented in a manner of a topology map.

For the physical topology layer, the topology relationship information on the physical links between the network devices includes the node identifiers of the network devices and the physical links connected between the network devices. For example, fig. 8 is a topology diagram of a physical topology layer, where nodes of the network devices are identified as nodes WAN, DCA and DCB, which respectively represent three network devices, and a connection between two nodes represents a physical link existing between two network devices, for example, two network devices are connected through a network cable. Two physical links are arranged between the node WAN and the node DCA, the physical ports at the two ends are eth1 and eth2 respectively, one physical link is arranged between the node WAN and the node DCB, the physical ports at the two ends are eth3, one physical link is arranged between the node DCA and the node DCB, and the physical ports at the two ends are eth4, so that the physical links connected between the node WAN, the node DCA and the node DCB exist.

Fig. 9 and 10 are two protocol topology layers. Wherein, fig. 9 corresponds to an LACP (Link Aggregation Control Protocol), the nodes WAN, DCA, and DCB respectively represent three network devices, and a connection line between two nodes represents a logical Link existing between two network devices, so a Protocol topology layer corresponding to the LACP may also be referred to as a logical topology layer. Fig. 10 corresponds to BGP (Border Gateway Protocol), and the nodes WAN, DCA, and DCB respectively represent three network devices, and correspond to three AS (Autonomous System), a connection line between the node WAN and the node DCA, and a connection line between the node WAN and the node DCB, which respectively represent a neighbor relationship therebetween.

For the protocol topology layer, the topology relationship information between the network devices about the corresponding protocol may include node identifications of the network devices and connection paths between the network devices about the corresponding protocol. For example, in fig. 9, there is one logical link between the node WAN and the node DCA, and a PC (port channel) of the logical link aggregates two physical ports eth1 and eth2 into one logical port, so that the two physical links are aggregated into one logical link, which is a connection path between the node WAN and the node DCA with respect to the LACP. The physical port and the IP address converged by the logical ports at the two ends of the logical link are 192.168.0.1 and 192.168.0.0, respectively, which are attributes of LACP. A logical link is arranged between the node WAN and the node DCB and corresponds to a physical link, the logical ports correspond to the physical ports one by one, and the IP addresses of the ports at the two ends are 192.168.1.1 and 192.168.1.0 respectively. Similarly, there is also a logical link between node DCA and node DCB.

In fig. 10, ASN (Autonomous System Number) of three ASs corresponding to the nodes WAN, DCA, and DCB are 100, 300, and 400, respectively. The connection line between the node WAN and the node DCA and the connection line between the node WAN and the node DCB indicate that the node WAN and the node DCA are IN a neighbor relationship, respectively, and include a routing policy at the time of receiving and transmitting data, where the routing policy is an attribute of BGP, for example, for the node WAN, "IN" is an all-prefix-list DCB. The "OUT" prefix-list agg "is 10.0.0.0/8" as the egress policy of the BGP protocol on the node, which indicates that the node WAN allows sending data of the route 10.0.0.0/8. Similarly, for the node DCB, "IN" is an allow prefix-list agg of 10.0.0.0/8 "is an IN-direction policy of the BGP protocol on the node, which indicates that the node DCB allows receiving data of the route of 10.0.0.0/8, and" OUT "is an OUT-direction policy of the BGP protocol on the node, which indicates that the node DCB allows sending data of the route of DCB.

Step S703 is to determine the association relationship between the plurality of topology layers according to the dependency sequence of data layer-by-layer encapsulation during data transmission, so as to generate a layered network model for implementing network change.

Because the data needs to be encapsulated by adding a corresponding packet header during transmission, information is provided for the operation of a related protocol, for example, the BGP protocol needs to rely on an IP packet header during operation. When data is added with a header, a certain dependency relationship exists, for example, "data | TCP header | IP header | MPLS header" is a dependency sequence when data is encapsulated, that is, when data is sent, a TCP header is added to the header, which includes information required by the operation of a TCP-related four-layer protocol, and then an IP header is added to the outside of the TCP header, which includes information required by the operation of an IP-related three-layer protocol, and an MPLS header may be added to the outside of the IP header, so that the data packet can be forwarded by using a label (label). In an actual scene, according to different network architectures, an MAC header can be added in addition to an IP header to provide necessary information for the operation of a two-layer protocol.

When determining the association relationship between the multiple topology layers, the physical topology layer may associate with an association relationship between protocol topology layers corresponding to a two-layer protocol, for example, a protocol topology layer (logical topology layer) of LACP, and for the protocol topology layer, only an association relationship may exist between protocol topology layers adjacent to a data encapsulation dependency order, for example, an association relationship may exist between a BGP protocol topology layer and an LACP protocol topology layer, and if multiple vrfs (virtual Routing forwarding) exist in configuration information of a node DCA, multiple nodes in the BGP protocol topology layer may associate with one node in the LACP protocol topology layer. However, there is no association between the protocol topology layers adjacent to each other in sequence, for example, the BGP protocol topology layer does not cross the LACP protocol topology layer, but directly associates with the physical topology layer.

Based on the same inventive concept, the embodiment of the present application further provides a network changing device, the corresponding method of the device is the network changing method in the foregoing embodiment, and the principle of solving the problem is similar to the method.

The embodiment of the application provides network change equipment, which can obtain a change scheme comprising at least one change step when network change is realized, and can split a complex network change process into a plurality of steps when the network change is carried out, so that fine-grained control can be carried out on the change process, the change process is smoother, and influences and risks brought by the network change are reduced. In the embodiment of the present application, the above-mentioned devices may include, but are not limited to, implementations such as a network host, a single network server, multiple network server sets, or a cloud computing-based computer set. Here, the Cloud is composed of a large number of hosts or network servers based on Cloud computing (Cloud computing), which is a type of distributed computing, one virtual computer consisting of a collection of loosely coupled computers.

Fig. 11 shows a network change device according to an embodiment of the present application, where the device includes a scheme generating apparatus 1110, a configuration obtaining apparatus 1120, and a configuration issuing apparatus 1130. The scheme generating device 1110 is configured to determine a change scheme of the network change. The current network refers to a network before network change is carried out, and the target network is an expected network after the network change is completed.

In an embodiment of the present application, the scenario generation apparatus may determine the change scenario according to a flowchart of network change, where the change scenario includes at least one change step required to change the current network to the target network, and the flowchart may be composed of nodes and directional links between the nodes, where the nodes represent the change steps, and the links represent a sequence of the change steps. For example, two change steps may be respectively represented between the node a and the node B, and the connection line between the node a and the node B may be a connection line with an arrow, if the arrow direction points from the node a to the node B, the sequence of the two change steps is to execute the change step corresponding to the node a first and then execute the change step corresponding to the node B, and when there is only one change step in the change scheme, the flowchart may be composed of only one node without including the connection line representing the sequence of the change step.

The traditional idea of determining a change scheme during network change is to implement a complex change SOP (Standard Operating Procedure) in the form of a script or a program, but the objective situation that the actual level difference of an operator is large determines that the method makes the learning curve of a user very steep, and is difficult to maintain and expand. In the solution of this embodiment, when determining the change scenario, the change scenario may be determined according to the flow chart of the network change, so that the process of creating the change scenario may be specified. For example, an operator of a network change may be provided with an editing function of a flowchart, so that the operator may input a change SOP in the form of a flowchart using the editing function, and implement the change scheme by changing steps and sequences involved in the flowchart. Compared with the traditional scheme, the method has the advantages of strong readability, easiness in maintenance and flexibility in expansion, and the efficiency of obtaining the change scheme can be greatly improved.

In an embodiment of the application, the scheme generating device may determine the change scheme according to difference information of each topology layer in the first network model of the current network and the second network model of the target network. The first network model and the second network model comprise a plurality of topology layers, the topology layers are used for describing topology relation information between network devices in the network, and the incidence relation among the topology layers corresponds to the dependency sequence for data layer-by-layer encapsulation during data transmission, so that difference information between the current network and a target network can be quickly and accurately determined based on the network models, and the difference information corresponds to configuration variables related to the network devices required to be used in the configuration command during the network change.

Here, as will be understood by those skilled in the art, while the topology layer corresponding to the BGP protocol changes, other topology layers may also need to be changed accordingly. The specific changed content is related to the architecture of the actual network, for example, a topology layer corresponding to an LACP (Link Aggregation Control Protocol) needs to change an Aggregation policy of a Link, a forwarding path in a Segment Routing Protocol topology layer may also be changed correspondingly, and other topology layer changes may also have corresponding changing steps.

The configuration obtaining device 1120 is used for obtaining the configuration command in each change step. The configuration command required to be used in each step is related to the difference information of the network model before and after each change step is completed, and the difference information is the configuration variable corresponding to each change step and can be used for generating the configuration command.

The configuration issuing device 1130 is configured to send a configuration command corresponding to each change step in the change scheme to the network device according to the sequence of the change steps, so that the network device executes the configuration command corresponding to each change step according to the sequence, and completes each change step.

In the modification, each modification Step corresponding to the same topology layer needs to be executed in a specific order to ensure that the network modification can be smoothly and smoothly completed, for example, three modification steps Step1, Step2 and Step3 shown in fig. 3. For a plurality of changing steps corresponding to different topology layers, the order of the plurality of changing steps corresponding to different topology layers can be determined according to the association relationship among the plurality of topology layers. For example, for topology layers of LACP and BGP, the two are two-layer and three-layer protocols, respectively, when data is encapsulated, a TCP header is encapsulated first, and then an IP header is encapsulated, and the dependency sequence during data encapsulation is adjacent, so that the BGP topology layer and the LACP topology layer have an association relationship. Therefore, generally, in the step of changing the LACP topology layer and the BGP topology layer, the step of changing the topology layer of the lower protocol is performed first, and then the step of changing the topology layer of the upper protocol is performed, according to the association relationship between the protocols.

Taking the changing scheme shown in fig. 3 as an example, the configuration command corresponding to the changing Step1 may be first sent to the network device, so that the network device executes the configuration command to complete the changing Step1, where the topology relationship of the BGP topology layer in the network is changed to 220. In an actual scenario, one change step may include changes of multiple topology layers, which are performed sequentially or synchronously according to an association relationship between the topology layers, for example, topology layers corresponding to other protocols depending on the BGP protocol need to be performed after the BGP protocol topology layer changes are completed or synchronously, and since the network change modes corresponding to each topology layer are similar, it is only necessary to issue a corresponding configuration command and execute the configuration command by the network device, which is not described herein again.

In the device provided in the embodiment of the present application, when the configuration issuing device sends a plurality of configuration commands corresponding to the same change step to the network devices, the configuration issuing device may send the configuration commands for different network devices to the corresponding network devices in parallel, so that configuration change tasks of different network devices may be executed concurrently. For example, in fig. 3, in the process of changing the topological relation from 210 to 220, 4 network devices are involved, namely, nodes WAN, MAN, DC1 and DC2, and each network device needs to perform a corresponding configuration command to change the topological relation from 210 to 220. At this time, the corresponding configuration commands may be transmitted in parallel to nodes WAN, MAN, DC1, and DC2 so that they may be executed concurrently. Compared with the manual network change, the network change method has the advantages that the operator needs to log in the network equipment and input the configuration command, so that the action of the same operator is necessarily serial operation, fine control is guaranteed, and the execution efficiency of change is greatly improved.

And sending the configuration command corresponding to each change step in the change scheme to the network equipment according to the sequence of the change steps, so that the network equipment executes the configuration command corresponding to each change step according to the sequence, and if one change step has a problem, for example, a certain configuration of a certain network equipment is not modified successfully, the subsequent change steps cannot be performed at this time. Thus, the network in the transitional state can be checked at the completion of each step to ensure that each change step is completed correctly. Fig. 4 shows a processing flow of configuring the issuing device 1130 to check in the configuration process, which includes the following processing steps:

step S401, sending a configuration command corresponding to a change step in the change scheme to a network device according to the sequence of the change step, so that the network device executes the configuration command corresponding to the change step according to the sequence. For example, the configuration command corresponding to the first change Step1 is sent first, after the network device executes and passes the check, the configuration command corresponding to the second change Step2 is sent again, and so on until the configuration commands corresponding to all the change steps are sent.

Step S402, checking the network change result corresponding to the change step.

And step S404, if the verification is not passed, controlling the network device to cancel the network change corresponding to the changing step.

In an embodiment of the present application, when the configuration issuing device checks the result of the network change, the following method may be adopted: first, a third network model of the current network after the configuration command is executed is obtained, for example, a network in a transition state is formed after the change Step1 in fig. 3 is actually completed, and a third network model corresponding to the network may be obtained after the configuration command is executed, where the third network model may represent a result of an actual network change.

In an ideal situation, if the changing Step1 is successfully completed, an expected network change result will be formed, and the network model corresponding to the result can be denoted as the fourth network model. The configuration issuing device compares the third network model with a fourth network model expected after the changing step is completed. If the third network model is consistent with the fourth network model, it indicates that the configuration command in the change step has been successfully executed, so that the configuration issuing device can determine to complete the change step, and start processing the next change step again in the sequence from step S401 until all the change steps are completed.

If the third network model is inconsistent with the fourth network model, it indicates that the configuration command in the changing step is not executed smoothly, and at this time, the configuration issuing device may control the network device to cancel the configuration command corresponding to the changing step so as to recover to the initial state before the change. At this time, the configuration issuing device may select to re-execute the configuration command, and try to continue to complete the network change corresponding to the configuration command. Therefore, by means of checking after each change step, atomicity of each change step can be guaranteed, and uncontrollable network change caused by problems of partial changes can be avoided.

In an actual scenario, various services deployed in a network may depend on an interconnection environment provided by the network, and therefore, external services of the various services may be affected in a network change process, for example, a service index is abnormal. Therefore, in the solution of the embodiment of the present application, service index information related to the network device may be monitored, and if the service index information is abnormal after a certain change step is completed, it indicates that the change step may affect a service dependent on the network device, and the network device may be controlled to cancel the network change corresponding to the change step.

Router bgp${Local ASN}

neighbor${PeerIP}peer-group

neighbor${PeerIP}remote-as${PeerASN}

neighbor${PeerIP}route-policy${PeerName}_IN in

neighbor${PeerIP}route-policy${PeerName}_OUT out

neighbor${PeerIP}activate

no neighbor${PeerIP}activate

Router bgp${Local ASN}

no neighbor${PeerIP}peer-group

show ipbgp neighbors${PeerIP}

Therefore, in the network change device according to the embodiment of the present application, in the process that the configuration issuing apparatus sends the configuration command corresponding to each change step in the change scheme to the network device according to the sequence of the change steps, so that the network device executes the configuration command corresponding to each change step according to the sequence, and completes each change step, the process flow shown in fig. 5 may be adopted:

Step S503, if the verification is passed, determining that the changing step is completed, and processing the next changing step in sequence.

In order to solve the above problem, an embodiment of the present application provides a network change device, further including a visualization device, configured to generate a visualization view about each change step, and provide the visualization view to a user. The visualization view is used to represent the completion of the changing step, taking a changing scheme of a network change as an example, and includes N changing steps, and the visualization view may include N visualization frames corresponding to each changing step, for example, fig. 6 is a partial content of a visualization view, and includes two

visualization frames

610 and 620, which respectively open a monitor-link and an OPS for two strain changing steps, namely "automation task [ 14 ] flow recovery and flow check" and "automation task [ 15 ]. After the changing step corresponding to the visualization frame 610 is completed, the visualization frame may change the displayed content (e.g., add a completed mark, change a color, etc.), so that the user may clearly know the completion of the changing step.

In visualizing the view, the visualization device may utilize a Finite element State Machine (FSM) such that the completion of each change step corresponds to a State in the Finite element State Machine, which switches states when a change step is completed, whereby the completion of the change scenario may be automatically tracked by a change of State of the FSM. In an embodiment of the application, when generating the visualization view for each modification step, the visualization device may first obtain a current state of the finite element state machine, and then generate the visualization view for each modification step according to the current state of the finite element state machine. Taking the visual view of fig. 6 as an example, states 1 to 15 of the FSM respectively represent the situation that the first 1 to 15 change steps in the change scheme are all completed, and at this time, if the 14 th change step, "automation task [ 14 ]" flow recovery and flow inspection "is completed, the finite element state may be switched, and the state 13 is switched to the state 14, so that the current state of the finite element state machine may be obtained as the state 14. In accordance with the current state, the visualization housing 610 in the generated visualization view can change the displayed content, indicating that the change procedure "automation task [ 14 ] of the flow rate recovery and flow rate check" corresponding to the visualization housing 610 is completed.

In addition, in the solution of the embodiment of the application, when the network change device acquires the first network model of the current network, the first network model may be automatically generated based on the configuration information and the preset rule by acquiring the configuration information of each network device in the current network. The second network model of the target network may be obtained by a network administrator through direct modification on the basis of the first network model, or may be automatically generated based on the required configuration information of the target network and a preset rule.

When the configuration information of the network is obtained, the configuration text of each network device in the network may be obtained first. The configuration text is generally stored in the form of a configuration file, so that each network device can retrieve its current configuration file, or the configuration files can be retrieved from a database (e.g., a configuration center of the network) storing the configuration files of each network device in the network, and the corresponding configuration text can be read from the configuration files. Since the configuration information may form a configuration text in a specific format, after the configuration file is read, the configuration text may be parsed to obtain the configuration information of each network device. For example, the content of a certain part in the configuration text is as follows:

IPADDR＝192.168.0.110

NETMASK＝255.255.255.0

BROADCAST＝192.168.0.255

GATEWAY＝192.168.0.1

DNS1＝202.202.202.222

DNS2＝222.222.222.222

it has a format, for example, IP address is "after" IPADDR ═ "x.x.x", subnet mask is "after" x.x.x.x ". Therefore, by analyzing the part of the configuration text, it can be known that the configuration information related to the network device is: the IP address is 192.168.0.110, the subnet mask is 255.255.255.0, the broadcast address is 192.168.0.255, the gateway address is 192.168.0.1, and the domain name system addresses are 202.202.202.222 and 222.222.222.222. Here, it should be understood by those skilled in the art that the contents included in the configuration texts are only examples, and in an actual scenario, the configuration texts will include more contents, and since different network devices play different roles in a network, the contents included in the configuration texts corresponding to different network devices may also be different.

After parsing the obtained configuration information, the network device may be associated, so as to obtain the configuration information of the obtained network. When associating the network devices, the information that can describe the association relationship between the network devices in the configuration information may be used, for example, a routing table may determine to which network device a network device sends a data packet when receiving the data packet, so that it may be determined that an association may exist between two network devices. By associating network devices in the network, the configuration information of each network device can be combined, and further the configuration information of the whole network where the network devices are located can be obtained.

Step S702, determining a plurality of topology layers in a network model corresponding to the network according to the configuration information of the network.

In an actual scenario, the topology layer at least includes a physical topology layer and a protocol topology layer, and in order to generate the physical topology layer and the protocol topology layer, the configuration information of the network at least includes a physical link between network devices, a protocol used for data transmission between the network devices, a connection path between the network devices with respect to the protocol, and attributes of the protocol, so that the physical topology layer can be determined according to the physical link between the network devices, and a plurality of protocol topology layers can be determined according to the protocol used for data transmission between the network devices, the connection path between the network devices with respect to the protocol, and the attributes of the protocol. The physical topology layer is configured to describe topology relationship information between the network devices on a physical link, for example, whether two network devices are connected through a communication cable, and the protocol topology layer is configured to describe topology relationship information between the network devices about a corresponding protocol, for example, whether two network devices are in a Neighbor relationship (Neighbor relationship) on the protocol, where information included in each topology layer may be represented in a manner of a topology map.

For the physical topology layer, the topology relationship information on the physical links between the network devices includes the node identifications of the network devices and the physical links connected between the network devices. For example, fig. 8 is a topology diagram of a physical topology layer, where nodes of the network devices are identified as nodes WAN, DCA, and DCB, which respectively represent three network devices, and a connection line between two nodes represents a physical link existing between two network devices, for example, two network devices are connected through a network line. Two physical links are arranged between the node WAN and the node DCA, the physical ports at the two ends are eth1 and eth2 respectively, one physical link is arranged between the node WAN and the node DCB, the physical ports at the two ends are eth3, one physical link is arranged between the node DCA and the node DCB, and the physical ports at the two ends are eth4, so that the physical links connected between the node WAN, the node DCA and the node DCB exist.

For the protocol topology layer, the topology relationship information between the network devices about the corresponding protocol may include node identifications of the network devices and connection paths between the network devices about the corresponding protocol. For example, in fig. 9, there is one logical link between the node WAN and the node DCA, and a PC (port channel) of the logical link aggregates two physical ports eth1 and eth2 into one logical port, so that the two physical links are aggregated into one logical link, which is a connection path between the node WAN and the node DCA with respect to the LACP. The physical port and the IP address converged by the logical ports at the two ends of the logical link are 192.168.0.1 and 192.168.0.0, respectively, which are attributes of LACP. A logical link is arranged between the node WAN and the node DCB and corresponds to a physical link, the logical ports correspond to the physical ports one by one, and the IP addresses of the ports at the two ends are 192.168.1.1 and 192.168.1.0 respectively. Similarly, there is also one logical link between node DCA and node DCB.

In fig. 10, ASN (Autonomous System Number) of three ASs corresponding to the nodes WAN, DCA, and DCB are 100, 300, and 400, respectively. The connection line between the node WAN and the node DCA and the connection line between the node WAN and the node DCB indicate that the node WAN and the node DCA are IN a neighbor relationship, respectively, and include a routing policy at the time of receiving and transmitting data, where the routing policy is an attribute of BGP, for example, for the node WAN, "IN" is an all-prefix-list DCB. The "OUT" is an outbound policy of the BGP protocol on the node, which indicates that the node WAN allows sending data of the route 10.0.0.0/8. Similarly, for the node DCB, "IN" is an allow prefix-list agg of 10.0.0.0/8 "is an IN-direction policy of the BGP protocol on the node, which indicates that the node DCB allows receiving data of the route of 10.0.0.0/8, and" OUT "is an OUT-direction policy of the BGP protocol on the node, which indicates that the node DCB allows sending data of the route of DCB.

Because the data needs to be encapsulated by adding a corresponding packet header during transmission, information is provided for the operation of a related protocol, for example, the BGP protocol needs to rely on an IP packet header during operation. When data is added with a header, a certain dependency relationship exists, for example, "data | TCP header | IP header | MPLS header" is a dependency sequence when data is encapsulated, that is, when data is sent, a TCP header is added to the header first, and the data includes information required by the operation of a TCP-related four-layer protocol, and then an IP header is added to the outside of the TCP header, and includes information required by the operation of an IP-related three-layer protocol, and an MPLS header may be added to the outside of the IP header, so that the data packet may be forwarded by using a label (label). In an actual scene, according to different network architectures, an MAC header can be added in addition to an IP header to provide necessary information for the operation of a two-layer protocol.

To sum up, in the network change scheme provided by the present application, a change scheme including at least one change step may be obtained when a network change is implemented, and after a configuration command in each change step is obtained, the configuration command corresponding to each change step in the change scheme may be sent to the network device according to the sequence of the change step, so that the network device executes the configuration command corresponding to each change step according to the sequence, and completes each change step. Therefore, the complicated network changing process can be divided into a plurality of steps, so that the changing process can be controlled in a fine granularity mode, the changing process is smoother, and the influence and the risk brought by network changing are reduced.

Additionally, some portions of the present application may be applied as a computer program product, such as computer program instructions, which, when executed by a computer, may invoke or provide the method and/or solution according to the present application through the operation of the computer. Program instructions which invoke the methods of the present application may be stored on a fixed or removable recording medium and/or transmitted via a data stream on a broadcast or other signal bearing medium and/or stored in a working memory of a computer device operating in accordance with the program instructions. Some embodiments according to the present application include a computing device as shown in fig. 12, which includes one or more memories 1210 storing computer-readable instructions and a processor 1220 for executing the computer-readable instructions, wherein the computer-readable instructions, when executed by the processor, cause the device to perform the methods and/or aspects based on the embodiments of the present application.

In addition, an embodiment of the present application implements a set of change full-lifecycle management system, i.e., a network change center, which implements a change of a network by using the foregoing network change method, and has the following advantages compared with a conventional network change scheme:

1. the new flow chart approach defines the change SOP.

The traditional idea of determining a change scheme during network change is to implement a complex change SOP (Standard Operating program) in the form of a script or a program, but the objective situation that the actual level difference of an operator is large determines that the method makes the learning curve of a user very steep, and is difficult to maintain and expand. In the solution of this embodiment, when determining the change scheme, the change scheme may be determined according to the flow chart of the network change, so that the process of creating the change scheme may be specified. For example, an operator of the network change may be provided with an editing function of the flowchart, so that the operator may input the change SOP in the form of a flowchart using the editing function, and implement the change scheme by changing steps and order involved in the flowchart. Compared with the traditional scheme, the method has the advantages of strong readability, easiness in maintenance and flexibility in expansion, and the efficiency of obtaining the change scheme can be greatly improved.

2. The automation capability greatly improves the change efficiency

The nature of manual change is a serial operation, which is restricted by natural factors, and cannot simultaneously perform large-scale change operations, and each change step of the change center contains an automated configuration command executable on the network device. The configuration commands of different network devices can be executed in batch and concurrently without interference, so that the tasks of network change can be executed in large scale and the change efficiency is improved by orders of magnitude. Compared with manual change, the time for realizing the same network change task by the network change center in the embodiment of the application can be greatly shortened.

3. And visualizing the change execution process.

In a traditional change mode, an operator logs in a plurality of devices at the same time to perform command operation and state check, and pays attention to a plurality of tool platforms at the same time, so that the operator can quickly sense and roll back when a change trigger fault occurs. Under the pressure of a large task, human errors such as errors in copying and pasting commands, neglecting key alarm information and the like are easily introduced by the method. On the other hand, if all the operations are executed by depending on the script program, the changing process is a black box system for the network worker and the risk cannot be perceived. In the process of implementing network change by the network change center of the embodiment of the application, the change step of each change scheme can be explained and translated into the state corresponding to the change step by a finite element state machine, and the states can jump according to predefined logic. The execution flow of the whole change scheme is clearly displayed according to the change steps by taking a uniform change execution page as a visual view, so that an operator can clearly master the progress of network change, and the controllability of the change process is greatly improved.

4. Change schema automatic generation and smooth changes

The network change center can provide a new change mode for the network change process by combining the network model: 1) a shadow step: when a change step is performed, the configuration can be loaded first, then the configuration is activated (it can be loaded and merged into a command), and then whether the activated configuration is valid is checked, if so, the configuration is frozen in time (at this time, the configuration is not required to be deleted), and the configuration is deleted when all rollback is necessary. When the network change center obtains the configuration command, the configuration command corresponding to each change step is required to be formed by five shadow steps which respectively correspond to a loading command, an activating command, a freezing command, a deleting command and a checking command, so that the configuration command of any change step covers all key functions when written, a rollback scheme is not required to be searched in a hurried way when the configuration fails, and the integrity and the fault recovery capability of the scheme are ensured before the configuration is executed. 2) And (3) smooth change: network or application services can be interrupted no matter manual or automatic change is carried out, complex change scenes can be abstracted into standardized change steps in the network change, certain capability of automatically generating smooth change schemes is provided based on a network model, and the influence and the risk of the change are minimized. As shown in fig. 2 and 3, a change requirement and an automatically generated smooth change scheme of a BGP protocol topology layer are described. The goal is to insert a MAN layer between DC1, DC2, and WANs and cut off neighbor states between DC1, DC2, and WANs. The network change center can obtain all change steps of the whole change process according to the network models of the current network and the target network, and combines the shadow steps of each change step, thereby controlling the change process and reducing the potential risk.

5. Active monitoring and fast failure recovery capabilities.

In a conventional manual change scheme, a change execution process relies on a monitoring tool to monitor whether a network or a service has an alarm from each dimension, and whether the alarm is directly or indirectly associated with the change. Such as determining that the association must be rolled back urgently to reduce traffic impact. However, these peripheral monitoring tools often exist in a distributed manner, and cannot effectively address the pain points monitored by the change process. The network change center may preset critical monitoring dependency information for different scenarios, such as information of network routing inspection (configuration, state change), information of routing change (release, revocation), information of network alarm (SYSLOG, SNMP, NETFLOW), and information of service indicators from the application side (service indicators drop, interrupt, etc.). After the key monitoring dependency information is obtained, if a fault is judged to occur, the network change center can control the network equipment to cancel the network change corresponding to the corresponding change step, so that the rapid fault recovery capability is provided.

It should be noted that the present application may be implemented in software and/or a combination of software and hardware, for example, implemented using Application Specific Integrated Circuits (ASICs), general purpose computers or any other similar hardware devices. In some embodiments, the software programs of the present application may be executed by a processor to implement the above steps or functions. Likewise, the software programs (including associated data structures) of the present application may be stored in a computer readable recording medium, such as RAM memory, magnetic or optical drive or diskette and the like. Additionally, some of the steps or functions of the present application may be implemented in hardware, for example, as circuitry that cooperates with the processor to perform various steps or functions.

It will be evident to those skilled in the art that the present application is not limited to the details of the foregoing illustrative embodiments, and that the present application may be embodied in other specific forms without departing from the spirit or essential attributes thereof. The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the application being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned. Furthermore, it is obvious that the word "comprising" does not exclude other elements or steps, and the singular does not exclude the plural. A plurality of units or means recited in the apparatus claims may also be implemented by one unit or means in software or hardware. The terms first, second, etc. are used to denote names, but not any particular order.

Claims

1. A network change method, wherein the method comprises:

determining a change scheme according to difference information of each topological layer in a first network model of a current network and a second network model of a target network, wherein the network model comprises a plurality of topological layers, the topological layers are used for describing topological relation information between network devices in the network, and the incidence relation among the topological layers corresponds to a dependency sequence for data layer-by-layer encapsulation during data transmission, the change scheme comprises at least one change step required for changing the current network to the target network, the change step corresponding to the topological layer of a lower protocol is executed firstly according to the incidence relation among protocols corresponding to the topological layers, and then the change step corresponding to the topological layer of an upper protocol is executed;

acquiring a configuration command in each change step;

2. The method of claim 1, wherein determining a change plan for a network change comprises:

determining a change scheme according to a flow chart of network change, wherein the change scheme comprises at least one change step required for changing a current network to a target network, nodes in the flow chart represent the change step, and connecting lines in the flow chart represent the sequence of the change step.

3. The method of claim 1, wherein the method further comprises:

and determining the sequence of a plurality of changing steps corresponding to different topological layers according to the incidence relation among the plurality of topological layers.

4. The method according to claim 1, wherein when a plurality of configuration commands corresponding to the same alteration step are transmitted to the network devices, configuration commands for different network devices are transmitted to the corresponding network devices in parallel.

5. The method of claim 1, wherein sending the configuration command corresponding to each change step in the change scheme to the network device according to the sequence of the change steps, so that the network device executes the configuration command corresponding to each change step according to the sequence, and completing each change step comprises:

sending a configuration command corresponding to one change step in the change scheme to network equipment according to the sequence of the change step, so that the network equipment executes the configuration command corresponding to the change step according to the sequence to realize network change;

and verifying the network change result corresponding to the change step, if the network change result passes the verification, determining to finish the change step, and processing the next change step according to the sequence.

6. The method of claim 5, wherein the method further comprises:

and if the verification is not passed, controlling the network equipment to cancel the network change corresponding to the change step.

7. The method of claim 6, wherein the configuration commands corresponding to the changing step at least comprise a load command, an activate command, a check command, a freeze command, and a delete command;

sending the configuration command corresponding to each change step in the change scheme to the network device according to the sequence of the change steps, so that the network device executes the configuration command corresponding to each change step according to the sequence, and completing each change step, wherein the method comprises the following steps:

sending the loading command and the activating command corresponding to the changing step to network equipment so that the network equipment executes the loading command and the activating command corresponding to the changing step to realize network change;

sending the check command corresponding to the change step to network equipment so that the network equipment executes the check command corresponding to the change step, checking the result of the network change, and if the check is passed, determining to complete the change step and processing the next change step in sequence;

and if the verification is not passed, sending the freezing command and the deleting command corresponding to the changing step to the network equipment, so that the network equipment executes the freezing command and the deleting command corresponding to the changing step, and revoking the network change realized by the loading command and the activating command.

8. The method of claim 1, wherein the method further comprises:

generating a visual view about each alteration step, the visual view representing the completion of the alteration step;

providing the visualization view to a user.

9. The method of claim 8, wherein generating a visualization view for each alteration step comprises:

acquiring a current state of a finite element state machine, wherein the completion condition of each change step corresponds to one state in the finite element state machine, and the finite element state machine switches the states when one change step is completed;

generating a visualization view for each alteration step according to a current state of the finite element state machine.

10. The method of claim 1, wherein after the altering step is completed, further comprising:

monitoring service index information related to the network equipment;

and when the service index information is abnormal, controlling the network equipment to cancel the network change corresponding to the change step.

11. A network change device, wherein the device comprises:

a scheme generating device, configured to determine a change scheme according to difference information of each topology layer in a first network model of a current network and a second network model of a target network, where the network model includes multiple topology layers, the topology layers are used to describe topology relationship information between network devices in the network, and an association relationship between the multiple topology layers corresponds to a dependency order for data layer-by-layer encapsulation during data transmission, where the change scheme includes at least one change step required for changing the current network to the target network, and according to an association relationship between protocols corresponding to the topology layers, a change step corresponding to a topology layer of a lower protocol is executed first, and then a change step corresponding to a topology layer of an upper protocol is executed;

and the configuration issuing device is used for sending the configuration command corresponding to each change step in the change scheme to the network equipment according to the sequence of the change steps so that the network equipment executes the configuration command corresponding to each change step according to the sequence to complete each change step.

12. The device according to claim 11, wherein the configuration issuing apparatus is configured to send a configuration command corresponding to one change step in the change scheme to a network device according to a sequence of the change steps, so that the network device executes the configuration command corresponding to the change step according to the sequence to implement network change; and checking the network change result corresponding to the change step, determining to finish the change step when the check is passed, and processing the next change step according to the sequence.

13. The device according to claim 12, wherein the configuration issuing apparatus is further configured to control the network device to cancel the network change corresponding to the changing step when the configuration issuing apparatus fails to verify.

14. The apparatus of claim 13, wherein the configuration commands corresponding to the altering step include at least a load command, an activate command, a check command, a freeze command, and a delete command;

the configuration issuing device is used for sending the loading command and the activation command corresponding to the change step to the network equipment so that the network equipment executes the loading command and the activation command corresponding to the change step to realize network change; sending the check command corresponding to the change step to network equipment so that the network equipment executes the check command corresponding to the change step, checking the result of the network change, determining to finish the change step when the check is passed, and processing the next change step in sequence; and when the verification fails, sending the freezing command and the deleting command corresponding to the changing step to network equipment so that the network equipment executes the freezing command and the deleting command corresponding to the changing step, and revoking the network change realized by the loading command and the activating command.

15. A computing device comprising a memory for storing computer program instructions and a processor for executing the computer program instructions, wherein the computer program instructions, when executed by the processor, trigger the device to perform the method of any of claims 1 to 10.