CN110971434B - Method, device and system for managing intranet network equipment - Google Patents

Method, device and system for managing intranet network equipment Download PDF

Info

Publication number
CN110971434B
CN110971434B CN201811155331.7A CN201811155331A CN110971434B CN 110971434 B CN110971434 B CN 110971434B CN 201811155331 A CN201811155331 A CN 201811155331A CN 110971434 B CN110971434 B CN 110971434B
Authority
CN
China
Prior art keywords
network
data channel
information
equipment
indication information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811155331.7A
Other languages
Chinese (zh)
Other versions
CN110971434A (en
Inventor
李科
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN201811155331.7A priority Critical patent/CN110971434B/en
Publication of CN110971434A publication Critical patent/CN110971434A/en
Application granted granted Critical
Publication of CN110971434B publication Critical patent/CN110971434B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/02Standardisation; Integration
    • H04L41/0213Standardised network management protocols, e.g. simple network management protocol [SNMP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/04Network management architectures or arrangements

Abstract

The application provides a method for managing intranet network equipment, which comprises the following steps: the method comprises the steps that a cloud coordinator receives first indication information carrying an identifier of network equipment from user equipment, wherein the first indication information is used for indicating the cloud coordinator to establish a data channel for the network equipment, the user equipment is located in an outer network, and the network equipment is located in an inner network; the cloud coordinator establishes a data channel for the network equipment according to the first indication information; the cloud coordinator sends first feedback information to the user equipment, wherein the first feedback information is used for indicating that the data channel is completely established. The cloud coordinator establishes a data channel for the intranet network equipment according to the indication of the user equipment, so that the intranet network equipment and the user equipment located in an extranet communicate through the data channel, a corresponding network transmission protocol interface does not need to be developed for each service of the intranet network equipment, and the workload of managing the intranet network equipment is reduced.

Description

Method, device and system for managing intranet network equipment
Technical Field
The present application relates to the field of computers, and in particular, to a method, an apparatus, and a system for managing an intranet network device.
Background
Network devices are an important component of computer networks, which are capable of providing shared information resources and services to users in the network. A wide variety of network devices, such as switches, wireless controllers, firewalls, and routers, belong to the network devices. The operation and maintenance personnel can manage and maintain the network equipment through the management software running on the network equipment.
Due to the isolation of the intranet from the extranet, the network devices in the intranet cannot directly communicate with the network devices in the extranet. In order to manage the network devices in the intranet through the extranet, one method is to connect the intranet network devices and a controller through a network transmission protocol (e.g., network configuration protocol (Netconf)), and deploy the controller on the cloud, thereby realizing management of the intranet network devices through the extranet.
However, the above method requires each service (or function) of the network device to provide an interface of the network transmission protocol, and requires a lot of adaptation work for the existing network device and controller, which adversely affects the software development of the network device and the controller.
Disclosure of Invention
The application provides a method, a device and a system for managing intranet network equipment, which can solve the problems.
In a first aspect, a method for managing an intranet network device is provided, including: the method comprises the steps that user equipment sends first indication information carrying an identifier of the network equipment to a cloud coordinator, wherein the first indication information is used for indicating the cloud coordinator to establish a data channel for the network equipment and the user equipment, the user equipment is located in an outer network, and the network equipment is located in an inner network; the user equipment receives first feedback information from the cloud coordinator, wherein the first feedback information is used for indicating that the data channel is completely established; the user equipment interacts information with the network equipment through the data channel.
The user equipment instructs the cloud coordinator to create a data channel for the intranet network equipment and the user equipment, so that the intranet network equipment and the user equipment located in an extranet communicate through the data channel, a corresponding network transmission protocol interface does not need to be developed for each service of the intranet network equipment, and the workload of managing the intranet network equipment is reduced.
Optionally, the first feedback information includes an external network address of the data channel, and before the user equipment interacts information with the network equipment through the data channel, the method further includes: the user equipment sends request information to the external network address, and the request information is used for requesting to open a management page of the network equipment; the user equipment receives response information from the external network address, wherein the response information is used for indicating that the content of the request information request is accepted; and the user equipment opens a management page of the network equipment according to the response information, and the management page is used for exchanging information with the network equipment.
The user equipment can open the existing intranet network equipment management page through the data channel, control the intranet network equipment by using the existing intranet network equipment management system, and do not need to develop the network equipment management system again, so that the workload of managing the intranet network equipment can be reduced
Optionally, the method further comprises: the user equipment sends second indication information to the cloud coordinator, wherein the second indication information is used for indicating that the data channel is closed; the user equipment receives second feedback information from the cloud coordinator, wherein the second feedback information is used for indicating that the data channel is closed.
After the maintenance work of the intranet network equipment is finished, the user equipment can instruct the cloud collaborator to destroy the data channel and release the network resources occupied by the data channel, so that the utilization rate of the network resources is improved.
In a second aspect, the present application further provides a method for managing an intranet network device, including: the method comprises the steps that a cloud coordinator receives first indication information carrying an identifier of network equipment from user equipment, wherein the first indication information is used for indicating the cloud coordinator to establish a data channel for the network equipment and the user equipment, the user equipment is located in an outer network, and the network equipment is located in an inner network; the cloud coordinator establishes a data channel according to the first indication information; the cloud coordinator sends first feedback information to the user equipment, wherein the first feedback information is used for indicating that the data channel is completely established.
The cloud coordinator establishes a data channel for the intranet network equipment and the user equipment according to the indication of the user equipment, so that the intranet network equipment and the user equipment in the extranet communicate through the data channel, a corresponding network transmission protocol interface does not need to be developed for each service of the intranet network equipment, and the workload of managing the intranet network equipment is reduced.
Optionally, the creating, by the cloud coordinator, a data channel for the network device according to the first indication information includes: the cloud coordinator allocates network resources for the network equipment according to the first indication information, wherein the network resources comprise an internal network address and an external network address which are required by the creation of the data channel; and the cloud coordinator sends third indication information to the network equipment, wherein the third indication information is used for indicating the network equipment to create a data channel.
The cloud coordinator may indicate to the network device the network resources that the network device may use in order for the network device to be able to successfully create the data channel.
Optionally, the allocating, by the cloud coordinator, network resources for the network device according to the first indication information includes: the cloud coordinator selects an internal network address and an external network address from the network address resource pool; and the cloud coordinator records the corresponding relation between the intranet network address and the extranet network address.
According to the scheme, the network security can be improved, for example, when the cloud coordinator receives a verification request which is sent by the server and carries the intranet network address and the extranet network address, the network addresses in the verification request are determined to be safe network addresses according to the corresponding relation recorded by the cloud coordinator, and verification passing information is returned to the server.
Optionally, the method further comprises: the cloud coordinator records the used information of the intranet network address and the extranet network address.
The scheme can avoid the use of the same internal network address and the external network address by a plurality of data channels.
Optionally, the method further comprises: the cloud coordinator receives verification information from the server, and the verification information is used for verifying the security of the network equipment; and the cloud coordinator sends verification passing information to the server.
Optionally, the method further comprises: the cloud coordinator scans a server, wherein the server is equipment for bearing a data channel; when the state of the server is an abnormal state, the cloud coordinator releases the network resource; or when the state of the server is a normal state, the cloud coordinator does not release the network resources.
When a server bearing a data channel is abnormal, the data channel may not be used, the cloud coordinator scans the server regularly or irregularly, the data channel can be closed when the state of the server is abnormal, network resources occupied by the data channel are released, and the utilization rate of the network resources is improved.
Optionally, the method further comprises: and the cloud coordinator updates the corresponding relation between the intranet network address and the extranet network address.
The corresponding relation between the intranet network address and the extranet network address is beneficial to reducing the time of exposing the intranet network address in the extranet and enhancing the safety of the intranet.
Optionally, the sending, by the cloud coordinator, third indication information carrying a network address to the network device includes: the cloud coordinator sends third indication information to the network device based on any one of the following three communication modes: netconf, Simple Network Management Protocol (SNMP), or secure telnet (stellnet) protocol.
Optionally, the method further comprises: the cloud coordinator receives second indication information from the user equipment, wherein the second indication information is used for indicating that the data channel is closed; the cloud coordinator releases the network resources of the data channel according to the second indication information; and the cloud coordinator sends second feedback information to the user equipment, wherein the second feedback information is used for indicating that the data channel is closed.
After the maintenance work of the intranet network equipment is finished, the cloud coordinator can destroy the data channel according to the indication of the user equipment, and release network resources occupied by the data channel, so that the utilization rate of the network resources is improved.
In a third aspect, the present application further provides a method for managing an intranet network device, including: the network equipment receives third indication information from the cloud coordinator, wherein the third indication information is used for indicating the network equipment to create a data channel, and the network equipment is located in an intranet; the network equipment sends a connection request to the server according to the third indication information, wherein the connection request is used for requesting to create a data channel; the network equipment receives response information from the server, wherein the response information is used for indicating that the data channel is completely established; the network device interacts information with the user device through a data channel, wherein the user device is located in an extranet.
The intranet network equipment requests the server to create a data channel according to the indication of the cloud coordinator, so that the intranet network equipment and the user equipment located in the extranet communicate through the data channel, a corresponding network transmission protocol interface does not need to be developed for each service of the intranet network equipment, and the workload of managing the intranet network equipment is reduced.
In a fourth aspect, the present application further provides a method for managing an intranet network device, including: the method comprises the steps that a server receives a connection sending request from network equipment, wherein the connection request is used for requesting to create a data channel, and the data channel is used for information interaction between user equipment and the network equipment, wherein the user equipment is located in an extranet, and the network equipment is located in an intranet; the server creates the data channel according to the connection request; and the server sends response information to the network equipment, wherein the response information is used for indicating that the data channel is completely established.
The server establishes a data channel according to the indication of the intranet network equipment, so that the intranet network equipment and the user equipment positioned in the extranet communicate through the data channel, a corresponding network transmission protocol interface does not need to be developed for each service of the intranet network equipment, and the workload of managing the intranet network equipment is reduced.
Optionally, before the server creates the data channel according to the connection request, the method further includes: the server sends verification information to the cloud coordinator, and the verification information is used for verifying the security of the network equipment; the server creates a data channel according to the connection request, and the method comprises the following steps: and when the security check of the network equipment passes, the server creates a data channel according to the connection request.
According to the scheme, the network security can be improved, for example, when the cloud coordinator receives a verification request which is sent by the server and carries the intranet network address and the extranet network address, the network addresses in the verification request are determined to be safe network addresses according to the corresponding relation recorded by the cloud coordinator, verification passing information is returned to the server, and then the server creates a data channel according to the verification passing information.
In a fifth aspect, the present application further provides a device for managing an intranet network device, where the device may implement functions corresponding to the steps in the method according to the first aspect, and the functions may be implemented by hardware or by hardware executing corresponding software. The hardware or software includes one or more units or modules corresponding to the above functions.
In one possible design, the apparatus includes a processor configured to support the apparatus to perform the corresponding functions in the method according to the first aspect. The apparatus may also include a memory, coupled to the processor, that retains program instructions and data necessary for the apparatus. Optionally, the apparatus further comprises a transceiver and/or a communication interface for supporting communication between the apparatus and other network elements.
In a sixth aspect, the present application further provides a device for managing an intranet network device, where the device may implement functions corresponding to the steps in the method according to the second aspect, where the functions may be implemented by hardware or by hardware executing corresponding software. The hardware or software includes one or more units or modules corresponding to the above functions.
In one possible design, the apparatus includes a processor configured to support the apparatus to perform the corresponding functions in the method according to the second aspect. The apparatus may also include a memory, coupled to the processor, that retains program instructions and data necessary for the apparatus. Optionally, the apparatus further comprises a transceiver and/or a communication interface for supporting communication between the apparatus and other network elements.
In a seventh aspect, the present application further provides a device for managing an intranet network device, where the device may implement functions corresponding to the steps in the method according to the third aspect, where the functions may be implemented by hardware, or may be implemented by hardware executing corresponding software. The hardware or software includes one or more units or modules corresponding to the above functions.
In one possible design, the apparatus includes a processor configured to support the apparatus to perform the corresponding functions in the method according to the third aspect. The apparatus may also include a memory, coupled to the processor, that retains program instructions and data necessary for the apparatus. Optionally, the apparatus further comprises a transceiver and/or a communication interface for supporting communication between the apparatus and other network elements.
In an eighth aspect, the present application further provides a device for managing an intranet network device, where the device may implement functions corresponding to each step in the method according to the fourth aspect, where the functions may be implemented by hardware or by hardware executing corresponding software. The hardware or software includes one or more units or modules corresponding to the above functions.
In one possible design, the apparatus includes a processor configured to support the apparatus to perform the corresponding functions in the method according to the fourth aspect. The apparatus may also include a memory, coupled to the processor, that retains program instructions and data necessary for the apparatus. Optionally, the apparatus further comprises a transceiver and/or a communication interface for supporting communication between the apparatus and other network elements.
In a ninth aspect, the present application provides a computer program product comprising: computer program code for causing a user equipment to perform the method according to the first aspect when the computer program code is run by a communication unit, processing unit or transceiver, processor of the user equipment.
In a tenth aspect, the present application provides a computer program product comprising: computer program code which, when executed by a communication unit, a processing unit or a transceiver, a processor of a cloud coordinator, causes the cloud coordinator to perform the method of the second aspect.
In an eleventh aspect, the present application provides a computer program product comprising: computer program code which, when run by a communication unit, a processing unit or a transceiver, a processor of the intranet network device, causes the intranet network device to perform the method according to the third aspect.
In a twelfth aspect, the present application provides a computer program product comprising: computer program code for causing a server to perform the method of the fourth aspect when said computer program code is run by a communication unit, a processing unit or a transceiver, a processor of the server.
In a thirteenth aspect, the present application provides a system for managing an intranet network device, including the apparatus in the fifth aspect to the eighth aspect.
Drawings
Fig. 1 is a schematic diagram of a network system suitable for use in the technical solution of the present application;
FIG. 2 is a schematic diagram of a method for managing an intranet network device according to the present application;
FIG. 3 is a schematic diagram of a method for creating a data channel provided herein;
FIG. 4 is a schematic diagram of a method of monitoring a server provided herein;
FIG. 5 is a schematic diagram of another method for managing intranet network devices provided by the present application;
FIG. 6 is a schematic diagram of an apparatus for managing an intranet network device according to the present application;
FIG. 7 is a schematic diagram of another apparatus for managing an intranet network device according to the present disclosure;
FIG. 8 is a schematic diagram of yet another apparatus for managing an intranet network device according to the present application;
FIG. 9 is a schematic diagram of yet another apparatus for managing an intranet network device according to the present application;
FIG. 10 is a schematic diagram of yet another apparatus for managing an intranet network device according to the present application;
FIG. 11 is a schematic diagram of yet another apparatus for managing an intranet network device according to the present application;
FIG. 12 is a schematic diagram of yet another apparatus for managing an intranet network device according to the present application;
fig. 13 is a schematic diagram of another apparatus for managing an intranet network device according to the present application.
Detailed Description
The technical solution in the present application will be described below with reference to the accompanying drawings.
Fig. 1 is a schematic diagram of a network system suitable for use in the technical solution of the present application.
The network system includes a user equipment, a centralized management system, a switch, and a radio controller. The centralized management system is, for example, a controller deployed on a cloud, and the controller is, for example, a Network Cloud Engine (NCE) cloud park (CloudCampus) controller manufactured by hua corporation. The centralized management system is located in the external network, can communicate with the user equipment in the external network, receives the instruction of the user equipment and sends information to the user equipment. The centralized management system can communicate with the user equipment through the base station or the ethernet, and the user equipment is, for example, a personal computer or a handheld device or a wearable device used by operation and maintenance personnel.
The switch and the wireless controller are two intranet network devices located in a park, and the park can be an industrial park, an office building or a laboratory. The present application is not limited to the specific form of the campus, the network devices on the campus may be other types of network devices, the number of network devices on the campus is not limited to the number shown in fig. 1, and the switches and the wireless controllers are only examples.
The centralized management system can communicate with the switch and the wireless controller located in the intranet through Netconf, or can communicate with the switch and the wireless controller located in the intranet through other communication protocols, such as SNMP or stellnet protocols.
The network device is deployed in an intranet and cannot directly access an extranet. After the network device is registered on line in the centralized management system, the centralized management system allocates a unique identifier to the network device. The identifier may be an Internet Protocol (IP) address of the network device, a hardware serial number of the network device, or other information that can uniquely identify the network device.
In the present application, the intranet and the extranet are two concepts having an association relationship, and alternatively, the intranet and the extranet may be interpreted as having the following meanings: the intranet is a local area network of the extranets.
For example, when the external network is the Internet, the internal network may be a network formed by network devices in an industrial park, or may be a network formed by network devices in an office building in the industrial park.
For another example, when the external network is a network composed of network devices in an industrial park, the internal network may be a network composed of network devices in an office building in the industrial park, or may be a network composed of network devices in a laboratory in the office building.
It should be understood that the above explanations of the intranet and the extranet are only examples, and should not be construed as limiting the application scenarios of the present application.
Based on the network system shown in fig. 1, the present application provides a method for managing intranet network devices, as shown in fig. 2.
In the method, when an operation and maintenance person needs to manage a network device in a campus, the operation and maintenance person may send, to a centralized management system through a user device, first indication information carrying an identifier of the network device, where the first indication information is used to indicate a cloud coordinator (a module in the centralized management system) to create a data channel for the network device, that is, the user device executes S210 shown in fig. 2.
The "first indication information" may have other names as well, for example, request information. The present application is not limited to the specific form thereof.
After receiving the first indication information, the centralized management system may select the cloud coordinator B to process the first indication information according to a load sharing mechanism, for example, the centralized management system includes a plurality of cloud coordinators, and if the load of the cloud coordinator B at the current time is small, the centralized management system may select the cloud coordinator B from the plurality of cloud coordinators to process the first indication information after receiving the first indication information. The load sharing mechanism may be implemented by an Elastic Load Balancing (ELB) server or a Linux Virtual Server (LVS).
After the cloud coordinator B obtains the first indication information, a data channel is created for the network device according to the content indicated by the first indication information, where the data channel is, for example, a security layer (SSH) tunnel, and the specific form of the data channel is not limited in the present application.
It should be noted that, in the present application, the adjectives "first", "second", etc., are used only to distinguish different individuals in the same kind of objects, and should not be interpreted in other meanings. For example, the "first indication information" and the "second indication information" are two indication information having different contents, and the difference between the two indication information is only the same.
The cloud coordinator B may perform the steps shown in fig. 3 to allocate network resources required for creating the data channel for the network device, for example, allocate a network address required for creating the data channel for the network device.
S301, inquiring the configuration file, and establishing a resource pool containing the external network address.
S302, inquiring the configuration file, and establishing a resource pool containing the intranet network address.
In the present application, the network address may be an IP address and a port number, but the network address may also include information other than the IP address and the port number, for example, a version number of a transport protocol.
The cloud coordinator B creates an intranet network address resource pool and an extranet network address resource pool according to the configuration file, and may select a network address from the two resource pools when the network address needs to be allocated, for example, "112.80.248.76: 64004" may be selected from the extranet network address resource pool as an extranet network address of the SSH tunnel, where "112.80.248.76" represents an IP address, and "64004" represents a port number of the IP address. For another example, "192.168.1.9: 64450" may be selected from the intranet network address resource pool as the intranet network address of the SSH tunnel, where "192.168.1.9" represents an IP address and "64450" represents a port number of the IP address.
S303, inquiring the state of the SSH server. For example, an SSH server with a smaller load, such as SSH server a shown in fig. 2, may be determined from a plurality of SSH servers according to the load conditions of the SSH servers.
S304, reading the database, and inquiring the used network address to avoid using the used network address when allocating the network address for the SSH tunnel.
S305, writing the database, and writing the network address allocated to the SSH tunnel into the database so as to avoid the network address being allocated to other data channels.
For example, cloud coordinator B may tag the network address used by the SSH tunnel in the database, where the tag indicates that the network address has been used.
S306, binding the incidence relation between the intranet network address and the extranet network address.
And after the cloud coordinator B allocates the intranet network address and the extranet network address to the data channel, recording the corresponding relation between the two network addresses. Optionally, as shown in the refreshing step of fig. 2, the cloud coordinator B may also periodically refresh Network Address Translation (NAT) configuration information, so as to reduce the time for exposing the network address of the internal network to the external network, and enhance the security of the internal network.
S307, the Netconf message is sent to the network device, and the Netconf message can carry the intranet network address of the SSH tunnel, so that the network device can create the SSH tunnel.
In an optional implementation manner of the Netconf message, that is, the third indication information indicates that the network device creates an SSH tunnel. S307 is S202 shown in fig. 2.
After determining that the SSH tunnel is created by the SSH server a, the cloud coordinator B may send, to the network device, a Netconf message including a network address of a southbound NAT node, where the southbound NAT node is a node having an association relationship with the SSH server a. After receiving the Netconf message, the network device sends a connection request to the southbound NAT node according to the network address of the southbound NAT node carried in the Netconf message, where the connection request is used to request for creating an SSH tunnel, that is, the network device executes S203 shown in fig. 2. The Netconf message may also carry a network address of the network device, for example, "172.16.1.2: 8443," where "172.16.1.2" is an IP address of the network device, and "8443" is a port number of the IP address.
The southbound NAT node may be a module located in the same device as the SSH server a, or a module located in a different device from the SSH server a, and may be implemented by an ELB, an LVS, or an IP table (tables).
After receiving the connection request, the southbound NAT node forwards the connection request to the SSH server A, so that the SSH server A creates an SSH tunnel. The southbound NAT node also records the correspondence between the network address of the network device and the network address of the southbound NAT node (e.g., "112.80.248.77: 40024") to facilitate subsequent forwarding of information from the SSH tunnel to the network device and forwarding of information sent by the network device to the SSH tunnel.
After receiving the connection request, the SSH server a may directly establish an SSH tunnel based on the connection request, or may establish an SSH tunnel after verifying the security of the network device.
For example, SSH server a may send check information including the port number of the southbound NAT node (40024) to cloud coordinator B, requesting cloud coordinator B to determine whether 40024 is the port number specified by cloud coordinator B; the cloud coordinator B determines that the port number 40024 is designated by the cloud coordinator B, and then the cloud coordinator B sends verification passing information to the SSH server A; and after obtaining the verification passing information, the SSH server A creates an SSH tunnel for the network equipment.
After the SSH tunnel is created by the SSH server a, information indicating that the SSH tunnel creation is completed may be sent to the cloud coordinator B and the network device (i.e., S204 is performed), and then the cloud coordinator B may send first feedback information to the user device, where the first feedback information is used to indicate that the SSH tunnel creation is completed, i.e., the cloud coordinator B performs S205 illustrated in fig. 2.
Optionally, the first feedback information includes an external network address "112.80.248.76: 64004" of the SSH tunnel, and after receiving the first feedback information, the user equipment generates request information, sends the request information to the external network address, and requests to open a management page of the network device. When the user equipment receives the response information from the external network address, the management page of the network equipment can be opened.
Subsequently, the user equipment may perform S206, transmitting configuration information to the network device or receiving information from the network device.
When the user equipment needs to close the SSH tunnel, the user equipment may send second indication information to the cloud coordinator B, instruct the cloud coordinator B to close the SSH tunnel, and release the network resource of the SSH tunnel according to the second indication information by the cloud coordinator B, for example, instruct the SSH server a to no longer monitor the port 64450, and/or instruct the northbound NAT node and the southbound NAT node to delete the network address related to the SSH tunnel. And after the network resources of the SSH tunnel are released, the cloud coordinator B sends second feedback information to the user equipment to indicate that the SSH tunnel is closed.
As an optional example, after the cloud coordinator B allocates the network resource to the SSH tunnel, the state of the SSH server a may be scanned, that is, the monitoring step shown in fig. 2 is executed, so that the network resource is released in time when the state of the SSH server a is in an abnormal state, and the utilization rate of the network resource is improved.
The cloud coordinator B may perform the monitoring step according to the method shown in fig. 4.
S401, when the monitoring timer is triggered, the cloud coordinator B inquires the configuration file and acquires an IP list of the SSH server in the centralized management system.
S402, inquiring the state of the SSH server A through the IP list.
S403, determines whether the state of the SSH server a is abnormal or normal.
And if the state of the SSH server A is a normal state, not releasing the network resources of the SSH tunnel, and ending.
If the status of SSH server a is abnormal, S404 is executed.
S404, sending an instruction for closing the SSH tunnel to the network equipment.
S405, sends an instruction to close the SSH tunnel to the SSH server a. This step is an optional step and may be performed simultaneously with S404.
S406, the NAT configuration information is refreshed, and the corresponding relation between the intranet network address and the extranet network address is released.
S407, releasing the network resource. For example, the used states of the intranet network address and the extranet network address in the database are set to be unused states.
Based on the method for managing intranet network devices described above, the timing relationship of each step of the technical solution provided by the present application is described below by taking fig. 5 as an example.
As shown in fig. 5, after opening a User Interface (UI) of the centralized management system in a browser of a personal computer, an operation and maintenance worker selects a network device to be configured, clicks a button for opening a network management UI of the network device, and the user device obtains operation information of the clicked button and executes S501.
S501, sending first indication information to the cloud coordinator, wherein the first indication information carries an identifier of the network device selected by the operation and maintenance personnel and is used for indicating that a data channel is created for the network device and the user device.
S502, the cloud coordinator allocates a network resource to the network device according to the first indication information, for example, allocates a port with a port number 8443 to the network device.
S503, the cloud coordinator sends update configuration information to the northbound NAT node according to the network resources allocated to the network device, for example, the update configuration information is used for adding a corresponding relation between an external network address "112.80.248.76: 64004" and an internal network address "192.168.1.9: 64450" in the northbound NAT node.
S504, the cloud coordinator sends a Netconf message to the network device, the message indicates the network device to create an SSH tunnel, the message also carries a port number 8443, a network address of the southbound NAT node '112.80.248.77: 40024' and a monitoring port number 64450, wherein the port number 8443 is a port number which needs to be used when the network device sends a connection request and uses the SSH tunnel for communication, the network address of the southbound NAT node is a destination address of the connection request sent by the network device, and the monitoring port number 64450 is a port number used by a designated SSH server.
And S505, the network equipment sends a connection request to the southbound NAT node to request to establish an SSH tunnel. The connection request carries the network address "172.16.1.2: 8443" and the listening port number 64450 of the network device.
And S506, after the southbound NAT node receives the connection request, recording the corresponding relation between '172.16.1.2: 8443' and '40024', so that the data received by the 40024 port is forwarded to '172.16.1.2: 8443' after the SSH tunnel is established, and the data received from '172.16.1.2: 8443' is forwarded to the SSH server through the 40024 port.
S507, the southbound NAT node sends a connection request to the SSH server, wherein the connection request comprises the network address '112.80.248.77: 40024' and the monitoring port number 64450 of the southbound NAT node.
And S508, after the SSH server receives the connection request sent by the southbound NAT node, recording the corresponding relation between '112.80.248.77: 40024' and '64450', so that the data received by the 64450 port is sent to '112.80.248.77: 40024' after the SSH tunnel is established, and the data received from '112.80.248.77: 40024' is forwarded to the northbound NAT node through the 64450 port.
After the SSH tunnel is established, the SSH server may send an SSH tunnel establishment completion message to each relevant device (e.g., the cloud coordinator).
S509, after determining that the SSH tunnel is established, the cloud coordinator sends first feedback information to the centralized management system UI (i.e., the user equipment), where the first feedback information indicates that the SSH tunnel is established, and the first feedback information further includes an external network address "112.80.248.76: 64004" of the SSH tunnel, where the external network address may be considered as a network address of the northbound NAT node.
And S510, the centralized management system UI creates a new window, namely, the network management UI of the network equipment according to the first feedback information.
S511, the network management UI (i.e. the user equipment) of the network device sends data to the NAT node, where the destination address of the data is "112.80.248.76: 64004".
And S512, after receiving the data through the 64004 port, the northbound NAT node forwards the data to 192.168.1.9:64450 according to the corresponding relation configured in the S503.
S513, after the SSH server receives the data through the 64450 port, the SSH server forwards the data to 112.80.248.77:40024 according to the corresponding relation recorded in S508.
And S514, after receiving the data through the 40024 port, the southbound NAT node forwards the data to 172.16.1.2:8443 according to the corresponding relation recorded in S506.
The way of forwarding the data sent by the network device to the user equipment by the southbound NAT node, the SSH server and the northbound NAT node is similar to the flow shown in S512-S514.
And S515, after completing the maintenance work of the network device, the operation and maintenance personnel click a button for closing a network management UI of the network device, and after obtaining the operation information of the clicked button, the UI of the centralized management system sends second indication information for closing the SSH tunnel to the cloud coordinator, wherein the second indication information carries the identifier of the network device.
And S516, after receiving the second indication information, the cloud coordinator sends a Netconf message to the network equipment, wherein the message indicates the network equipment to close the SSH tunnel.
S517, the cloud coordinator releases the network resource of the SSH tunnel, for example, the used states of the external network address and the internal network address of the SSH tunnel in the database are set to be unused states.
And S518, sending the information of deleting the configuration to the northbound NAT node, and commanding the northbound NAT node to delete the corresponding relationship configured in the S503.
And S519, sending information for destroying the SSH tunnel to the SSH server, and commanding the SSH server to destroy the SSH tunnel.
S520, sending second feedback information to the UI, wherein the second feedback information indicates that the SSH tunnel of the network equipment is closed.
The above provides an example of a method for managing an intranet network device. It is understood that, in order to implement the above functions, the apparatus for managing the intranet network device includes a hardware structure and/or a software module corresponding to each function. Those of skill in the art would readily appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as hardware or combinations of hardware and computer software. Whether a function is performed as hardware or computer software drives hardware depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
The present application may divide the functional units of the apparatus for managing the intranet network device according to the above method example, for example, each function may be divided into each functional unit, or two or more functions may be integrated into one processing unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit. It should be noted that the division of the units in the present application is schematic, and is only one division of logic functions, and there may be another division manner in actual implementation.
Fig. 6 shows a schematic structure of a possible apparatus for managing an intranet network device provided by the present application, in the case of using an integrated unit. The apparatus 600 comprises: a processing unit 601, a receiving unit 602 and a transmitting unit 603. Processing unit 601 is configured to control apparatus 600 to perform the steps of the method for managing intranet network devices shown in fig. 5. The processing unit 601 may also be used to perform other processes for the techniques described herein. The apparatus 600 may also include a storage unit for storing program codes and data of the apparatus 600.
For example, the processing unit 601 is configured to control the sending unit 603 to perform:
and sending first indication information carrying the identifier of the network equipment to the cloud coordinator, wherein the first indication information is used for indicating the cloud coordinator to create a data channel for the network equipment and the user equipment, the user equipment is located in an outer network, and the network equipment is located in an inner network.
The processing unit 601 is configured to control the receiving unit 602 to perform:
receiving first feedback information from the cloud coordinator, wherein the first feedback information is used for indicating that the data channel is completely established;
the processing unit 601 is further configured to control the transmitting unit 603 and the receiving unit 602 to perform:
and exchanging information with the network equipment through the data channel.
The processing unit 601 may be a processor or a controller, such as a Central Processing Unit (CPU), a general purpose processor, a Digital Signal Processor (DSP), an application-specific integrated circuit (ASIC), a Field Programmable Gate Array (FPGA) or other programmable logic device, a transistor logic device, a hardware component, or any combination thereof. Which may implement or perform the various illustrative logical blocks, modules, and circuits described in connection with the disclosure. The processor may also be a combination of computing functions, e.g., comprising one or more microprocessors, DSPs, and microprocessors, among others. The transmitting unit 602 and the receiving unit 603 are transceivers, for example, and the storage unit may be a memory.
When processing section 601 is a processor, transmitting section 602 and receiving section 603 are transceivers, and the storage section is a memory, the apparatus for managing an intranet network device according to the present invention may be an apparatus shown in fig. 7.
Referring to fig. 7, the apparatus 700 includes: a processor 701, a transceiver 702, and a memory 703 (optional). The processor 701, the transceiver 702, and the memory 703 may communicate with each other via internal connection paths, passing control and/or data signals.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the apparatuses and units described above may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
The device 600 and the device 700 for managing intranet network equipment provided by the application establish a data channel for the intranet network equipment through the indication cloud coordinator, so that the intranet network equipment and user equipment located in an extranet communicate through the data channel, a corresponding network transmission protocol interface does not need to be developed for each service of the intranet network equipment, and the workload of managing the intranet network equipment is reduced.
In the case of an integrated unit, fig. 8 shows a schematic structure of a possible apparatus for managing an intranet network device provided by the present application. The apparatus 800 comprises: a processing unit 801, a receiving unit 802 and a transmitting unit 803. Processing unit 801 is configured to control apparatus 800 to perform the steps of the method for managing an intranet network device shown in fig. 5. The processing unit 801 may also be used to perform other processes for the techniques described herein. The apparatus 800 may also include a storage unit for storing program codes and data of the apparatus 800.
For example, the processing unit 801 is configured to control the receiving unit 802 to perform:
receiving first indication information carrying the identifier of the network equipment from the user equipment, wherein the first indication information is used for indicating the cloud coordinator to create a data channel for the network equipment and the user equipment, the user equipment is located in an outer network, and the network equipment is located in an inner network.
The processing unit 801 is configured to perform:
and creating a data channel for the network equipment according to the first indication information.
The processing unit 801 is configured to control the sending unit 803 to perform:
and sending first feedback information to the user equipment, wherein the first feedback information is used for indicating that the data channel is completely established.
The processing unit 801 may be a processor or controller, for example, a CPU, general purpose processor, DSP, ASIC, FPGA or other programmable logic device, transistor logic device, hardware component, or any combination thereof. Which may implement or perform the various illustrative logical blocks, modules, and circuits described in connection with the disclosure. The processor may also be a combination of computing functions, e.g., comprising one or more microprocessors, DSPs, and microprocessors, among others. The transmitting unit 802 and the receiving unit 803 are transceivers, for example, and the storage unit may be a memory.
When processing unit 801 is a processor, transmitting unit 802 and receiving unit 803 are communication interfaces, and the storage unit is a memory, the apparatus for managing an intranet network device according to the present application may be the apparatus shown in fig. 9.
Referring to fig. 9, the apparatus 900 includes: a processor 901, a communication interface 902, and a memory 903 (optional). The processor 901, the transceiver 902 and the memory 903 may communicate with each other via internal connection paths to transfer control and/or data signals.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the apparatuses and units described above may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
The device 800 and the device 900 for managing intranet network equipment provided by the application create a data channel for the intranet network equipment according to the indication of the user equipment, so that the intranet network equipment and the user equipment located in an extranet communicate through the data channel, a corresponding network transmission protocol interface does not need to be developed for each service of the intranet network equipment, and the workload of managing the intranet network equipment is reduced.
Fig. 10 shows a schematic structure of a possible apparatus for managing an intranet network device provided by the present application, in the case of using an integrated unit. The apparatus 1000 comprises: a processing unit 1001, a receiving unit 1002, and a transmitting unit 1003. Processing unit 1001 is configured to control apparatus 1000 to execute the steps of the method for managing an intranet network device shown in fig. 5. The processing unit 1001 may also be used to perform other processes for the techniques described herein. The apparatus 1000 may also include a storage unit for storing program codes and data of the apparatus 1000.
For example, the processing unit 1001 is configured to control the receiving unit 1002 to perform:
and receiving third indication information from the cloud coordinator, wherein the third indication information is used for indicating network equipment to create a data channel, and the network equipment is located in an intranet.
The processing unit 1001 is configured to control the transmitting unit 1003 to perform:
and sending a connection request to the server according to the third indication information, wherein the connection request is used for requesting to create a data channel.
The processing unit 1001 is further configured to control the receiving unit 1002 to perform:
and receiving response information from the server, wherein the response information is used for indicating that the data channel is completely created.
The processing unit 1001 is further configured to control the receiving unit 1002 and the transmitting unit 1003 to perform:
and exchanging information with the user equipment through the data channel, wherein the user equipment is positioned in the external network.
The processing unit 1001 may be a processor or controller, for example, a CPU, general purpose processor, DSP, ASIC, FPGA or other programmable logic device, transistor logic device, hardware component, or any combination thereof. Which may implement or perform the various illustrative logical blocks, modules, and circuits described in connection with the disclosure. The processor may also be a combination of computing functions, e.g., comprising one or more microprocessors, DSPs, and microprocessors, among others. The transmitting unit 1002 and the receiving unit 1003 are transceivers, for example, and the storage unit may be a memory.
When processing section 1001 is a processor, transmitting section 1002 and receiving section 1003 are communication interfaces, and the storage section is a memory, the apparatus for managing an intranet network device according to the present invention may be an apparatus shown in fig. 11.
Referring to fig. 11, the apparatus 1100 includes: a processor 1101, a communication interface 1102, and a memory 1103 (optional). The processor 1101, the transceiver 1102 and the memory 1103 may communicate with each other via internal connection paths, passing control and/or data signals.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the apparatuses and units described above may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
The device 1000 and the device 1100 for managing intranet network equipment provided by the application request the server to create the data channel according to the indication of the cloud coordinator, so that the intranet network equipment and the user equipment located in an extranet communicate through the data channel, a corresponding network transmission protocol interface does not need to be developed for each service of the intranet network equipment, and the workload of managing the intranet network equipment is reduced.
Fig. 12 shows a schematic structure of a possible apparatus for managing an intranet network device provided by the present application, in case of using an integrated unit. The apparatus 1200 includes: a processing unit 1201, a receiving unit 1202, and a transmitting unit 1203. Processing unit 1201 is configured to control apparatus 1200 to perform the steps of the method for managing an intranet network device shown in fig. 5. The processing unit 1201 may also be used to perform other processes for the techniques described herein. The apparatus 1200 may also include a storage unit for storing program codes and data of the apparatus 1200.
For example, the processing unit 1201 is configured to control the receiving unit 1202 to perform:
and receiving a connection request from the network equipment, wherein the connection request is used for requesting to create a data channel, and the data channel is used for information interaction between the user equipment and the network equipment, wherein the user equipment is positioned in an extranet, and the network equipment is positioned in an intranet.
The processing unit 1201 is configured to perform:
and creating the data channel according to the connection request.
The processing unit 1201 is configured to control the transmitting unit 1203 to perform:
and sending response information to the network equipment, wherein the response information is used for indicating that the data channel is completely created.
The processing unit 1201 may be a processor or controller, for example, a CPU, general purpose processor, DSP, ASIC, FPGA or other programmable logic device, transistor logic device, hardware component, or any combination thereof. Which may implement or perform the various illustrative logical blocks, modules, and circuits described in connection with the disclosure. The processor may also be a combination of computing functions, e.g., comprising one or more microprocessors, DSPs, and microprocessors, among others. The transmitting unit 1202 and the receiving unit 1203 are, for example, transceivers, and the storage unit may be a memory.
When the processing unit 1201 is a processor, the transmitting unit 1202 and the receiving unit 1203 are communication interfaces, and the storage unit is a memory, the apparatus for managing the intranet network equipment according to the present application may be the apparatus shown in fig. 13.
Referring to fig. 13, the apparatus 1300 includes: a processor 1301, a communication interface 1302, and memory 1303 (optional). The processor 1301, the transceiver 1302 and the memory 1303 may communicate with each other via internal connection paths to transfer control and/or data signals.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the apparatuses and units described above may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
The device 1200 and the device 1300 for managing intranet network equipment provided by the application create a data channel according to the indication of the intranet network equipment, so that the intranet network equipment and the user equipment located in an extranet communicate through the data channel, a corresponding network transmission protocol interface does not need to be developed for each service of the intranet network equipment, and the workload of managing the intranet network equipment is reduced.
The apparatus embodiments and the method embodiments fully correspond, for example, the transmitting unit performs the transmitting step in the method embodiments, the receiving unit performs the receiving step in the method embodiments, and steps other than the transmitting step and the receiving step may be performed by the processing unit or the processor. The functions of the specific elements may be referred to corresponding method embodiments and will not be described in detail.
In the embodiments of the present application, the sequence numbers of the processes do not mean the execution sequence, and the execution sequence of the processes should be determined by the functions and the inherent logic of the processes, and should not limit the implementation processes of the present application.
In addition, the term "and/or" herein is only one kind of association relationship describing an associated object, and means that there may be three kinds of relationships, for example, a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" herein generally indicates that the former and latter related objects are in an "or" relationship.
The steps of a method or algorithm described in connection with the disclosure herein may be embodied in hardware or in software instructions executed by a processor. The software instructions may be comprised of corresponding software modules that may be stored in Random Access Memory (RAM), flash memory, Read Only Memory (ROM), Erasable Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), registers, a hard disk, a removable disk, a compact disc read only memory (CD-ROM), or any other form of storage medium known in the art. An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium. Of course, the storage medium may also be integral to the processor. The processor and the storage medium may reside in an ASIC.
In the above embodiments, the implementation may be wholly or partially realized by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When the computer program instructions are loaded and executed on a computer, the procedures or functions described in accordance with the present application are generated, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored in or transmitted over a computer-readable storage medium. The computer instructions may be transmitted from one website, computer, server, or data center to another website, computer, server, or data center by wire (e.g., coaxial cable, fiber optic, Digital Subscriber Line (DSL)), or wirelessly (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that incorporates one or more of the available media. The usable medium may be a magnetic medium (e.g., floppy disk, hard disk, magnetic tape), an optical medium (e.g., Digital Versatile Disk (DVD), or a semiconductor medium (e.g., Solid State Disk (SSD)), etc.
The above-mentioned embodiments, objects, technical solutions and advantages of the present application are further described in detail, it should be understood that the above-mentioned embodiments are only examples of the present application, and are not intended to limit the scope of the present application, and any modifications, equivalent substitutions, improvements and the like made on the basis of the technical solutions of the present application should be included in the scope of the present application.

Claims (10)

1. A method for managing an intranet network device, comprising:
the method comprises the steps that a cloud coordinator receives first indication information carrying an identifier of network equipment from user equipment, wherein the first indication information is used for indicating the cloud coordinator to establish a data channel for the network equipment and the user equipment, the user equipment is located in an outer network, and the network equipment is located in an inner network;
the cloud coordinator selects the intranet network address and the extranet network address from a network address resource pool according to the first indication information, and records and updates the corresponding relation between the intranet network address and the extranet network address;
the cloud coordinator receives verification information from a server, wherein the verification information is used for verifying the security of the network equipment;
the cloud coordinator sends verification passing information to the server;
the cloud collaborator creates the data channel; and the cloud coordinator sends first feedback information to the user equipment, wherein the first feedback information is used for indicating that the data channel is established completely, and the first feedback information comprises the external network address.
2. The method of claim 1, wherein the cloud coordinator creates the data channel for the network device according to the first indication information, further comprising:
and the cloud coordinator sends third indication information to the network equipment, wherein the third indication information is used for indicating the network equipment to create the data channel.
3. The method of claim 2, further comprising:
and the cloud coordinator records the used information of the intranet network address and the extranet network address.
4. The method according to claim 1 or 2, characterized in that the method further comprises:
the cloud coordinator scans a server, and the server is equipment for bearing the data channel;
when the state of the server is an abnormal state, the cloud coordinator releases network resources; alternatively, the first and second electrodes may be,
and when the state of the server is a normal state, the cloud coordinator does not release the network resources.
5. The method according to any one of claims 1 to 3, further comprising:
the cloud coordinator receives second indication information from the user equipment, wherein the second indication information is used for indicating that the data channel is closed;
the cloud coordinator releases the network resources of the data channel according to the second indication information;
the cloud coordinator sends second feedback information to the user equipment, wherein the second feedback information is used for indicating that the data channel is closed.
6. An apparatus for managing intranet network equipment, which is characterized by comprising a processing unit, a receiving unit and a transmitting unit,
the receiving unit is used for: receiving first indication information carrying an identifier of network equipment from user equipment, wherein the first indication information is used for indicating that the device creates a data channel for the network equipment and the user equipment, the user equipment is located in an outer network, and the network equipment is located in an inner network;
the processing unit is configured to: allocating network resources to the network equipment according to the first indication information, wherein the network resources comprise an internal network address and an external network address required by the creation of the data channel; selecting the intranet network address and the extranet network address from a network address resource pool; recording and updating the corresponding relation between the intranet network address and the extranet network address;
the receiving unit is further configured to: receiving verification information from a server, wherein the verification information is used for verifying the security of the network equipment;
the sending unit is used for: sending verification passing information to the server;
the processing unit is further to: creating the data channel;
the sending unit is further configured to: and sending first feedback information to the user equipment, wherein the first feedback information is used for indicating that the data channel is established, and the first feedback information comprises the external network address.
7. The apparatus of claim 6, wherein the sending unit is further configured to: and sending third indication information to the network equipment, wherein the third indication information is used for indicating the network equipment to create the data channel.
8. The apparatus of claim 7, wherein the processing unit is further configured to:
and recording the used information of the intranet network address and the extranet network address.
9. The apparatus of claim 7 or 8, wherein the processing unit is further configured to:
a scanning server, wherein the server is a device for bearing the data channel;
when the state of the server is an abnormal state, releasing the network resource; alternatively, the first and second electrodes may be,
and when the state of the server is a normal state, not releasing the network resources.
10. The apparatus according to any one of claims 6 to 8,
the receiving unit is further configured to: receiving second indication information from the user equipment, wherein the second indication information is used for indicating that the data channel is closed;
the processing unit is further to: releasing the network resource of the data channel according to the second indication information;
the sending unit is further configured to: sending second feedback information to the user equipment, wherein the second feedback information is used for indicating that the data channel is closed.
CN201811155331.7A 2018-09-30 2018-09-30 Method, device and system for managing intranet network equipment Active CN110971434B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811155331.7A CN110971434B (en) 2018-09-30 2018-09-30 Method, device and system for managing intranet network equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811155331.7A CN110971434B (en) 2018-09-30 2018-09-30 Method, device and system for managing intranet network equipment

Publications (2)

Publication Number Publication Date
CN110971434A CN110971434A (en) 2020-04-07
CN110971434B true CN110971434B (en) 2021-11-09

Family

ID=70028712

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811155331.7A Active CN110971434B (en) 2018-09-30 2018-09-30 Method, device and system for managing intranet network equipment

Country Status (1)

Country Link
CN (1) CN110971434B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112039849B (en) * 2020-08-06 2022-03-29 成都安恒信息技术有限公司 SSH-based dual-network safety synchronization system and method
CN112651522A (en) * 2021-01-13 2021-04-13 广州视源电子科技股份有限公司 Method, system, computer readable storage medium and processor for configuring device
CN115118585A (en) * 2021-03-18 2022-09-27 华为技术有限公司 Service deployment method, device and system
CN116527731B (en) * 2023-02-01 2023-09-26 武汉华瑞测智能技术有限公司 Power plant internal and external network communication method, equipment and medium based on network isolation device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104243210A (en) * 2014-09-17 2014-12-24 湖北盛天网络技术股份有限公司 Method and system for remotely having access to administrative web pages of routers
CN106209801A (en) * 2016-06-28 2016-12-07 广东电网有限责任公司信息中心 Mobile solution platform and inner-external network data safety switching plane integrated system
CN107040777A (en) * 2017-06-08 2017-08-11 深圳市创维软件有限公司 A kind of remote debugging method, set top box and server
CN107528892A (en) * 2017-08-08 2017-12-29 深圳创维数字技术有限公司 A kind of remote debugging method, server end and set top box

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160285794A1 (en) * 2015-03-27 2016-09-29 Syntel, Inc. High efficiency data communication system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104243210A (en) * 2014-09-17 2014-12-24 湖北盛天网络技术股份有限公司 Method and system for remotely having access to administrative web pages of routers
CN106209801A (en) * 2016-06-28 2016-12-07 广东电网有限责任公司信息中心 Mobile solution platform and inner-external network data safety switching plane integrated system
CN107040777A (en) * 2017-06-08 2017-08-11 深圳市创维软件有限公司 A kind of remote debugging method, set top box and server
CN107528892A (en) * 2017-08-08 2017-12-29 深圳创维数字技术有限公司 A kind of remote debugging method, server end and set top box

Also Published As

Publication number Publication date
CN110971434A (en) 2020-04-07

Similar Documents

Publication Publication Date Title
CN110971434B (en) Method, device and system for managing intranet network equipment
US9876756B2 (en) Network access method and device for equipment
WO2019029525A1 (en) Network function information management method and related device
EP2782312A1 (en) Method, device and system for realizing private network traversal
CN112956219A (en) Subnet-based device allocation with geofence authentication
EP3157230A1 (en) Method for acquiring identifier of terminal in network, management network element and storage medium
US11943297B2 (en) Distributed network security system providing isolation of customer data
EP3295652B1 (en) Methods, systems, and apparatuses of service provisioning for resource management in a constrained environment
US20150156079A1 (en) Methods and Apparatus to Dynamically Provide Network Policies
EP2709337B1 (en) Service data processing method, device and system
US20230014351A1 (en) Distribution of stateless security functions
WO2017181626A1 (en) Shared neighborhood network establishing method, use method, and shared neighborhood network system
CN110278558B (en) Message interaction method and WLAN system
CN110784391B (en) Method, device, storage medium and terminal for communication between small base station and gateway
US20150047009A1 (en) Access control method, access control system and access control device
JP2006245894A (en) Transfer path controller and transfer path control program
KR101378313B1 (en) Method, appratus, system and computer-readable recording medium for assisting communication between terminal and local host by using openflow
JP5937563B2 (en) Communication base station and control method thereof
CN105516121B (en) The method and system that AC is communicated with AP in WLAN
JP2010146246A (en) Framework computer program for multi-agent system, network system and inter-agent communication method
CN112994942A (en) SDN control method and device
US10244051B2 (en) Cloud metadata discovery API
WO2024037619A1 (en) Cloud computing technology-based virtual instance creation method and cloud management platform
JP6225283B1 (en) Closed network connection device, program, and method
US20210051076A1 (en) A node, control system, communication control method and program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant