CN111654399B - Networking method, device, equipment and storage medium based on SD-WAN - Google Patents
Networking method, device, equipment and storage medium based on SD-WAN Download PDFInfo
- Publication number
- CN111654399B CN111654399B CN202010511737.5A CN202010511737A CN111654399B CN 111654399 B CN111654399 B CN 111654399B CN 202010511737 A CN202010511737 A CN 202010511737A CN 111654399 B CN111654399 B CN 111654399B
- Authority
- CN
- China
- Prior art keywords
- wan
- terminal equipment
- domain information
- central node
- transmission domain
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000006855 networking Effects 0.000 title claims abstract description 73
- 238000000034 method Methods 0.000 title claims abstract description 46
- 230000005540 biological transmission Effects 0.000 claims abstract description 84
- 238000004590 computer program Methods 0.000 claims description 7
- 238000002955 isolation Methods 0.000 abstract description 5
- 230000008569 process Effects 0.000 description 6
- 230000008901 benefit Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 238000012800 visualization Methods 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4633—Interconnection of networks using encapsulation techniques, e.g. tunneling
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0893—Assignment of logical groups to network elements
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a networking method, a networking device, networking equipment and a storage medium based on an SD-WAN (secure digital-wide area network), wherein the method comprises the following steps: determining local terminal equipment and opposite terminal equipment which need to be networked in the SD-WAN; respectively acquiring the transmission domain information of each WAN port of the local terminal equipment and the transmission domain information of each WAN port of the opposite terminal equipment; the transmission domain information is used for representing the service requirement of a WAN port; judging whether the local terminal equipment and the opposite terminal equipment have the same transmission domain information; if the transmission domain information is the same, a tunnel is established between the WAN ports with the same transmission domain information in the local terminal equipment and the opposite terminal equipment; the invention can realize flexible networking and configure the special service to the appointed tunnel, thereby realizing the logical isolation of the service.
Description
Technical Field
The invention relates to the technical field of internet, in particular to a networking method, a networking device, networking equipment and a storage medium based on an SD-WAN (secure digital-Wide area network).
Background
SD-WAN, a software-defined wide area network, is a service formed by applying SDN technology to a wide area network scenario, and is used to connect enterprise networks, data centers, internet applications, and cloud services in a wide geographic range. In the prior art, when a terminal device needs to join an SD-WAN network, networking configuration needs to be performed between the terminal device and other devices in the SD-WAN network so that the terminal device can join the SD-WAN network; traditional networking is realized by randomly assembling tunnels between WAN (Wide Area Network) ports of two devices, and if a certain service needs to be independently ensured to occupy a specified tunnel or is completed in a specified operator, a large number of service strategies need to be configured for realization, and when the demands are more, relatively large pressure is generated on maintenance of the strategies in the later period.
Disclosure of Invention
The invention aims to provide a networking method, a networking device, networking equipment and a storage medium based on an SD-WAN (secure digital-Wide area network), which can realize flexible networking and configure special services to a specified tunnel so as to realize the logical isolation of the services.
According to one aspect of the invention, a SD-WAN-based networking method is provided, which is applied to a controller of a SD-WAN, and comprises:
determining local terminal equipment and opposite terminal equipment which need to be networked in the SD-WAN;
respectively acquiring the transmission domain information of each WAN port of the local terminal equipment and the transmission domain information of each WAN port of the opposite terminal equipment; the transmission domain information is used for representing the service requirement of a WAN port;
judging whether the local terminal equipment and the opposite terminal equipment have the same transmission domain information;
if the transmission domain information is the same, a tunnel is established between the WAN ports with the same transmission domain information in the local terminal equipment and the opposite terminal equipment.
Optionally, before determining the local device and the peer device that need to be networked in the SD-WAN, the method further includes:
and when detecting that new equipment is added into the SD-WAN, configuring corresponding transmission domain information for each WAN port of the new equipment according to the service requirements of each WAN port of the new equipment.
Optionally, the determining the home terminal device and the peer terminal device that need to be networked in the SD-WAN specifically includes:
when the local terminal equipment is a central node of the SD-WAN, determining other central nodes in the SD-WAN as the opposite terminal equipment;
and when the local terminal equipment is a branch node of the SD-WAN, determining the opposite terminal equipment from all central nodes and other branch nodes of the SD-WAN according to the networking relationship including the branch node.
Optionally, the method further includes:
judging whether WAN port information of the networked target equipment changes or not;
and if so, sending the WAN port information after the target equipment is changed to other equipment which is networked with the target equipment.
Optionally, the method further includes:
creating a central node group, and adding at least two central nodes in the SD-WAN into the central node group;
setting priorities from 0 to N for each central node in the central node group respectively; when the priority is 0, representing that the central node does not participate in networking;
for a branch node of the SD-WAN, a tunnel is established between the branch node and each non-0 priority central node in the central node group.
Optionally, the method further includes:
when the priority of one central node in the central node group is changed from 0 to non-0, a tunnel is established between the branch node and the central node;
and when the priority of one central node in the central node group is changed from 0 to 0, deleting the tunnel between the branch node and the central node.
In order to achieve the above object, the present invention further provides a SD-WAN-based networking device, applied to a controller of a SD-WAN, the device including:
the determining module is used for determining local terminal equipment and opposite terminal equipment which need to be networked in the SD-WAN;
an obtaining module, configured to obtain transmission domain information of each WAN port of the local device and transmission domain information of each WAN port of the opposite device respectively; the transmission domain information is used for representing the service requirement of a WAN port;
the judging module is used for judging whether the local terminal equipment and the opposite terminal equipment have the same transmission domain information;
and the networking module is used for establishing a tunnel between the WAN ports with the same transmission domain information in the local terminal equipment and the opposite terminal equipment if the WAN ports have the same transmission domain information.
Optionally, the apparatus further comprises:
and the configuration module is used for configuring corresponding transmission domain information for each WAN port of the new equipment according to the service requirement of each WAN port of the new equipment when the new equipment is detected to be added into the SD-WAN.
In order to achieve the above object, the present invention further provides a computer device, which specifically includes: a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the steps of the SD-WAN based networking method introduced above when executing the computer program.
In order to achieve the above object, the present invention also provides a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the SD-WAN based networking method introduced above.
According to the networking method, the networking device, the networking equipment and the storage medium based on the SD-WAN, different transmission domain information is configured for each WAN port of the equipment, and a tunnel is established between the WAN ports with the same transmission domain information between the two end equipment, so that the visualization of the tunnel between the two end equipment is realized; the specific use of a certain tunnel can be well distinguished through the transmission domain information, and a special service can be scheduled to the tunnel related to the appointed transmission domain information, so that the logical isolation of the service is realized, and the safety of the service is ensured.
Drawings
Various additional advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
fig. 1 is an alternative flowchart of the SD-WAN-based networking method according to an embodiment;
fig. 2 is a schematic diagram of an alternative configuration of the SD-WAN based networking device according to the second embodiment;
fig. 3 is a schematic diagram of an alternative hardware architecture of the computer device according to the third embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and do not limit the invention. All other embodiments, which can be obtained by a person skilled in the art without making any creative effort based on the embodiments in the present invention, belong to the protection scope of the present invention.
Example one
The embodiment of the invention provides a networking method based on an SD-WAN (secure digital-to-Wide area network), which is applied to a controller of the SD-WAN, and as shown in figure 1, the method specifically comprises the following steps:
step S101: and determining the local terminal equipment and the opposite terminal equipment which need to be networked in the SD-WAN.
The home terminal equipment is newly added to the SD-WAN network, or the home terminal equipment is equipment which needs to be subjected to networking configuration again in the SD-WAN network;
it should be noted that when a certain device is added to the SD-WAN network, networking configuration needs to be performed between the device and other devices in the SD-WAN network; when the device role or service requirement of a certain device in the SD-WAN network changes, the device needs to be subjected to networking configuration again; wherein, the device role includes: a central node and a branch node.
Specifically, step S101 includes:
when the local terminal equipment is a central node of the SD-WAN, determining other central nodes in the SD-WAN as the opposite terminal equipment;
and when the local terminal equipment is a branch node of the SD-WAN, determining the opposite terminal equipment from all central nodes and other branch nodes of the SD-WAN according to the networking relationship including the branch node.
In this embodiment, one central node in the SD-WAN network needs to be networked with other central nodes in the SD-WAN network; in addition, the networking relationship is information set by a user in advance according to network planning, and the networking relationship comprises an initial branch node, a termination branch node and a central node passing from the initial branch node to the termination branch node.
Step S102: respectively acquiring the transmission domain information of each WAN port of the local terminal equipment and the transmission domain information of each WAN port of the opposite terminal equipment; the transmission domain information is used for representing the service requirement of the WAN port.
Specifically, before step S102, the method further includes:
and when detecting that new equipment is added into the SD-WAN, configuring corresponding transmission domain information for each WAN port of the new equipment according to the service requirement of each WAN port of the new equipment.
Further, the transmission domain information includes: service type information, service security level information and service operator information;
configuring corresponding transmission domain information for each WAN port of the new device according to the service requirements of each WAN port of the new device, specifically comprising:
aiming at the new equipment, when the service requirement of one WAN port is to transmit the service of the specified type through the WAN port, configuring service type information corresponding to the service of the specified type for the WAN port;
when the service requirement of a WAN port is that a service with a specified security level is transmitted through the WAN port, configuring service security level information corresponding to the specified security level for the WAN port;
when the service requirement of a WAN port is that the WAN port transmits under a specified operator, configuring service operator information corresponding to the specified operator for the WAN port.
In this embodiment, the traffic demand of each WAN port is differentiated by the transmission domain information, so as to visualize the traffic demand of each WAN port.
Step S103: and judging whether the local terminal equipment and the opposite terminal equipment have the same transmission domain information.
Step S104: if the transmission domain information is the same, a tunnel is established between the WAN ports with the same transmission domain information in the local terminal equipment and the opposite terminal equipment.
In this embodiment, a certain type of service may be transmitted in a specified tunnel through transmitting domain information, or a service with a higher security level requirement may be transmitted in a specified tunnel, so as to ensure security of service transmission, and also ensure that a certain service is completed in a specified operator. In the embodiment, different transmission domain information is configured for each WAN port of the device, and a tunnel is established between the WAN ports of the devices at the two ends according to the transmission domain information, so that the tunnel between the devices at the two ends is visualized; the specific use of a certain tunnel can be well distinguished through the transmission domain information, and a special service can be dispatched to the tunnel related to the appointed transmission domain information, so that the logical isolation of the service is realized, and the safety of the service is guaranteed.
It should be noted that, in practical applications, if there is no special requirement for the networking configuration of the two end devices, all WAN ports of the two end devices may be configured with the same transmission domain information, so that a tunnel may be established between WAN ports of the two end devices according to the existing networking manner.
Specifically, the method further comprises:
judging whether WAN port information of the networked target equipment changes or not;
and if so, sending the WAN port information after the target equipment is changed to other equipment which is networked with the target equipment.
Furthermore, the method further comprises:
detecting networking relations formed by the networked devices;
when detecting that a new device is added to the networking relationship, establishing a tunnel between the device and each WAN port of other devices in the networking relationship according to the modes from the step S101 to the step S104;
and when detecting that the equipment is deleted from the networking relationship, deleting the tunnel between the equipment and other equipment in the networking relationship.
Further, the method further comprises:
step A1: creating a central node group, and adding at least two central nodes in the SD-WAN into the central node group;
step A2: setting priorities from 0 to N for each central node in the central node group respectively; when the priority is 0, the representation center node does not participate in networking;
step A3: for a branch node of the SD-WAN, a tunnel is established between the branch node and each non-0 priority central node in the central node group.
In the embodiment, a plurality of usable central nodes are uniformly put into one central node group for management and use, so that the branch nodes can be directly connected with the central node group without independently selecting the central node to be connected. In addition, in this embodiment, corresponding priority information is set for each central node in the central node group: 0 to N, and N is a positive integer greater than 2. When the priority of one central node is 0, the central node does not participate in networking; the priorities 1 to N represent that if the branch nodes can reach through a plurality of central nodes, the service paths of the branch nodes after accessing the central nodes are determined by the priorities; the branch node preferentially uses the central node with the maximum priority level to carry out service transmission, and when the central node with the maximum priority level cannot work, the service transmission can be automatically switched to the central node with the second priority level, and so on.
Still further, the method further comprises:
when the priority of one central node in the central node group is changed from 0 to non-0, a tunnel is established between the branch node and the central node;
and when the priority of one central node in the central node group is changed from non-0 to 0, deleting the tunnel between the branch node and the central node.
In this embodiment, if it is desired to remove the networking between a certain central node and a branch node in the central node group, the priority of the central node may be modified to 0, and therefore, the central node may delete the networking between the central node and all branch nodes; if a certain central node in the central node group is wanted to participate in networking, the priority of the central node is modified to be not 0. Therefore, when the priorities of the central nodes in the central node group change, the corresponding adjustment of the tunnel is caused; if the priority of one central node in the central node group is adjusted from 0 to non-0, adding tunnels between the central node and each branch node which refers to the central node group; if the priority of a central node in the central node group is adjusted from 0 to 0, the tunnel between the central node and each branch node referring to the central node group is deleted.
Example two
The embodiment of the invention provides a networking device based on an SD-WAN (secure digital-to-WAN), which is applied to a controller of the SD-WAN, and as shown in figure 2, the networking device specifically comprises the following components:
1) A determining module 201, configured to determine a local device and an opposite device that need to be networked in the SD-WAN.
Specifically, the local device is a device newly added to the SD-WAN network, or the local device is a device in the SD-WAN network that needs to be configured again;
it should be noted that when a certain device is added to the SD-WAN network, networking configuration needs to be performed between the device and other devices in the SD-WAN network; when the role of a certain device in the SD-WAN network or the service requirement changes, the device needs to be configured again in a networking way; wherein, the device role includes: a central node and a branch node.
Further, the determining module 201 is specifically configured to:
when the local terminal equipment is a central node of the SD-WAN, determining other central nodes in the SD-WAN as the opposite terminal equipment;
and when the local terminal equipment is a branch node of the SD-WAN, determining the opposite terminal equipment from all central nodes and other branch nodes of the SD-WAN according to the networking relationship including the branch node.
In this embodiment, one central node in the SD-WAN network needs to be networked with other central nodes in the SD-WAN network; in addition, the networking relationship is information set by a user in advance according to network planning, and the networking relationship comprises an initial branch node, a termination branch node and a central node of a path from the initial branch node to the termination branch node.
2) An obtaining module 202, configured to obtain transmission domain information of each WAN port of the local device and transmission domain information of each WAN port of the opposite device respectively; the transmission domain information is used for representing the service requirement of the WAN port.
Specifically, the apparatus further comprises:
and the configuration module is used for configuring corresponding transmission domain information for each WAN port of the new equipment according to the service requirements of each WAN port of the new equipment when the new equipment is detected to be added into the SD-WAN.
Further, the transmission domain information includes: service type information, service security level information and service operator information;
wherein the configuration module is specifically configured to:
aiming at the new equipment, when the service requirement of one WAN port is to transmit the service of the specified type through the WAN port, configuring service type information corresponding to the service of the specified type for the WAN port;
when the service requirement of a WAN port is that a service with a specified security level is transmitted through the WAN port, configuring service security level information corresponding to the specified security level for the WAN port;
when the service requirement of a WAN port is that the WAN port transmits under a specified operator, configuring service operator information corresponding to the specified operator for the WAN port.
In this embodiment, the traffic demand of each WAN port is differentiated by the transmission domain information, so as to visualize the traffic demand of each WAN port.
3) The determining module 203 is configured to determine whether the local device and the peer device have the same transmission domain information.
4) The networking module 204 is configured to establish a tunnel between the WAN ports having the same transmission domain information in the local end device and the opposite end device if the WAN ports have the same transmission domain information.
In this embodiment, a certain type of service may be transmitted in a specified tunnel through transmitting domain information, or a service with a higher security level requirement may be transmitted in a specified tunnel, so as to ensure security of service transmission, and also ensure that a certain service is completed in a specified operator. In this embodiment, a tunnel is established between WAN ports of two end devices according to transmission domain information by configuring different transmission domain information for the WAN ports of the devices, so as to realize visualization of the tunnel between the two end devices; the specific use of a certain tunnel can be well distinguished through the transmission domain information, and a special service can be dispatched to the tunnel related to the appointed transmission domain information, so that the logical isolation of the service is realized, and the safety of the service is guaranteed.
Further, the apparatus further comprises:
the synchronization module is used for judging whether WAN port information of the networked target equipment changes or not; and if so, sending the WAN port information after the target equipment is changed to other equipment which is networked with the target equipment.
Further, the apparatus further comprises:
the central module is used for creating a central node group and adding at least two central nodes in the SD-WAN into the central node group; setting priorities from 0 to N for each central node in the central node group respectively; when the priority is 0, representing that the central node does not participate in networking; for a branch node of the SD-WAN, a tunnel is established between the branch node and each non-0-priority central node in the set of central nodes.
In this embodiment, a plurality of available central nodes are put into one central node group to be managed and used, so that the branch nodes can be directly connected with the central node group without individually selecting the central node to be connected. In addition, in this embodiment, corresponding priority information is set for each central node in the central node group: 0 to N, and N is a positive integer greater than 2. When the priority of one central node is 0, the central node does not participate in networking; the priorities 1 to N represent that if the branch nodes can reach through a plurality of central nodes, the service paths of the branch nodes after accessing the central nodes are determined by the priorities; the branch nodes preferentially use the central node with the maximum priority level to carry out service transmission, and when the central node with the maximum priority level cannot work, the service transmission can be automatically switched to the central node with the second priority level, and so on.
Still further, the apparatus further comprises:
an updating module, configured to establish a tunnel between the branch node and the central node when the priority of one central node in the central node group is changed from 0 to non-0; and when the priority of one central node in the central node group is changed from 0 to 0, deleting the tunnel between the branch node and the central node.
In this embodiment, if it is desired to remove the networking between a central node and a branch node in the central node group, the priority of the central node may be modified to 0, and therefore, the central node may delete the networking between the central node and all the branch nodes; if a certain central node in the central node group is required to participate in networking, the priority of the central node is modified to be not 0. Therefore, when the priority of the central node in the central node group changes, the corresponding adjustment of the tunnel is caused; if the priority of one central node in the central node group is adjusted from 0 to non-0, adding tunnels between the central node and each branch node which refers to the central node group; if the priority of one central node in the central node group is adjusted from 0 to 0, the tunnel between the central node and each branch node referring to the central node group is deleted.
EXAMPLE III
The present embodiment also provides a computer device, such as a smart phone, a tablet computer, a notebook computer, a desktop computer, a rack server, a blade server, a tower server or a rack server (including an independent server or a server cluster composed of multiple servers) capable of executing a program, and the like. As shown in fig. 3, the computer device 30 of the present embodiment includes at least but is not limited to: a memory 301, a processor 302 communicatively coupled to each other via a system bus. It is noted that fig. 3 only shows a computer device 30 with components 301-302, but it is to be understood that not all shown components are required to be implemented, and that more or fewer components may be implemented instead.
In this embodiment, the memory 301 (i.e., the readable storage medium) includes a flash memory, a hard disk, a multimedia card, a card-type memory (e.g., SD or DX memory, etc.), a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a read-only memory (ROM), an electrically erasable programmable read-only memory (EEPROM), a programmable read-only memory (PROM), a magnetic memory, a magnetic disk, an optical disk, and the like. In some embodiments, the storage 301 may be an internal storage unit of the computer device 30, such as a hard disk or a memory of the computer device 30. In other embodiments, the memory 301 may also be an external storage device of the computer device 30, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), or the like, provided on the computer device 30. Of course, the memory 301 may also include both internal and external storage devices for the computer device 30. In the present embodiment, the memory 301 is generally used for storing an operating system and various types of application software installed in the computer device 30. In addition, the memory 301 may also be used to temporarily store various types of data that have been output or are to be output.
Processor 302 may be a Central Processing Unit (CPU), controller, microcontroller, microprocessor, or other data Processing chip in some embodiments. The processor 302 generally functions to control the overall operation of the computer device 30.
Specifically, in this embodiment, the processor 302 is configured to execute a program of the SD-WAN based networking method stored in the processor 302, and when executed, the program of the SD-WAN based networking method implements the following steps:
determining local terminal equipment and opposite terminal equipment which need to be networked in the SD-WAN;
respectively acquiring the transmission domain information of each WAN port of the local terminal equipment and the transmission domain information of each WAN port of the opposite terminal equipment; the transmission domain information is used for representing the service requirement of a WAN port;
judging whether the local terminal equipment and the opposite terminal equipment have the same transmission domain information;
if the transmission domain information is the same, a tunnel is established between the WAN ports with the same transmission domain information in the local terminal equipment and the opposite terminal equipment.
The specific embodiment process of the above method steps can refer to the first embodiment, and details are not repeated here.
Example four
The present embodiments also provide a computer readable storage medium, such as a flash memory, a hard disk, a multimedia card, a card type memory (e.g., SD or DX memory, etc.), a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a read-only memory (ROM), an electrically erasable programmable read-only memory (EEPROM), a programmable read-only memory (PROM), a magnetic memory, a magnetic disk, an optical disk, a server, an App, etc., having stored thereon a computer program that when executed by a processor implements the method steps of:
determining local terminal equipment and opposite terminal equipment which need to be networked in the SD-WAN;
respectively acquiring transmission domain information of each WAN port of the local terminal equipment and transmission domain information of each WAN port of the opposite terminal equipment; the transmission domain information is used for representing the service requirement of a WAN port;
judging whether the local terminal equipment and the opposite terminal equipment have the same transmission domain information;
if the transmission domain information is the same, a tunnel is established between the local terminal equipment and the WAN ports with the same transmission domain information in the opposite terminal equipment.
The specific embodiment process of the above method steps can be referred to in the first embodiment, and the detailed description of this embodiment is not repeated here.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising a component of' 8230; \8230;" does not exclude the presence of another like element in a process, method, article, or apparatus that comprises the element.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
Through the description of the foregoing embodiments, it is clear to those skilled in the art that the method of the foregoing embodiments may be implemented by software plus a necessary general hardware platform, and certainly may also be implemented by hardware, but in many cases, the former is a better implementation.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the scope of the present invention, and all equivalent structures or equivalent processes performed by the present invention or directly or indirectly applied to other related technical fields are also included in the scope of the present invention.
Claims (10)
1. An SD-WAN-based networking method, applied to a controller of an SD-WAN, comprises the following steps:
determining local terminal equipment and opposite terminal equipment which need to be networked in the SD-WAN;
respectively acquiring the transmission domain information of each WAN port of the local terminal equipment and the transmission domain information of each WAN port of the opposite terminal equipment; the transmission domain information is used for representing the service requirement of a WAN port;
judging whether the local terminal equipment and the opposite terminal equipment have the same transmission domain information;
if the transmission domain information is the same, a tunnel is established between the local terminal equipment and the WAN ports with the same transmission domain information in the opposite terminal equipment.
2. The SD-WAN-based networking method according to claim 1, wherein before the determining a local device and an opposite device that need to be networked in the SD-WAN, the method further comprises:
and when detecting that new equipment is added into the SD-WAN, configuring corresponding transmission domain information for each WAN port of the new equipment according to the service requirement of each WAN port of the new equipment.
3. The SD-WAN-based networking method according to claim 1, wherein the determining a home terminal device and an opposite terminal device that need to be networked in the SD-WAN specifically includes:
when the local terminal equipment is a central node of the SD-WAN, determining other central nodes in the SD-WAN as the opposite terminal equipment;
when the local terminal equipment is a branch node of the SD-WAN, determining the opposite terminal equipment from all central nodes and other branch nodes of the SD-WAN according to the networking relationship including the branch node; the networking relation comprises an initial branch node, a termination branch node and a central node of a path from the initial branch node to the termination branch node.
4. The SD-WAN based networking method of claim 1, further comprising:
judging whether WAN port information of the networked target equipment changes or not;
and if so, sending the WAN port information after the target equipment is changed to other equipment which is networked with the target equipment.
5. The SD-WAN based networking method of claim 1, further comprising:
creating a central node group, and adding at least two central nodes in the SD-WAN into the central node group;
setting priorities from 0 to N for each central node in the central node group respectively; when the priority is 0, representing that the central node does not participate in networking;
for a branch node of the SD-WAN, a tunnel is established between the branch node and each non-0 priority central node in the central node group.
6. The SD-WAN based networking method of claim 5, further comprising:
when the priority of one central node in the central node group is changed from 0 to non-0, a tunnel is established between the branch node and the central node;
and when the priority of one central node in the central node group is changed from non-0 to 0, deleting the tunnel between the branch node and the central node.
7. An SD-WAN-based networking device, applied to a controller of an SD-WAN, the device comprising:
the determining module is used for determining local terminal equipment and opposite terminal equipment which need to be networked in the SD-WAN;
an obtaining module, configured to obtain transmission domain information of each WAN port of the local device and transmission domain information of each WAN port of the opposite device, respectively; the transmission domain information is used for representing the service requirement of a WAN port;
the judging module is used for judging whether the local terminal equipment and the opposite terminal equipment have the same transmission domain information;
and the networking module is used for establishing a tunnel between the WAN ports with the same transmission domain information in the local terminal equipment and the opposite terminal equipment if the WAN ports have the same transmission domain information.
8. The SD-WAN based networking device of claim 7, wherein the device further comprises:
and the configuration module is used for configuring corresponding transmission domain information for each WAN port of the new equipment according to the service requirements of each WAN port of the new equipment when the new equipment is detected to be added into the SD-WAN.
9. A computer device, the computer device comprising: memory, processor and computer program stored on the memory and executable on the processor, characterized in that the processor realizes the steps of the method of any of claims 1 to 6 when executing the computer program.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method of any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010511737.5A CN111654399B (en) | 2020-06-08 | 2020-06-08 | Networking method, device, equipment and storage medium based on SD-WAN |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010511737.5A CN111654399B (en) | 2020-06-08 | 2020-06-08 | Networking method, device, equipment and storage medium based on SD-WAN |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111654399A CN111654399A (en) | 2020-09-11 |
| CN111654399B true CN111654399B (en) | 2022-10-18 |
Family
ID=72349048
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010511737.5A Active CN111654399B (en) | 2020-06-08 | 2020-06-08 | Networking method, device, equipment and storage medium based on SD-WAN |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111654399B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113518104B (en) * | 2021-03-11 | 2024-02-27 | 网宿科技股份有限公司 | Data message processing method, transfer equipment and system |
| CN113572642B (en) * | 2021-07-23 | 2024-05-10 | 奇安信科技集团股份有限公司 | Networking method, device and system |
| CN113630276B (en) * | 2021-08-16 | 2024-04-09 | 迈普通信技术股份有限公司 | Main-standby switching control method and device and DVPN network system |
| CN115834274B (en) * | 2023-02-14 | 2023-04-18 | 广东奥飞数据科技股份有限公司 | SD-WAN (secure digital-wide area network) rapid networking method |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102938741A (en) * | 2012-10-30 | 2013-02-20 | 汉柏科技有限公司 | Method and system for controlling internet protocol security (IPSEC) load sharing |
| CN104301230A (en) * | 2014-10-10 | 2015-01-21 | 杭州华三通信技术有限公司 | Message forwarding method and device |
| CN108011907A (en) * | 2016-10-31 | 2018-05-08 | 华为技术有限公司 | The resource allocation methods and device of adapted telecommunication net |
| CN108989210A (en) * | 2017-06-02 | 2018-12-11 | 中兴通讯股份有限公司 | A kind of tunnel selecting method and software defined network controller based on strategy |
| CN110290093A (en) * | 2018-03-19 | 2019-09-27 | 杭州达乎科技有限公司 | The SD-WAN network architecture and network-building method, message forwarding method |
| WO2020081947A1 (en) * | 2018-10-19 | 2020-04-23 | Futurewei Technologies, Inc. | Secure sd-wan port information distribution |
-
2020
- 2020-06-08 CN CN202010511737.5A patent/CN111654399B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102938741A (en) * | 2012-10-30 | 2013-02-20 | 汉柏科技有限公司 | Method and system for controlling internet protocol security (IPSEC) load sharing |
| CN104301230A (en) * | 2014-10-10 | 2015-01-21 | 杭州华三通信技术有限公司 | Message forwarding method and device |
| CN108011907A (en) * | 2016-10-31 | 2018-05-08 | 华为技术有限公司 | The resource allocation methods and device of adapted telecommunication net |
| CN108989210A (en) * | 2017-06-02 | 2018-12-11 | 中兴通讯股份有限公司 | A kind of tunnel selecting method and software defined network controller based on strategy |
| CN110290093A (en) * | 2018-03-19 | 2019-09-27 | 杭州达乎科技有限公司 | The SD-WAN network architecture and network-building method, message forwarding method |
| WO2020081947A1 (en) * | 2018-10-19 | 2020-04-23 | Futurewei Technologies, Inc. | Secure sd-wan port information distribution |
Non-Patent Citations (2)
| Title |
|---|
| "一种面向融合SD-WAN广域网接入设计及其加速技术研究";夏国鹏;《中国优秀博硕士学位论文全文数据库(硕士)信息科技辑》;20200515;全文 * |
| Rubén E. Mora-Huiracocha ; Pablo L. Gallegos-Segovia ; Paúl E. Vin."Implementation of a SD-WAN for the interconnection of two software defined data centers".《 2019 IEEE Colombian Conference on Communications and Computing (COLCOM)》.2019, * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111654399A (en) | 2020-09-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111654399B (en) | Networking method, device, equipment and storage medium based on SD-WAN | |
| CN107360248B (en) | Method and apparatus for configuring local consensus and computer-readable storage medium | |
| CN108305072B (en) | Method, apparatus, and computer storage medium for deploying a blockchain network | |
| CN108769258B (en) | Method and apparatus for hosting blockchain network to blockchain application platform | |
| CN111163130A (en) | Network service system and data transmission method thereof | |
| CN105490843A (en) | Information processing method and system | |
| CN109885612B (en) | Synchronous validation method and device for intelligent contracts of block chains | |
| CN109039764B (en) | Network parameter configuration method of distributed storage system | |
| CN110855746A (en) | Middleware management method, electronic device and storage medium | |
| CN111262724B (en) | Method and device for confirming trust relationship between domains | |
| CN104468594A (en) | Data request method, device and system | |
| CN105335239B (en) | A kind of multi-domain communication method and terminal | |
| CN110620706A (en) | Processing method and equipment | |
| CN112804099A (en) | Parameter batch configuration method and device, computer equipment and readable storage medium | |
| CN112600744A (en) | Authority control method and device, storage medium and electronic device | |
| CN111131324A (en) | Login method and device of business system, storage medium and electronic device | |
| CN111182536A (en) | SIM card state detection method, device, network equipment and storage medium | |
| CN114567678B (en) | Resource calling method and device for cloud security service and electronic equipment | |
| CN115604103A (en) | Configuration method and device of cloud computing system, storage medium and electronic equipment | |
| CN106559439B (en) | A kind of method for processing business and equipment | |
| CN113504981A (en) | Task scheduling method and device, storage medium and electronic equipment | |
| CN114640684A (en) | Organization member extension method, processor and storage medium for federation chain | |
| US20170093610A1 (en) | Proactive M2M Framework Using Device-Level vCard for Inventory, Identity, and Network Management | |
| CN110971716B (en) | Address configuration method, device, system and computer readable storage medium | |
| CN115550764A (en) | Network element configuration method, system, equipment and medium based on automatic opening system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: Room 332, 3 / F, Building 102, 28 xinjiekouwei street, Xicheng District, Beijing 100088 Applicant after: QAX Technology Group Inc. Applicant after: Qianxin Wangshen information technology (Beijing) Co.,Ltd. Address before: Room 332, 3 / F, Building 102, 28 xinjiekouwei street, Xicheng District, Beijing 100088 Applicant before: QAX Technology Group Inc. Applicant before: LEGENDSEC INFORMATION TECHNOLOGY (BEIJING) Inc. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |