CN112564946B - SDN-based application program terminal group communication method and device - Google Patents
SDN-based application program terminal group communication method and device Download PDFInfo
- Publication number
- CN112564946B CN112564946B CN202011322194.9A CN202011322194A CN112564946B CN 112564946 B CN112564946 B CN 112564946B CN 202011322194 A CN202011322194 A CN 202011322194A CN 112564946 B CN112564946 B CN 112564946B
- Authority
- CN
- China
- Prior art keywords
- terminal group
- application program
- terminal
- forwarding
- communication contract
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000004891 communication Methods 0.000 title claims abstract description 123
- 238000000034 method Methods 0.000 title claims abstract description 33
- 230000009471 action Effects 0.000 claims description 9
- 238000012423 maintenance Methods 0.000 abstract description 3
- 230000000875 corresponding effect Effects 0.000 description 21
- 238000010586 diagram Methods 0.000 description 6
- 230000008569 process Effects 0.000 description 6
- 230000008859 change Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 230000009286 beneficial effect Effects 0.000 description 3
- 238000010276 construction Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000013507 mapping Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000006855 networking Effects 0.000 description 2
- 230000000007 visual effect Effects 0.000 description 2
- 101100057159 Caenorhabditis elegans atg-13 gene Proteins 0.000 description 1
- 102100030281 Ectopic P granules protein 5 homolog Human genes 0.000 description 1
- 101000938359 Homo sapiens Ectopic P granules protein 5 homolog Proteins 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000001276 controlling effect Effects 0.000 description 1
- 230000002596 correlated effect Effects 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/04—Network management architectures or arrangements
Abstract
The application discloses an SDN-based application program terminal group communication method and device, which are used for solving the problems of low communication efficiency, complex maintenance and inconvenience in operation of a terminal group. The method comprises the following steps: the SDN controller constructs a plurality of terminal groups; each terminal group comprises a plurality of application program terminal nodes respectively, and each application program terminal node in the same terminal group has the same attribute; constructing a communication contract rule, and configuring the application program terminal nodes in the corresponding terminal groups according to the communication contract rule; and judging whether the data packet received by the application program terminal node accords with the configured communication contract rule or not, and forwarding the data.
Description
Technical Field
The present application relates to the field of terminal group communication, and in particular, to a method and an apparatus for communication in an application terminal group based on an SDN.
Background
The network service includes a plurality of application terminal nodes for executing different network services. E.g., an IP address providing a web portal of the network, etc.
In a conventional Network environment, in order to use services provided by a group of application terminal nodes having the same characteristics, the services are generally implemented by manually configuring each application terminal node by dividing a Virtual Local Area Network (vlan), setting a route, and the like.
However, this method not only consumes manpower and material resources and has low efficiency, but also generates a large number of service groups and complex communication rules, which makes maintenance complex and operation inconvenient.
Disclosure of Invention
The embodiment of the application program terminal group communication method and device based on the SDN is used for solving the problems of low communication efficiency, complex maintenance and inconvenience in operation of the terminal group.
An application program terminal group communication method based on an SDN includes:
the SDN controller constructs a plurality of terminal groups; each terminal group comprises a plurality of application program terminal nodes respectively, and the application program terminal nodes in the same terminal group have the same attribute;
constructing a communication contract rule, and configuring the application program terminal nodes in the corresponding terminal groups according to the communication contract rule;
and judging whether the data packet received by the application program terminal node conforms to the configured communication contract rule or not, and forwarding the data.
In one example, a communication contract rule is constructed, comprising: and constructing a communication contract rule according to at least any one of a network protocol, an execution action and a forwarding direction.
In one example, configuring the application terminal nodes in the corresponding terminal group according to the communication contract rule comprises: determining a source terminal group and a corresponding destination terminal group; applying the communication contract rule between the source terminal group and the destination terminal group.
In one example, applying the communication contract rule between the source terminal group and the destination terminal group includes: respectively correlating all application program terminal nodes in the source terminal group with all application program terminal nodes in the destination terminal group; and determining a forwarding strategy consisting of the application program terminal node in the source terminal group, the application program terminal node in the destination terminal group and the communication contract rule.
In one example, before determining whether the data packet received by the application terminal node conforms to the configured communication contract rule, the method further comprises: and identifying and determining that the application terminal node belongs to any constructed terminal group.
In one example, determining whether a data packet received by an application end node complies with a configured communication contract rule comprises: determining whether the format of the data packet is matched with a forwarding strategy configured by an application program terminal node; if the matching is successful, allowing forwarding; if not, rejecting forwarding.
In one example, determining whether a data packet received by an application end node complies with a configured communication contract rule comprises: determining whether the forwarding information of the data packet is matched with a forwarding strategy configured by an application program terminal node; if the matching is successful, allowing forwarding; if not, rejecting forwarding.
In one example, the forwarding information is five-tuple information; the method further comprises the following steps: constructing an access control list according to the forwarding strategy; determining whether the five tuple information matches the access control list.
In one example, the method further comprises: and based on the operation of the user, adding and deleting the application program terminal nodes in the terminal group.
An application terminal group communication device based on an SDN provided in an embodiment of the present application includes:
the SDN controller constructs a plurality of terminal groups; each terminal group comprises a plurality of application program terminal nodes respectively, and each application program terminal node in the same terminal group has the same attribute;
the configuration module is used for constructing a communication contract rule and configuring the application program terminal nodes in the corresponding terminal group according to the communication contract rule;
and the judging and forwarding module is used for judging whether the data packet received by the application program terminal node accords with the configured communication contract rule or not and forwarding the data.
The embodiment of the application provides SDN-based application program terminal group communication and a device, and the method at least has the following beneficial effects:
based on SDN technology, network resources are uniformly configured and managed through a controller, and information of terminal nodes of various application programs can be conveniently and rapidly obtained, so that grouping operation is simpler and more flexible, and errors are not easy to occur.
The communication contract rules are flexible to make and can be freely changed. After the communication contract rule is configured to the terminal group, the rule can take effect to control the subsequent flow forwarding. Therefore, the forwarding strategy is decoupled from the specific forwarding process, and the terminal node can automatically execute the changed forwarding action without reconfiguration according to the change of the communication contract rule only by modifying the content in the communication contract rule, so that the actual forwarding action is not influenced by the strategy change, and the method is convenient and quick.
And the terminal nodes in the appointed terminal group can only control and forward the flow according to the content of the communication contract rule, and the terminal nodes of the unspecified application program have no right to use and access, thereby being beneficial to improving the communication safety.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:
fig. 1 is a flowchart of a communication method of a SDN-based application terminal group according to an embodiment of the present application;
fig. 2 is a schematic diagram of mapping between terminal nodes and terminal groups of an application program according to an embodiment of the present application;
fig. 3 is a schematic diagram of a terminal group communication framework provided in an embodiment of the present application;
fig. 4 is a schematic structural diagram of a communication device of a SDN-based application terminal group according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the technical solutions of the present application will be described in detail and completely with reference to the following specific embodiments of the present application and the accompanying drawings. It should be apparent that the described embodiments are only some of the embodiments of the present application, and not all of the embodiments. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments in the present application without making any creative effort belong to the protection scope of the present application.
In Software Defined Networking (SDN) technology, an SDN controller manages and controls resources related to a whole Network, and can perform convenient and visual management configuration on a Network, a subnet, a route, and the like, thereby achieving the purpose of Network intercommunication in tenants.
Fig. 1 is a flowchart of a communication method for a SDN-based application terminal group according to an embodiment of the present application, which specifically includes the following steps:
s101: the SDN controller constructs a plurality of terminal groups.
In the embodiment of the application, the SDN controller may map the application terminal nodes having the same attribute, and construct a plurality of terminal groups. Each terminal group comprises a plurality of application program terminal nodes, the application program terminal nodes in the same terminal group have the same attribute, and the same attribute indicates that the terminal nodes play the same role in networking.
Fig. 2 is a schematic diagram illustrating the mapping between the application terminal node and the terminal group. In FIG. 2, the application end nodes may include VM virtual machine IP addresses, physical network ports, subnets A-C providing web portals, DB portals, and so on. Based on different attributes of the application terminal nodes, the application terminal nodes can be mapped to different terminal groups (e.g., end Point groups, EPGs) such as Web, app, and DB to form corresponding terminal groups, which serve as containers of the application collection.
Specifically, the SDN controller may determine, based on the visual display of each application terminal node, to map application terminal nodes with the same attribute to the same group of terminal groups according to selection and operation of a user, so as to implement division and construction of the terminal groups.
S102: and constructing a communication contract rule, and configuring the application program terminal nodes in the corresponding terminal group according to the communication contract rule.
In an embodiment of the present application, the SDN controller may construct a communication contract rule for normalizing communication between terminal groups. And the SDN controller can configure the application program terminal nodes in each terminal group according to the constructed communication contract rule so as to realize the landing of the rule. Where a communication contract rule is made up of a series of rules that provide a way to control traffic between groups of terminals.
In one embodiment, the SDN controller may construct the communication contract rules according to at least any one of a network protocol, an execution action, and a forwarding direction. The network Protocol may include a Transmission Control Protocol (TCP), a User Datagram Protocol (UDP), an Internet Protocol (IP), and the like, the execution action may include allowing forwarding of a packet, rejecting forwarding of a packet, discarding a packet, and the like, the forwarding direction may include forwarding from the source terminal group to the destination terminal group, and forwarding from the destination terminal group to the source terminal group, and in addition, the communication contract rule may include other contents required for communication, which is not limited in the present application.
For example, one particular form of a communication contract rule may be: allowing the data packet to be forwarded from the source terminal group to the destination terminal group on a TCP basis.
It should be noted that the communication contract rule does not limit specific terminal groups and application terminal nodes, has universality and universality, and can be applied to any terminal group.
In one embodiment, after the SDN controller constructs the communication contract rule, the SDN controller may determine, according to different roles of the constructed terminal group, a corresponding source terminal group and a corresponding destination terminal group based on a service provided by or a required service of the terminal group. Then, the SDN controller may apply the constructed communication contract rule between the corresponding source terminal group and the destination terminal group, and limit and restrict communication between the source terminal group and the destination terminal group, thereby implementing configuration of the terminal group.
And the corresponding source terminal group and the destination terminal group have a communication relationship between service providing and service receiving. One terminal group may be used as both a source terminal group and a destination terminal group. The communication relationship between different terminal groups is determined based on the common attributes of the terminal nodes in one terminal group. Specific implementation mechanisms may include access control lists, flow tables, iptables, and the like.
And applying the communication contract rule to the terminal group to indicate that the corresponding terminal group must obey the content of the configured communication contract rule, and strictly forwarding the communication data according to the limitation of the communication contract rule. Only then does the configured communication contract rules actually act on the terminal group.
When configuring the terminal group and the communication contract rule, a user does not need to concern about what forwarding process each application program terminal node in the terminal group needs to perform according to what rule to realize the required function, only needs to concern about whether a group of application program terminal nodes with the same attribute are objects required by realizing the function, and then selects the corresponding rule for controlling the flow.
Fig. 3 is a schematic diagram of a terminal group communication framework. The terminal group communication frame comprises three parts: and the source terminal group, the destination terminal group and the corresponding communication contract rules. In fig. 3, EPG1 to EPG5 represent different terminal groups, respectively, and rule1 to ruleN corresponding to a contact represent different communication contract rules, respectively. The left EPGs 1 and 2 represent source terminal groups, and the right EPGs 3 to 5 represent destination terminal groups. And the corresponding source terminal group and the destination terminal group can communicate through the configured communication contract rule.
In one embodiment, when a communication contract rule is specifically configured between the source terminal group and the destination terminal group, all application terminal nodes in the source terminal group and all application terminal nodes in the destination terminal group need to be correlated with each other. That is, any application terminal node in the source terminal group can communicate with any application terminal node in the destination terminal group based on the configured communication contract rule.
Then, after the communication contract rule is configured to a specific application terminal node, a specific forwarding policy may be composed by the application terminal node in the source terminal group, the application terminal node in the destination terminal group, and the specific communication contract rule. The forwarding policy specifies rules for communication between specific application nodes, constituting restrictions on the communication of application terminal nodes between different terminal groups.
S103: and judging whether the data packet received by the application program terminal node accords with the configured communication contract rule or not, and forwarding the data.
In this embodiment of the present application, the SDN controller may determine, based on a communication contract rule, that is, a forwarding policy, configured by the application terminal node, whether a data packet received by the application terminal node meets a requirement of the forwarding policy, and then forward data.
In one embodiment, before determining whether a data packet received by an application terminal node conforms to a configured communication contract rule, the SDN controller may authenticate the application terminal node, and identify and determine whether the application terminal node belongs to any constructed terminal group according to an identifier of the constructed terminal group.
If the application program terminal node belongs to any one of the established terminal groups, the application program terminal node is a terminal node which is specified and grouped in advance, can perform communication, and passes identification and authentication, the SDN controller can allow the application program terminal node to continue to perform subsequent steps.
If the application program terminal node does not belong to any established terminal group, the application program terminal node does not accept pre-designation and grouping division and does not belong to the communication-enabled category, the SDN controller fails to identify and authenticate the application program terminal node, and the application program terminal node can be rejected to carry out communication forwarding.
By this identification step, the terminal nodes capable of communication forwarding can be restricted based on the designation made in advance by the user, and the security and compliance of communication forwarding can be improved.
In one embodiment, the SDN controller may determine from at least two aspects in determining whether a data packet received by an application end node complies with a configured communication contract rule.
First, the format of the data packet includes the size, length, etc. of the data packet.
The SDN controller may determine whether the format of the data packet matches a forwarding policy configured by the application end node. If the data packet is matched with the data packet, the format of the data packet is in accordance with the specification, and the data packet can be allowed to be forwarded. If not, the format of the data packet is not in accordance with the specification, and the data packet can be refused to be forwarded.
And secondly, forwarding information of the data packet comprises a source IP address, a destination IP address, a network protocol and the like.
The SDN controller may determine whether forwarding information for the data packet matches a forwarding policy configured by the application end node. If the matching result shows that the interface corresponding to the application program terminal node is consistent with the data packet, the interface of the corresponding destination terminal group is also consistent with the data packet, and the network protocol is consistent, the data packet can be allowed to be forwarded. If the data packets are not matched, the contents such as the interfaces corresponding to the application program terminal nodes, the interfaces corresponding to the destination terminal groups, the network protocols and the like are represented to be inconsistent with the requirements of the data packets, and the application program terminal nodes cannot forward the data packets and can refuse to forward the data packets.
By matching the data packet with the forwarding strategy, the terminal group can be ensured to carry out communication forwarding according to rules in the configured forwarding strategy, the requirement of communication forwarding is complied with, the compliance of communication forwarding is ensured, and the forwarding safety is improved.
In one embodiment, when communicating through Access Control Lists (ACLs), the SDN controller may construct the Access Control Lists according to a forwarding policy between application terminal nodes of the terminal group.
The SDN controller may then match forwarding information (i.e., five-tuple information) of the packet with the access control list, and determine whether the five-tuple information of the packet matches the access control list, thereby determining whether to allow packet forwarding. The quintuple information comprises a source IP address, a source port, a destination IP address, a destination port and a transport layer network protocol.
In one embodiment, the SDN controller may further perform operations such as adding and deleting on application terminal nodes in the constructed terminal group based on the operation of the user. Based on the SDN technology, the addition and deletion of the application program terminal nodes are easy, convenient and not easy to make mistakes.
In the embodiment of the application, the application terminal nodes applied to the service are abstracted, the application terminal nodes with the same attribute form a terminal group, and communication between the terminal group and the terminal group is performed. Therefore, the safety and convenience of communication can be guaranteed, the flexibility and the simplicity can be provided, practical application and the underlying network are separated, a user only needs to pay attention to the strategy design of an application layer, the underlying network does not need to be paid too much attention to, the operation is convenient, and the communication efficiency is obviously improved.
Based on SDN technology, network resources are uniformly configured and managed through a controller, and information of terminal nodes of various application programs can be conveniently and rapidly obtained, so that grouping operation is simpler and more flexible, and errors are not easy to occur.
The communication contract rules are flexible to make and can be freely changed. After the communication contract rule is configured to the terminal group, the rule can take effect to control the subsequent flow forwarding. Therefore, the forwarding strategy is decoupled from the specific forwarding process, and the terminal node can automatically execute the changed forwarding action without reconfiguration according to the change of the communication contract rule only by modifying the content in the communication contract rule, so that the actual forwarding action is not influenced by the strategy change, and the method is convenient and quick.
And the terminal nodes in the appointed terminal group can only control and forward the flow according to the content of the communication contract rule, and the terminal nodes of the unspecified application program have no right to use and access, thereby being beneficial to improving the communication safety.
Compared with the communication taking a network or a subnet as a unit at present, when the scheme accesses a plurality of subnets with the same attribute, each subnet does not need to be configured, so that the operation is more convenient and faster.
Based on the same inventive concept, the SDN-based application terminal group communication method provided in the embodiment of the present application further provides a corresponding SDN-based application terminal group communication device, as shown in fig. 4.
Fig. 4 is a schematic structural diagram of a communication device of an SDN-based application terminal group according to an embodiment of the present application, which specifically includes:
a construction module 401, wherein the SDN controller constructs a plurality of terminal groups; each terminal group comprises a plurality of application program terminal nodes respectively, and each application program terminal node in the same terminal group has the same attribute;
a configuration module 402, which constructs a communication contract rule and configures the application program terminal nodes in the corresponding terminal group according to the communication contract rule;
the determining and forwarding module 403 determines whether the data packet received by the application terminal node conforms to the configured communication contract rule, and performs data forwarding.
The embodiments in the present application are described in a progressive manner, and the same and similar parts among the embodiments can be referred to each other, and each embodiment focuses on differences from other embodiments. In particular, as for the apparatus embodiment, since it is substantially similar to the method embodiment, the description is relatively simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising a … …" does not exclude the presence of another identical element in a process, method, article, or apparatus that comprises the element.
The above description is only an example of the present application and is not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.
Claims (4)
1. An SDN-based application program terminal group communication method is characterized by comprising the following steps:
the SDN controller constructs a plurality of terminal groups; each terminal group comprises a plurality of application program terminal nodes respectively, and each application program terminal node in the same terminal group has the same attribute;
constructing a communication contract rule, and configuring the application program terminal nodes in the corresponding terminal groups according to the communication contract rule; wherein the building of the communication contract rules comprises:
constructing a communication contract rule according to at least any one of a network protocol, an execution action and a forwarding direction;
configuring the application program terminal nodes in the corresponding terminal group according to the communication contract rule, wherein the configuration comprises the following steps:
determining a source terminal group and a corresponding destination terminal group;
applying the communication contract rule between the source terminal group and the destination terminal group;
applying the communication contract rule between the source terminal group and the destination terminal group, including:
respectively correlating all application program terminal nodes in the source terminal group with all application program terminal nodes in the destination terminal group;
determining a forwarding strategy consisting of an application program terminal node in a source terminal group, an application program terminal node in a destination terminal group and a communication contract rule;
judging whether the data packet received by the application program terminal node accords with the configured communication contract rule or not, and forwarding the data; before the determining whether the data packet received by the application terminal node conforms to the configured communication contract rule, the method further includes:
identifying and determining that the application program terminal node belongs to any constructed terminal group;
the judging whether the data packet received by the application program terminal node meets the configured communication contract rule includes:
determining whether the forwarding information of the data packet is matched with a forwarding strategy configured by an application program terminal node;
if the matching is successful, allowing forwarding; if not, refusing to transmit;
the forwarding information is quintuple information;
the method further comprises the following steps:
constructing an access control list according to the forwarding strategy;
determining whether the five tuple information matches the access control list.
2. The method of claim 1, wherein determining whether the data packet received by the application termination node complies with the configured communication contract rules comprises:
determining whether the format of the data packet is matched with a forwarding strategy configured by an application program terminal node;
if the matching is carried out, the forwarding is allowed; if not, rejecting forwarding.
3. The method of claim 1, further comprising:
and based on the operation of the user, adding and deleting the application program terminal nodes in the terminal group.
4. An SDN-based application terminal group communication device, comprising:
the SDN controller is used for establishing a plurality of terminal groups; each terminal group comprises a plurality of application program terminal nodes respectively, and each application program terminal node in the same terminal group has the same attribute;
the configuration module is used for constructing a communication contract rule and configuring the application program terminal nodes in the corresponding terminal group according to the communication contract rule; wherein the constructing of the communication contract rule comprises:
constructing a communication contract rule according to at least any one of a network protocol, an execution action and a forwarding direction;
the configuring the application program terminal nodes in the corresponding terminal groups according to the communication contract rules comprises:
determining a source terminal group and a corresponding destination terminal group;
applying the communication contract rule between the source terminal group and the destination terminal group;
applying the communication contract rule between the source terminal group and the destination terminal group, including:
respectively correlating all application program terminal nodes in the source terminal group with all application program terminal nodes in the destination terminal group;
determining a forwarding strategy consisting of an application program terminal node in a source terminal group, an application program terminal node in a destination terminal group and a communication contract rule;
the judging and forwarding module is used for judging whether the data packet received by the application program terminal node conforms to the configured communication contract rule or not and forwarding the data; before the determining the forwarding module, the apparatus further includes:
the identification module identifies and determines that the application program terminal node belongs to any constructed terminal group;
the judging and forwarding module is specifically configured to:
determining whether the forwarding information of the data packet is matched with a forwarding strategy configured by an application program terminal node;
if the matching is successful, allowing forwarding; if not, refusing to transmit;
the forwarding information is quintuple information;
the SDN controller constructs an access control list according to the forwarding strategy;
and the SDN controller matches the forwarding information with an access control list and determines whether the five-tuple information is matched with the access control list.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011322194.9A CN112564946B (en) | 2020-11-23 | 2020-11-23 | SDN-based application program terminal group communication method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011322194.9A CN112564946B (en) | 2020-11-23 | 2020-11-23 | SDN-based application program terminal group communication method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112564946A CN112564946A (en) | 2021-03-26 |
| CN112564946B true CN112564946B (en) | 2022-11-11 |
Family
ID=75044837
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011322194.9A Active CN112564946B (en) | 2020-11-23 | 2020-11-23 | SDN-based application program terminal group communication method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112564946B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103329489A (en) * | 2011-01-20 | 2013-09-25 | 日本电气株式会社 | Communication system, control device, policy management device, communication method, and program |
| CN103404093A (en) * | 2011-02-21 | 2013-11-20 | 日本电气株式会社 | Communication system, database, control device, communication method and program |
| CN110519404A (en) * | 2019-08-02 | 2019-11-29 | 锐捷网络股份有限公司 | A kind of policy management method based on SDN, device and electronic equipment |
-
2020
- 2020-11-23 CN CN202011322194.9A patent/CN112564946B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103329489A (en) * | 2011-01-20 | 2013-09-25 | 日本电气株式会社 | Communication system, control device, policy management device, communication method, and program |
| CN103404093A (en) * | 2011-02-21 | 2013-11-20 | 日本电气株式会社 | Communication system, database, control device, communication method and program |
| CN110519404A (en) * | 2019-08-02 | 2019-11-29 | 锐捷网络股份有限公司 | A kind of policy management method based on SDN, device and electronic equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112564946A (en) | 2021-03-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11050713B2 (en) | Firewall configured with dynamic membership sets representing machine attributes | |
| US10742557B1 (en) | Extending scalable policy management to supporting network devices | |
| US20230163999A1 (en) | Method and apparatus for providing a point-to-point connection over a network | |
| CN112235123B (en) | Service function registration mechanism and capability indexing | |
| CN103650436B (en) | Service path distribution method, router and business perform entity | |
| US9641450B1 (en) | Resource placement templates for virtual networks | |
| CN111770028A (en) | Method and network device for computer network | |
| US7710900B2 (en) | Method and system for providing network management based on defining and applying network administrative intents | |
| WO2017089913A1 (en) | Method, device and storage medium for an internet of things (iot) device access in a software-defined networking (sdn) system | |
| US20150229641A1 (en) | Migration of a security policy of a virtual machine | |
| US9787691B2 (en) | Classification of unauthenticated IP users in a layer-2 broadband aggregation network and optimization of session management in a broadband network gateway | |
| US11070422B2 (en) | Enabling enterprise segmentation with 5G slices in a service provider network | |
| CN107181691B (en) | Method, equipment and system for realizing message routing in network | |
| EP3917096A1 (en) | Data center tenant network isolation using logical router interconnects for virtual network route leaking | |
| CN110098988A (en) | For handling the method and system of Internet Protocol packet | |
| CN112564946B (en) | SDN-based application program terminal group communication method and device | |
| CN106231596A (en) | A kind of access point apparatus configuration devices and methods therefor, a kind of access point apparatus | |
| Cunha et al. | Policy-driven vCPE through dynamic network service function chaining | |
| CN114175583B (en) | System resource management in self-healing networks | |
| CN109391517B (en) | Method for monitoring data traffic in an overlay network | |
| WO2018068768A1 (en) | Broadband service control method and apparatus | |
| CN115776441B (en) | SDN-based virtual private line service issuing method and device, medium and electronic equipment | |
| CN108599998B (en) | Network management and control method and device and computer readable storage medium | |
| Granelli et al. | Realizing network slicing | |
| Janovic | ACI Fundamentals: Application Policy Model |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |