CN114221856A - Control method, device, storage medium and equipment for network disaster recovery switching - Google Patents

Control method, device, storage medium and equipment for network disaster recovery switching Download PDF

Info

Publication number
CN114221856A
CN114221856A CN202210005986.6A CN202210005986A CN114221856A CN 114221856 A CN114221856 A CN 114221856A CN 202210005986 A CN202210005986 A CN 202210005986A CN 114221856 A CN114221856 A CN 114221856A
Authority
CN
China
Prior art keywords
intranet
gateway
head office
network
vpn gateway
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210005986.6A
Other languages
Chinese (zh)
Inventor
桂朔
丁小进
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Construction Bank Corp
Original Assignee
China Construction Bank Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Construction Bank Corp filed Critical China Construction Bank Corp
Priority to CN202210005986.6A priority Critical patent/CN114221856A/en
Publication of CN114221856A publication Critical patent/CN114221856A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0654Management of faults, events, alarms or notifications using network fault recovery
    • H04L41/0663Performing the actions predefined by failover planning, e.g. switching to standby network elements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/12Arrangements for remote connection or disconnection of substations or of equipment thereof
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The application discloses a control method, a device, a storage medium and equipment for network disaster recovery switching, which are used for switching an extranet VPN gateway of a head office into an intranet VPN gateway of the head office under the condition that a network fault of a primary branch office to which a network point belongs is detected, so that the gateway of the network point is connected to enter an intranet of the head office. And sending a first operation notice to a responsible person of the network point, and triggering the responsible person to execute the wire plugging operation. And under the condition that the primary branch line is detected to recover the normal network, switching the intranet VPN gateway of the head office into the extranet VPN gateway of the head office, so that the gateway cannot be connected into the intranet of the head office. And sending a second operation notice to the responsible person, and triggering the responsible person to execute the wire pulling operation. Compared with the prior art, the scheme disclosed by the application avoids communication among the head office, the primary branch office and the secondary branch office, so that the switching efficiency of network disaster recovery is obviously improved, and the recovery time of the network point service is effectively shortened.

Description

Control method, device, storage medium and equipment for network disaster recovery switching
Technical Field
The present application relates to the field of network security, and in particular, to a method, an apparatus, a storage medium, and a device for controlling network disaster recovery switching.
Background
Because the number of the network points is large, the service data transmission bandwidth of the network points is larger and larger along with the popularization of various services in the network points, and the burden of the service data transmission bandwidth is more and more important. In order to deal with machine room level disasters (such as Network faults) which may occur in an upper-level mechanism (including a first-level branch and a second-level branch) to which a Network point belongs, the Network point needs to be controlled to be connected to an intranet of a head office through a Virtual Private Network (VPN), so that the Network point service is ensured to be rapidly recovered.
In the process that a control network point is connected to the intranet of a head office through a VPN, network disaster recovery (namely a VPN gateway) needs to be switched. However, the existing network disaster recovery switching method needs to complete the coordination among the head office, the branch office, and the network points, and a lot of time will be consumed in the coordination process, resulting in the extension of the recovery time of the network point services.
Disclosure of Invention
The application provides a control method, a device, a storage medium and equipment for network disaster recovery switching, and aims to improve the efficiency of network disaster recovery switching and avoid prolonging the recovery time of network point services.
In order to achieve the above object, the present application provides the following technical solutions:
a control method for network disaster recovery switching comprises the following steps:
under the condition that a network fault of a primary branch line to which a network point belongs is detected, an extranet VPN gateway of a head office is switched to an intranet VPN gateway of the head office, so that the gateway of the network point is connected to enter an intranet of the head office;
sending a first operation notification to a responsible person of the website, and triggering the responsible person to execute a wire plugging operation; the plug-in operation is used for establishing communication connection between the gateway and the service equipment of the network point, so that service data in the service equipment is uploaded to the intranet of the head office through the gateway;
under the condition that the primary branch line is detected to recover the normal network, switching the intranet VPN gateway of the head office into the extranet VPN gateway of the head office, so that the gateway cannot be connected into the intranet of the head office;
sending a second operation notification to the responsible person, and triggering the responsible person to execute a wire pulling operation; the line pulling operation is used for disconnecting the communication connection between the gateway and the service equipment, so that the service data cannot be uploaded to the intranet of the head office through the gateway; the upper-level mechanism to which the mesh point belongs is a second-level branch, and the upper-level mechanism to which the second-level branch belongs is the first-level branch.
Optionally, the switching, when a network fault occurs in a first-stage branch line to which the mesh point belongs, an extranet VPN gateway of the head office to an intranet VPN gateway of the head office, so that the gateway of the mesh point is connected to enter an intranet of the head office, includes:
under the condition that a network fault of a first-level branch line to which a network point belongs is detected, triggering a gateway of the network point to be connected with an external networking VPN gateway of a head office;
sending a port opening instruction to the intranet switch of the head office to enable the intranet switch of the head office to open the intranet port of the head office;
under the condition that the intranet port of the head office is determined to be available, switching the extranet VPN gateway of the head office into the intranet VPN gateway of the head office, and enabling the gateway to be connected with the intranet VPN gateway of the head office;
and controlling the intranet VPN gateway of the head office to be connected with the intranet port of the head office, so that the gateway is connected to enter the intranet of the head office.
Optionally, under the condition that it is detected that the primary branch office recovers the normal network, switching the intranet VPN gateway of the head office to the extranet VPN gateway of the head office so that the gateway cannot be connected to enter the intranet of the head office, including:
under the condition that the primary branch line is detected to be recovered to be normal, a port closing instruction is sent to the intranet switch of the head line, so that the intranet switch of the head line closes the intranet port of the head line;
and switching the intranet VPN gateway of the head office to the extranet VPN gateway of the head office, so that the gateway cannot be connected into the intranet of the head office.
Optionally, the method further includes:
and after detecting that the external networking VPN gateway of the first-level branch line is on line, triggering the gateway to disconnect the connection with the external networking VPN gateway of the head office and connect with the external networking VPN gateway of the first-level branch line.
Optionally, the method further includes:
under the condition that the network fault of the secondary branch is detected, the external network VPN gateway of the primary branch is switched to the internal network VPN gateway of the primary branch, so that the gateway is connected to enter the internal network of the primary branch;
sending a first operation notification to the responsible person, and triggering the responsible person to execute the wire plugging operation;
under the condition that the second-level branch is detected to recover the normal network, the intranet VPN gateway of the first-level branch is switched to the extranet VPN gateway of the first-level branch, so that the gateway cannot be connected to enter the intranet of the first-level branch;
and sending a second operation notice to the responsible person, and triggering the responsible person to execute the wire pulling operation.
Optionally, under the condition that the network fault occurs in the secondary branch, switching the extranet VPN gateway of the primary branch to the intranet VPN gateway of the primary branch so that the gateway is connected to enter the intranet of the primary branch, including:
under the condition that the network fault of the secondary branch is detected, triggering the gateway to be connected with an external networking VPN gateway of the primary branch;
sending a port opening instruction to the intranet switch of the primary branch so that the intranet switch of the primary branch opens the intranet port of the primary branch;
under the condition that the intranet port of the primary branch is determined to be available, switching the extranet VPN gateway of the primary branch into the intranet VPN gateway of the primary branch, and enabling the gateway to be connected with the intranet VPN gateway of the primary branch;
and controlling the intranet VPN gateway of the primary branch to be connected with the intranet port of the primary branch, so that the gateway is connected to enter the intranet of the primary branch.
Optionally, under the condition that it is detected that the secondary branch network recovers the normal network, switching the intranet VPN gateway of the primary branch network to the extranet VPN gateway of the primary branch network, so that the gateway cannot be connected to enter the intranet of the primary branch network, includes:
under the condition that the secondary branch is detected to recover the normal network, a port closing instruction is sent to the intranet switch of the primary branch, so that the intranet switch of the primary branch closes the intranet port of the primary branch;
and switching the intranet VPN gateway of the primary branch line into the extranet VPN gateway of the primary branch line, so that the gateway cannot be connected into the intranet of the primary branch line.
A control device for network disaster recovery switching comprises:
the system comprises a first switching unit, a second switching unit and a third switching unit, wherein the first switching unit is used for switching an extranet VPN gateway of a head office into an intranet VPN gateway of the head office under the condition that a network fault of a primary branch office to which a network point belongs is detected, so that the gateway of the network point is connected into an intranet of the head office;
the first sending unit is used for sending a first operation notification to a responsible person of the website and triggering the responsible person to execute a wire plugging operation; the plug-in operation is used for establishing communication connection between the gateway and the service equipment of the network point, so that service data in the service equipment is uploaded to the intranet of the head office through the gateway;
the second switching unit is used for switching the intranet VPN gateway of the head office to the extranet VPN gateway of the head office under the condition that the primary branch office is detected to be recovered to be normal, so that the gateway cannot be connected to the intranet of the head office;
the second sending unit is used for sending a second operation notification to the responsible person and triggering the responsible person to execute the wire pulling operation; the line pulling operation is used for disconnecting the communication connection between the gateway and the service equipment, so that the service data cannot be uploaded to the intranet of the head office through the gateway; the upper-level mechanism to which the mesh point belongs is a second-level branch, and the upper-level mechanism to which the second-level branch belongs is the first-level branch.
A computer-readable storage medium including a stored program, wherein the program executes the method for controlling network disaster recovery handover.
A control device for network disaster recovery handover, comprising: a processor, a memory, and a bus; the processor and the memory are connected through the bus;
the memory is used for storing programs, and the processor is used for running the programs, wherein the control method for the network disaster recovery switching is executed when the programs are run.
According to the technical scheme, under the condition that the network fault of the primary branch line to which the network point belongs is detected, the external network VPN gateway of the head office is switched to the internal network VPN gateway of the head office, so that the gateway of the network point is connected to enter the internal network of the head office. And sending a first operation notice to a responsible person of the network point, and triggering the responsible person to execute the wire plugging operation. The plug-in operation is used for establishing communication connection between the gateway and the service equipment of the network point, so that the service data in the service equipment is uploaded to the intranet of the head office through the gateway. And under the condition that the primary branch line is detected to recover the normal network, switching the intranet VPN gateway of the head office into the extranet VPN gateway of the head office, so that the gateway cannot be connected into the intranet of the head office. And sending a second operation notice to the responsible person, and triggering the responsible person to execute the wire pulling operation. The line pulling operation is used for disconnecting the communication connection between the gateway and the service equipment, so that the service data cannot be uploaded to the intranet of the head office through the gateway. According to the scheme, the switching of the network disaster recovery (namely the switching between the external network VPN gateway and the intranet VPN gateway) can be realized without the participation of a head office, a first-level branch office and a second-level branch office in the switching process of the network disaster recovery.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic flowchart of a method for controlling network disaster recovery handover according to an embodiment of the present application;
fig. 2 is a schematic flowchart of another control method for network disaster recovery handover according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of a control device for network disaster recovery handover according to an embodiment of the present disclosure.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
As shown in fig. 1, a schematic flow chart of a control method for network disaster recovery handover provided in an embodiment of the present application includes the following steps:
s101: and under the condition that the network fault of the first-level branch line to which the network point belongs is detected, triggering the gateway of the network point to be connected with the external networking VPN gateway of the head office.
Wherein, the superior mechanism that the net point belongs to is the second grade branch, and the superior mechanism that the second grade branch belongs to is the first grade branch. That is, the primary branch governs a plurality of secondary branches, and the secondary branch governs a plurality of mesh points.
It should be noted that, when no intranet fault occurs in the primary branch and the secondary branch to which the mesh point belongs, the gateway of the mesh point is connected to the external network VPN gateway of the secondary branch by default, and when a network fault occurs in the primary branch, the gateway of the mesh point is triggered to disconnect the connection with the external network VPN gateway of the secondary branch.
Generally speaking, when a network fault occurs in a primary branch, a gateway of a network point cannot be connected to enter an intranet of the primary branch, and therefore cannot enter the intranet of a head office through the intranet connection of the primary branch, and certainly, service data of the network point cannot be uploaded to the intranet of the head office.
In the embodiment of the application, the gateway of the network point is connected with the extranet VPN gateway of the head office through the Internet, and certainly, is connected with the extranet VPN gateway of the second-level branch through the Internet.
It should be emphasized that when no intranet fault occurs in the primary branch and the secondary branch to which the mesh point itself belongs, the service data of the mesh point is usually uploaded to the intranet of the head office via the intranet of the secondary branch and the intranet of the primary branch.
S102: and sending a port opening instruction to the intranet switch of the head office, so that the intranet switch of the head office opens the intranet port of the head office.
S103: and under the condition that the intranet port of the head office is determined to be available, switching the extranet VPN gateway of the head office into the intranet VPN gateway of the head office, so that the gateway of the network point is connected with the intranet VPN gateway of the head office.
The external network VPN gateway and the intranet VPN gateway are VPN gateways, and the difference between the external network VPN gateway and the intranet VPN gateway is only that the gateway addresses are different, so that the switching between the external network VPN gateway and the intranet VPN gateway can be realized by changing the gateway addresses.
S104: and controlling the intranet VPN gateway of the head office to be connected with the intranet port of the head office, so that the gateway of the network point is connected into the intranet of the head office.
S105: and sending a first operation notice to a responsible person of the network point, and triggering the responsible person of the network point to execute the wire plugging operation.
The plug-in operation is used for establishing communication connection between a gateway of a network point and service equipment of the network point, so that service data in the service equipment is uploaded to an intranet of a head office through the gateway of the network point.
Specifically, the plugging operation can be understood as: a data line is connected between the gateway of the network point and the service equipment of the network point, so that data transmission can be carried out between the gateway and the service equipment.
S106: and under the condition that the primary branch line is detected to be recovered to be normal, sending a port closing instruction to the intranet switch of the head line, so that the intranet switch of the head line closes the intranet port of the head line.
S107: and switching the intranet VPN gateway of the head office into the extranet VPN gateway of the head office, so that the gateway of the network point cannot be connected into the intranet of the head office.
S108: after detecting that the external networking VPN gateway of the first-level branch line is on line, triggering the gateway of the network point to disconnect the connection with the external networking VPN gateway of the head office and connect with the external networking VPN gateway of the first-level branch line.
If the gateway of the network point is connected with the external network VPN gateway of the first-level branch, the service data of the network point can be uploaded to the internal network of the first-level branch through the gateway of the network point and uploaded to the internal network of the head office through the internal network of the first-level branch.
It should be noted that, if the primary branch network is normal, the intranet in the primary branch and the intranet in the head office are intercommunicated.
S109: and sending a second operation notice to a responsible person of the website to trigger the responsible person of the website to execute the wire pulling operation.
The network switching operation is used for disconnecting the communication connection between the gateway of the network point and the service equipment of the network point, so that the service data in the service equipment cannot be uploaded to the intranet of the head office through the gateway of the network point. In the embodiment of the present application, under the condition that the secondary branch network is normal, since the primary branch network has recovered to be normal, the service data of the node can be uploaded to the intranet of the head office via the intranet of the primary branch network.
Specifically, the wire pulling operation can be understood as: and disconnecting the data line between the gateway of the network point and the service equipment of the network point, so that data transmission cannot be carried out between the gateway and the service equipment.
S110: and under the condition that the network fault of the secondary branch line to which the network point belongs is detected, triggering the gateway of the network point to be connected with the external networking VPN gateway of the primary branch line.
S111: and sending a port opening instruction to the intranet switch of the primary branch so that the intranet switch of the primary branch opens the intranet port of the primary branch.
S112: and under the condition that the intranet port of the primary branch is determined to be available, switching the extranet VPN gateway of the primary branch into the intranet VPN gateway of the primary branch, so that the gateway of the network point is connected with the intranet VPN gateway of the primary branch.
S113: and controlling the intranet VPN gateway of the primary branch to be connected with the intranet port of the primary branch, so that the gateway connection of a network point enters the intranet of the primary branch.
S114: and sending a first operation notice to a responsible person of the network point, and triggering the responsible person of the network point to execute the wire plugging operation.
S115: and under the condition that the secondary branch is detected to recover the normal network, sending a port closing instruction to the intranet switch of the primary branch, so that the intranet switch of the primary branch closes the intranet port of the primary branch.
When the intranet port of the primary branch is closed, the gateway of the network point cannot be connected to the intranet of the primary branch, that is, the service data of the network point cannot be uploaded to the intranet of the primary branch through the gateway.
S116: and switching the intranet VPN gateway of the first-level branch line into the extranet VPN gateway of the first-level branch line, so that the gateway of the network point is connected with the extranet VPN gateway of the first-level branch line.
S117: and after detecting that the external networking VPN gateway of the second-level branch is on line, triggering the gateway of the network point to disconnect the connection with the external networking VPN gateway of the first-level branch and connect with the external networking VPN gateway of the second-level branch.
S118: and sending a second operation notice to a responsible person of the website to trigger the responsible person of the website to execute the wire pulling operation.
Based on the above flow shown in S101-S118, the present embodiment can also achieve the following beneficial effects:
1. in a scene of network failure of the first-level branch and the second-level branch, the embodiment can realize one-key management of the network disaster recovery (namely, the respective VPN gateways of the first-level branch, the second-level branch and the head office) (namely, the gateway of the trigger network point is connected with the VPN gateway of the head office, the gateway of the trigger network point is connected with the VPN gateway of the first-level branch, and the VPN gateways of the first-level branch and the head office are switched), thereby avoiding communication and communication among different mechanisms, effectively improving the switching efficiency of the network disaster recovery and ensuring the rapid recovery of network disaster recovery.
2. The switching progress of the VPN gateways of the first-level branch and the head office can be tracked.
3. The connection between the gateway of each network point and the VPN gateway needs to be established in batches under the influence of the performance of the VPN gateway, and the embodiment can preferentially establish the connection between the gateway of the important network point and the VPN gateway according to the priority of the network points, thereby reducing the service influence on the important network points.
In summary, the scheme shown in this embodiment can implement the network disaster recovery (i.e., the switching between the extranet VPN gateway and the intranet VPN gateway) without the need of the head office, the first-level branch office, and the second-level branch office participating in the switching process of the network disaster recovery, and compared with the prior art, the scheme avoids the communication among the head office, the first-level branch office, and the second-level branch office, so that the switching efficiency of the network disaster recovery is significantly improved, and the recovery time of the network point service is effectively shortened.
It should be noted that, in the above embodiment, the step S111 is an optional implementation manner of the network disaster recovery handover control method described in this application. In addition, S115 mentioned in the above embodiment is also an optional implementation manner of the method for controlling network disaster recovery handover described in this application. For this reason, the flow described in the above embodiment can be summarized as the method shown in fig. 2.
As shown in fig. 2, a schematic flow chart of another method for controlling network disaster recovery handover provided in the embodiment of the present application includes the following steps:
s201: and under the condition that the network fault of the primary branch line to which the network point belongs is detected, switching the external network VPN gateway of the head office into the internal network VPN gateway of the head office, so that the gateway of the network point is connected into the internal network of the head office.
S202: and sending a first operation notice to a responsible person of the network point, and triggering the responsible person to execute the wire plugging operation.
The plug-in operation is used for establishing communication connection between the gateway and business equipment of a network point, so that business data in the business equipment is uploaded to an intranet of a head office through the gateway.
S203: and under the condition that the primary branch line is detected to recover the normal network, switching the intranet VPN gateway of the head office into the extranet VPN gateway of the head office, so that the gateway cannot be connected into the intranet of the head office.
S204: and sending a second operation notice to the responsible person, and triggering the responsible person to execute the wire pulling operation.
The line pulling operation is used for disconnecting the communication connection between the gateway and the service equipment, so that the service data cannot be uploaded to the intranet of the head office through the gateway. The upper-level mechanism to which the mesh points belong is a second-level branch, and the upper-level mechanism to which the second-level branch belongs is a first-level branch.
In summary, the scheme shown in this embodiment can implement the network disaster recovery (i.e., the switching between the extranet VPN gateway and the intranet VPN gateway) without the need of the head office, the first-level branch office, and the second-level branch office participating in the switching process of the network disaster recovery, and compared with the prior art, the scheme avoids the communication among the head office, the first-level branch office, and the second-level branch office, so that the switching efficiency of the network disaster recovery is significantly improved, and the recovery time of the network point service is effectively shortened.
Corresponding to the method for controlling network disaster recovery switching provided in the embodiment of the present application, an embodiment of the present application further provides a device for controlling network disaster recovery switching.
As shown in fig. 3, an architecture diagram of a control device for network disaster recovery handover provided in the embodiment of the present application includes:
the first switching unit 100 is configured to switch an extranet VPN gateway of a head office to an intranet VPN gateway of the head office when a network fault is detected in a primary branch office to which the mesh point belongs, so that the gateway of the mesh point is connected to enter an intranet of the head office.
The first switching unit 100 is specifically configured to: under the condition that a network fault of a first-level branch line to which a network point belongs is detected, triggering a gateway of the network point to be connected with an extranet VPN gateway of a head office; sending a port opening instruction to an intranet switch of a head office to enable the intranet switch of the head office to open an intranet port of the head office; under the condition that the intranet port of the head office is determined to be available, switching the extranet VPN gateway of the head office into the intranet VPN gateway of the head office, and enabling the gateway to be connected with the intranet VPN gateway of the head office; and controlling the intranet VPN gateway of the head office to be connected with the intranet port of the head office, so that the gateway is connected into the intranet of the head office.
A first sending unit 200, configured to send a first operation notification to a principal of a website, and trigger the principal to perform a wire plugging operation; the plug-in operation is used for establishing communication connection between the gateway and the service equipment of the network point, so that the service data in the service equipment is uploaded to the intranet of the head office through the gateway.
The second switching unit 300 is configured to switch the intranet VPN gateway of the head office to the extranet VPN gateway of the head office when it is detected that the primary branch office recovers that the network is normal, so that the gateway cannot connect to the intranet of the head office.
The second switching unit 300 is specifically configured to: under the condition that the primary branch line is detected to be recovered to be normal, a port closing instruction is sent to the intranet switch of the head line, so that the intranet switch of the head line closes the intranet port of the head line; and switching the intranet VPN gateway of the head office into the extranet VPN gateway of the head office, so that the gateway cannot be connected into the intranet of the head office.
The second switching unit 300 is further configured to: after detecting that the external networking VPN gateway of the first-level branch line is on line, triggering the gateway to disconnect the connection with the external networking VPN gateway of the head office and connecting with the external networking VPN gateway of the first-level branch line.
The second sending unit 400 is configured to send a second operation notification to the responsible person, and trigger the responsible person to perform a wire pulling operation; the line pulling operation is used for disconnecting the communication connection between the gateway and the service equipment, so that the service data cannot be uploaded to the intranet of the head office through the gateway; the upper-level mechanism to which the mesh points belong is a second-level branch, and the upper-level mechanism to which the second-level branch belongs is a first-level branch.
A third switching unit 500, configured to switch the extranet VPN gateway of the primary branch line to the intranet VPN gateway of the primary branch line when detecting that a network fault occurs in the secondary branch line, so that the gateway is connected to enter the intranet of the primary branch line.
The third switching unit 500 is specifically configured to: under the condition that the network fault of the secondary branch is detected, the triggering gateway is connected with the external networking VPN gateway of the primary branch; a port opening instruction is sent to the intranet switch of the primary branch, so that the intranet switch of the primary branch opens the intranet port of the primary branch; under the condition that the intranet port of the first-level branch is determined to be available, the intranet VPN gateway of the first-level branch is switched into the intranet VPN gateway of the first-level branch, and the gateway is connected with the intranet VPN gateway of the first-level branch; and controlling the intranet VPN gateway of the primary branch to be connected with the intranet port of the primary branch, so that the gateway is connected into the intranet of the primary branch.
And a third sending unit 600, configured to send the first operation notification to the responsible person, and trigger the responsible person to perform a wire plugging operation.
A fourth switching unit 700, configured to switch the intranet VPN gateway in the primary branch to the extranet VPN gateway in the primary branch when it is detected that the secondary branch recovers that the network is normal, so that the gateway cannot connect to the intranet in the primary branch.
The fourth switching unit 700 is specifically configured to: under the condition that the secondary branch is detected to recover the normal network, a port closing instruction is sent to the intranet switch of the primary branch, so that the intranet switch of the primary branch closes the intranet port of the primary branch; and switching the intranet VPN gateway of the primary branch line into the extranet VPN gateway of the primary branch line, so that the gateway cannot be connected into the intranet of the primary branch line.
A fourth sending unit 800, configured to send a second operation notification to the responsible person, and trigger the responsible person to perform a wire pulling operation.
In summary, the scheme shown in this embodiment can implement the network disaster recovery (i.e., the switching between the extranet VPN gateway and the intranet VPN gateway) without the need of the head office, the first-level branch office, and the second-level branch office participating in the switching process of the network disaster recovery, and compared with the prior art, the scheme avoids the communication among the head office, the first-level branch office, and the second-level branch office, so that the switching efficiency of the network disaster recovery is significantly improved, and the recovery time of the network point service is effectively shortened.
The application also provides a computer-readable storage medium, where the computer-readable storage medium includes a stored program, and the program executes the method for controlling network disaster recovery handover provided by the application.
The present application further provides a control device for network disaster recovery switching, including: a processor, a memory, and a bus. The processor is connected with the memory through a bus, the memory is used for storing programs, and the processor is used for running the programs, wherein when the programs are run, the control method for network disaster recovery switching provided by the application comprises the following steps:
under the condition that a network fault of a primary branch line to which a network point belongs is detected, an extranet VPN gateway of a head office is switched to an intranet VPN gateway of the head office, so that the gateway of the network point is connected to enter an intranet of the head office;
sending a first operation notification to a responsible person of the website, and triggering the responsible person to execute a wire plugging operation; the plug-in operation is used for establishing communication connection between the gateway and the service equipment of the network point, so that service data in the service equipment is uploaded to the intranet of the head office through the gateway;
under the condition that the primary branch line is detected to recover the normal network, switching the intranet VPN gateway of the head office into the extranet VPN gateway of the head office, so that the gateway cannot be connected into the intranet of the head office;
sending a second operation notification to the responsible person, and triggering the responsible person to execute a wire pulling operation; the line pulling operation is used for disconnecting the communication connection between the gateway and the service equipment, so that the service data cannot be uploaded to the intranet of the head office through the gateway; the upper-level mechanism to which the mesh point belongs is a second-level branch, and the upper-level mechanism to which the second-level branch belongs is the first-level branch.
Specifically, on the basis of the above embodiment, when a network fault is detected in a primary branch office to which a mesh point belongs, switching an extranet VPN gateway of the head office to an intranet VPN gateway of the head office so that the gateway of the mesh point is connected to enter an intranet of the head office includes:
under the condition that a network fault of a first-level branch line to which a network point belongs is detected, triggering a gateway of the network point to be connected with an external networking VPN gateway of a head office;
sending a port opening instruction to the intranet switch of the head office to enable the intranet switch of the head office to open the intranet port of the head office;
under the condition that the intranet port of the head office is determined to be available, switching the extranet VPN gateway of the head office into the intranet VPN gateway of the head office, and enabling the gateway to be connected with the intranet VPN gateway of the head office;
and controlling the intranet VPN gateway of the head office to be connected with the intranet port of the head office, so that the gateway is connected to enter the intranet of the head office.
Specifically, on the basis of the foregoing embodiment, in the case that it is detected that the primary branch office recovers the normal network, the switching the intranet VPN gateway of the head office to the extranet VPN gateway of the head office so that the gateway cannot connect to enter the intranet of the head office includes:
under the condition that the primary branch line is detected to be recovered to be normal, a port closing instruction is sent to the intranet switch of the head line, so that the intranet switch of the head line closes the intranet port of the head line;
and switching the intranet VPN gateway of the head office to the extranet VPN gateway of the head office, so that the gateway cannot be connected into the intranet of the head office.
Specifically, on the basis of the above embodiment, the method further includes:
and after detecting that the external networking VPN gateway of the first-level branch line is on line, triggering the gateway to disconnect the connection with the external networking VPN gateway of the head office and connect with the external networking VPN gateway of the first-level branch line.
Specifically, on the basis of the above embodiment, the method further includes:
under the condition that the network fault of the secondary branch is detected, the external network VPN gateway of the primary branch is switched to the internal network VPN gateway of the primary branch, so that the gateway is connected to enter the internal network of the primary branch;
sending a first operation notification to the responsible person, and triggering the responsible person to execute the wire plugging operation;
under the condition that the second-level branch is detected to recover the normal network, the intranet VPN gateway of the first-level branch is switched to the extranet VPN gateway of the first-level branch, so that the gateway cannot be connected to enter the intranet of the first-level branch;
and sending a second operation notice to the responsible person, and triggering the responsible person to execute the wire pulling operation.
Specifically, on the basis of the foregoing embodiment, when a network failure is detected in the secondary branch, the switching the extranet VPN gateway of the primary branch to the intranet VPN gateway of the primary branch so that the gateway is connected to enter the intranet of the primary branch includes:
under the condition that the network fault of the secondary branch is detected, triggering the gateway to be connected with an external networking VPN gateway of the primary branch;
sending a port opening instruction to the intranet switch of the primary branch so that the intranet switch of the primary branch opens the intranet port of the primary branch;
under the condition that the intranet port of the primary branch is determined to be available, switching the extranet VPN gateway of the primary branch into the intranet VPN gateway of the primary branch, and enabling the gateway to be connected with the intranet VPN gateway of the primary branch;
and controlling the intranet VPN gateway of the primary branch to be connected with the intranet port of the primary branch, so that the gateway is connected to enter the intranet of the primary branch.
Specifically, on the basis of the foregoing embodiment, when it is detected that the secondary branch network is restored to a normal network, the switching the intranet VPN gateway of the primary branch network to the extranet VPN gateway of the primary branch network so that the gateway cannot connect to the intranet of the primary branch network includes:
under the condition that the secondary branch is detected to recover the normal network, a port closing instruction is sent to the intranet switch of the primary branch, so that the intranet switch of the primary branch closes the intranet port of the primary branch;
and switching the intranet VPN gateway of the primary branch line into the extranet VPN gateway of the primary branch line, so that the gateway cannot be connected into the intranet of the primary branch line.
The functions described in the method of the embodiment of the present application, if implemented in the form of software functional units and sold or used as independent products, may be stored in a storage medium readable by a computing device. Based on such understanding, part of the contribution to the prior art of the embodiments of the present application or part of the technical solution may be embodied in the form of a software product stored in a storage medium and including several instructions for causing a computing device (which may be a personal computer, a server, a mobile computing device or a network device) to execute all or part of the steps of the method described in the embodiments of the present application. And the aforementioned storage medium includes: u disk, removable hard disk, read only memory, random access memory, magnetic or optical disk, etc. for storing program codes.
The embodiments are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same or similar parts among the embodiments are referred to each other.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (10)

1. A control method for network disaster recovery switching is characterized by comprising the following steps:
under the condition that a network fault of a primary branch line to which a network point belongs is detected, an extranet VPN gateway of a head office is switched to an intranet VPN gateway of the head office, so that the gateway of the network point is connected to enter an intranet of the head office;
sending a first operation notification to a responsible person of the website, and triggering the responsible person to execute a wire plugging operation; the plug-in operation is used for establishing communication connection between the gateway and the service equipment of the network point, so that service data in the service equipment is uploaded to the intranet of the head office through the gateway;
under the condition that the primary branch line is detected to recover the normal network, switching the intranet VPN gateway of the head office into the extranet VPN gateway of the head office, so that the gateway cannot be connected into the intranet of the head office;
sending a second operation notification to the responsible person, and triggering the responsible person to execute a wire pulling operation; the line pulling operation is used for disconnecting the communication connection between the gateway and the service equipment, so that the service data cannot be uploaded to the intranet of the head office through the gateway; the upper-level mechanism to which the mesh point belongs is a second-level branch, and the upper-level mechanism to which the second-level branch belongs is the first-level branch.
2. The method according to claim 1, wherein in case of detecting a network failure of a primary branch office to which a mesh point belongs, switching an extranet VPN gateway of the head office to an intranet VPN gateway of the head office so that the gateway of the mesh point connects into an intranet of the head office comprises:
under the condition that a network fault of a first-level branch line to which a network point belongs is detected, triggering a gateway of the network point to be connected with an external networking VPN gateway of a head office;
sending a port opening instruction to the intranet switch of the head office to enable the intranet switch of the head office to open the intranet port of the head office;
under the condition that the intranet port of the head office is determined to be available, switching the extranet VPN gateway of the head office into the intranet VPN gateway of the head office, and enabling the gateway to be connected with the intranet VPN gateway of the head office;
and controlling the intranet VPN gateway of the head office to be connected with the intranet port of the head office, so that the gateway is connected to enter the intranet of the head office.
3. The method according to claim 1, wherein in a case that it is detected that the primary branch office recovers from normal network, switching the intranet VPN gateway of the head office to the extranet VPN gateway of the head office so that the gateway cannot connect into the intranet of the head office comprises:
under the condition that the primary branch line is detected to be recovered to be normal, a port closing instruction is sent to the intranet switch of the head line, so that the intranet switch of the head line closes the intranet port of the head line;
and switching the intranet VPN gateway of the head office to the extranet VPN gateway of the head office, so that the gateway cannot be connected into the intranet of the head office.
4. The method of claim 3, further comprising:
and after detecting that the external networking VPN gateway of the first-level branch line is on line, triggering the gateway to disconnect the connection with the external networking VPN gateway of the head office and connect with the external networking VPN gateway of the first-level branch line.
5. The method of claim 1, further comprising:
under the condition that the network fault of the secondary branch is detected, the external network VPN gateway of the primary branch is switched to the internal network VPN gateway of the primary branch, so that the gateway is connected to enter the internal network of the primary branch;
sending a first operation notification to the responsible person, and triggering the responsible person to execute the wire plugging operation;
under the condition that the second-level branch is detected to recover the normal network, the intranet VPN gateway of the first-level branch is switched to the extranet VPN gateway of the first-level branch, so that the gateway cannot be connected to enter the intranet of the first-level branch;
and sending a second operation notice to the responsible person, and triggering the responsible person to execute the wire pulling operation.
6. The method according to claim 5, wherein the switching the extranet VPN gateway of the primary branch line to the intranet VPN gateway of the primary branch line in case of detecting the network failure of the secondary branch line, so that the gateway is connected into the intranet of the primary branch line comprises:
under the condition that the network fault of the secondary branch is detected, triggering the gateway to be connected with an external networking VPN gateway of the primary branch;
sending a port opening instruction to the intranet switch of the primary branch so that the intranet switch of the primary branch opens the intranet port of the primary branch;
under the condition that the intranet port of the primary branch is determined to be available, switching the extranet VPN gateway of the primary branch into the intranet VPN gateway of the primary branch, and enabling the gateway to be connected with the intranet VPN gateway of the primary branch;
and controlling the intranet VPN gateway of the primary branch to be connected with the intranet port of the primary branch, so that the gateway is connected to enter the intranet of the primary branch.
7. The method according to claim 5, wherein in case that it is detected that the secondary branch network is recovered to be normal, switching the intranet VPN gateway of the primary branch network to the extranet VPN gateway of the primary branch network so that the gateway cannot connect into the intranet of the primary branch network comprises:
under the condition that the secondary branch is detected to recover the normal network, a port closing instruction is sent to the intranet switch of the primary branch, so that the intranet switch of the primary branch closes the intranet port of the primary branch;
and switching the intranet VPN gateway of the primary branch line into the extranet VPN gateway of the primary branch line, so that the gateway cannot be connected into the intranet of the primary branch line.
8. A control device for network disaster recovery handover, comprising:
the system comprises a first switching unit, a second switching unit and a third switching unit, wherein the first switching unit is used for switching an extranet VPN gateway of a head office into an intranet VPN gateway of the head office under the condition that a network fault of a primary branch office to which a network point belongs is detected, so that the gateway of the network point is connected into an intranet of the head office;
the first sending unit is used for sending a first operation notification to a responsible person of the website and triggering the responsible person to execute a wire plugging operation; the plug-in operation is used for establishing communication connection between the gateway and the service equipment of the network point, so that service data in the service equipment is uploaded to the intranet of the head office through the gateway;
the second switching unit is used for switching the intranet VPN gateway of the head office to the extranet VPN gateway of the head office under the condition that the primary branch office is detected to be recovered to be normal, so that the gateway cannot be connected to the intranet of the head office;
the second sending unit is used for sending a second operation notification to the responsible person and triggering the responsible person to execute the wire pulling operation; the line pulling operation is used for disconnecting the communication connection between the gateway and the service equipment, so that the service data cannot be uploaded to the intranet of the head office through the gateway; the upper-level mechanism to which the mesh point belongs is a second-level branch, and the upper-level mechanism to which the second-level branch belongs is the first-level branch.
9. A computer-readable storage medium, comprising a stored program, wherein the program executes the method for controlling the network disaster recovery handover according to any one of claims 1 to 7.
10. A control device for network disaster recovery handover, comprising: a processor, a memory, and a bus; the processor and the memory are connected through the bus;
the memory is used for storing a program, and the processor is used for executing the program, wherein the program executes the control method for network disaster recovery switching according to any one of claims 1 to 7 when running.
CN202210005986.6A 2022-01-04 2022-01-04 Control method, device, storage medium and equipment for network disaster recovery switching Pending CN114221856A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210005986.6A CN114221856A (en) 2022-01-04 2022-01-04 Control method, device, storage medium and equipment for network disaster recovery switching

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210005986.6A CN114221856A (en) 2022-01-04 2022-01-04 Control method, device, storage medium and equipment for network disaster recovery switching

Publications (1)

Publication Number Publication Date
CN114221856A true CN114221856A (en) 2022-03-22

Family

ID=80707794

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210005986.6A Pending CN114221856A (en) 2022-01-04 2022-01-04 Control method, device, storage medium and equipment for network disaster recovery switching

Country Status (1)

Country Link
CN (1) CN114221856A (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7689722B1 (en) * 2002-10-07 2010-03-30 Cisco Technology, Inc. Methods and apparatus for virtual private network fault tolerance
CN102255757A (en) * 2011-08-08 2011-11-23 杭州华三通信技术有限公司 Link switching method and device
CN107181623A (en) * 2017-06-29 2017-09-19 国家电网公司 Information network equipment fault handling method and device
CN109309617A (en) * 2018-08-08 2019-02-05 华为技术有限公司 Disaster tolerance switching method, relevant device and computer storage medium

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7689722B1 (en) * 2002-10-07 2010-03-30 Cisco Technology, Inc. Methods and apparatus for virtual private network fault tolerance
CN102255757A (en) * 2011-08-08 2011-11-23 杭州华三通信技术有限公司 Link switching method and device
CN107181623A (en) * 2017-06-29 2017-09-19 国家电网公司 Information network equipment fault handling method and device
CN109309617A (en) * 2018-08-08 2019-02-05 华为技术有限公司 Disaster tolerance switching method, relevant device and computer storage medium

Similar Documents

Publication Publication Date Title
CN110113435B (en) Method and equipment for cleaning flow
US20230362051A1 (en) Control Plane Device Switching Method and Apparatus, and Forwarding-Control Separation System
CN112491700B (en) Network path adjustment method, system, device, electronic equipment and storage medium
CN112291075B (en) Network fault positioning method and device, computer equipment and storage medium
WO2011157145A2 (en) Main/backup switching method between communication device, communication device, system and service request device
CN106713036B (en) Fault processing method and system for mobile terminal payment system
EP2618523B1 (en) Method, network device and system for ethernet ring protection switching
WO2011157146A2 (en) Main/backup switching method between communication devices, communication device, system and service request device
CN105721191B (en) A kind of link failure processing method, system and wireless backup gateway
CN104994173A (en) Message processing method and system
CN103391303B (en) Service fault noticing method and server using same
CN114363180A (en) Energy-saving control method, device, terminal and storage medium for aggregated link flow
CN105049238A (en) Redundancy backup method and equipment for LTE (Long Term Evolution) gateway equipment exchange subsystem
CN114221856A (en) Control method, device, storage medium and equipment for network disaster recovery switching
WO2015180265A1 (en) Multi-link protection switching method and device
CN110768816B (en) Multimedia service exception protection method and device
CN115333994B (en) Method and device for realizing VPN route rapid convergence and electronic equipment
CN114039907A (en) Method for improving link stability based on network card binding
CN110995581B (en) Method and device for preventing black hole in route, electronic equipment and storage medium
CN107210945A (en) Method and computer network for running computer network
CN113055427B (en) Service-based server cluster access method and device
WO2015158058A1 (en) Method and system for implementing call saving and recovery
WO2015135280A1 (en) Method, system and access router for realizing on demand smart dialing
CN109257444B (en) Load sharing method, device and system
CN107154861A (en) The data transmission method and device of a kind of pile system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination