CN114363211A - Network connectivity verification method of disaster recovery backup system network and related equipment - Google Patents
Network connectivity verification method of disaster recovery backup system network and related equipment Download PDFInfo
- Publication number
- CN114363211A CN114363211A CN202210004576.XA CN202210004576A CN114363211A CN 114363211 A CN114363211 A CN 114363211A CN 202210004576 A CN202210004576 A CN 202210004576A CN 114363211 A CN114363211 A CN 114363211A
- Authority
- CN
- China
- Prior art keywords
- verification
- physical subsystem
- firewall
- verification result
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012795 verification Methods 0.000 title claims abstract description 290
- 238000011084 recovery Methods 0.000 title claims abstract description 83
- 238000000034 method Methods 0.000 title claims abstract description 38
- 238000004519 manufacturing process Methods 0.000 claims abstract description 45
- 238000004891 communication Methods 0.000 claims abstract description 41
- 238000002955 isolation Methods 0.000 claims abstract description 10
- 230000002441 reversible effect Effects 0.000 claims description 90
- 230000000977 initiatory effect Effects 0.000 claims description 13
- 238000005553 drilling Methods 0.000 abstract description 15
- 230000002159 abnormal effect Effects 0.000 description 7
- 238000010586 diagram Methods 0.000 description 7
- 238000004590 computer program Methods 0.000 description 6
- 230000009471 action Effects 0.000 description 3
- 230000008901 benefit Effects 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000005856 abnormality Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000003111 delayed effect Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0805—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
- H04L43/0811—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking connectivity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0654—Management of faults, events, alarms or notifications using network fault recovery
- H04L41/0663—Performing the actions predefined by failover planning, e.g. switching to standby network elements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Environmental & Geological Engineering (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The network communication verification method and related equipment for the disaster recovery system network, provided by the disclosure, are used for obtaining a first physical subsystem to be verified in the disaster recovery system network, wherein the first physical subsystem comprises a production end host, a disaster recovery end host and a firewall, and the firewall is used for performing network isolation on the production end host and the disaster recovery end host; obtaining a second physical subsystem having a business logic association relation with the first physical subsystem; before the firewall is opened, network communication verification is carried out on the disaster backup end host and the second physical subsystem, and first statistical information is obtained; and after the firewall is opened, performing network connectivity verification on the first physical subsystem and the second physical subsystem through the production end host and the disaster backup end host to obtain second statistical information. According to the embodiment of the disclosure, automatic network connectivity verification is performed on the hosts related to the firewall before and after the firewall is opened, and the disaster recovery drilling efficiency can be improved by using the verified statistical information.
Description
Technical Field
The disclosure relates to the technical field of computers, in particular to a network connectivity verification method of a disaster recovery system network and related equipment.
Background
Under the condition that a disaster occurs in a production environment, a firewall between the production system and the disaster recovery system is opened to switch system hosts, and the disaster recovery system is used for replacing the production system to provide services for the outside.
The system host switching is an important link of disaster recovery drilling, and before and after the firewall is opened, the inspection of a network access is necessary, and sufficient network connection verification is not performed, so that the system host switching can fail, and the progress of the whole disaster recovery drilling is delayed.
Disclosure of Invention
In view of the foregoing problems, the present disclosure provides a method for verifying network connectivity of a disaster recovery system network and a related device, which overcome or at least partially solve the foregoing problems, and the technical solution is as follows:
a network connection verification method of a disaster recovery system network comprises the following steps:
obtaining a first physical subsystem to be verified in a disaster recovery system network, wherein the first physical subsystem comprises a production end host, a disaster recovery end host and a firewall, and the firewall is used for performing network isolation on the production end host and the disaster recovery end host;
obtaining a second physical subsystem having a business logic association relation with the first physical subsystem;
before the firewall is opened, network communication verification is carried out on the disaster backup end host and the second physical subsystem, and first statistical information is obtained;
and after the firewall is opened, performing network connectivity verification on the first physical subsystem and the second physical subsystem through the production end host and the disaster backup end host to obtain second statistical information.
Optionally, before the firewall is opened, performing network connectivity verification on the disaster backup host and the second physical subsystem to obtain first statistical information, where the method includes:
before the firewall is opened, the disaster backup end host computer initiates network communication verification to the second physical subsystem to obtain a first forward verification result;
initiating network connectivity verification to the disaster recovery end host by the second physical subsystem to obtain a first reverse verification result;
and obtaining first statistical information according to the first forward verification result and the first reverse verification result.
Optionally, after the firewall is opened, the network connectivity verification is performed on the first physical subsystem and the second physical subsystem through the production end host and the disaster backup end host, and second statistical information is obtained, where the second statistical information includes:
after the firewall is opened, the production end host computer initiates network communication verification to the second physical subsystem to obtain a second forward verification result; the disaster backup end host computer initiates network connectivity verification to the second physical subsystem to obtain a third forward verification result; obtaining system forward verification information according to the second forward verification result and the third forward verification result;
after the firewall is opened, the second physical subsystem initiates network connectivity verification to the production end host to obtain a second reverse verification result; initiating network connectivity verification to the disaster recovery end host by the second physical subsystem to obtain a third reverse verification result; obtaining system reverse verification information according to the second reverse verification result and the third reverse verification result;
and obtaining second statistical information according to the system forward verification information and the system reverse verification information.
Optionally, the network connectivity verification is port connectivity verification performed by a telnet command.
A network connection verification device of a disaster recovery system network comprises: a first physical subsystem obtaining unit, a second physical subsystem obtaining unit, a first statistical information obtaining unit and a second statistical information obtaining unit,
the first physical subsystem obtaining unit is configured to obtain a first physical subsystem to be verified in a disaster backup system network, where the first physical subsystem includes a production-side host, a disaster backup-side host, and a firewall, and the firewall is configured to perform network isolation on the production-side host and the disaster backup-side host;
the second physical subsystem obtaining unit is configured to obtain a second physical subsystem having a service logic association relationship with the first physical subsystem;
the first statistical information obtaining unit is configured to perform network connectivity verification on the disaster backup host and the second physical subsystem before the firewall is opened, so as to obtain first statistical information;
and the second statistical information obtaining unit is configured to perform network connectivity verification on the first physical subsystem and the second physical subsystem through the production-side host and the disaster backup-side host after the firewall is opened, so as to obtain second statistical information.
Optionally, the first statistical information obtaining unit includes: a first forward verification result obtaining subunit, a first reverse verification result obtaining subunit, and a first statistical information obtaining subunit,
the first forward verification result obtaining subunit is configured to, before the firewall is opened, initiate network connectivity verification to the second physical subsystem by the disaster backup end host to obtain a first forward verification result;
the first reverse verification result obtaining subunit is configured to initiate network connectivity verification to the disaster backup end host by the second physical subsystem, and obtain a first reverse verification result;
the first statistical information obtaining subunit is configured to obtain first statistical information according to the first forward verification result and the first reverse verification result.
Optionally, the second statistical information obtaining unit includes: a system forward verification information obtaining subunit, a system reverse verification information obtaining subunit and a second statistical information obtaining subunit,
the system forward verification information obtaining subunit is configured to initiate, by the production-side host computer, network connectivity verification to the second physical subsystem after the firewall is opened, and obtain a second forward verification result; the disaster backup end host computer initiates network connectivity verification to the second physical subsystem to obtain a third forward verification result; obtaining system forward verification information according to the second forward verification result and the third forward verification result;
the system reverse verification information obtaining subunit is configured to initiate, by the second physical subsystem, network connectivity verification to the production-side host computer after the firewall is opened, and obtain a second reverse verification result; initiating network connectivity verification to the disaster recovery end host by the second physical subsystem to obtain a third reverse verification result; obtaining system reverse verification information according to the second reverse verification result and the third reverse verification result;
and the second statistical information obtaining subunit is configured to obtain second statistical information according to the system forward verification information and the system reverse verification information.
Optionally, the network connectivity verification is port connectivity verification performed by a telnet command.
A computer-readable storage medium on which a program is stored, wherein the program, when executed by a processor, implements the network connectivity verification method for a disaster recovery system network according to any one of the above.
An electronic device comprising at least one processor, and at least one memory connected to the processor, a bus; the processor and the memory complete mutual communication through the bus; the processor is used for calling the program instructions in the memory so as to execute any one of the network connection verification methods of the disaster recovery system network.
By means of the technical scheme, the network communication verification method and the related equipment for the disaster recovery backup system network, provided by the disclosure, obtain a first physical subsystem to be verified in the disaster recovery backup system network, wherein the first physical subsystem comprises a production end host, a disaster recovery backup end host and a firewall, and the firewall is used for performing network isolation on the production end host and the disaster recovery backup end host; obtaining a second physical subsystem having a business logic association relation with the first physical subsystem; before the firewall is opened, network communication verification is carried out on the disaster backup end host and the second physical subsystem, and first statistical information is obtained; and after the firewall is opened, performing network connectivity verification on the first physical subsystem and the second physical subsystem through the production end host and the disaster backup end host to obtain second statistical information. According to the embodiment of the disclosure, automatic network connectivity verification is performed on the hosts related to the firewall before and after the firewall is opened, and the disaster recovery drilling efficiency can be improved by using the verified statistical information.
The foregoing description is only an overview of the technical solutions of the present disclosure, and the embodiments of the present disclosure are described below in order to make the technical means of the present disclosure more clearly understood and to make the above and other objects, features, and advantages of the present disclosure more clearly understandable.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the disclosure. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
fig. 1 shows a schematic flowchart of a network connectivity verification method for a disaster recovery system network according to an embodiment of the present disclosure;
fig. 2 shows a schematic flow chart of a network connectivity verification device of a disaster recovery system network according to an embodiment of the present disclosure;
fig. 3 shows a flowchart of an electronic device according to an embodiment of the present disclosure.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
As shown in fig. 1, a schematic flow diagram of a network connectivity verification method for a disaster recovery system network provided in an embodiment of the present disclosure is provided, where the network connectivity verification method for the disaster recovery system network may include:
s100, a first physical subsystem to be verified in the disaster recovery backup system network is obtained, wherein the first physical subsystem comprises a production end host, a disaster recovery backup end host and a firewall, and the firewall is used for carrying out network isolation on the production end host and the disaster recovery backup end host.
The physical subsystem is a logic system comprising a production end deployment unit and a disaster recovery end deployment unit. The physical subsystems and the deployment units are based on the logic concept defined by disaster recovery drilling. The production end deployment unit and the disaster backup end deployment unit can be composed of a physical host and a virtual host. The production end host and the disaster recovery end host in the embodiment of the disclosure mainly refer to a physical host, and when the production end host and the disaster recovery end host are configured, the IP address and the port number of the physical host under the production end deployment unit are determined as the device information of the production end host, and the IP address and the port number of the physical host under the disaster recovery end deployment unit are determined as the device information of the disaster recovery end host.
According to the embodiment of the invention, through the integration of the physical subsystem and the deployment unit, a large batch of host devices can be selected in a targeted manner for network connectivity verification, and the selection of the host devices for executing the network connectivity verification each time can be saved, so that the network connectivity verification repeatedly performed on the same host device can be executed more quickly, and the overall drilling efficiency of disaster recovery drilling is improved.
S200, obtaining a second physical subsystem having a business logic association relation with the first physical subsystem.
It can be understood that, if the first physical subsystem and the second physical subsystem complete the service through interactive cooperation, the first physical subsystem and the second physical subsystem have a service logic association relationship.
And S300, before the firewall is opened, performing network communication verification on the disaster backup host and the second physical subsystem to obtain first statistical information.
Optionally, in the embodiment of the present disclosure, before the firewall is opened, the disaster recovery end host may initiate network connectivity verification to the second physical subsystem, so as to obtain the first forward verification result. And initiating network connectivity verification to the disaster backup end host by the second physical subsystem to obtain a first reverse verification result. And obtaining first statistical information according to the first forward verification result and the first reverse verification result.
Since the network connectivity between the first physical subsystem and the second physical subsystem does not need to be verified before the firewall is opened, the embodiment of the disclosure can only verify the network connectivity of the disaster recovery end host in the first physical subsystem.
Optionally, the network connectivity verification is port connectivity verification performed by a telnet command.
According to the embodiment of the disclosure, before the firewall is opened, the disaster recovery backup end host sends telnet commands to the designated ports connected with the second physical subsystem to perform port connectivity verification, and generates a first forward verification result according to the communication verification result of each designated port.
According to the embodiment of the disclosure, before the firewall is opened, the second physical subsystem sends telnet commands to the designated ports connected with the disaster backup host to perform port connectivity verification, and generates the first reverse verification result according to the communication verification result of each designated port.
The embodiment of the disclosure can compare the first forward verification result with the first reverse verification result, determine whether the first forward verification result is consistent with the first reverse verification result, and generate the first statistical information according to the determination result.
The first statistical information may be first connection success information, first connection failure information, or first connection abnormality information. And under the condition that the first forward verification result is consistent with the first reverse verification result, the first statistical information is first connection success information. And under the condition that the first forward verification result is inconsistent with the first reverse verification result, the first statistical information is first connection failure information. In the actual situation of network connectivity verification before the firewall is opened, the script of the telnet command may not be issued to the host port, so that no connectivity result is returned, and the situation that no connectivity result is returned is classified as first connectivity abnormal information.
Optionally, the first statistical information may include information of each physical subsystem, an IP of the involved host device, a network connectivity verification result, and a network connectivity verification record.
According to the embodiment of the disclosure, the network connectivity of the disaster recovery backup end host of the first physical subsystem to be verified is verified before the firewall is opened, so that the network connectivity of the disaster recovery backup end host can be confirmed before the disaster recovery backup end host is connected to the production environment, technicians can be helped to find out abnormal conditions of the disaster recovery backup end host in time, and the overall drilling efficiency of disaster recovery drilling is improved.
S400, after the firewall is opened, network connectivity verification is carried out on the first physical subsystem and the second physical subsystem through the production end host and the disaster backup end host, and second statistical information is obtained.
Since the firewall is to perform disaster recovery drilling after being opened, the network connectivity between the production end host of the first physical subsystem and the network connectivity between the disaster recovery end host and the second physical subsystem need to be compared for verification.
Optionally, in the embodiment of the present disclosure, after the firewall is opened, the production end host initiates network connectivity verification to the second physical subsystem, and obtains a second forward verification result. And the disaster backup end host computer initiates network communication verification to the second physical subsystem to obtain a third forward verification result. And obtaining the system forward verification information according to the second forward verification result and the third forward verification result.
According to the method and the device for verifying the port connectivity, after the firewall is opened, the production end host sends telnet commands to the designated ports connected with the second physical subsystem to verify the port connectivity, and a second forward verification result is generated according to the communication verification result of the designated ports.
According to the embodiment of the disclosure, after the firewall is opened, the disaster recovery backup end host sends telnet commands to the designated ports connected with the second physical subsystem to perform port connectivity verification, and a third forward verification result is generated according to the communication verification result of each designated port.
The embodiment of the disclosure can compare the second forward verification result with the third forward verification result, determine whether the second forward verification result and the third forward verification result are both normally communicated, and obtain the system forward verification information.
The system forward verification information can be system forward communication success information, system forward communication failure information or system forward communication abnormal information. And under the condition that the second forward verification result and the third forward verification result are both normally communicated, the system forward verification information is system forward communication success information. And under the condition that the second forward verification result and the third forward verification result are not both normally connected, the system forward verification information is system forward connection failure information. In the actual situation of the system forward verification after the firewall is opened, the script of the telnet command may not be issued to the host port, so that a no-connection result is returned, and the situation that the no-connection result is returned is classified as system forward connection abnormal information.
Optionally, in the embodiment of the present disclosure, after the firewall is opened, the second physical subsystem initiates network connectivity verification to the production end host to obtain a second reverse verification result. And initiating network connectivity verification to the disaster backup end host by the second physical subsystem to obtain a third reverse verification result. And obtaining the system reverse verification information according to the second reverse verification result and the third reverse verification result.
According to the embodiment of the disclosure, after the firewall is opened, the second physical subsystem sends telnet commands to the designated ports connected with the production end host computer to verify port connectivity, and generates a second reverse verification result according to the communication verification result of the designated ports.
According to the embodiment of the disclosure, after the firewall is opened, the second physical subsystem sends telnet commands to the designated ports connected with the disaster backup host to perform port connectivity verification, and generates a third reverse verification result according to the communication verification result of each designated port.
The embodiment of the disclosure can compare the second reverse verification result with the third reverse verification result, determine whether the second forward verification result and the third forward verification result are both normally communicated, and obtain the system reverse verification information.
The system reverse verification information may be system reverse connection success information, system reverse connection failure information or system reverse connection abnormal information. And under the condition that the second reverse verification result and the third reverse verification result are both abnormal communication, the system reverse verification information is system reverse communication success information. And under the condition that the second reverse verification result and the third reverse verification result are not both connected abnormally, the system reverse verification information is system reverse connection failure information. In the actual situation of the system reverse verification after the firewall is opened, the script of the telnet command may not be issued to the host port, so that a no-connection result is returned, and the situation that the no-connection result is returned is classified as system reverse connection abnormal information.
Optionally, in the embodiment of the present disclosure, the second statistical information may be obtained according to the system forward verification information and the system reverse verification information.
And under the condition that the system forward verification information is system forward communication success information and the system reverse verification information is system reverse communication success information or the system forward verification information is system forward communication failure information and the system reverse verification information is system reverse communication failure information, the second statistical information comprises information that the system network connectivity verification is positive and negative consistent, otherwise, the second statistical information comprises information that the system network connectivity verification is positive and negative inconsistent. And if the system is in forward communication abnormity and/or in reverse communication abnormity, the second statistical information comprises information of system network connectivity verification forward and reverse abnormity.
Optionally, the second statistical information may include information of each physical subsystem, an IP of the involved host device, a network connectivity verification result, and a network connectivity verification record.
According to the embodiment of the disclosure, after the firewall is opened, the network connectivity of the production end host and the disaster backup end host of the first physical subsystem is verified, so that whether the network connectivity of the production end host and the network connectivity of the disaster backup end host are consistent or not can be determined, technicians can be helped to effectively judge the condition of the host equipment, and a problem host can be quickly positioned, so that the technicians can timely handle the problem host, and the overall drilling efficiency of disaster backup drilling is improved.
Optionally, the network connectivity verification may be performed periodically by the scheduling script, or may be performed immediately.
The network communication verification method for the disaster recovery system network, provided by the disclosure, obtains a first physical subsystem to be verified in the disaster recovery system network, wherein the first physical subsystem comprises a production end host, a disaster recovery end host and a firewall, and the firewall is used for performing network isolation on the production end host and the disaster recovery end host; obtaining a second physical subsystem having a business logic association relation with the first physical subsystem; before the firewall is opened, network communication verification is carried out on the disaster backup end host and the second physical subsystem, and first statistical information is obtained; and after the firewall is opened, performing network connectivity verification on the first physical subsystem and the second physical subsystem through the production end host and the disaster backup end host to obtain second statistical information. According to the embodiment of the disclosure, automatic network connectivity verification is performed on the hosts related to the firewall before and after the firewall is opened, and the disaster recovery drilling efficiency can be improved by using the verified statistical information.
Although the operations are depicted in a particular order, this should not be understood as requiring that such operations be performed in the particular order shown or in sequential order. Under certain circumstances, multitasking and parallel processing may be advantageous.
It should be understood that the various steps recited in the method embodiments of the present disclosure may be performed in a different order, and/or performed in parallel. Moreover, method embodiments may include additional steps and/or omit performing the illustrated steps. The scope of the present disclosure is not limited in this respect.
Corresponding to the above method embodiment, a network connectivity verification apparatus for a disaster recovery system network according to an embodiment of the present disclosure is shown in fig. 2, and may include: a first physical subsystem obtaining unit 100, a second physical subsystem obtaining unit 200, a first statistical information obtaining unit 300, and a second statistical information obtaining unit 400.
A first physical subsystem obtaining unit 100, configured to obtain a first physical subsystem to be verified in a disaster recovery system network, where the first physical subsystem includes a production-side host, a disaster recovery-side host, and a firewall, and the firewall is configured to perform network isolation on the production-side host and the disaster recovery-side host.
The second physical subsystem obtaining unit 200 is configured to obtain a second physical subsystem having a business logic association relationship with the first physical subsystem.
The first statistical information obtaining unit 300 is configured to perform network connectivity verification on the disaster backup host and the second physical subsystem before the firewall is opened, so as to obtain first statistical information.
The second statistical information obtaining unit 400 is configured to perform network connectivity verification on the first physical subsystem and the second physical subsystem through the production-side host and the disaster backup-side host after the firewall is opened, so as to obtain second statistical information.
Optionally, the first statistical information obtaining unit 300 includes: the device comprises a first forward verification result obtaining subunit, a first reverse verification result obtaining subunit and a first statistical information obtaining subunit.
And the first forward verification result obtaining subunit is used for initiating network connection verification to the second physical subsystem by the disaster recovery end host before the firewall is opened, so as to obtain a first forward verification result.
And the first reverse verification result obtaining subunit is used for initiating network connection verification to the disaster recovery end host by the second physical subsystem to obtain a first reverse verification result.
And the first statistical information obtaining subunit is used for obtaining first statistical information according to the first forward verification result and the first reverse verification result.
Optionally, the second statistical information obtaining unit 400 includes: the system forward verification information acquisition subunit, the system reverse verification information acquisition subunit and the second statistical information acquisition subunit.
And the system forward verification information obtaining subunit is used for initiating network communication verification to the second physical subsystem by the production end host computer after the firewall is opened, and obtaining a second forward verification result. And the disaster backup end host computer initiates network communication verification to the second physical subsystem to obtain a third forward verification result. And obtaining the system forward verification information according to the second forward verification result and the third forward verification result.
And the system reverse verification information obtaining subunit is used for initiating network communication verification to the production end host by the second physical subsystem after the firewall is opened, and obtaining a second reverse verification result. And initiating network connectivity verification to the disaster backup end host by the second physical subsystem to obtain a third reverse verification result. And obtaining the system reverse verification information according to the second reverse verification result and the third reverse verification result.
And the second statistical information obtaining subunit is used for obtaining second statistical information according to the system forward verification information and the system reverse verification information.
Optionally, the network connectivity verification is port connectivity verification performed by a telnet command.
The network communication verification device of the disaster recovery system network, provided by the disclosure, obtains a first physical subsystem to be verified in the disaster recovery system network, wherein the first physical subsystem comprises a production end host, a disaster recovery end host and a firewall, and the firewall is used for performing network isolation on the production end host and the disaster recovery end host; obtaining a second physical subsystem having a business logic association relation with the first physical subsystem; before the firewall is opened, network communication verification is carried out on the disaster backup end host and the second physical subsystem, and first statistical information is obtained; and after the firewall is opened, performing network connectivity verification on the first physical subsystem and the second physical subsystem through the production end host and the disaster backup end host to obtain second statistical information. According to the embodiment of the disclosure, automatic network connectivity verification is performed on the hosts related to the firewall before and after the firewall is opened, and the disaster recovery drilling efficiency can be improved by using the verified statistical information.
With regard to the apparatus in the above-described embodiment, the specific manner in which each module performs the operation has been described in detail in the embodiment related to the method, and will not be elaborated here.
The network connectivity verification device of the disaster recovery system network includes a processor and a memory, the first physical subsystem obtaining unit 100, the second physical subsystem obtaining unit 200, the first statistical information obtaining unit 300, the second statistical information obtaining unit 400, and the like are all stored in the memory as program units, and the processor executes the program units stored in the memory to implement corresponding functions.
The processor comprises a kernel, and the kernel calls the corresponding program unit from the memory. The kernel can be set to be one or more than one, automatic network connection verification is carried out on the hosts respectively involved before and after the firewall is opened by adjusting kernel parameters, and the disaster recovery drilling efficiency can be improved by using the verified statistical information.
The embodiment of the disclosure provides a computer-readable storage medium, wherein a program is stored on the computer-readable storage medium, and the program is used for realizing the network connection verification method of the disaster recovery system network when being executed by a processor.
The embodiment of the disclosure provides a processor, wherein the processor is used for running a program, and the program is used for executing a network communication verification method of a disaster recovery system network during running.
As shown in fig. 3, an embodiment of the present disclosure provides an electronic device 1000, where the electronic device 1000 includes at least one processor 1001, and at least one memory 1002 and a bus 1003 connected to the processor 1001; the processor 1001 and the memory 1002 complete communication with each other through the bus 1003; the processor 1001 is configured to call the program instructions in the memory 1002 to execute the network connectivity verification method for the disaster recovery system network. The electronic device herein may be a server, a PC, a PAD, a mobile phone, etc.
The present disclosure also provides a computer program product adapted to execute a program of initializing network connectivity verification method steps of a disaster recovery system network when executed on an electronic device.
The present disclosure is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus, electronic devices (systems), and computer program products according to embodiments of the disclosure. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, an electronic device includes one or more processors (CPUs), memory, and a bus. The electronic device may also include input/output interfaces, network interfaces, and the like.
The memory may include volatile memory in a computer readable medium, Random Access Memory (RAM) and/or nonvolatile memory such as Read Only Memory (ROM) or flash memory (flash RAM), and the memory includes at least one memory chip. The memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
In the description of the present disclosure, it is to be understood that the directions or positional relationships indicated as referring to the terms "upper", "lower", "front", "rear", "left" and "right", etc., are based on the directions or positional relationships shown in the drawings, and are only for convenience of describing the present invention and simplifying the description, but do not indicate or imply that the positions or elements referred to must have specific directions, be constituted and operated in specific directions, and thus, are not to be construed as limitations of the present disclosure.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in the process, method, article, or apparatus that comprises the element.
As will be appreciated by one skilled in the art, embodiments of the present disclosure may be provided as a method, system, or computer program product. Accordingly, the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present disclosure may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and so forth) having computer-usable program code embodied therein.
The above are merely examples of the present disclosure, and are not intended to limit the present disclosure. Various modifications and variations of this disclosure will be apparent to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present disclosure should be included in the scope of the claims of the present disclosure.
Claims (10)
1. A network connection verification method of a disaster recovery system network is characterized by comprising the following steps:
obtaining a first physical subsystem to be verified in a disaster recovery system network, wherein the first physical subsystem comprises a production end host, a disaster recovery end host and a firewall, and the firewall is used for performing network isolation on the production end host and the disaster recovery end host;
obtaining a second physical subsystem having a business logic association relation with the first physical subsystem;
before the firewall is opened, network communication verification is carried out on the disaster backup end host and the second physical subsystem, and first statistical information is obtained;
and after the firewall is opened, performing network connectivity verification on the first physical subsystem and the second physical subsystem through the production end host and the disaster backup end host to obtain second statistical information.
2. The method according to claim 1, wherein the performing network connectivity verification on the disaster backup host and the second physical subsystem before the firewall is opened to obtain first statistical information comprises:
before the firewall is opened, the disaster backup end host computer initiates network communication verification to the second physical subsystem to obtain a first forward verification result;
initiating network connectivity verification to the disaster recovery end host by the second physical subsystem to obtain a first reverse verification result;
and obtaining first statistical information according to the first forward verification result and the first reverse verification result.
3. The method according to claim 1, wherein after the firewall is opened, performing network connectivity verification on the first physical subsystem and the second physical subsystem through the production-side host and the disaster-backup-side host to obtain second statistical information includes:
after the firewall is opened, the production end host computer initiates network communication verification to the second physical subsystem to obtain a second forward verification result; the disaster backup end host computer initiates network connectivity verification to the second physical subsystem to obtain a third forward verification result; obtaining system forward verification information according to the second forward verification result and the third forward verification result;
after the firewall is opened, the second physical subsystem initiates network connectivity verification to the production end host to obtain a second reverse verification result; initiating network connectivity verification to the disaster recovery end host by the second physical subsystem to obtain a third reverse verification result; obtaining system reverse verification information according to the second reverse verification result and the third reverse verification result;
and obtaining second statistical information according to the system forward verification information and the system reverse verification information.
4. Method according to any of claims 1 to 3, wherein said network connectivity verification is a port connectivity verification by telnet command.
5. A network connection verification device of a disaster recovery system network is characterized by comprising: a first physical subsystem obtaining unit, a second physical subsystem obtaining unit, a first statistical information obtaining unit and a second statistical information obtaining unit,
the first physical subsystem obtaining unit is configured to obtain a first physical subsystem to be verified in a disaster backup system network, where the first physical subsystem includes a production-side host, a disaster backup-side host, and a firewall, and the firewall is configured to perform network isolation on the production-side host and the disaster backup-side host;
the second physical subsystem obtaining unit is configured to obtain a second physical subsystem having a service logic association relationship with the first physical subsystem;
the first statistical information obtaining unit is configured to perform network connectivity verification on the disaster backup host and the second physical subsystem before the firewall is opened, so as to obtain first statistical information;
and the second statistical information obtaining unit is configured to perform network connectivity verification on the first physical subsystem and the second physical subsystem through the production-side host and the disaster backup-side host after the firewall is opened, so as to obtain second statistical information.
6. The apparatus according to claim 5, wherein the first statistical information obtaining unit includes: a first forward verification result obtaining subunit, a first reverse verification result obtaining subunit, and a first statistical information obtaining subunit,
the first forward verification result obtaining subunit is configured to, before the firewall is opened, initiate network connectivity verification to the second physical subsystem by the disaster backup end host to obtain a first forward verification result;
the first reverse verification result obtaining subunit is configured to initiate network connectivity verification to the disaster backup end host by the second physical subsystem, and obtain a first reverse verification result;
the first statistical information obtaining subunit is configured to obtain first statistical information according to the first forward verification result and the first reverse verification result.
7. The apparatus of claim 5, wherein the second statistical information obtaining unit comprises: a system forward verification information obtaining subunit, a system reverse verification information obtaining subunit and a second statistical information obtaining subunit,
the system forward verification information obtaining subunit is configured to initiate, by the production-side host computer, network connectivity verification to the second physical subsystem after the firewall is opened, and obtain a second forward verification result; the disaster backup end host computer initiates network connectivity verification to the second physical subsystem to obtain a third forward verification result; obtaining system forward verification information according to the second forward verification result and the third forward verification result;
the system reverse verification information obtaining subunit is configured to initiate, by the second physical subsystem, network connectivity verification to the production-side host computer after the firewall is opened, and obtain a second reverse verification result; initiating network connectivity verification to the disaster recovery end host by the second physical subsystem to obtain a third reverse verification result; obtaining system reverse verification information according to the second reverse verification result and the third reverse verification result;
and the second statistical information obtaining subunit is configured to obtain second statistical information according to the system forward verification information and the system reverse verification information.
8. The apparatus according to any of claims 5 to 7, wherein the network connectivity verification is a port connectivity verification by telnet command.
9. A computer-readable storage medium on which a program is stored, the program realizing a network connectivity verification method of a disaster recovery system network according to any one of claims 1 to 4 when executed by a processor.
10. An electronic device comprising at least one processor, and at least one memory connected to the processor, a bus; the processor and the memory complete mutual communication through the bus; the processor is configured to invoke program instructions in the memory to perform the method of network connectivity verification for a disaster recovery system network as claimed in any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210004576.XA CN114363211A (en) | 2022-01-04 | 2022-01-04 | Network connectivity verification method of disaster recovery backup system network and related equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210004576.XA CN114363211A (en) | 2022-01-04 | 2022-01-04 | Network connectivity verification method of disaster recovery backup system network and related equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114363211A true CN114363211A (en) | 2022-04-15 |
Family
ID=81107698
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210004576.XA Pending CN114363211A (en) | 2022-01-04 | 2022-01-04 | Network connectivity verification method of disaster recovery backup system network and related equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114363211A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115484191A (en) * | 2022-09-16 | 2022-12-16 | 中国农业银行股份有限公司 | Network connectivity verification method and device |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1483270A (en) * | 1999-06-10 | 2004-03-17 | �йȲ��� | Strategy based network architecture |
| JP2008199081A (en) * | 2007-02-08 | 2008-08-28 | Hitachi Ltd | Firewall device and firewall system |
| US20090013210A1 (en) * | 2007-06-19 | 2009-01-08 | Mcintosh P Stuckey | Systems, devices, agents and methods for monitoring and automatic reboot and restoration of computers, local area networks, wireless access points, modems and other hardware |
| CN103166798A (en) * | 2013-03-27 | 2013-06-19 | 山东省计算中心 | Integrated monitoring system for data backup and disaster recovery system and backup and disaster recovery device |
| CN103902666A (en) * | 2014-03-11 | 2014-07-02 | 国家电网公司 | Configuration file collecting and monitoring method based on OGG database replication |
| CN111580929A (en) * | 2020-05-07 | 2020-08-25 | 上海英方软件股份有限公司 | Validity verification system and method based on virtual machine protection data |
| CN113114491A (en) * | 2021-04-01 | 2021-07-13 | 银清科技有限公司 | Method, device and equipment for constructing network topology |
-
2022
- 2022-01-04 CN CN202210004576.XA patent/CN114363211A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1483270A (en) * | 1999-06-10 | 2004-03-17 | �йȲ��� | Strategy based network architecture |
| JP2008199081A (en) * | 2007-02-08 | 2008-08-28 | Hitachi Ltd | Firewall device and firewall system |
| US20090013210A1 (en) * | 2007-06-19 | 2009-01-08 | Mcintosh P Stuckey | Systems, devices, agents and methods for monitoring and automatic reboot and restoration of computers, local area networks, wireless access points, modems and other hardware |
| CN103166798A (en) * | 2013-03-27 | 2013-06-19 | 山东省计算中心 | Integrated monitoring system for data backup and disaster recovery system and backup and disaster recovery device |
| CN103902666A (en) * | 2014-03-11 | 2014-07-02 | 国家电网公司 | Configuration file collecting and monitoring method based on OGG database replication |
| CN111580929A (en) * | 2020-05-07 | 2020-08-25 | 上海英方软件股份有限公司 | Validity verification system and method based on virtual machine protection data |
| CN113114491A (en) * | 2021-04-01 | 2021-07-13 | 银清科技有限公司 | Method, device and equipment for constructing network topology |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115484191A (en) * | 2022-09-16 | 2022-12-16 | 中国农业银行股份有限公司 | Network connectivity verification method and device |
| CN115484191B (en) * | 2022-09-16 | 2024-06-11 | 中国农业银行股份有限公司 | Verification method and device for network connectivity |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104778102A (en) | Master-slave switching method and system | |
| CN106254144A (en) | Fault location platform, Fault Locating Method and device | |
| CN103164523A (en) | Inspection method, device and system of data consistency inspection | |
| CN113900941A (en) | Micro-service processing method, micro-service system, electronic device and storage medium | |
| CN112486719A (en) | Method and equipment for RPC interface call failure processing | |
| CN114363211A (en) | Network connectivity verification method of disaster recovery backup system network and related equipment | |
| CN111078468A (en) | Service rollback method and device under micro-service architecture | |
| CN114609995A (en) | Fault control method, device, system, equipment, medium and product | |
| CN111159298B (en) | Service request processing method and device, electronic equipment and storage medium | |
| CN110968456B (en) | Method and device for processing fault disk in distributed storage system | |
| CN109995931B (en) | Method and device for realizing automatic calling | |
| CN111767330B (en) | Data interaction method and device, electronic equipment and storage medium | |
| CN111124787B (en) | Method, system and equipment for verifying stability of MCS multi-node concurrent dump | |
| CN114297058B (en) | Test method and device | |
| CN113791941B (en) | Method for automatically testing stability of OpenStack cluster and application | |
| CN114090467A (en) | Chip management method, device, chip, processor and equipment | |
| CN116450318A (en) | Task scheduling method, device, equipment, medium and program product | |
| CN114474150A (en) | Stability testing method and system for seven-axis robot | |
| CN118484239A (en) | FRU data refreshing method and device of intelligent network card | |
| CN110766886A (en) | Driving device, method for driving card reader to realize card service and self-service payment system | |
| CN116266178A (en) | Database verification method and device | |
| CN114862572A (en) | Non-explicit processing method based on cross-system service and related equipment | |
| CN116029540A (en) | Risk assessment method and device for front-end code development system | |
| CN116935947A (en) | Automatic detection method and system for rolls | |
| CN116820862A (en) | Memory fault simulation method, device, equipment and machine-readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |