CN115102878A - Network security equipment aging test system and method - Google Patents
Network security equipment aging test system and method Download PDFInfo
- Publication number
- CN115102878A CN115102878A CN202210647151.0A CN202210647151A CN115102878A CN 115102878 A CN115102878 A CN 115102878A CN 202210647151 A CN202210647151 A CN 202210647151A CN 115102878 A CN115102878 A CN 115102878A
- Authority
- CN
- China
- Prior art keywords
- network
- network port
- port
- test
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012360 testing method Methods 0.000 title claims abstract description 93
- 230000032683 aging Effects 0.000 title claims abstract description 47
- 238000000034 method Methods 0.000 title claims description 16
- 238000001514 detection method Methods 0.000 claims abstract description 7
- 238000010998 test method Methods 0.000 claims abstract description 6
- 238000004891 communication Methods 0.000 claims description 2
- 238000012986 modification Methods 0.000 description 5
- 230000004048 modification Effects 0.000 description 5
- 230000006855 networking Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 238000007689 inspection Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0805—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
- H04L43/0811—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking connectivity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0823—Errors, e.g. transmission errors
- H04L43/0829—Packet loss
- H04L43/0841—Round trip packet loss
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/14—Arrangements for monitoring or testing data switching networks using software, i.e. software packages
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Environmental & Geological Engineering (AREA)
- Computer Security & Cryptography (AREA)
- Small-Scale Networks (AREA)
Abstract
The application provides a network port aging test system of network security equipment and a test method thereof, comprising a network port detection module and a network port information acquisition module; the network port number of each network safety device is an even number; the network port information acquisition module is used for acquiring network port information, and the network port information comprises the number of network ports and the receiving and sending packet information of each network port; the network port detection module comprises a preset module and a judgment module; the preset module is used for setting an aging test frequency, an aging test time period and a packet loss rate threshold; the judging module judges whether the network port is aged or not according to the content set by the preset module and the receiving and sending packet information of the network port recorded by the network port information acquiring module. The application improves the detection efficiency of the network port and saves the cost.
Description
Technical Field
The application relates to the field of information security, in particular to a system and a method for performing single or batch aging test on network security equipment.
Background
Currently, most of enterprise-level network security products are sold in the form of industrial personal computers, security manufacturers purchase the industrial personal computers from industrial personal computers, and own customized systems are installed in the industrial personal computers, so that various functions of security products are realized. An industrial personal computer used in a network security product usually includes a plurality of network ports, and after the equipment arrives, various inspections need to be performed on the equipment, including performing an aging test on each network port of the equipment in a mode of continuously receiving and sending packets for a long time to verify whether the functions of the receiving and sending packets are normal, whether the receiving and sending operations of network data packets can be continuously performed, and the like.
In a practical working scenario, the conventional aging test method is to install a conventional Linux operating system distribution board on a device, form a network bridge by using a Linux system command for every adjacent pair of network ports in the device, then connect all devices to be aged in series by using a network cable as shown in fig. 1, connect two network ports of a tester to two ends of the serially connected devices to be aged respectively, perform a transceiving packet test, and record a packet loss condition.
The aging method has the following defects: because all the devices are connected in series, when one or more devices fail to cause network failure due to faults, the whole link is failed, the aging test progress of other devices is affected, and the problem of which device occurs cannot be quickly determined at the moment, and only one device fails or a plurality of devices fail cannot be determined, and one device is needed to be checked; similarly, since all the devices are connected in series, when the packet loss rate occurs in one or more devices, it is impossible to quickly determine which device generates the packet loss, and it is impossible to determine whether only one device generates the packet loss or a plurality of devices generate the packet loss at this time, and it is necessary to check one device, which also affects the aging tests of other devices; in addition, the existing test mode has no special aging test system, and the aging test configuration of each device cannot be set in a finer granularity; the existing test mode also needs an additional receiving and sending packet tester, which increases the test cost.
Disclosure of Invention
In order to solve the problem, the application provides a network port aging test system of network security equipment, which comprises a network port detection module and a network port information acquisition module;
the network port number of each network safety device is an even number;
the network port information acquisition module is used for acquiring network port information, and the network port information comprises the number of network ports and the receiving and sending packet information of each network port;
the network port detection module comprises a preset module and a judgment module; the preset module is used for setting an aging test frequency, an aging test time period and a packet loss rate threshold; the judging module judges whether the network port is aged or not according to the content set by the preset module and the receiving and sending packet information of the network port recorded by the network port information acquiring module.
The application also provides a method for using the network port aging test system of the network security equipment, which comprises the following steps:
s10, scanning the network ports of the network security equipment, and recording the information of each network port;
s11, connecting two network ports on the same network security device by network cables to form a ring network for communication test, wherein two network ports of each ring network can receive and send packets mutually; wherein, the network ports of each ring network are not repeated;
and S12, sending and receiving packets to all the network ports in a preset test time period, testing the connectivity of all the ring networks at a preset test frequency, and judging whether the network ports are aged according to the test result.
In step S11, the odd-numbered net ports on the same network security device and the even-numbered net ports adjacent to the odd-numbered net ports are preferably connected by net wires.
Preferably, in step S12, the method for performing connectivity test on the ring network includes:
setting a packet loss rate threshold value as Q; setting the packet loss rate of the network port in a test time period T, testing the packet loss rate of the network port by using a test frequency P, and setting the packet loss rate of the ith network port obtained at a test node Tj as Qj;
and when the packet loss rate Qj of the ith network port is greater than Q, judging that the ith network port is aged at the test node Tj.
Preferably, in step S12, the method further includes:
the number G0 of the transceiving packets at the time point T0 before the test period T is set as the basic number of transceiving packets of the ith network port, the transceiving packets of the ith network port are continuously transmitted and received within the test period T by the basic number G0 of the transceiving packets, and the packet loss rate of the ith network port at the test node Tj can be obtained according to the difference between the number G1 of the transceiving packets obtained by the ith network port at the test node Tj and the basic number G0 of the transceiving packets of the ith network port.
Preferably, in step 12, the method further includes: and binding the aging test result with the corresponding network security equipment through the unique identifier of each network security equipment, so that the aging test result can be read only in the unique network security equipment.
The beneficial effect that this application realized is as follows:
all the devices to be tested are independent of each other, and the aging test results of other devices cannot be inaccurate due to the fact that one device is in a problem. In addition, each device can execute multiple aging tests, the results of each aging test are stored on the corresponding device, and an administrator can check historical results at any time. The method and the device use physical networking, a pair of adjacent physical network ports are connected through network cables to form a plurality of groups of annular networks, and convenience is provided for physical connectivity test of the network ports and network port packet loss rate calculation. Meanwhile, the invention saves a tester specially used for testing and saves the cost.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments described in the present application, and other drawings can be obtained by those skilled in the art according to the drawings.
Fig. 1 is a connection structure diagram of a plurality of devices undergoing burn-in test by using a tester in the prior art.
Fig. 2 is a diagram illustrating a connection structure of network ports of a plurality of devices during a test performed by the network port aging test system of the present application.
Fig. 3 is a flowchart illustrating steps of an embodiment of a method for burn-in testing of a network interface.
Detailed Description
The technical solutions in the embodiments of the present application are clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some, but not all, embodiments of the present application. All other embodiments obtained by a person skilled in the art based on the embodiments in the present application without making any creative effort belong to the protection scope of the present application.
As shown in fig. 2, the present application provides a system for testing network interface aging of network security devices, where the system includes one or more network security devices, and the number of network interfaces of each network security device is an even number;
connecting an odd network port on the same network safety equipment with an even network port adjacent to the odd network port by using a network cable to serve as an annular networking for communicating and testing, wherein two network ports of each annular networking can mutually receive and send packets; wherein, the network ports of each ring network are not repeated.
Each ring network is connected with a pair of adjacent physical network ports by network cables to form a plurality of groups of ring networks.
For example, the system includes A, B, C three network security devices, and network security device a includes 6 net ports, which are numbered as 1,2,3,4,5, and 6 in sequence, then net ports 1 and 2 are connected by net cables, 3 and 4 are connected by net cables, and 4 and 6 are connected by net cables. And A, B, C are not connected with each other. The odd number net gapes on the same network security equipment are connected with the even number net gapes adjacent to the odd number net gapes through the net cables, the testing is convenient by using the mode, the extremely short net cables can be used, the possibility that the net cables are out of order per se is eliminated in a large probability, the plugging and the unplugging are convenient, and the net gapes are prevented from being overlooked.
And transmitting and receiving packets to all network ports within a preset test time period of the system, testing the connectivity of all ring-shaped networks at a preset test frequency, and judging whether the network ports are aged according to a test result.
The method comprises the following specific steps: scanning all network ports in the equipment, collecting all network port information, and obtaining the number of the network ports on the equipment;
automatically checking the number of the network ports of the current equipment, confirming that the number of the network ports is an even number, and forming a pair of adjacent network ports without the occurrence of the condition of a single residual network port;
connecting each pair of network ports by using network cables, testing the connectivity of each pair of network ports, ensuring that the network ports are communicated and can receive and send packets mutually, if not, prompting a user to confirm whether the corresponding network ports are connected with the network cables or checking whether faults exist, and if so, continuing;
setting the duration of the aging test of the equipment, and if the duration is not set, automatically setting the duration as a preset default duration;
acquiring the current receiving and sending packet counts of all the network ports as counting reference values before aging test;
starting to perform aging test on all the network ports, and executing packet sending operation on all the network ports;
in the process of executing the aging test, checking the packet loss count of each network port at regular intervals and calculating the packet loss rate, and if the packet loss rate exceeds a preset threshold value, exiting the aging test in advance; if the threshold is not exceeded, continuing;
the specific method for performing connectivity test on the ring network comprises the following steps:
setting a packet loss rate threshold value as Q; setting a first test time point in the test time period T to obtain the packet loss rate Qi of the network port 1; setting the receiving and sending packet count of the zeroth test time point before the test time period T as the basic receiving and sending packet number of the network port 1; according to the number of the transceiving packets obtained by the network port 1 at the first test time point and the basic transceiving packet number of the network port 1, the packet loss rate of the network port 1 can be calculated.
And when the packet loss rate Qi of the network port 1 is larger than Q, judging that the network port 1 is aged at the first test time point.
And after the aging test is finished, counting the number of the receiving and sending packets of each network port again, displaying an aging test result, storing the aging test result in the system, and checking the aging test result of each time by an administrator at any time.
In addition, the aging log and the history are stored in an encrypted form for subsequent inspection, and the manufacturer is prevented from tampering and copying. Specifically, the aging test result can be bound with the current device through the unique identifier of the device, and the aging test result can only be read in the current device, so that the aging test result of a single device is prevented from being tampered or multiplexed by other devices.
While the preferred embodiments of the present application have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including the preferred embodiment and all changes and modifications that fall within the scope of the present application. It will be apparent to those skilled in the art that various changes and modifications may be made in the present application without departing from the spirit and scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is also intended to include such modifications and variations.
Claims (6)
1. A network port aging test system of network security equipment is characterized by comprising a network port detection module and a network port information acquisition module;
the network port number of each network safety device is an even number;
the network port information acquisition module is used for acquiring network port information, and the network port information comprises the number of network ports and the receiving and sending packet information of each network port;
the network port detection module comprises a preset module and a judgment module; the preset module is used for setting an aging test frequency, an aging test time period and a packet loss rate threshold; the judging module judges whether the network port is aged or not according to the content set by the preset module and the receiving and sending packet information of the network port recorded by the network port information acquiring module.
2. A method for using the network interface aging test system of the network security device of claim 1, characterized by the steps of:
s10, scanning the network ports of the network security equipment, and recording the information of each network port;
s11, connecting two net mouths on the same network safety device by using a network cable to form ring-shaped networks for communication test, wherein two net mouths included in each ring-shaped network can mutually receive and send packets; wherein, the network ports of each ring network are not repeated;
and S12, transmitting and receiving packets to all network ports in a preset test time period, testing the connectivity of all ring-shaped networks at a preset test frequency, and judging whether the network ports are aged according to the test result.
3. The network security device port aging test method of claim 2, wherein in step S11, the odd port on the same network security device and the even port adjacent to the odd port are connected by a network cable.
4. The network port aging test method of network security device of claim 2, wherein in step S12, the method for performing connectivity test on the ring network comprises:
setting a packet loss rate threshold value as Q; setting the packet loss rate of the network port in a test time period T, testing the packet loss rate of the network port by using a test frequency P, and setting the packet loss rate of the ith network port obtained at a test node Tj as Qj;
and when the packet loss rate Qj of the ith network port is larger than Q, judging that the ith network port is aged at the test node Tj.
5. The network security device portal aging test method of claim 2, wherein in step S12, the method further comprises:
the number G0 of the transceiving packets at the time point T0 before the test period T is set as the basic number of transceiving packets of the ith network port, the transceiving packets of the ith network port are continuously transmitted and received within the test period T by the basic number G0 of the transceiving packets, and the packet loss rate of the ith network port at the test node Tj can be obtained according to the difference between the number G1 of the transceiving packets obtained by the ith network port at the test node Tj and the basic number G0 of the transceiving packets of the ith network port.
6. The network port aging test method of the network security device according to claim 2, further comprising, in step 12: and binding the aging test result with the corresponding network security equipment through the unique identifier of each network security equipment, so that the aging test result can only be read in the unique network security equipment.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210647151.0A CN115102878A (en) | 2022-06-08 | 2022-06-08 | Network security equipment aging test system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210647151.0A CN115102878A (en) | 2022-06-08 | 2022-06-08 | Network security equipment aging test system and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115102878A true CN115102878A (en) | 2022-09-23 |
Family
ID=83289587
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210647151.0A Pending CN115102878A (en) | 2022-06-08 | 2022-06-08 | Network security equipment aging test system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115102878A (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101877658A (en) * | 2010-06-30 | 2010-11-03 | 中兴通讯股份有限公司 | Method and device for detecting network port performance of IPTV set-top box |
| CN103139012A (en) * | 2012-12-03 | 2013-06-05 | 深圳市共进电子股份有限公司 | Ethernet port test method and network devices |
| CN104506391A (en) * | 2015-01-04 | 2015-04-08 | 中国联合网络通信集团有限公司 | Method and device for testing private Ethernet line |
| US10200877B1 (en) * | 2015-05-14 | 2019-02-05 | Roger Ray Skidmore | Systems and methods for telecommunications network design, improvement, expansion, and deployment |
| CN109361568A (en) * | 2018-11-21 | 2019-02-19 | 杭州迪普科技股份有限公司 | The ageing testing method and device of the network equipment |
-
2022
- 2022-06-08 CN CN202210647151.0A patent/CN115102878A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101877658A (en) * | 2010-06-30 | 2010-11-03 | 中兴通讯股份有限公司 | Method and device for detecting network port performance of IPTV set-top box |
| CN103139012A (en) * | 2012-12-03 | 2013-06-05 | 深圳市共进电子股份有限公司 | Ethernet port test method and network devices |
| CN104506391A (en) * | 2015-01-04 | 2015-04-08 | 中国联合网络通信集团有限公司 | Method and device for testing private Ethernet line |
| US10200877B1 (en) * | 2015-05-14 | 2019-02-05 | Roger Ray Skidmore | Systems and methods for telecommunications network design, improvement, expansion, and deployment |
| CN109361568A (en) * | 2018-11-21 | 2019-02-19 | 杭州迪普科技股份有限公司 | The ageing testing method and device of the network equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105700509B (en) | Car-mounted terminal detection method and device based on CAN | |
| US9678131B2 (en) | Method and apparatus for short fault isolation in a controller area network | |
| US9110951B2 (en) | Method and apparatus for isolating a fault in a controller area network | |
| CN109104329B (en) | System for testing compatibility of router and network card | |
| CN110708715B (en) | Service fault finding method and device for 5G base station | |
| US10613963B2 (en) | Intelligent packet analyzer circuits, systems, and methods | |
| CN110646723B (en) | Bus interface test circuit and method | |
| US7719992B1 (en) | System for proactive time domain reflectometry | |
| CN101800672A (en) | Equipment detection method and equipment | |
| CN115102878A (en) | Network security equipment aging test system and method | |
| CN115623464B (en) | Fault processing method and device for Bluetooth module of electric energy meter and electric energy meter | |
| CN110768871A (en) | Test method and system for automatically counting data transmission correctness of DCS (distributed control system) | |
| CN116319475A (en) | Signal analysis method, device, equipment and storage medium | |
| CN110943759A (en) | Electric power communication link data checking method based on depth-first search algorithm | |
| US6424628B1 (en) | Analyzing signals | |
| CN113872827B (en) | Method and device for analyzing snakelike test failure of switch and storage medium | |
| CN113009246B (en) | PSE device detection device and PSE device detection method | |
| CN115118646A (en) | Data interaction method and device for switch test system and electronic equipment | |
| CN109302322B (en) | Test system and method for improving test accuracy of nuclear security level network | |
| CN111090553B (en) | Test system, test method and test device | |
| CN103378992A (en) | Bus data test method for home bus system and apparatus | |
| US6122755A (en) | Method and apparatus for functional test of communication port | |
| CN112363931A (en) | Web system testing method and device | |
| CN105044552A (en) | Fault diagnosis method, system and device for distribution network automation system | |
| JP2900781B2 (en) | Cable connection abnormality detection circuit and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20220923 |
|
| RJ01 | Rejection of invention patent application after publication |