CN116032832A - Route conflict processing system - Google Patents

Route conflict processing system Download PDF

Info

Publication number
CN116032832A
CN116032832A CN202211612957.2A CN202211612957A CN116032832A CN 116032832 A CN116032832 A CN 116032832A CN 202211612957 A CN202211612957 A CN 202211612957A CN 116032832 A CN116032832 A CN 116032832A
Authority
CN
China
Prior art keywords
data
route
conflict
target
routing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211612957.2A
Other languages
Chinese (zh)
Inventor
李雨鑫
胥斌
王彤
张梦元
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Wangtai Technology Development Co ltd
Original Assignee
Beijing Wangtai Technology Development Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Wangtai Technology Development Co ltd filed Critical Beijing Wangtai Technology Development Co ltd
Priority to CN202211612957.2A priority Critical patent/CN116032832A/en
Publication of CN116032832A publication Critical patent/CN116032832A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a routing conflict processing system. The method comprises the steps of calculating service equipment and at least one conflict processing terminal; the conflict processing terminal is used for acquiring target routing data, checking the target routing data through a preset routing conflict judgment rule, determining a first check result, and forwarding the routing data to be checked, which is determined according to the first check result, to the computing service equipment; the computing service equipment checks the route data to be checked through the pre-constructed route conflict judging model, determines a second checking result and sends the second checking result to the corresponding conflict processing terminal; and the conflict processing terminal is also used for carrying out route data recombination according to the first check result and the second check result, determining recombination target route data and sending the recombination target route data to the corresponding target router. According to the technical scheme provided by the embodiment of the invention, the data which possibly have conflict in the routing data are checked at different angles, so that the stability of the overall operation of the network is improved.

Description

Route conflict processing system
Technical Field
The invention relates to the technical field of network communication, in particular to a routing conflict processing system.
Background
Routing refers to the network-wide process of determining an end-to-end path of a packet as it travels from a source to a destination, with routers implementing network interconnections by forwarding packets. For the same network segment in the same time, the routing configuration parameters are required to be unique, and if the uniqueness of the parameter configuration cannot be guaranteed, the routing conflict exists.
However, in the actual network operation process, network abnormal events caused by problems such as route mismatch and mismatching are frequent, and security threat at the regional level and even the national level is often caused. In the current actual network operation and maintenance process, the route configuration itself is generally not checked, so that the problem of route abnormality is difficult to be found directly and quickly, and the problem can be perceived and corresponding measures can be taken after the threat actually occurs and when the problem is difficult to be solved by a route release mechanism.
In the prior art, the specific configuration of the target routers is checked one by one, and the routing anomaly investigation is carried out according to the mode of locating the occurrence point position of the problem of network planning, however, the problem solution is more dependent on the experience technology and the personal capability of operation and maintenance personnel, so that the instability of network operation and maintenance is improved. And the route interaction data is acquired through the simulation router, a route table is constructed to analyze the possible risks in the route interaction, the skill detection finds the route problem existing in the single equipment, and the stability of the network operation is difficult to ensure.
Disclosure of Invention
The invention provides a routing conflict processing system which can carry out conflict verification and routing conflict processing on routing data in a network from different dimensions, effectively avoid the generation of routing conflict, improve the stability of network operation and reduce the resource consumption of network operation and maintenance.
The embodiment of the invention provides a route conflict processing system, which comprises a computing service device and at least one conflict processing terminal, wherein the conflict processing terminal is connected in series in links corresponding to two key routers in a target network, the key routers are determined according to preset service priorities, and each conflict processing terminal is respectively connected with the computing service device in a communication way;
the conflict processing terminal is used for acquiring target routing data, checking the target routing data through a preset routing conflict judgment rule, determining a first check result, and forwarding the routing data to be checked determined according to the first check result to the computing service equipment;
the computing service equipment is used for verifying the route data to be verified through the pre-constructed route conflict judging model, determining a second verification result and sending the second verification result to the corresponding conflict processing terminal;
The conflict processing terminal is also used for carrying out route data recombination according to the first check result and the second check result, determining recombination target route data and sending the recombination target route data to the corresponding target router; the target router is one of two key routers corresponding to the conflict handling terminals.
The embodiment of the invention provides a route conflict processing system, which comprises a computing service device and at least one conflict processing terminal, wherein the conflict processing terminal is connected in series in links corresponding to two key routers in a target network, the key routers are determined according to preset service priorities, and each conflict processing terminal is respectively connected with the computing service device in a communication way; the conflict processing terminal is used for acquiring target routing data, checking the target routing data through a preset routing conflict judgment rule, determining a first check result, and forwarding the routing data to be checked determined according to the first check result to the computing service equipment; the computing service equipment is used for verifying the route data to be verified through the pre-constructed route conflict judging model, determining a second verification result and sending the second verification result to the corresponding conflict processing terminal; the conflict processing terminal is also used for carrying out route data recombination according to the first check result and the second check result, determining recombination target route data and sending the recombination target route data to the corresponding target router; the target router is one of two key routers corresponding to the conflict handling terminals. By adopting the technical scheme, the key routers in the target network are determined according to the service importance degree, the conflict processing terminals for processing the route conflict are connected in series in the links corresponding to the two key routers, meanwhile, the computing service equipment which is in communication connection with each conflict processing terminal is arranged, in the operation process of the target network, the conflict processing terminals grab the target route data in the links where the conflict processing terminals are located, and the target route data is checked once through the route conflict judging rules stored in the local of the conflict processing terminals, so that a first check result is obtained. And forwarding the route data to be verified, which is determined according to the first verification result, to the computing service equipment, and performing secondary verification on the route data to be verified by the computing service equipment through a pre-built route conflict judging model to obtain a second verification result. The conflict processing terminal synthesizes the verification results obtained by the two verifications, reorganizes the target route data, sends the reorganized target route data to the corresponding target router, verifies the data which possibly have conflicts in the route data through different angles, reduces the possibility of the existence of the conflict data in the reorganized target route data, ensures the stability of the corresponding links of the key business in the target network, further improves the stability of the overall operation of the network, reduces the human participation degree in the route conflict processing, and reduces the resource consumption of network operation and maintenance.
It should be understood that the description in this section is not intended to identify key or critical features of the embodiments of the invention or to delineate the scope of the invention. Other features of the present invention will become apparent from the description that follows.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required for the description of the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic structural diagram of a routing conflict processing system according to a first embodiment of the present invention;
fig. 2 is a schematic structural diagram of a routing conflict processing system according to a second embodiment of the present invention;
fig. 3 is a diagram illustrating a structure of another routing conflict processing system according to a second embodiment of the present invention;
fig. 4 is a diagram illustrating a structure of another routing conflict processing system according to a second embodiment of the present invention;
fig. 5 is a schematic structural diagram of a routing conflict processing system according to a third embodiment of the present invention;
Fig. 6 is a diagram illustrating a configuration of another routing conflict processing system according to a third embodiment of the present invention.
Detailed Description
In order that those skilled in the art will better understand the present invention, a technical solution in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present invention without making any inventive effort, shall fall within the scope of the present invention.
It should be noted that the terms "first," "second," and the like in the description and the claims of the present invention and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the invention described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Example 1
Fig. 1 is a schematic structural diagram of a routing conflict processing system according to a first embodiment of the present invention, where the routing conflict processing system 1 includes a computing service device 10 and at least one conflict processing terminal 11, the conflict processing terminals 11 are connected in series in links corresponding to two key routers 20 in a target network, the key routers 20 are determined according to a preset service priority, and each conflict processing terminal 11 is respectively connected with the computing service device 10 in a communication manner.
The conflict processing terminal 11 is configured to obtain target routing data, check the target routing data by using a preset routing conflict discrimination rule, determine a first check result, and forward the routing data to be checked determined according to the first check result to the computing service device 10;
the computing service device 10 is configured to verify the route data to be verified through the pre-constructed route conflict discrimination model, determine a second verification result, and send the second verification result to the corresponding conflict processing terminal 11;
the conflict processing terminal 11 is further configured to perform route data reassembly according to the first check result and the second check result, determine reassembly target route data, and send the reassembly target route data to the corresponding target router 201; the target router is one of two key routers 20 corresponding to the conflict handling terminals.
As shown in fig. 1, in the embodiment of the present invention, an example is taken in which one conflict processing terminal 11 in the route conflict system 1 performs route conflict processing.
In this embodiment, the target network is specifically understood as a network structure including a plurality of routers constructed according to actual service requirements, where different routers can serve different services. The key router 20 is specifically understood as a router serving higher priority traffic among routers corresponding to the target network. The preset service priority can be specifically understood as the importance ranking of different services, which is preset according to the importance of the executable service of the target network. For example, the service may be classified into five priorities according to importance, for example, five is the highest priority, and at this time, a router corresponding to a service with priority of five in the target network may be determined as the key router 20 according to actual requirements, or a router corresponding to a service with priority greater than a preset priority in the target network may be determined as the key router 20.
In the embodiment of the invention, the priority of the service in the target network is determined, so that the key router which needs to perform the routing conflict processing preferentially is determined, the stable execution of the key service in the target network is ensured, and the construction cost of the target network is further reduced.
It can be understood that if route conflict processing needs to be maximized for the target network, a corresponding conflict processing terminal can be set between routers of the target network to perform route conflict processing, that is, all routers in the target network can be implemented as key routers, and in the embodiment of the invention, a part of routers are selected as key routers for example, so that cost of route conflict processing is reduced.
Alternatively, the target network may be a network constructed according to a border gateway protocol (Border Gateway Protocol, BGP), where each router in the target network is a BPG router, that is, a BGP link is a link for transmitting a message between two key routers 20 in the target network.
In this embodiment, the conflict processing terminal 11 is specifically understood to be a device connected in series in the target network, and having data processing capability, for implementing data acquisition and conflict routing filtering. The route conflict processing of the conflict processing terminal 11 is mainly determined according to the route compliance condition in a certain range of the target network. The computing service device 10 is specifically understood to be a device with data processing capabilities that is independent of the existence of the target network, includes modeling the conditions of routers and links in the simulated target network, and is used to determine route collisions from the perspective of the target network as a whole.
In this embodiment, the target routing data may be specifically understood as the routing data captured by the collision processing terminal 11 in the link where the target routing data may include announcement information that causes instability of the network. The preset route conflict judging rule may be specifically understood as a rule which is predetermined according to the location of the conflict processing terminal 11 in the target network and includes a routing address which is accessible by the key router 20 corresponding to the conflict processing terminal 11 and is used for judging whether the content of the route data in the link is in compliance. The first verification result may be specifically understood as a result obtained by the conflict processing terminal 11 performing the route conflict verification in the routing domain where the conflict processing terminal is located on the target routing data. The route data to be checked can be specifically understood as route data which is no problem in the verification of the conflict processing terminal 11 in the target route data and needs to be subjected to secondary verification from different angles by the computing service device 10. The route conflict discrimination model may be specifically understood as a route structure model which is stored in the computing service device 10 and is built in advance according to the target network overall structure plan. The second verification result may be specifically understood as a result obtained after the computing service device 10 performs the route collision verification with respect to the overall structure of the target network on the route data to be verified. Reassembly of target routing data is specifically understood to be target routing data after the announcement data that may cause routing collisions has been removed. The target router 201 may be specifically understood as the key router 20 to which the target routing data is originally sent, among the two key routers 20 corresponding to the conflict processing terminals 11.
Specifically, in the process of constructing the target network, at least two key routers 20 are determined among all routers corresponding to the target network according to the preset service priority, the conflict processing terminals 11 are connected in series to links corresponding to the two key routers 20, and meanwhile, a computing service device 10 corresponding to the target network is arranged outside the target network, so that each conflict processing terminal 11 connected in series in the target network is in communication connection with the computing service device 10. In the process of constructing the target network, a preset route conflict discrimination rule corresponding to the position of each conflict processing terminal 11 in the target network is configured, and a route conflict discrimination model is pre-constructed in the computing service device 10 according to the target network structure.
After the target network starts to work normally, for each conflict processing terminal 11 in the target network, the conflict processing terminal 11 will grasp target route data transferred between two key routers 20 in a link where the conflict processing terminal 11 is located, and perform matching verification on the target route data through a preset route conflict judging rule pre-stored locally to obtain a first verification result, so that route data with route conflict in the target route data can be removed according to the first verification result, and route data to be verified obtained after the conflict data is removed is forwarded to the computing service device 10. After receiving the route data to be checked, the computing service device 10 compares the route data to be checked with the built route conflict judging model to determine route data which possibly has conflict relative to the whole target network in the route data to be checked, further determines a second checking result, and correspondingly sends the second checking result back to the conflict processing terminal 11 giving the route data to be checked. After receiving the second check result, the conflict processing terminal 11 deletes the data with the route conflict from the target route data according to the first check result and the second check result stored by the conflict processing terminal, and reorganizes the route data without the conflict according to the structure of the target route data, so as to obtain reorganized target route data, and determines the key router 20 to which the target route data originally needs to be sent as the target router 201, and sends the reorganized target route data to the target router 201, so as to realize the route conflict processing of the link where the conflict processing terminal 11 is located.
The embodiment of the invention provides a route conflict processing system, which comprises a computing service device and at least one conflict processing terminal, wherein the conflict processing terminal is connected in series in links corresponding to two key routers in a target network, the key routers are determined according to preset service priorities, and each conflict processing terminal is respectively connected with the computing service device in a communication way; the conflict processing terminal is used for acquiring target routing data, checking the target routing data through a preset routing conflict judgment rule, determining a first check result, and forwarding the routing data to be checked determined according to the first check result to the computing service equipment; the computing service equipment is used for verifying the route data to be verified through the pre-constructed route conflict judging model, determining a second verification result and sending the second verification result to the corresponding conflict processing terminal; the conflict processing terminal is also used for carrying out route data recombination according to the first check result and the second check result, determining recombination target route data and sending the recombination target route data to the corresponding target router; the target router is one of two key routers corresponding to the conflict handling terminals. By adopting the technical scheme, the key routers in the target network are determined according to the service importance degree, the conflict processing terminals for processing the route conflict are connected in series in the links corresponding to the two key routers, meanwhile, the computing service equipment which is in communication connection with each conflict processing terminal is arranged, in the operation process of the target network, the conflict processing terminals grab the target route data in the links where the conflict processing terminals are located, and the target route data is checked once through the route conflict judging rules stored in the local of the conflict processing terminals, so that a first check result is obtained. And forwarding the route data to be verified, which is determined according to the first verification result, to the computing service equipment, and performing secondary verification on the route data to be verified by the computing service equipment through a pre-built route conflict judging model to obtain a second verification result. The conflict processing terminal synthesizes the verification results obtained by the two verifications, reorganizes the target route data, sends the reorganized target route data to the corresponding target router, verifies the data which possibly have conflicts in the route data through different angles, reduces the possibility of the existence of the conflict data in the reorganized target route data, ensures the stability of the corresponding links of the key business in the target network, further improves the stability of the overall operation of the network, reduces the human participation degree in the route conflict processing, and reduces the resource consumption of network operation and maintenance.
Example two
Fig. 2 is a schematic structural diagram of a route conflict processing system according to a second embodiment of the present invention, where the technical solution of the present invention is further refined based on the above technical solution, and a method for determining target route data, a specific setting mode of a route conflict discrimination rule in a conflict processing terminal 11, and a mode that the conflict processing terminal 11 performs verification on the target route data are specified. In fig. 2, an example is shown in which one of the conflict processing terminals 11 in the route conflict system 1 performs route conflict processing.
Wherein, conflict processing terminal 11 includes:
the target data determining module 111 is configured to grab routing data in a link corresponding to the conflict processing terminal, and determine address announcement class data in the routing data as target routing data; the target route data comprises address data to be revoked and address data to be updated;
a first verification module 112, configured to match the target routing data with a preset routing conflict discrimination rule, and determine a first verification result according to the matching result;
the to-be-verified data determining module 113 is configured to determine to-be-verified routing data according to the first verification result and the target routing data, and forward the to-be-verified routing data to the computing service device 10;
The data reorganizing module 114 is configured to receive the second check result fed back by the computing service device 10, reorganize the target routing data according to the first check result and the second check result, determine reorganized target routing data, and send the reorganized target routing data to the target router 201 corresponding to the target routing data.
In this embodiment, the target data determining module 111 may be specifically understood as a data processing module in the collision processing terminal 11, which is configured to grab the routing data in the link where the target data determining module is located, and select the routing collision determination data to be performed. The first verification module 112 may be specifically understood as a data processing module that stores a route conflict discrimination rule corresponding to the location of the conflict processing terminal 11 in the conflict processing terminal 11, and may verify the input route data according to the route conflict discrimination rule. The to-be-verified data determining module 113 may be specifically understood as a module in the conflict processing terminal 11, configured to filter the target routing data according to the first verification result obtained by the first verification, so as to obtain and forward the to-be-verified routing data. The data reorganizing module 114 may be specifically understood as a data processing module in the conflict processing terminal 11, which is configured to reorganize and forward the target routing data according to the result of the two checks.
In this embodiment, the routing data may be specifically understood as a data packet generated by the router according to the routing protocol, and optionally, the routing data may include target IP address data, protocol packet data, update message packet data, and the like. Address data to be revoked can be understood as data for announcing route revocation in particular. Address data to be updated may be understood in particular as data for announcing the generation of a new route or for re-address updating an original route.
Specifically, after the construction of the target network is completed, for each conflict processing terminal 11 in the target network, the target data determining module 111 thereof grabs the routing data in the link corresponding to the conflict processing terminal 11. Because the address announcement class data in the routing data can influence the routing direction in the target network, namely the situation of issuing the routing aiming at the same network segment can occur, the address announcement class data in the routing data is extracted after the routing data is analyzed, and the extracted routing data is determined as the target routing data. After obtaining the target route data, the first verification module 112 sequentially matches the preset route conflict discrimination rule with each address announcement data in the target route data, determines data which can cause route conflict in each address announcement data according to a matching result, and further determines a first verification result according to the matching result. The data to be verified determining module 113 may determine, according to the first verification result, that the data with the routing conflict determined by the conflict processing terminal 11 has definitely to be excluded from the data to be sent to the target router 201, and does not need to perform routing conflict correction again, so as to ensure the completeness of the routing conflict verification, at this time, determine the target routing data other than the above data as the routing data to be verified, and forward the routing data to be verified to the computing service device 10 to perform secondary verification. After the computing service device 10 performs secondary verification on the routing data to be verified, a second verification result is fed back to the conflict processing terminal 11, after the second verification result is received, the data reorganization module 114 of the conflict processing terminal 11 can combine the second verification result with the first verification result stored in the conflict processing terminal 11 to determine all data possibly causing routing conflict in the target routing data, the data with the part of the data removed can be regarded as the routing data needing to be sent to the target router 201, at this time, the data with the data removed is reorganized according to the structure of the target routing data to obtain reorganized target routing data, and the reorganized target routing data is sent to the target router 201 corresponding to the target routing data to complete routing communication of the link where the conflict processing terminal 11 is located.
For example, assuming that the link where the conflict processing terminal 11 is located is a BGP link, the target data determining module 111 may be specifically configured to capture update message data in the BGP protocol, forward other protocol message data, and after completing message capturing, parse contents of fields of widthwarten Routes and Network Layer Reachability Information (NLRI) in the update message data in real time, so as to complete extraction of type data related to address announcement therein, determine the extracted address data to be revoked and address data to be updated as target route data, and meanwhile, the target route data should also include basic information for locating a position of the data in the target network, where the basic information indicates link position information.
Further, the data to be verified determining module 113 is specifically configured to: filtering target route data through data corresponding to the first verification result, and determining the target route data which does not contain the data corresponding to the first verification result as route data to be verified; and forwarding the routing data to be verified to the computing service equipment.
Further, the data reorganizing module 114 is specifically configured to: filtering target routing data through data corresponding to the first check result and data corresponding to the second check result, and determining conflict-free routing data; and recombining the conflict-free route data according to the format corresponding to the target route data, determining the recombined target route data, and sending the recombined target route data to a target router corresponding to the target route data.
Specifically, after the first verification module 112 completes verification of the target routing data, a corresponding first verification result may be obtained. The to-be-verified data determining module 113 may determine, according to the first verification result, that data with a routing conflict exists in the target routing data, and filter the target routing data by determining that the data with the routing conflict exists, to obtain filtered target routing data that does not include data corresponding to the first verification result, determine the filtered target routing data as to-be-verified routing data, and forward the to-be-verified routing data to the computing service device 10.
Specifically, after receiving the second verification result, the data reorganizing module 114 may determine all the route data with collision in the target route data according to the first verification result and the second verification result, filter the target route data by determining the route collision, determine the route data without collision, and reorganize the route data without collision according to the format of the target route data, so as to obtain the reorganized target route data that needs to be sent to the target router 201 corresponding to the target route data.
Further, fig. 3 is a diagram illustrating a structural example of another routing conflict processing system according to the second embodiment of the present invention, which is further refined on the basis of the foregoing embodiment, where the conflict processing terminal 11 further includes: the discriminant rule import module 115.
The discriminant rule importing module 115 is used for importing a route conflict discriminant rule determined according to planning information of the target network before starting the target network; the route conflict discrimination rule includes a set of compliant route addresses of links corresponding to the conflict processing terminal 11.
Accordingly, the first verification module 112 is specifically configured to: matching each address to be updated in the address data to be updated with the set of the compliant routing addresses, if the matching fails, determining that the first checking result is free of routing conflict, and determining that the data corresponding to the first checking result is free of data;
otherwise, the address to be updated which is successfully matched is determined to be a first route conflict address, the first check result is determined to be the route conflict, and the first route conflict address is determined to be the data corresponding to the first check result.
In this embodiment, the rule importing module 115 may be specifically understood as a module disposed in the conflict processing terminal 11 and used for initializing the route conflict rule of the conflict processing terminal 11, and may also be understood as a data configuration interface on the conflict processing terminal 11, which is not limited in this embodiment of the present invention. The compliant routing address is specifically understood as a routing address that the conflict processing terminal 11 has announced to be completed and has successfully pointed to the corresponding network segment in the corresponding area of the target network, and is also understood as a corresponding routing address that is occupied, and if the same routing address is announced again, a routing conflict is generated.
Specifically, when the conflict processing terminal 11 is built into the target network and the target network is not yet started, a set of compliant routing addresses of the area where the conflict processing terminal is located needs to be determined according to the route addresses which are announced to be completed in the target network, and the set of compliant routing addresses is determined as a routing conflict discrimination rule of the link corresponding to the conflict processing terminal 11, so that the route addresses which are announced indistinct in the link corresponding to the conflict processing terminal 11 are clear, and the routing conflict discrimination rule is imported and stored to the local area of the conflict processing terminal 11 through the discrimination rule importing module 115. Further, the first verification module 112 may verify the address data to be updated in the target routing data according to the routing conflict discrimination rule, and since the address data to be updated may include a plurality of addresses to be updated, at this time, each address to be updated is matched with each compliant routing address in the compliant routing address set, if each address to be updated fails to match, it may be considered that the updating of the routing address corresponding to the address data to be updated will not cause the routing conflict, at this time, the first verification result is determined to be free of routing conflict, and the data corresponding to the first verification result is determined to be free of data; otherwise, each address to be updated which is successfully matched is determined to be a first route conflict address, the first verification result is determined to be that route conflict exists, and meanwhile the first route conflict address is determined to be data corresponding to the first verification result. Further, the to-be-verified data determining module 113 may filter the first route conflict address from the target route data, determine the filtered data as to-be-verified route data, and forward the to-be-verified route data to the computing service device 10.
In the embodiment of the invention, the route conflict judging rule is imported in advance in the conflict processing terminal 11, so that the target route data can be subjected to primary verification in the conflict processing terminal 11, the first route conflict address which possibly causes the route conflict is screened out, the route data to be verified after the first route conflict address is screened out is further forwarded to the computing service equipment 10 for secondary verification, the calculated amount of the computing service equipment 10 is reduced, the full coverage of the route conflict detection on the target network is ensured, and the running stability and safety of the target network are improved.
Further, fig. 4 is a diagram illustrating a structural example of another routing conflict processing system according to the second embodiment of the present invention, which is further refined on the basis of the foregoing embodiments, where the conflict processing terminal 11 further includes: session maintenance module 116.
The session maintaining module 116 is configured to send a timing message to the key router 20 corresponding to the routing data when the conflict processing terminal 11 captures the routing data, so as to keep the session connection clear.
Specifically, when the target data determining module 111 in the conflict processing terminal 11 grabs the route data in the link, the process is equivalent to hijacking the session to which the route data belongs, and once the session of the transport layer is disconnected, the process of initializing, verifying and the like is performed when the session is reconnected again, which also causes that the hijacked route data is invalid. Therefore, when the conflict processing terminal 11 performs route data grabbing, the session on the corresponding link is taken over by the session maintaining module 116, and a timing message is sent to the key router 20 corresponding to the route data, so as to ensure smooth connection of the session, and further, after the data reorganizing module 114 of the conflict processing terminal 11 completes reorganizing the target route data, the reorganized target route data can be sent to the target router 201 corresponding to the target route data, and take over of the session by the session maintaining module 116 is cancelled, so that the session is normally performed on the link.
According to the technical scheme provided by the embodiment of the invention, the conflict processing terminals are configured with the compliant routing addresses related to the positions of the conflict processing terminals in the target network, so that the conflict processing terminals are used for carrying out primary verification on the collected target routing data, the first routing conflict addresses in the corresponding areas in the target network are not existed in the recombined target routing data, the data quantity sent to the computing service equipment for carrying out secondary verification is reduced, and the data processing speed is improved. Further, through the configured session maintaining module, smoothness of sessions between corresponding key routers is ensured when the conflict processing terminal performs route data grabbing, invalid route data acquisition is avoided, and stability of a target network is improved.
Example III
Fig. 5 is a schematic structural diagram of a route conflict processing system according to a third embodiment of the present invention, where the technical solution of the present invention is further refined based on the above technical solution, and a specific construction manner of a route conflict discrimination model in the computing service device 10 and a manner of verifying route data to be verified in the computing service device 10 are defined. In fig. 5, an example is shown in which one of the conflict processing terminals 11 in the route conflict system 1 performs route conflict processing. Wherein the computing service device 10 comprises:
The first updating module 101 is configured to update the pre-constructed route conflict discrimination model according to the basic information corresponding to the route data to be checked and the address data to be revoked in the route data to be checked, so as to obtain a first updating model;
a second verification module 102, configured to verify address data to be updated in the route data to be verified through the first update model, determine a second verification result, and send the second verification result to a corresponding conflict processing terminal 11;
and a second updating module 103, configured to update the first updating model according to address data to be updated in the route data to be checked and the second checking result, and determine the updated first updating model as a new route conflict judging model.
In this embodiment, the first updating module 101 may be specifically understood as a data processing module in the computing service device 10, which is configured to update the route conflict discrimination model stored in the first updating module before verifying the route data to be verified, so that the updated model more meets the verification requirement. The second verification module 102 may be specifically understood as a data processing module in the computing service device 10, which verifies the route data to be verified, which is input thereto, according to the updated route conflict discrimination model. The second updating module 103 may be specifically understood as a data processing module in the computing service device 10, which updates the route conflict discrimination model by using the route data to be verified, which is free of problems after verification, so that the route conflict discrimination model stored in the computing service device 10 is synchronous with the actual route announcement condition of the target network. Basic information is understood to mean in particular information for locating the routing data to be checked.
Specifically, when the computing service device 10 receives the to-be-verified routing data of one conflict processing terminal 11 in communication connection with the computing service device, it can be considered that the routing conflict verification needs to be performed on the link corresponding to the conflict processing terminal 11, and because the to-be-verified routing data includes two types of address announcement type data of to-be-revoked address data and to-be-updated address data, the to-be-revoked address data is the data for announcing the route revocation in the target network, that is, when the type data is received, some branches in the original routing conflict judging model will be cancelled, and the overall architecture of the routing conflict judging model will be affected. If the route conflict judging model is not updated in advance, a verification result obtained by verifying according to the route conflict judging model is wrong. The computing service device 10 is provided with a first updating module 101, when receiving the routing data to be checked, the computing service device locates the position of the routing data to be checked in the pre-constructed routing conflict discrimination model according to the basic information corresponding to the routing data to be checked, and then determines the corresponding branch of the routing which needs to be declared to be cancelled at the position corresponding to the routing conflict discrimination model according to the address data to be cancelled in the routing data to be checked, and determines the routing conflict discrimination model after the branch is cancelled as the first updating model.
After the first updating module 101 completes updating the route conflict judging model to obtain a first updating model, the second checking module 102 matches address data to be updated in route data to be checked according to the first updating model, determines whether data which coincides with a branch in the first updating model exists in the address data to be updated according to a matching result, further determines a second checking result, and sends the second checking result to the corresponding conflict processing terminal 11. Meanwhile, after determining data which may cause route conflict in the address data to be updated of the route data to be checked according to the second check result, the data which may cause the route conflict in the part can be removed, and the rest of the address data to be updated can be regarded as data to be sent to the target router 201, so that the target network route announcement structure sends changed data, at this time, the first update model can be updated again through the rest of the address data to be updated, and the updated first update model is determined as a new route conflict discrimination model, thereby realizing the change of the route conflict discrimination model along with the change of the actual address, and guaranteeing the accuracy of checking by using the route conflict discrimination model next time.
Further, the second checking module 102 is specifically configured to:
determining address data to be updated in the route data to be checked as intermediate check address data; matching each intermediate check address in the intermediate check address data with the first updating model, if the matching fails, determining that the second check result is free of routing conflict, and determining that the data corresponding to the second check result is free of data; otherwise, the intermediate check address which is successfully matched is determined to be a second route conflict address, the second check result is determined to be that route conflict exists, and the second route conflict address is determined to be data corresponding to the second check result.
Further, the second updating module 103 is specifically configured to:
filtering address data to be updated in the route data to be checked through data corresponding to the second checking result, and determining model updating address data which does not comprise data corresponding to the second checking result; updating the first updating model through the model updating address data, and determining the updated first updating model as a new route conflict judging model.
Specifically, after the first update module 101 completes updating the route conflict discrimination model to obtain a first update model, address data to be updated in the route data to be checked is determined as intermediate check address data. Positioning in a first updating model according to basic information corresponding to the to-be-checked routing data, matching each intermediate checking address in the intermediate checking address data with the first updating model after positioning, and if the matching fails, considering that the routing address corresponding to the to-be-updated address data in the to-be-checked data is updated without causing routing conflict, determining a second checking result as no routing conflict at the moment, and determining data corresponding to the second checking result as no data; otherwise, the intermediate check address which is successfully matched is determined to be a second route conflict address, the second check result is determined to be that route conflict exists, and the second route conflict address is determined to be data corresponding to the second check result. Further, after the second updating module 103 obtains the second checking result, the second updating module may filter the address data to be updated in the routing data to be checked according to the data corresponding to the second checking result, filter the data which may cause the routing conflict corresponding to the second checking result from the address data to be updated, obtain the corresponding model updating address data, update the first updating model according to the model updating geological data, and determine the updated model as a new routing conflict judging model.
Further, fig. 6 is a diagram illustrating a structural example of another routing conflict processing system according to the third embodiment of the present invention, which is further refined on the basis of the foregoing embodiments, where in the computing service device 10, the method further includes: a discriminant model construction module 104;
the discriminant model construction module 104 is configured to construct a route conflict discriminant model according to planning information of the target network before the target network is started; the planning information of the target network comprises all route address information in the target network; the route conflict judging model is constructed in a mode that a tree structure is taken as a basic organization.
Further, the discriminant model building module 104 is specifically configured to:
determining an autonomous domain routing address information set corresponding to an autonomous domain aiming at each autonomous domain in a target network; determining boundary route address information in the autonomous domain route address information set as a root node; extracting the issued route address information corresponding to all issued routes in the autonomous domain from the autonomous domain route address information set; dividing each issued route address information into an intermediate node and a leaf node according to planning information; constructing a routing address tree corresponding to the autonomous domain according to each root node, each intermediate node and each leaf node; and constructing a route conflict judging model according to the distribution condition of the corresponding autonomous domain in the target network by each route address tree.
In this embodiment, the discriminant model construction module 104 may be specifically understood as a set of routers in the network that use the same routing protocol or follow the same routing management policy, and the autonomous domain provided in the computing service device 10 may be specifically understood as a set of routers. The planning information of the target network can be understood as architecture information of different routers in the target network, and information of services targeted by each router.
Specifically, when the conflict processing terminal 11 is built into the target network and the target network is not yet started, the architecture information of different routers is determined based on the planning information of the target network, and then a route conflict judging model is built according to the architectures of the different routers. The planning information of the target network can include routing address information of all routers in the target network, and then a framework of a routing conflict judging model can be built according to the interrelation among different routing address information.
Further, the target network can be divided into a plurality of autonomous domains according to different services, and then all route address information of the target network is divided into autonomous domain route address information sets corresponding to respective autonomous domains according to the different autonomous domains. Since the routing conflict judging model is constructed by taking a tree structure as a basic organization mode, each autonomous domain can be considered as a branch tree in the routing conflict judging model. At this time, boundary route address information in the autonomous domain route address information set can be determined as a root node, and issued route address information corresponding to all issued routes in the autonomous domain is extracted from the autonomous domain route address information set; dividing each issued route address information into an intermediate node and a leaf node according to planning information, further constructing route address trees corresponding to different autonomous domains according to each root node, each intermediate node and each leaf node according to a construction mode of the root node, the intermediate node and the leaf node, and further constructing each route address tree according to the distribution condition of the corresponding autonomous domain in a target network, thereby completing construction of a route conflict judging model.
Further, the first update module 101 performs update of the route conflict discrimination model by determining the basic information corresponding to the route data to be checked and the address data to be revoked, comparing the source IP in the basic information with each root node in each route node tree in the route conflict discrimination model, determining the route node tree corresponding to the route data to be checked, comparing the address data to be revoked with the route node tree, determining whether the route node tree has the same content as the address data to be revoked, if so, deleting the corresponding node in the route node tree, if not, skipping the address to be revoked, and after all the addresses to be revoked in the address data to be revoked are verified, determining the obtained route conflict discrimination model as the first update model.
Further, when verifying the address data to be updated in the route data to be verified according to the first update model, the second verification module 102 first determines the basic information corresponding to the route data to be verified, further compares the source IP in the basic information with each root node in each route node tree in the route conflict discrimination model, finds out a route node tree inconsistent with the root node, compares whether the route node tree contains the address content to be updated, considers the address to be updated as a risk address which can cause route conflict, determines the address to be updated as a second route conflict address, otherwise, continues to compare the next address to be updated until all the address data to be updated are compared, obtains a final second verification result, and sends the second verification result to the corresponding conflict processing terminal 11.
Further, the computing service device 10 may be further configured to periodically send an update command to each conflict processing terminal 11 communicatively connected to the computing service device 10 when the routing data to be checked is not received, so that each conflict processing terminal 11 may disguise as a router and initiate update Bao Wen to a friendly router, receive the routing data fed back in the connection, and process the routing data in the same checking manner as that of the target network when the target network is operating normally, to complete update of the routing conflict discrimination model in the computing service device 10.
According to the technical scheme provided by the embodiment of the invention, the tree-shaped route conflict judging model is constructed, and the route conflict judging model is updated in real time during verification, so that the accuracy of route conflict verification is ensured. Meanwhile, route conflict verification is carried out on route data in the link from two layers of local and whole, so that the data with the occurrence of route conflict can be processed in time, and the running stability of a target network is improved.
The above embodiments do not limit the scope of the present invention. It will be apparent to those skilled in the art that various modifications, combinations, sub-combinations and alternatives are possible, depending on design requirements and other factors. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present invention should be included in the scope of the present invention.

Claims (12)

1. The routing conflict processing system is characterized by comprising a computing service device and at least one conflict processing terminal, wherein the conflict processing terminal is connected in series in links corresponding to two key routers in a target network, the key routers are determined according to preset service priorities, and each conflict processing terminal is respectively in communication connection with the computing service device;
the conflict processing terminal is used for acquiring target routing data, checking the target routing data through a preset routing conflict judging rule, determining a first checking result, and forwarding the routing data to be checked determined according to the first checking result to the computing service equipment;
the computing service equipment is used for verifying the route data to be verified through a pre-constructed route conflict judging model, determining a second verification result and sending the second verification result to a corresponding conflict processing terminal;
the conflict processing terminal is further used for carrying out route data recombination according to the first check result and the second check result, determining recombination target route data and sending the recombination target route data to a corresponding target router; the target router is one of two key routers corresponding to the conflict processing terminal.
2. The system of claim 1, wherein the conflict handling terminal comprises:
the target data determining module is used for capturing the route data in the link corresponding to the conflict processing terminal and determining the address announcement type data in the route data as target route data; the target route data comprises address data to be revoked and address data to be updated;
the first verification module is used for matching the target routing data with the preset routing conflict judgment rule, and determining a first verification result according to a matching result;
the to-be-verified data determining module is used for determining to-be-verified routing data according to the first verification result and the target routing data and forwarding the to-be-verified routing data to the computing service equipment;
the data reorganization module is used for receiving a second check result fed back by the computing service equipment, reorganizing the target route data according to the first check result and the second check result, determining reorganized target route data, and sending the reorganized target route data to a target router corresponding to the target route data.
3. The system of claim 2, wherein the conflict handling terminal further comprises: a discriminant rule importing module;
the judging rule importing module is used for importing a route conflict judging rule determined according to the planning information of the target network before the target network is started;
the route conflict judging rule comprises a set of compliant route addresses of links corresponding to the conflict processing terminals.
4. A system according to claim 3, wherein the first verification module is specifically configured to:
matching each address to be updated in the address data to be updated with the set of compliant routing addresses, if the matching fails, determining the first check result as no routing conflict, and determining the data corresponding to the first check result as no data;
otherwise, the address to be updated which is successfully matched is determined to be a first route conflict address, the first check result is determined to be that route conflict exists, and the first route conflict address is determined to be data corresponding to the first check result.
5. The system according to claim 2, wherein the data to be verified determining module is specifically configured to:
Filtering the target routing data through the data corresponding to the first checking result, and determining the target routing data which does not contain the data corresponding to the first checking result as the routing data to be checked;
and forwarding the routing data to be verified to the computing service equipment.
6. The system according to claim 2, wherein the data reorganization module is specifically configured to:
filtering the target routing data through the data corresponding to the first check result and the data corresponding to the second check result, and determining conflict-free routing data;
and recombining the conflict-free routing data according to the format corresponding to the target routing data, determining recombined target routing data, and sending the recombined target routing data to a target router corresponding to the target routing data.
7. The system of claim 2, wherein the conflict handling terminal further comprises: a session maintaining module;
and the session maintaining module is used for sending a timing message to a key router corresponding to the routing data when the conflict processing terminal grabs the routing data so as to maintain smooth session connection.
8. The system of claim 1, wherein the computing service device comprises:
the first updating module is used for updating the pre-constructed route conflict judging model according to the basic information corresponding to the route data to be checked and the address data to be withdrawn in the route data to be checked to obtain a first updating model;
the second verification module is used for verifying address data to be updated in the route data to be verified through the first updating model, determining a second verification result and sending the second verification result to a corresponding conflict processing terminal;
and the second updating module is used for updating the first updating model according to the address data to be updated in the route data to be checked and the second checking result, and determining the updated first updating model as a new route conflict judging model.
9. The system of claim 8, wherein the computing service device further comprises: a judging model building module;
the judging model constructing module is used for constructing a route conflict judging model according to the planning information of the target network before the target network is started;
The planning information of the target network comprises all route address information in the target network; the routing conflict judging model is constructed in a mode that a tree structure is taken as a basic organization.
10. The system according to claim 9, wherein the discriminant model construction module is specifically configured to:
determining an autonomous domain routing address information set corresponding to each autonomous domain in the target network;
determining boundary route address information in the autonomous domain route address information set as a root node;
extracting published route address information corresponding to all published routes in the autonomous domain from the autonomous domain route address information set;
dividing each piece of issued route address information into an intermediate node and a leaf node according to the planning information;
constructing a routing address tree corresponding to the autonomous domain according to each root node, each intermediate node and each leaf node;
and constructing a route conflict judging model according to the distribution condition of the corresponding autonomous domain in the target network by each route address tree.
11. The system according to claim 8, characterized in that said second checking module is in particular adapted to:
Determining address data to be updated in the routing data to be checked as intermediate checking address data;
matching each intermediate check address in the intermediate check address data with the first updating model, if the matching fails, determining the second check result as no routing conflict, and determining the data corresponding to the second check result as no data;
otherwise, determining the intermediate check address successfully matched as a second route conflict address, determining the second check result as that route conflict exists, and determining the second route conflict address as data corresponding to the second check result.
12. The system according to claim 8, wherein the second updating module is specifically configured to:
filtering address data to be updated in the route data to be checked through the data corresponding to the second checking result, and determining model updating address data which does not comprise the data corresponding to the second checking result;
updating the first updating model through the model updating address data, and determining the updated first updating model as a new route conflict judging model.
CN202211612957.2A 2022-12-15 2022-12-15 Route conflict processing system Pending CN116032832A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211612957.2A CN116032832A (en) 2022-12-15 2022-12-15 Route conflict processing system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211612957.2A CN116032832A (en) 2022-12-15 2022-12-15 Route conflict processing system

Publications (1)

Publication Number Publication Date
CN116032832A true CN116032832A (en) 2023-04-28

Family

ID=86080467

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211612957.2A Pending CN116032832A (en) 2022-12-15 2022-12-15 Route conflict processing system

Country Status (1)

Country Link
CN (1) CN116032832A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030074468A1 (en) * 2001-02-28 2003-04-17 Ho-Yen Chang Methods and system of virtual circuit identification based on bit permutation of link numbers for multi-stage elements
CN103955584A (en) * 2014-05-12 2014-07-30 合肥工业大学 Upper bound optimization method of on-chip network restructuring cache based on multi-path routing
CN108848033A (en) * 2018-06-26 2018-11-20 深圳创维数字技术有限公司 A kind of method, apparatus and storage medium for evading routing conflict
US20200401938A1 (en) * 2019-05-29 2020-12-24 The Board Of Trustees Of The Leland Stanford Junior University Machine learning based generation of ontology for structural and functional mapping
CN113328929A (en) * 2020-02-29 2021-08-31 杭州迪普科技股份有限公司 Route conflict reminding method and device, electronic equipment and computer readable medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030074468A1 (en) * 2001-02-28 2003-04-17 Ho-Yen Chang Methods and system of virtual circuit identification based on bit permutation of link numbers for multi-stage elements
CN103955584A (en) * 2014-05-12 2014-07-30 合肥工业大学 Upper bound optimization method of on-chip network restructuring cache based on multi-path routing
CN108848033A (en) * 2018-06-26 2018-11-20 深圳创维数字技术有限公司 A kind of method, apparatus and storage medium for evading routing conflict
US20200401938A1 (en) * 2019-05-29 2020-12-24 The Board Of Trustees Of The Leland Stanford Junior University Machine learning based generation of ontology for structural and functional mapping
CN113328929A (en) * 2020-02-29 2021-08-31 杭州迪普科技股份有限公司 Route conflict reminding method and device, electronic equipment and computer readable medium

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
EHAB S.ELMALLAH: "《Incremental Routing and Scheduling in Wireless Grids》", 《IEEE》, 4 March 2010 (2010-03-04) *
朱振军: "《基于路由冲突检测的交换开关系统》", 《中国传媒大学学报(自然科学版)》, 31 December 2018 (2018-12-31) *

Similar Documents

Publication Publication Date Title
Feldmann et al. Locating Internet routing instabilities
EP2245792B1 (en) System, method and program for determining failed routers in a network
CN1937589B (en) Routing configuration validation apparatus and methods
CN106126402B (en) The processing method and processing device of accelerator exception
CN101662393B (en) Inter-domain prefix hijack detection and location method
CN102291455B (en) Distributed cluster processing system and message processing method thereof
CN102801738B (en) Distributed DoS (Denial of Service) detection method and system on basis of summary matrices
CN106797328A (en) Collect and analyze selected network traffics
CN107809367A (en) The equipment loading method and SDN controllers, the network equipment of a kind of SDN
JP2014526190A (en) Self-healing recognizable hybrid design of controller-switch connectivity in split architecture system
CN101547125B (en) System and method for abnormal network positioning of autonomous system
CN101917434B (en) Method for verifying intra-domain Internet protocol (IP) source address
US10623278B2 (en) Reactive mechanism for in-situ operation, administration, and maintenance traffic
US8526437B2 (en) Communication system and communication control device
CN107210933A (en) Mechanism for providing from hardware asset information to the equipment of attachment
CN113726665B (en) Updating method of border gateway route based on block chain
CN112769614B (en) Automatic management method of VPN (virtual private network) on demand and intercommunication system of heterogeneous network
US9473384B2 (en) Validating reachability of nodes of a network of an industrial automation and control system
CN116032832A (en) Route conflict processing system
US7688743B2 (en) Tracing routing differences
CN107787020A (en) The method of synchronous topology information and route network element in a kind of SFC networks
JP5433024B2 (en) A method for managing the exchange of data flux in an autonomous communication network
CN112003748B (en) Fault processing method, system, device and storage medium suitable for virtual gateway
CN114844666B (en) Network traffic analysis and reconstruction method and device
JP6460893B2 (en) Communication path monitoring device, communication system, failure determination method, and program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination