CN116846805A - Service path planning method and related equipment - Google Patents
Service path planning method and related equipment Download PDFInfo
- Publication number
- CN116846805A CN116846805A CN202310621233.2A CN202310621233A CN116846805A CN 116846805 A CN116846805 A CN 116846805A CN 202310621233 A CN202310621233 A CN 202310621233A CN 116846805 A CN116846805 A CN 116846805A
- Authority
- CN
- China
- Prior art keywords
- path
- security
- service
- service request
- security level
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 62
- 230000015556 catabolic process Effects 0.000 claims abstract description 43
- 238000006731 degradation reaction Methods 0.000 claims abstract description 43
- 238000004590 computer program Methods 0.000 claims description 3
- 230000008569 process Effects 0.000 abstract description 8
- 230000003287 optical effect Effects 0.000 description 57
- 238000004891 communication Methods 0.000 description 12
- 230000005540 biological transmission Effects 0.000 description 7
- 238000010586 diagram Methods 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/14—Routing performance; Theoretical aspects
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/12—Discovery or management of network topologies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/02—Topology update or discovery
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/02—Topology update or discovery
- H04L45/036—Updating the topology between route computation elements, e.g. between OpenFlow controllers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/24—Multipath
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The application provides a service path planning method and related equipment. The method comprises the following steps: dividing the security level of each path in the acquired network topology to obtain at least three path security levels; acquiring a service request; the service request includes: security requirements and security degradation tolerance values; planning a path for the service request based on the path security level and the security requirement, and acquiring a first path; and planning a path for the service request based on the path security level, the security requirement and the security degradation tolerance value, and acquiring a second path. The embodiment of the application ensures that the service corresponding to the security level is matched with the path corresponding to the security level by dividing the service path and the service per se, and adopts a security degradation scheme in the process of selecting the protection path, thereby improving the utilization rate of the whole resources in the network, improving the success rate of the service and ensuring the rationality of the protection path.
Description
Technical Field
The present application relates to the field of optical network technologies, and in particular, to a service path planning method and related devices.
Background
In the prior art, for an endogenous safety optical network, survivability of the endogenous safety network is not considered in a path planning process for a service with safety requirements. Therefore, when the link fails, the service is not guaranteed to continue. Therefore, in an endogenous safety optical network, protection against services with different safety requirements becomes a new problem.
Existing protection techniques typically consider conventional optical networks, and do not consider the physical layer security attributes of new network devices when providing working and protection paths for services. This is therefore not applicable to traffic with security requirements, otherwise conventional survivability methods of optical networks.
Disclosure of Invention
In view of the above, the present application is directed to a method and related apparatus for planning a service path.
Based on the above object, the present application provides a service path planning method, including:
dividing the security level of each path in the acquired network topology to obtain at least three path security levels;
acquiring a service request; the service request includes: security requirements and security degradation tolerance values;
planning a path for the service request based on the path security level and the security requirement, and acquiring a first path;
and planning a path for the service request based on the path security level, the security requirement and the security degradation tolerance value, and acquiring a second path.
In one possible implementation manner, the dividing the security level of each path in the acquired network topology to obtain at least three path security levels includes:
and dividing the security level of the path based on the key generation rate of the path to obtain at least three path security levels.
In one possible implementation manner, the planning a path for the service request based on the path security level and the security requirement, and acquiring a first path includes:
selecting at least one third path based on a first security constraint of a preset path; the first security constraint of the path includes: the path security level of the first path is greater than or equal to the security requirement;
and taking the path with the lowest path security level in the third path as the first path.
In one possible implementation, the method further includes: selecting at least one fourth path based on bandwidth resource constraint of a preset path; the third path includes the fourth path; the bandwidth resource constraint of the path includes: and the bandwidth resource of the first path is larger than or equal to the bandwidth resource of the service request.
In one possible implementation manner, the planning a path for the service request based on the path security level, the security requirement, and the security degradation tolerance value, and acquiring a second path include:
selecting at least one fifth path based on a second security constraint of the preset path; the second security constraint includes: the path security level of the second path is greater than or equal to the difference value between the security requirement and the security degradation tolerance value of the service request;
and taking the path with the lowest path security level in the fifth path as the second path.
In one possible implementation, the method further includes: selecting at least one sixth path based on the non-coincidence constraint of a first path and a second path of a preset path on a physical link; the fifth path includes the sixth path; the first path and the second path are not coincident constraint on a physical link, and the method comprises the following steps: the physical links of the first path are not coincident with the physical links of the second path.
In one possible implementation, the method further includes: and the first path and the second path succeed or fail simultaneously when being acquired.
Based on the same inventive concept, the embodiment of the application also provides a service path planning device, which comprises:
the dividing module is configured to divide the security level of each path in the acquired network topology to obtain at least three path security levels;
the acquisition module is configured to acquire a service request; the service request includes: security requirements and security degradation tolerance values;
the first path acquisition module is configured to plan a path for the service request based on the path security level and the security requirement, and acquire a first path;
and a second path acquisition module configured to plan a path for the service request based on the path security level, the security requirement, and the security degradation tolerance value, and acquire a second path.
Based on the same inventive concept, the embodiment of the application also provides an electronic device, which comprises a memory, a processor and a computer program stored on the memory and capable of running on the processor, wherein the processor realizes the business path planning method according to any one of the above when executing the program.
Based on the same inventive concept, the embodiments of the present application further provide a non-transitory computer readable storage medium storing computer instructions for causing the computer to execute any one of the above-mentioned traffic path planning methods.
As can be seen from the above, the service path planning method and the related device provided by the present application obtain at least three path security levels by dividing the security level of each path in the acquired network topology; acquiring a service request; the service request includes: security requirements and security degradation tolerance values; planning a path for the service request based on the path security level and the security requirement, and acquiring a first path; and planning a path for the service request based on the path security level, the security requirement and the security degradation tolerance value, and acquiring a second path. The embodiment of the application considers the survivability of the endogenous safe optical network by setting the protection path for the working path, so that the transmission of network service can still be ensured when the link fails for the service with the safety requirement, and the corresponding path safety level is set by the corresponding service transmission path according to the safety requirement of the service, thereby not only providing safety for the service, but also providing protection for the service and improving the reliability of the whole safe optical network. In the process of protecting path selection, a safety degradation scheme is adopted, so that the utilization rate of the whole resources in the network is improved, the success rate of the service is also improved, and meanwhile, the rationality of the protecting path is also ensured.
Drawings
In order to more clearly illustrate the technical solutions of the present application or related art, the drawings that are required to be used in the description of the embodiments or related art will be briefly described below, and it is apparent that the drawings in the following description are only embodiments of the present application, and other drawings may be obtained according to the drawings without inventive effort to those of ordinary skill in the art.
Fig. 1 is a flow chart of a service path planning method according to an embodiment of the present application;
FIG. 2 is a schematic diagram of a network topology according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of a service path planning apparatus according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of an electronic device according to an embodiment of the application.
Detailed Description
The present application will be further described in detail below with reference to specific embodiments and with reference to the accompanying drawings, in order to make the objects, technical solutions and advantages of the present application more apparent.
It should be noted that unless otherwise defined, technical or scientific terms used in the embodiments of the present application should be given the ordinary meaning as understood by one of ordinary skill in the art to which the present application belongs. The terms "first," "second," and the like, as used in embodiments of the present application, do not denote any order, quantity, or importance, but rather are used to distinguish one element from another. The word "comprising" or "comprises", and the like, means that elements or items preceding the word are included in the element or item listed after the word and equivalents thereof, but does not exclude other elements or items. The terms "connected" or "connected," and the like, are not limited to physical or mechanical connections, but may include electrical connections, whether direct or indirect. "upper", "lower", "left", "right", etc. are used merely to indicate relative positional relationships, which may also be changed when the absolute position of the object to be described is changed.
As described in the background section, in the prior art, for the in-house secure optical network, survivability of the in-house secure network is not considered in the path planning process for the service with the security requirement. The endogenous safety optical network does not depend on an additional external negotiation process, and the communication system itself realizes the mode of the endogenous safety optical network for information transmission. Therefore, when the link fails, the service is not guaranteed to continue. Therefore, in an endogenous safety optical network, protection against services with different safety requirements becomes a new problem.
Existing protection techniques typically consider conventional optical networks, and do not consider the physical layer security attributes of new network devices when providing working and protection paths for services. This is therefore not applicable to traffic with security requirements, otherwise conventional survivability methods of optical networks.
In view of the above, the embodiment of the present application provides a service path planning method, which obtains at least three path security levels by dividing the security level of each path in the acquired network topology; acquiring a service request; the service request includes: security requirements and security degradation tolerance values; planning a path for the service request based on the path security level and the security requirement, and acquiring a first path; and planning a path for the service request based on the path security level, the security requirement and the security degradation tolerance value, and acquiring a second path. The embodiment of the application distinguishes the safety level of the service by aiming at the service in the endogenous safety optical network, and correspondingly divides the safety level of the path for transmitting the service, so that the transmission path suitable for the safety of the service can be effectively selected when the service is transmitted, the safety requirements of different users are met, and the safety of the service with different safety requirements is effectively ensured. In addition, a concept of a safety degradation tolerance value is introduced for the service, so that the service can more quickly select a corresponding protection path after the working path fails, resources consumed by the protection path are greatly reduced because of the safety degradation tolerance value, and the safety degradation tolerance value is set to be not too high, so that the resource is saved and the safety of the service can be ensured. In summary, the survivability of the endogenous safe optical network is considered, so that when the link fails, the service with the safety requirement can still ensure that the network can provide safety and protection, and the reliability of the whole safe optical network is improved. In the process of protecting path selection, a safety degradation scheme is adopted, so that the utilization rate of the whole resources in the network is improved, the success rate of the service is also improved, and meanwhile, the rationality of the protecting path is also ensured.
The technical scheme of the embodiment of the application is described in detail by specific embodiments.
Referring to fig. 1, the service path planning method according to the embodiment of the present application includes the following steps:
step S101, dividing the security level of each path in the acquired network topology to obtain at least three path security levels;
step S102, obtaining a service request; the service request includes: security requirements and security degradation tolerance values;
step S103, planning a path for the service request based on the path security level and the security requirement, and acquiring a first path;
step S104, planning a path for the service request based on the path security level, the security requirement and the security degradation tolerance value, and acquiring a second path.
For step S101, the step of dividing the security level of each path in the acquired network topology to obtain at least three path security levels includes: and dividing the security level of the path based on the key generation rate of the path to obtain at least three path security levels.
In some embodiments, first, a network topology of a virtual optical network needs to be acquired, and referring to fig. 2, a network topology diagram of an embodiment of the present application is shown.
In some embodiments, the topology of the virtual optical network is represented by G (V, E), where V represents a set of nodes and E represents a set of links. In a virtual topology, there may be multiple paths between two nodes, so we use E (i, j, l) to represent the first between i and j th The optical path is denoted by B (i, j, l) as the first between i and j th The available bandwidth of the optical path. τ (i, j, l) represents the first between i and j th The security level of the optical path. Also, H (i, j, l, m, n) is used to represent the first between i and j because the working path and the protection path are not coincident on the physical link th The optical path is routed through physical links m, n.
In some embodiments, the set of nodes in FIG. 2 is: A. b, C, D, E, F node;
the link set is all paths that can be walked between any two nodes that can be connected together and are shown in the figure, and the detailed description is omitted here because of excessive data in the set, so those skilled in the art can appreciate.
Further, the security level of each path in the acquired network topology needs to be divided.
In some embodiments, with continued reference to fig. 2, the value of the number of bits of the shared key of each optical path is appended to the vicinity of each optical path, and the security level of the three optical paths is divided by calculating the average value of the number of bits of the shared key of each optical path, and it can also be seen from the standard in the upper right corner of fig. 2 how the security level of the paths is divided in this embodiment. Referring to table 1, the security levels of different paths according to the embodiment of the present application are shown.
TABLE 1 Security level for different paths
| Physical link for optical path | Security level | |
| Optical path one | A-B-D | 2 |
| Optical path two | A-C-E-D | 1 |
| Light path III | A-C-E-D | 3 |
It should be noted that the above embodiments of the present application are only illustrative, and the present application can set the dividing method and the dividing level of the path security level by itself, and the number of the dividing levels can be set by itself according to the service requirement. And is not limited to the contents shown in the above embodiments.
In some embodiments, links with large security level numbers are considered high security links and links with small security level numbers are considered low security links. For example, in some embodiments there are five security levels in total, then a security level of 5 is considered a high security link and a security level of 1 is considered a low security link.
For step S102, a service request is acquired. It is an object of the present application to provide and protect services in an in-house secure optical network in combination. In virtual topologies, the lightpaths have been preconfigured, we consider the sub-lightpath service. We denote the connection requirement of each service as D (s, D, b, τ, t), where s and D denote the source node and destination node of the traffic, b denote the bandwidth requirement of the traffic, τ denote the security requirement of the traffic, and t denote the security degradation tolerance value of the traffic.
The security degradation tolerance value is the level number of the security requirement that the service can reduce, and the higher the security requirement of the service is, the higher the security level of the path required by the service is. Therefore, the protection path of the service with high security requirement is not degraded, the security level of the service protection path with medium security requirement is 1 less than that of the service with low security requirement, and the protection path of the service with high security requirement is not degraded, because the service with security requirement 1 can not reduce the requirement.
Aiming at step S103, a proper first path is planned for the service request based on the path security level planned in the previous step and the security requirement of the service itself, and the first path at this time is the path when the service request works, namely the working path.
In some embodiments, the planning a path for the service request based on the path security level and the security requirement, and acquiring the first path includes: selecting at least one third path based on a first security constraint of a preset path; the first security constraint of the path includes: and the path security level of the first path is greater than or equal to the security requirement. And taking the path with the lowest path security level in the third path as the first path.
In some embodiments, the method further comprises: selecting at least one fourth path based on bandwidth resource constraint of a preset path; the third path includes the fourth path; the bandwidth resource constraint of the path includes: and the bandwidth resource of the first path is larger than or equal to the bandwidth resource of the service request.
In some embodiments, the present application may be required to satisfy certain constraints when selecting the first path: the uniqueness of the path is used for ensuring that the service is not subdivided, and one working path is used for bearing traffic, and one protection path is used for backup. The continuity of the paths is used for ensuring that the working paths and the protection paths found by the service are continuous paths, namely, the paths in the paths are connected end to end. The loop-free property of the path ensures that the optical path in front of the source node is not occupied, the optical path behind the destination node is not occupied, namely, the optical path taking the source node as the destination node is not occupied, and the optical path taking the destination node as the source node is not occupied. Meanwhile, the fact that loops do not exist in the light paths before and after the intermediate node is guaranteed. The availability of the path ensures that the optical path selected by the service has enough available bandwidth. The safety level requirement of the path ensures that the path found by the service with the safety requirement has enough safety capability, namely, the safety level of the working path is more than or equal to the safety level of the service requirement, the safety level of the protection path is more than or equal to the value of the safety requirement of the service minus the degradation tolerance, and is less than or equal to the value of the safety requirement of the service. The non-coincident constraint on the physical link ensures that the protection path can be ensured not to simultaneously fail when the working path fails.
For step S104, the planning a path for the service request based on the path security level, the security requirement, and the security degradation tolerance value, and acquiring a second path includes: selecting at least one fifth path based on a second security constraint of the preset path; the second security constraint includes: the path security level of the second path is greater than or equal to the difference value between the security requirement and the security degradation tolerance value of the service request; and taking the path with the lowest path security level in the fifth path as the second path.
In some embodiments, the method further comprises: selecting at least one sixth path based on the non-coincidence constraint of a first path and a second path of a preset path on a physical link; the fifth path includes the sixth path; the first path and the second path are not coincident constraint on a physical link, and the method comprises the following steps: the physical links of the first path are not coincident with the physical links of the second path.
In some embodiments, the method further comprises: and the first path and the second path succeed or fail simultaneously when being acquired.
For the second path, the path constraint is the same as that described above, so that no further description is given here.
It should be noted that the first path and the second path are selected simultaneously, and only can be selected successfully or failed simultaneously. The protection path can be effectively guaranteed to be capable of serving the working path, a one-to-one correspondence exists, and if only one path is selected, the technical effect cannot be achieved in practical application no matter which one is.
In some embodiments, for a connection with traffic demand D (a, D,5,2,1), source node D is a sink node D, bandwidth demand for traffic is 5, security demand is 2, and degradation margin for protection path is 1. Therefore, for the three paths shown in fig. three, for the working path, we need to select the path with a security level greater than or equal to the security requirement of the service, and in the paths meeting the conditions, the path with the lowest security level is preferentially selected, so that the first path is taken as the working path of the service. For the selection of the protection path, the value of subtracting the degradation tolerance from the security requirement is larger than or equal to the value of subtracting the degradation tolerance from the security requirement, and the value of the security requirement of the service is smaller than or equal to the value of the security requirement of the service itself, so that the security level of the alternative path is 1 and 2. Among the paths satisfying the conditions, the path with the lowest security level is preferentially selected, and therefore, the optical path three is used as the protection path of the service.
In some embodiments, the above path constraints are described in detail:
the uniqueness of the path is used for guaranteeing the non-subdivision of the service, and in the transmission process of the service, the service needs to guarantee that only one working path is routed, and meanwhile, only one protection path is used for a backup path of the service when the working path fails; the following formula ensures that the number of traffic flows flowing out from the source node s is equal to the number of traffic flows flowing into the destination node d. At the same time due to W k 、PR k Is a binary variable, so that the number of working paths and protection paths established from the source node s and the destination node d can be ensured to be at most 1.
The continuity of the paths is used for ensuring that the working paths and the protection paths found by the service are continuous paths, namely, the paths in the paths are connected end to end. For intermediate node c, the following formula ensures that the number of lanes occupied by traffic before and after passing through the node is equal, i.e., the lanes are end-to-end.
Loop-free nature of the path refers to the following formula:
for source and sink nodes, ensuring that the optical path in front of the source node is not occupied and the optical path behind the sink node is not occupied; besides the source and destination nodes, the paths before and after the intermediate node are guaranteed not to have loops, and for any intermediate node c, the number of paths before and after the limiting service using node is not more than 1, and the following constraint is carried out:
the availability of the resources ensures that the optical path selected by the service has enough available bandwidth, and the bandwidth resource on the first optical path between the i node pair and the j node pair of the optical path occupied between the source node s and the sink node d is greater than or equal to the bandwidth resource required by the service.
The security constraint security traffic should be mapped onto an optical path with sufficient security capabilities. In particular, the security level of the working path providing optical path should be equal to or suitably higher than the security level required by the service. At the same time, in order to save network resources, the security level of the protection path providing optical path is defined within the range of not lower than the degradation tolerance D, and the security level is selected to be lower than the security level required by the service. The following constraints are made:
working path:
protection path:
the working path and the protection path do not coincide on the physical link:
for the kth serviceAnd the optical path nodes between the i and j occupied by sigma are not overlapped.
The working path and protection path must succeed or fail simultaneously:
W k =R k
wherein i, j represents an end node of the optical path; m, n represent nodes of the physical link; x, y represents an end node of the optical path; s, d represents a source node and a destination node of the service; v represents a set of network nodes; e represents a collection of optical paths in the topology;indicating whether the first optical path between the nodes i and j is routed through the physical nodes m and n, if so, thenOtherwise->K represents the number of service requests; omega k Representing the bandwidth requirement of the kth service in K; l represents the number of security levels; τ ij, Representing the th between node pairs (i, j)Security level of the l available light paths; τ k Representing the security level of the kth service request in K; e represents a collection of optical paths in the topology; v represents a set of network nodes; e (E) ij Representing the number of parallel optical paths between nodes i, j in E; e, e ij, Representing the first optical path between nodes i, j; b (B) ij, Representing the bandwidth of the first optical path between nodes i, j; w (W) k Indicating whether the kth service in K successfully finds the working path. If successful, W k =1, otherwise W k =0;/>Indicating whether the kth service in K will e ij, As a protection path segment. If pass e ij, Routing is performed->Otherwise->PR k Indicating whether the kth service in K successfully finds the protection path. If successful, PR is k =1, otherwise PR k =0;/>Indicating whether the kth service in K will e xy, As a protection path segment. If pass e ij, Routing is performed->Otherwise->C represents a set of service requests.
According to the embodiment, the security level of each path in the acquired network topology is divided, so that at least three path security levels are obtained; acquiring a service request; the service request includes: security requirements and security degradation tolerance values; planning a path for the service request based on the path security level and the security requirement, and acquiring a first path; and planning a path for the service request based on the path security level, the security requirement and the security degradation tolerance value, and acquiring a second path. The embodiment of the application distinguishes the safety level of the service by aiming at the service in the endogenous safety optical network, and correspondingly divides the safety level of the path for transmitting the service, so that the transmission path suitable for the safety of the service can be effectively selected when the service is transmitted, the safety requirements of different users are met, and the safety of the service with different safety requirements is effectively ensured. In addition, a concept of a safety degradation tolerance value is introduced for the service, so that the service can more quickly select a corresponding protection path after the working path fails, resources consumed by the protection path are greatly reduced because of the safety degradation tolerance value, and the safety degradation tolerance value is set to be not too high, so that the resource is saved and the safety of the service can be ensured. In summary, the survivability of the endogenous safe optical network is considered, so that when the link fails, the service with the safety requirement can still ensure that the network can provide safety and protection, and the reliability of the whole safe optical network is improved. In the process of protecting path selection, a safety degradation scheme is adopted, so that the utilization rate of the whole resources in the network is improved, the success rate of the service is also improved, and meanwhile, the rationality of the protecting path is also ensured.
It should be noted that, the method of the embodiment of the present application may be performed by a single device, for example, a computer or a server. The method of the embodiment can also be applied to a distributed scene, and is completed by mutually matching a plurality of devices. In the case of such a distributed scenario, one of the devices may perform only one or more steps of the method of an embodiment of the present application, the devices interacting with each other to accomplish the method.
It should be noted that the foregoing describes some embodiments of the present application. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments described above and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.
Based on the same inventive concept, the application also provides a service path planning device corresponding to the method of any embodiment.
Referring to fig. 3, the traffic path planning apparatus includes:
the dividing module 31 is configured to divide the security level of each path in the acquired network topology to obtain at least three path security levels;
an acquisition module 32 configured to acquire a service request; the service request includes: security requirements and security degradation tolerance values;
a first path acquisition module 33 configured to plan a path for the service request based on the path security level and the security requirement, and acquire a first path;
a second acquisition path module 34 configured to plan a path for the service request based on the path security level, the security requirement, and the security degradation tolerance value, acquires a second path.
For convenience of description, the above devices are described as being functionally divided into various modules, respectively. Of course, the functions of each module may be implemented in the same piece or pieces of software and/or hardware when implementing the present application.
The device of the foregoing embodiment is configured to implement the corresponding service path planning method in any of the foregoing embodiments, and has the beneficial effects of the corresponding method embodiment, which is not described herein.
Based on the same inventive concept, the application also provides an electronic device corresponding to the method of any embodiment, which comprises a memory, a processor and a computer program stored on the memory and capable of running on the processor, wherein the processor realizes the business path planning method of any embodiment when executing the program.
Fig. 4 shows a more specific hardware architecture of an electronic device according to this embodiment, where the device may include: a processor 1010, a memory 1020, an input/output interface 1030, a communication interface 1040, and a bus 1050. Wherein processor 1010, memory 1020, input/output interface 1030, and communication interface 1040 implement communication connections therebetween within the device via a bus 1050.
The processor 1010 may be implemented by a general-purpose CPU (central processing unit), a microprocessor, an application-specific integrated circuit (ApplicationSpecificIntegratedCircuit, ASIC), or one or more integrated circuits, etc. for executing related programs to implement the technical solutions provided in the embodiments of the present disclosure.
The memory 1020 may be implemented in the form of ROM (read only memory), RAM (random access memory), a static storage device, a dynamic storage device, or the like. Memory 1020 may store an operating system and other application programs, and when the embodiments of the present specification are implemented in software or firmware, the associated program code is stored in memory 1020 and executed by processor 1010.
The input/output interface 1030 is used to connect with an input/output module for inputting and outputting information. The input/output module may be configured as a component in a device (not shown) or may be external to the device to provide corresponding functionality. Wherein the input devices may include a keyboard, mouse, touch screen, microphone, various types of sensors, etc., and the output devices may include a display, speaker, vibrator, indicator lights, etc.
Communication interface 1040 is used to connect communication modules (not shown) to enable communication interactions of the present device with other devices. The communication module may implement communication through a wired manner (such as USB, network cable, etc.), or may implement communication through a wireless manner (such as mobile network, WIFI, bluetooth, etc.).
Bus 1050 includes a path for transferring information between components of the device (e.g., processor 1010, memory 1020, input/output interface 1030, and communication interface 1040).
It should be noted that although the above-described device only shows processor 1010, memory 1020, input/output interface 1030, communication interface 1040, and bus 1050, in an implementation, the device may include other components necessary to achieve proper operation. Furthermore, it will be understood by those skilled in the art that the above-described apparatus may include only the components necessary to implement the embodiments of the present description, and not all the components shown in the drawings.
The electronic device of the foregoing embodiment is configured to implement the corresponding service path planning method in any of the foregoing embodiments, and has the beneficial effects of the corresponding method embodiment, which is not described herein.
Based on the same inventive concept, the present application also provides a non-transitory computer readable storage medium corresponding to the method of any embodiment, wherein the non-transitory computer readable storage medium stores computer instructions for causing the computer to execute the method of any embodiment.
The computer readable media of the present embodiments, including both permanent and non-permanent, removable and non-removable media, may be used to implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device.
The storage medium of the foregoing embodiments stores computer instructions for causing the computer to execute the service path planning method according to any one of the foregoing embodiments, and has the advantages of the corresponding method embodiments, which are not described herein.
Those of ordinary skill in the art will appreciate that: the discussion of any of the embodiments above is merely exemplary and is not intended to suggest that the scope of the application (including the claims) is limited to these examples; the technical features of the above embodiments or in the different embodiments may also be combined within the idea of the application, the steps may be implemented in any order, and there are many other variations of the different aspects of the embodiments of the application as described above, which are not provided in detail for the sake of brevity.
Additionally, well-known power/ground connections to Integrated Circuit (IC) chips and other components may or may not be shown within the provided figures, in order to simplify the illustration and discussion, and so as not to obscure the embodiments of the present application. Furthermore, the devices may be shown in block diagram form in order to avoid obscuring the embodiments of the present application, and also in view of the fact that specifics with respect to implementation of such block diagram devices are highly dependent upon the platform within which the embodiments of the present application are to be implemented (i.e., such specifics should be well within purview of one skilled in the art). Where specific details (e.g., circuits) are set forth in order to describe example embodiments of the application, it should be apparent to one skilled in the art that embodiments of the application can be practiced without, or with variation of, these specific details. Accordingly, the description is to be regarded as illustrative in nature and not as restrictive.
While the application has been described in conjunction with specific embodiments thereof, many alternatives, modifications, and variations of those embodiments will be apparent to those skilled in the art in light of the foregoing description. For example, other memory architectures (e.g., dynamic RAM (DRAM)) may use the embodiments discussed.
The present embodiments are intended to embrace all such alternatives, modifications and variances which fall within the broad scope of the appended claims. Therefore, any omissions, modifications, equivalent substitutions, improvements, and the like, which are within the spirit and principles of the embodiments of the application, are intended to be included within the scope of the application.
Claims (10)
1. A method for traffic path planning, comprising:
dividing the security level of each path in the acquired network topology to obtain at least three path security levels;
acquiring a service request; the service request includes: security requirements and security degradation tolerance values;
planning a path for the service request based on the path security level and the security requirement, and acquiring a first path;
and planning a path for the service request based on the path security level, the security requirement and the security degradation tolerance value, and acquiring a second path.
2. The method of claim 1, wherein the dividing the security level of each path in the acquired network topology to obtain at least three path security levels comprises:
and dividing the security level of the path based on the key generation rate of the path to obtain at least three path security levels.
3. The method of claim 1, wherein the planning a path for the service request based on the path security level and the security requirement, obtaining a first path, comprises:
selecting at least one third path based on a first security constraint of a preset path; the first security constraint of the path includes: the path security level of the first path is greater than or equal to the security requirement;
and taking the path with the lowest path security level in the third path as the first path.
4. A method according to claim 3, characterized in that the method further comprises: selecting at least one fourth path based on bandwidth resource constraint of a preset path; the third path includes the fourth path; the bandwidth resource constraint of the path includes: and the bandwidth resource of the first path is larger than or equal to the bandwidth resource of the service request.
5. The method of claim 1, wherein the planning a path for the service request based on the path security level, the security requirement, and the security degradation tolerance value, obtaining a second path, comprises:
selecting at least one fifth path based on a second security constraint of the preset path; the second security constraint includes: the path security level of the second path is greater than or equal to the difference value between the security requirement and the security degradation tolerance value of the service request;
and taking the path with the lowest path security level in the fifth path as the second path.
6. The method according to claim 5, further comprising: selecting at least one sixth path based on the non-coincidence constraint of a first path and a second path of a preset path on a physical link; the fifth path includes the sixth path; the first path and the second path are not coincident constraint on a physical link, and the method comprises the following steps: the physical links of the first path are not coincident with the physical links of the second path.
7. The method according to claim 1, characterized in that the method further comprises: and the first path and the second path succeed or fail simultaneously when being acquired.
8. A traffic path planning apparatus, comprising:
the dividing module is configured to divide the security level of each path in the acquired network topology to obtain at least three path security levels;
the acquisition module is configured to acquire a service request; the service request includes: security requirements and security degradation tolerance values;
the first path acquisition module is configured to plan a path for the service request based on the path security level and the security requirement, and acquire a first path;
and a second path acquisition module configured to plan a path for the service request based on the path security level, the security requirement, and the security degradation tolerance value, and acquire a second path.
9. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of any one of claims 1 to 7 when the program is executed by the processor.
10. A non-transitory computer readable storage medium storing computer instructions for causing a computer to perform the method of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310621233.2A CN116846805A (en) | 2023-05-29 | 2023-05-29 | Service path planning method and related equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310621233.2A CN116846805A (en) | 2023-05-29 | 2023-05-29 | Service path planning method and related equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116846805A true CN116846805A (en) | 2023-10-03 |
Family
ID=88164243
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310621233.2A Pending CN116846805A (en) | 2023-05-29 | 2023-05-29 | Service path planning method and related equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116846805A (en) |
-
2023
- 2023-05-29 CN CN202310621233.2A patent/CN116846805A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8903972B2 (en) | Method and apparatus for sharing contents using information of group change in content oriented network environment | |
| CN104346365A (en) | Device and method for determining specific service associated logs | |
| CN114268371B (en) | Quantum channel resource allocation method and device and electronic equipment | |
| CN110020846A (en) | A kind of transferred account service processing method and system | |
| Lin et al. | Evaluation of system reliability for a cloud computing system with imperfect nodes | |
| CN103444152B (en) | A kind of information method of operating and system | |
| CN115794423B (en) | Intelligent machine room management method and device, electronic equipment and storage medium | |
| CN111031519A (en) | Terminal access authentication method and device based on edge calculation | |
| CN117914485A (en) | Quantum key distribution network security routing and resource allocation method and related equipment | |
| CN107111495A (en) | Apparatus and method for virtual and calling interface method | |
| CN109271438A (en) | A kind of data bank access method and its system | |
| CN113791891A (en) | Continuous integration task construction method, device, equipment and computer readable medium | |
| CN113179154A (en) | Resource joint distribution method in quantum key distribution Internet of things and related equipment | |
| CN102904946B (en) | Method and device for managing nodes in cluster | |
| CN116846805A (en) | Service path planning method and related equipment | |
| CN116781531A (en) | Method and device for determining topology of signaling communication network, electronic equipment and storage medium | |
| CN113448770A (en) | Method, electronic device and computer program product for recovering data | |
| CN113392350B (en) | Page routing processing method, device, equipment and storage medium | |
| CN115941167A (en) | Quantum key distribution method based on tethered unmanned aerial vehicle and related equipment | |
| US10033817B2 (en) | Stateless technique for distributing data uploads | |
| CN112306371A (en) | Method, apparatus and computer program product for storage management | |
| CN115426104A (en) | Quantum key supply proprietary and shared protection method and related equipment | |
| CN113300966B (en) | Flow control method, device, system and electronic equipment | |
| CN105721398A (en) | Data access method and device | |
| US10673739B2 (en) | Detour routing for mesh network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |