JP6525067B2 - Reverse command generation program, reverse command generation method and reverse command generation device - Google Patents

Description

  The present invention relates to a reverse command generation program, a reverse command generation method, and a reverse command generation device.

  As an example of technology related to network setting, technologies such as Software-Defined Networking (SDN) are known. Such SDN technology provides a network management apparatus capable of collectively executing settings for network devices included in a network in an organization such as a company, for example, settings for a VLAN (Virtual Local Area Network) and subnets.

JP, 2011-199623, A JP, 2015-142167, A

  By the way, when the setting of the above network is performed, the setting as intended by the administrator of the network or the like can not necessarily be performed due to an error in recognition or a mistake in operation. Therefore, when setting up the network, a reverse command is generated from the command that reflects the contents edited by the operation in the setting, and when the rollback is instructed, the setting of the network device is changed using the reverse command. Rollback processing may be performed to return to the previous state.

  However, in the above-described technology, as will be described next, the execution of the reverse command may cause a network failure.

  For example, the network setting is not necessarily performed via the network management device, and a network administrator or the like connects to the network device via a protocol such as telnet, and via a CLI (Command Line Interface) or the like. Settings may be made. In this case, not only the setting command that can be interpreted by the network management apparatus is used, but a reverse command may not be generated. In this way, even though the reverse command could not be generated, when the reverse command generated before that is executed, rollback is performed with the settings made via CLI etc ignored. It will be As a result, the execution of the reverse command may cause a network failure.

  In one aspect, the present invention aims to provide a reverse command generation program, a reverse command generation method, and a reverse command generation device capable of suppressing a network failure caused by execution of a reverse command.

  In one aspect, the reverse command generation program stores the first setting data stored in the communication device in a predetermined storage unit each time the setting of the communication device is updated, and receives the setting operation on the communication device. A process of acquiring second setting data stored in the communication apparatus from the communication apparatus targeted for the setting operation received, and a setting command transmitted to the communication apparatus based on the acquired second setting data Stored in the storage unit when there is a difference between the process of generating the inverse command of the second set of data and the second set of data acquired in the process of acquisition and the first set of data stored in the storage unit. And causing the computer to execute a process of invalidating the reverse command generated based on the first setting data.

  It is possible to suppress network problems that occur due to the execution of reverse commands.

FIG. 1 is a diagram of an exemplary configuration of a network management system according to a first embodiment. FIG. 2 is a block diagram of the functional configuration of the network management device according to the first embodiment. FIG. 3 is a diagram illustrating an example of generation of a reverse command. FIG. 4 is a diagram showing an example of operation history data. FIG. 5 is a schematic view showing a time series of setting operation and setting contents. FIG. 6 is a diagram showing an example of the rollback list screen. FIG. 7 is a diagram showing an example of the rollback list screen. FIG. 8 is a diagram showing an example of the rollback list screen. FIG. 9 is a diagram showing an example of the rollback list screen. FIG. 10 is a flowchart of the reverse command generation process according to the first embodiment. FIG. 11 is a flowchart (1) illustrating the procedure of rollback processing according to the first embodiment. FIG. 12 is a flowchart (2) illustrating a procedure of rollback processing according to the first embodiment. FIG. 13 is a diagram illustrating an example of a hardware configuration of a computer that executes a rollback processing control program according to the first embodiment and the second embodiment.

  An inverse command generation program, an inverse command generation method, and an inverse command generation device according to the present application will be described below with reference to the accompanying drawings. Note that this embodiment does not limit the disclosed technology. And each Example can be suitably combined in the range which does not make processing contents contradictory.

[System configuration]
FIG. 1 is a diagram of an exemplary configuration of a network management system according to a first embodiment. The network management system 1 shown in FIG. 1 provides a network management service for managing the network devices 30A to 30C constructing the network NW, and as an example, executes various settings for the network devices 30A to 30C, and the network The settings to the devices 30A-30C can be rolled back or the like.

  As shown in FIG. 1, the network management system 1 includes a network management device 10, network devices 30A to 30C, and a client terminal 50. Hereinafter, when the network devices 30A to 30C are generically referred to as "network device 30" may be described. Although FIG. 1 illustrates the case where three network devices 30A, 30B, and 30C are accommodated in the network management device 10, the present invention is not limited to this. That is, the number 30 of network devices accommodated by the network management device 10 may be arbitrary.

  The network management device 10 is a computer that provides the above-described network management service.

  In one embodiment, the network management apparatus 10 can be implemented as a software-defined networking (SDN) controller by installing package software or online software for realizing the above-described network management service on a desired computer. The network management device 10 executes management including monitoring, setting, control, etc. of carrier Ethernet (registered trademark) such as IP-VPN (Internet Protocol Virtual Private Network) and wide area Ethernet (registered trademark) as an example of the network NW. can do. Thus, the network NW managed by the network management apparatus 10 is not limited to a physical network, and may be a virtual network virtualized by a technology such as SDN or NFV (Network Function Virtualization).

  The network device 30 is a device that constructs a network NW, and can employ, for example, a data transfer device such as a router or a switch, a firewall, a load balancer, or the like.

  The client terminal 50 is a computer that receives the provision of the above-described network management service, and as an example, is used by related parties such as a network administrator who manages the network NW.

[Configuration of Network Management Device 10]
FIG. 2 is a block diagram showing a functional configuration of the network management device 10 according to the first embodiment. As shown in FIG. 2, the network management device 10 includes a communication I / F (interface) unit 11, a storage unit 13, and a control unit 15. The network management apparatus 10 may have various functional units of a known computer, for example, functional units such as various input devices and voice output devices, in addition to the functional units shown in FIG.

  The communication I / F unit 11 is an interface that performs communication control with another device such as the network device 30 or the client terminal 50.

  As one embodiment, the communication I / F unit 11 can adopt a network interface card such as a LAN card. For example, the communication I / F unit 11 transmits a command related to the setting of the network or its reverse command to the network device 30, or a configuration file stored in the network device 30 from the network device 30, for example, "running-config" or "startup" Receive "-config". The communication I / F unit 11 also receives, from the client terminal 50, an editing operation for setting of the network and a rollback instruction for setting of the network. In addition, the communication I / F unit 11 transmits, to the client terminal 50, an editing screen for editing the setting of the network and a rollback list screen on which a list of setting operations to be rolled back is installed.

  The storage unit 13 is a storage device that stores data used for various programs such as a network management program for realizing the above-described network management service, including an OS (Operating System) executed by the control unit 15.

  In one embodiment, the storage unit 13 can be implemented as an auxiliary storage device in the network management device 10. For example, a hard disk drive (HDD), an optical disk, a solid state drive (SSD), or the like can be adopted as the storage unit 13. The storage unit 13 may not necessarily be implemented as an auxiliary storage device, and may be implemented as a main storage device in the network management apparatus 10. In this case, various storage devices such as a random access memory (RAM) or a flash memory can be adopted as the storage unit 13.

  The storage unit 13 stores operation history data 13 a and reverse command data 13 b as an example of data used for a program executed by the control unit 15. As described above, in addition to the operation history data 13a and the reverse command data 13b shown in FIG. 2, other electronic data can be stored together.

  For example, the storage unit 13 extracts a difference by comparing setting files stored in the network management device 10 and the network devices 30, for example, “running-config” and “startup-config”. A copy of the configuration file stored in each network device 30 can be stored. In addition, the storage unit 13 stores user authority data in which a network device 30 or a group of the network devices 30 for permitting the setting of the network is defined for each user in order to manage the authority of the user such as the administrator of the network. can do. Furthermore, the storage unit 13 can also store a template of a setting command in order to generate a reverse command from the setting command of the network. In addition to this, the storage unit 13 can store device data regarding the network device 30 and link data regarding links formed by the network device 30 in order to manage the topology of the network NW.

  Here, the description of the operation history data 13a and the reverse command data 13b will be described together with the description of the processing unit in which the operation history data 13a and the reverse command data 13b are generated.

  The control unit 15 has an internal memory for storing various programs and control data, and executes various processes using these.

  In one embodiment, the control unit 15 is implemented as a central processing unit, so-called CPU (Central Processing Unit). The control unit 15 may not necessarily be mounted as a central processing unit, and may be mounted as an MPU (Micro Processing Unit). The control unit 15 can also be realized by hard wired logic such as an application specific integrated circuit (ASIC) or a field programmable gate array (FPGA).

  The control unit 15 develops a network management program stored in the storage unit 13 on a work area of a RAM such as a dynamic random access memory (DRAM) or a static random access memory (SRAM) mounted as a main storage device (not shown). Thus, the following processing unit is virtually realized. For example, as shown in FIG. 2, the control unit 15 includes a first reception unit 15a, a monitoring unit 15b, a setting unit 15c, a reverse command generation unit 15d, a rollback control unit 15e, and an output control unit 15f. , And the second reception unit 15g.

  The first reception unit 15 a is a processing unit that receives various settings for the network device 30.

  As one embodiment, the first accepting unit 15a can accept various settings for the network device 30 via a graphical user interface (GUI). For example, the first accepting unit 15a receives a designation of the network device 30 on a map in which the topology of the physical network or the virtual network is visualized, for example, a GUI component that performs network setting in a state where mouse over is performed. When operated, it is possible to receive editing such as new registration and update of various settings related to the network device 30. Here, the first reception unit 15a can also individually receive settings for one network device 30, or collectively receives settings for a plurality of network devices 30, for example, a group of network devices 30 for which group setting has been performed. It can also be done. As an example of the setting, the first receiving unit 15a can receive the setting of a virtual local area network (VLAN) or a subnet. After that, the first reception unit 15a receives an operation for reflecting the content for which the editing has been received in the setting. In the following, an operation for accepting the editing of the setting and an operation for reflecting the content for which the editing is accepted in the setting may be collectively referred to as a “setting operation”.

  The monitoring unit 15 b is a processing unit that monitors the network NW.

  As one embodiment, the monitoring unit 15b is, by way of example only, when the setting operation is accepted by the first accepting unit 15a, for example, when new registration or setting change of settings for one or more network devices 30 is performed, Execute the following process.

  For example, the monitoring unit 15b reads “startup-config” which is read from a non-volatile memory such as NVRAM (Non Volatile RAM) at start-up from the network device 30 on which the setting operation is performed, and “running” expanded on the RAM. Get -config. Then, the monitoring unit 15b matches the two setting files by comparing the two setting files “startup-config” and “running-config” acquired from the network device 30 on which the setting operation has been performed. It is determined whether to do. For example, the monitoring unit 15b can determine the presence or absence of a difference between two setting files by executing a process of calculating a diff and a hash value from the two setting files.

  Here, if “startup-config” and “running-config” do not match, the following situation can be determined. For example, a network administrator or the like connects to the network apparatus 30 via a protocol such as telnet, and there is a high probability that the setting is performed via a CLI (Command Line Interface) or the like. It is possible to estimate the situation in which "running-config" is updated without intervention. Hereinafter, the case where network setting is performed by a command performed via the CLI may be described as "external command operation". As described above, when an external command operation is performed, the updated "running-config" acquired from the network device 30 and the "running-config" before updating stored by the storage unit 13 for management of the network device 30 are performed. The difference between the above and the above does not necessarily mean that the setting command corresponding to the content of the update can be interpreted, and a reverse command can not necessarily be generated. In this case, if rollback to the operation before the external command operation is performed, a problem may occur in the network NW. Thus, the reverse command generated before the external command operation is invalidated to restrict the rollback to the operation before the external command operation is performed.

  On the other hand, when “startup-config” and “running-config” match, the monitoring unit 15 b refers to link data (not shown) stored in the storage unit 13. The link data includes, for example, a deletion flag indicating whether the link has been deleted from the topology. For example, if the deletion flag is "false", the link is not deleted, and if the deletion flag is "true", it can be determined that the link is deleted. With reference to such link data, the monitoring unit 15 b determines whether “false” is set in the deletion flag related to the link including the network device 30 whose setting is to be edited.

  At this time, when the deletion flag for the link including the network device 30 whose setting is edited is set to “true”, the configuration of the network device 30 included in the link deleted from the topology is restricted from being rolled back. In order to do this, the reverse command generated before the deletion flag is set to “true” is invalidated.

  In addition, when “false” is set in the deletion flag regarding the link including the network device 30 whose setting is to be edited, the monitoring unit 15 b stores “startup-config” acquired from the network device 30 first, and the storage unit 13 compares “startup-config” stored for management of the network device 30. For example, the monitoring unit 15b determines whether the update date and time of two “startup-config” matches or does not match, or executes the process of calculating the diff and the hash value from the two “startup-config”. It is possible to determine the presence or absence of the difference of "startup-config".

  As a result, when the two “startup-config” do not match, it can be determined that the probability of the above external command operation being performed is high. Also in this case, the reverse command generated before the external command operation is invalidated to restrict the rollback to the operation before the external command operation is performed.

  Here, as an example only, when the setting operation is performed, the above three determinations, that is, comparison of two setting files in the network device 30, confirmation of a link deletion flag, and the network device 30 and the network management device 10 Although the case where the comparison of "startup-config" between is performed is illustrated, it is not limited to this. That is, the monitoring unit 15b can perform the above three determinations for each network device 30 according to the conditions regarding time. For example, if a predetermined period, for example, one minute, has passed since the last determination, the monitoring unit 15b determines the above three determinations when the system time held by the network management apparatus 10 reaches a predetermined periodic time. It can be implemented. In addition to this, even when rollback is instructed, the monitoring unit 15b can also perform the above three determinations before executing the rollback process.

  The setting unit 15 c is a processing unit that performs various settings for the network device 30.

  In one embodiment, the setting unit 15 c transmits, to the network device 30, a setting command related to the content of which the editing is accepted by the first accepting unit 15 a. As a result, as a result of the contents of which the editing is accepted by the first accepting unit 15a being registered in “running-config” stored in the network device 30, the setting of the network device 30 is updated. Then, the setting unit 15 c acquires the updated date and time of the updated “startup-config” or “startup-config” from the network device 30 and stores “startup-config” that the storage unit 13 stores for management of the network device 30. Or, overwrite and update the update date and time of "startup-config".

  Here, when the setting of the network device 30 is updated, the setting unit 15 c updates the operation history data 13 a stored by the storage unit 13 for rollback. In the operation history data 13a, “operation No.”, “user name”, “device group name”, “function type”, “change date and time”, “content”, “flag 1”, “flag 2” and “ Data including some or all of the items such as "flag 3" can be adopted. The term "operation No." refers to a number identifying a setting operation, and for example, serial numbers are assigned in ascending order from the most recent setting operation. Also, "user name" refers to the name of the user who performed the setting operation. The “device group name” refers to the name of the group of the network device 30 for which the setting operation has been performed. Further, the “change date and time” indicates the date and time when the setting is changed by the setting operation, and is represented by, for example, “yyyy / mm / dd hh / mm / ss”. Also, “setting operation content” refers to the content of setting operation. Also, “flag 1” indicates a flag indicating whether or not an external command operation has been performed on the network device 30 for which the setting operation has been performed after the setting operation has been performed. For example, the flag 1 is set to “false” When set, no external command operation is performed, and when the flag 1 is set to “true”, it means that an external command operation is performed. Also, “flag 2” indicates a flag indicating whether the link including the network device 30 for which the setting operation has been performed after the setting operation has been deleted or edited, for example, the flag 2 is “false” When it is set to, the link is not edited or deleted, and when the flag 2 is set to “true”, it means that the link is edited or deleted. Also, "flag 3" indicates a flag indicating whether an error has occurred in rollback processing of the setting operation, for example, when flag 3 is set to "false", rollback processing for the setting operation is performed. When the time is not executed and the flag 3 is set to "true", it means that an error has occurred during rollback processing.

  For example, in the setting unit 15c, “startup-config” and “running-config” acquired from the network device 30 match, and “false” is set in the deletion flag of the link including the network device 30, and the network When “startup-config” matches between the management device 10 and the network device 30, a record regarding the setting operation accepted through the first accepting unit 15a is additionally registered in the operation history data 13a stored in the storage unit 13. . At this time, the setting unit 15c causes the storage unit 13 to hold records regarding the history of the latest setting operation to a predetermined number, for example, 20 operations, as the operation history data 13a in the storage unit 13, and deletes the record regarding previous setting operations from the storage unit 13. You can also

  In addition, the setting unit 15 c detects an external command operation by the monitoring unit 15 b, that is, when “startup-config” and “running-config” obtained from the network device 30 do not match, or the network management device 10 and If “startup-config” does not match among the network devices 30, the following processing is performed. That is, the setting unit 15 c includes the device name of the network device 30 in which the external command operation is detected among the operation history data 13 a stored in the storage unit 13 in the field of the setting operation content, and the external command operation is detected. Search for records before time point. After that, the setting unit 15 c sets “true” in the flag 1 of all the records hit by the search. This restricts the rollback of the setting operation for the record in which the flag 1 is set to “true”.

  In addition, when “true” is set in the deletion flag of the link including the network device 30, the setting unit 15c causes the network device 30 in which deletion of the link is detected among the operation history data 13a stored in the storage unit 13. The device name of is included in the setting operation content field, and the previous record in which the deletion of the link is detected is searched. Then, the setting unit 15 c sets “true” to the flag 2 of all the records hit by the search. This restricts the rollback of the setting operation for the record in which the flag 2 is set to “true”.

  The reverse command generation unit 15 d is a processing unit that generates a reverse command.

  In one embodiment, the reverse command generation unit 15 d matches “startup-config” and “running-config” acquired from the network device 30, and sets “false” to the deletion flag of the link including the network device 30. If the "startup-config" matches between the network management device 10 and the network device 30, the reverse command is generated. For example, the reverse command generation unit 15d obtains the updated "running-config" from the network device 30, and then compares the difference between the two "running-configs" by comparing the "running-config" before and after the update. Extract. Subsequently, the reverse command generation unit 15d determines whether or not the setting operation is a change of the setting value from the difference between the two "running-config". Then, when the setting operation is a change of the setting value, the reverse command generation unit 15d generates a reverse command as follows. That is, the reverse command generation unit 15d changes the setting value of the item from which the difference is extracted among the items included in "running-config" for each of the network devices 30 for which the setting operation has been performed to the setting value before the setting operation. Generate a reverse command to change. In addition, when the setting operation is not a change of the setting value, the reverse command generation unit 15d determines whether the setting operation is an initial value, for example, a change from an empty or the like, that is, a new registration Determine At this time, when the setting operation is new registration, the reverse command generation unit 15 d generates a reverse command as follows. That is, the reverse command generation unit 15 d generates a reverse command for deleting the setting value of the item from which the difference is extracted among the items included in “running-config” for each of the network devices 30 for which the setting operation has been performed. If the initial value is a NULL value, a reverse command may be generated to change the setting value of the item from which the difference is extracted to the initial value, that is, the NULL value. Furthermore, when the setting operation is neither change of the setting value nor new registration, the reverse command generation unit 15d determines whether or not the setting operation is deletion based on the difference between the two "running-config". At this time, when the setting operation is deletion of the setting value, the reverse command generation unit 15 d generates a reverse command as follows. That is, the reverse command generation unit 15 d sets the setting value of the item from which the difference is extracted among the items included in “running-config” for each of the network devices 30 on which the setting operation has been performed, using the setting value before the deletion operation. Generate a reverse command to be newly registered. The reverse command thus generated is additionally registered in the reverse command data 13b stored in the storage unit 13 in a state associated with the value of the field "operation No." of the operation history data 13a.

  FIG. 3 is a diagram illustrating an example of generation of a reverse command. FIG. 3 shows an example in which the VLAN setting of the device A is performed. In the example of the device A shown in FIG. 3, the update for changing the VLAN ID from the setting a0 to the setting a1 by operation 1 is performed, that is, the update for changing the VLAN ID from “10” to “100”. In this case, a reverse command is generated to change the setting value of the VLAN ID to "10". Furthermore, the update for changing the VLAN ID from the setting a1 to the setting a2 by the operation 2, that is, the update for changing the VLAN ID from "100" to "200" is performed. In this case, a reverse command to change the setting value of VLAN ID to "100" is generated. Further, an update for changing the VLAN ID from the setting a2 to the setting a3 by the operation 3, that is, an update for changing the VLAN ID from "200" to "300" is performed. In this case, a reverse command to change the setting value of the VLAN ID to "200" is generated.

  On the other hand, when the “startup-config” and the “running-config” obtained from the network device 30 do not match, the reverse command generation unit 15 d sets “true” in the deletion flag of the link including the network device 30. In the case where the “startup-config” does not match between the network management device 10 and the network device 30, the reverse command related to the network device 30 is invalidated. For example, the reverse command generation unit 15 d deletes the reverse command related to the network device 30 in which the external command operation is detected or the network device 30 in which the deletion of the link is detected from the reverse command data 13 b stored in the storage unit 13.

  The rollback control unit 15 e is a processing unit that controls rollback processing.

  In one embodiment, when the rollback control unit 15 e receives from the client terminal 50 a request for viewing a rollback list screen including a list of setting operations to be rolled back, the operation history stored in the storage unit 13. The data 13a is read. Subsequently, the rollback control unit 15 e selects one of the records included in the operation history data 13 a. For example, the rollback control unit 15e can select one record at a time from the record regarding the latest setting operation.

  Subsequently, the rollback control unit 15 e determines whether “false” is set in the rollback error flag 3 of the record of the operation history data 13 a selected earlier. At this time, if “true” is set in flag 3 of the rollback error, although the rollback processing of the setting operation corresponding to the previously selected record is performed in the past, the result is an error. I understand that. In this case, the rollback control unit 15 e assigns “rollback error” to the status of rollback regarding the record.

  On the other hand, when the rollback error flag 3 is set to “false”, the rollback control unit 15 e determines whether the setting operation corresponding to the record of the operation history data 13 a selected earlier is within the range of the user authority. Further determine the For example, among the user authority data stored in the storage unit 13, the rollback control unit 15 e uses the user name of the account for which the client terminal 50 requesting browsing of the rollback list screen succeeded in log-in authentication in the network management system 1. Identify the corresponding user rights. Then, the rollback control unit 15 e determines whether or not the field “device group name” included in the record of the operation history data 13 a selected above is within the range of the user authority specified above. . At this time, when the setting operation is out of the range of the user authority, the rollback control unit 15 e assigns “rollback impossible” to the status of the rollback regarding the record of the operation history data 13 a selected earlier.

  Further, when the setting operation is within the range of the user authority, the rollback control unit 15 e determines whether “false” is set in the flag 1 of the external command operation of the record of the operation history data 13 a selected earlier. Further determine the At this time, when “true” is set to the flag 1 of the external command operation, it is understood that the external command operation is performed after the setting operation corresponding to the record is performed. In this case, the rollback control unit 15 e assigns “rollback impossible” to the status of the rollback regarding the record.

  In addition, when “false” is set in the flag 1 of the external command operation, the rollback control unit 15 e further executes the following process. That is, the rollback control unit 15 e is included in the field “setting operation content” of the record of the operation history data 13 a selected earlier among the network devices 30 included in the device data (not shown) stored in the storage unit 13. It is determined whether "false" is set in the deletion flag of the target network device 30 or not. At this time, when “true” is set in the deletion flag of the network device 30, it can be understood that data relating to the network device 30 is deleted from the device data after the setting operation corresponding to the record is performed. In this case, the rollback control unit 15 e assigns “rollback impossible” to the status of the rollback regarding the record.

  Further, when the deletion flag of the network device 30 is set to “false”, the rollback control unit 15 e sets “false” to the flag 2 of the link editing / deleting possessed by the record of the operation history data 13 a selected earlier. It is further determined whether “is set. At this time, if “true” is set in flag 2 of link editing / deletion, it is known that the link including the network device 30 has been deleted from the topology after the setting operation corresponding to the record is performed. . In this case, the rollback control unit 15 e assigns “rollback impossible” to the status of the rollback regarding the record.

  In addition, when “false” is set in the link editing / deleting flag 2, the rollback control unit 15 e is included in the “setting operation content” field of the record of the operation history data 13 a selected earlier. Each network device 30 further determines whether it is the first setting operation, that is, the latest setting operation, retroactively from the point of time when the request for browsing the rollback list screen is received. At this time, in the case where the setting operation is the latest in all the network devices 30, it can be determined that there is a high probability that there will be no hindrance to the execution of the rollback processing. In this case, the rollback control unit 15 e assigns “rollback possible” to the status of the rollback regarding the record. On the other hand, if it is not the latest setting operation in any of the network devices 30, the field "setting operation content" is included in the setting operation performed before the setting operation corresponding to the record of the operation history data 13a selected earlier. Permitting rollback of the setting operation corresponding to the record of the operation history data 13a selected earlier on condition that the rollback process related to the related setting operation performed prior to the included network device 30 is executed It is understood that it is good. In this case, the rollback control unit 15 e assigns “waiting for rollback” to the status of rollback regarding the record.

  As described above, for each setting operation corresponding to the record included in the operation history data 13a, the setting operation is classified into either "rollback enabled", "rollback wait", "rollback not possible" or "rollback error". It will be done.

  The output control unit 15 f is a processing unit that performs output control on the client terminal 50.

  In one embodiment, the output control unit 15 f causes the client terminal 50 to display a rollback list screen according to the rollback status allocated for each setting operation by the rollback control unit 15 e. For example, the output control unit 15f registers part or all of the information of the field of each record in ascending order of the field "Operation No." of each record included in the operation history data 13a, and is assigned to each record Rollback list screen display data is generated by associating marks such as icons corresponding to rollback status “rollback enabled”, “rollback wait”, “rollback not possible” or “rollback error” Do. The output control unit 15 f causes the client terminal 50 to display the rollback list screen using the display data generated in this manner.

  The second reception unit 15g is a processing unit that receives a rollback instruction.

  In one embodiment, the second accepting unit 15g accepts a rollback instruction in a state where the rollback list screen is displayed on the client terminal 50 by the output control unit 15f. Specifically, the second accepting unit 15g accepts specification of a setting operation for executing rollback processing by selecting any of the records from the list of records included in the rollback list screen. For example, when a record to which “rollback is allowed” is assigned as a rollback status is selected, a GUI component that receives a roll back processing execution instruction, for example, displayed by the output control unit 15 f in a state where the execution button is active. . In addition, when a record to which “wait for rollback” is assigned is selected as the status of rollback, the following display is performed by the output control unit 15 f. That is, the setting operation related to the network device 30 which is a setting operation performed before the setting operation corresponding to the selected record and included in the field “setting operation content” of the selected record is first. The record corresponding to the related setting operation performed is a distinguishable display form different from the display form of other records, for example, the change of the display color of characters and filling, the display of an icon such as “related rollback”, or hatching And the like, and a GUI component that receives an instruction to execute rollback processing is displayed in an inactive state. In addition, when a record to which “rollback impossible” is assigned as a rollback status is selected, a GUI component that receives a rollback processing execution instruction is displayed in an inactive state.

  As described above, in the state in which the specification of the setting operation has been received, the second receiving unit 15 g further receives an execution instruction of rollback processing via the above-described GUI component. Here, when the GUI component is operated, if the GUI component is in the active state, the rollback processing for rolling back the setting operation by executing the reverse command corresponding to the setting operation for which the specification is accepted is performed. It is implemented by the rollback control unit 15e. When the rollback process is performed as described above, the storage unit 13 acquires “startup-config” after the setting is updated by the rollback process from each network device 30 on which the rollback process is performed. The update date and time of “startup-config” or “startup-config” stored for management of the network device 30 is overwritten and updated. At the same time, the record corresponding to the setting operation for which the rollback process has been performed is deleted from the operation history data 13a. On the other hand, if the GUI component is not in the active state, the rollback process for rolling back the setting operation for which the specification is accepted is restricted.

[Specific example of rollback control]
A specific example of rollback control will be described using FIGS. 4 to 9. FIG. 4 is a diagram showing an example of the operation history data 13a. FIG. 5 is a schematic view showing a time series of setting operation and setting contents. 6 to 9 are diagrams showing an example of the rollback list screen.

  FIG. 4 shows records relating to a total of seven setting operations of operation 1 to operation 7. Here, for convenience of explanation, seven records are extracted and illustrated, but the number of records displayed on the rollback list screen is not limited to this. In the case of the operation history data 13a shown in FIG. 4, each setting operation and the contents of the setting operation are as shown in the schematic view shown in FIG. It is assumed that the following group settings are made for device A, device B and device C shown in FIGS. 4 and 5. That is, as shown in FIG. 5, the group A includes the device A, the group B includes the device B, and the group C includes the device C. The group Z includes devices A and B. Further, group X includes device A, device B and device C.

  In operation 7 shown in FIG. 5, the configuration file of device A is updated from “a0” to “a1” in the initial state by newly registering the VLAN ID of device A from “initial value” to “2”. Means Then, in operation 6 shown in FIG. 5, the default route of the routing of the device A is changed, which means that the setting file of the device A is updated from “a1” to “a2”. Thereafter, in the operation 5 shown in FIG. 5, VLAN IDs of the device A, the device B and the device C are collectively set. That is, by updating the VLAN ID of the device A from “2” to “3”, it means that the configuration file of the device A has been updated from “a2” to “a3”. At the same time, by newly registering the VLAN ID of the device B from “initial value” to “3”, it means that the setting file of the device B has been updated from “b0” to “b1” in the initial state. Furthermore, by newly registering the VLAN ID of the device C from “initial value” to “3”, it means that the configuration file of the device C has been updated from “c0” to “c1” in the initial state.

  Subsequently, in the operation 4 illustrated in FIG. 5, VLAN IDs of the device A and the device B are collectively set. That is, by updating the VLAN ID of the device A from “3” to “4”, it means that the setting file of the device A has been updated from “a3” to “a4”. At the same time, by updating the VLAN ID of device B from “3” to “4”, it means that the configuration file of device B has been updated from “b1” to “b2”. Then, in the operation 3 shown in FIG. 5, by updating the VLAN ID of the device B from “4” to “5”, it means that the setting file of the device B is updated from “b2” to “b3”. . Subsequently, in the operation 2 shown in FIG. 5, by updating the VLAN ID of the device A from “4” to “6”, it means that the setting file of the device A has been updated from “a4” to “a5”. Do. Furthermore, in the operation 1 shown in FIG. 5, by updating the VLAN ID of the device A from “6” to “7”, it means that the setting file of the device A has been updated from “a5” to “a6”. .

  Here, the records corresponding to the operation 1 and the operation 3 shown in FIG. 4 are classified into “rollback possible”, and the records other than the records corresponding to the operation 1 and the operation 3 shown in FIG. are categorized. The reason is that "true" is not set in flags 1 to 3 of each record, and in records other than the records corresponding to operation 1 and operation 3, among the devices included in the field "setting operation content" This is because there are devices for which the setting operation has been performed earlier.

  Under the history of such setting operations, in the case of the overall administrator 3 and the overall administrator 4 among the users having overall administrator authority, that is, among the users shown in FIG. 4, the rollback list screen shown in FIG. It is displayed on the client terminal 50. While the rollback list screen 600 in the case where the record in the list is in the unselected state is shown in the upper part of FIG. 6, the operation 5 of the records in the list is shown in the lower part of FIG. A rollback list screen 620 is shown when the corresponding record is selected.

  As shown in the rollback list screen 600 shown in FIG. 6, the overall administrator 3 and the overall administrator 4 have the authority to perform the setting operation on all devices, and therefore all the items included in the operation history data 13a shown in FIG. The record is displayed. Then, in a state where the setting operation for executing the rollback processing is not specified, the records corresponding to the operation 1 and the operation 3 have an icon indicating that the status regarding the rollback of the record is “rollback is possible”. It is displayed in association with it. At this stage, the execution button 610 that receives the roll back processing execution instruction is displayed in an inactive state. If the records corresponding to the operation 1 and the operation 3 are selected, the state of the execution button 610 is switched to active.

  At this time, when the record corresponding to the operation 5 is selected from the records in the list, the display of the client terminal 50 is the rollback list shown in the lower part of FIG. 6 from the rollback list screen 600 shown in the upper part of FIG. A transition to screen 620 is made. As shown in the rollback list screen 620 shown in FIG. 6, the record corresponding to the selected operation 5 is displayed in a display form different from the display form of the other records, with the darkest hatching in the figure. Furthermore, the setting operation related to device A, device B or device C, which is a setting operation performed prior to the selected operation 5 and included in the field “setting operation content” of the record corresponding to operation 5 The records corresponding to the related operations 1 to 4 performed earlier are displayed with distinguishable display forms different from the display forms of other records, for example, by the second dark hatching. At this time, among the records corresponding to the related operations 1 to 4, to the records corresponding to the operation 1 and the operation 3 which can be rolled back at present, an icon indicating that "roll back is possible" is associated Is displayed. In addition, the records corresponding to operation 2 and operation 4 classified as "wait for rollback" are "related rollback" together with the record corresponding to operation 5 classified as "wait for rollback". The icon which shows is matched and displayed. In this case, since the rollback of the operation 5 can not be performed unless the rollback of the related operations 1 to 4 is performed, the execute button 630 is displayed in the inactive state. According to the rollback list screen 620, it is possible to grasp at a glance the rollback of the operations 1 to 4 which should be performed before the rollback of the operation 5.

  Further, in the case of the GrpA administrator 5 among the users having device group administrator authority, that is, among the users shown in FIG. 4, the rollback list screen shown in FIG. 7 is displayed on the client terminal 50. In the upper part of FIG. 7, a rollback list screen 700 in the case where the record in the list is not selected is shown. While the rollback list screen 720 is shown in the middle row of FIG. 7 when the record corresponding to the operation 4 is selected among the records in the list, the lower row of FIG. A rollback list screen 740 when rollback of the operation 1 and the operation 2 is executed on the back list screen 720 is shown. 7, “operation No.” of the operation history data 13a shown in FIG. 4 and the rollback list screen 700 shown in FIG. 7 from the viewpoint of specifying the correspondence with the operation history data 13a shown in FIG. An example is shown in which the correspondence with "Operation No." in 720 and 740 is matched, but if a missing number occurs due to user authority or execution of rollback, renumbering in ascending order from the top of the list is also possible. It goes without saying that you can.

  As the rollback list screen 700 shown in FIG. 7, the GrpA administrator 5 only has the authority to perform the setting operation on the device A. Therefore, the GrpA administrator 5 does not necessarily display all the records included in the operation history data 13a shown in FIG. Specifically, the record corresponding to the operation 3 is a setting operation for the device B and is not displayed on the list because the device A which is a category of the user authority of the GrpA administrator 5 is not included. Furthermore, since operations 4 and 5 on the list include setting operations for devices B and C outside the range of the user authority of GrpA administrator 5, it is not disclosed what operation was performed, and the setting operation content A private mark "-" is displayed on. Furthermore, since the operations 4 and 5 can have the general administrator roll back the operations 4 and 5, the "rollback not possible" icon is not given.

  As described above, in the state where the setting operation for executing the rollback process is not specified, the record corresponding to the operation 1 is associated with an icon indicating that the status regarding the rollback of the record is “rollback is possible”. Is displayed. At this stage, the execution button 710 that receives the roll back processing execution instruction is displayed in an inactive state. If the record corresponding to the operation 1 is selected, the state of the execution button 710 is switched to active.

  At this time, when the record corresponding to the operation 4 is selected from the records in the list, the display of the client terminal 50 is the rollback list shown from the rollback list screen 700 shown in the upper part of FIG. 7 to the middle part in FIG. A transition to screen 720 is made. As shown in the rollback list screen 720 shown in FIG. 7, the record corresponding to the selected operation 4 is displayed in a display form different from the display form of the other records, with the darkest hatching in the drawing. Furthermore, the setting operation related to device A or device B included in the field “setting operation content” of the record corresponding to operation 4 which is the setting operation performed prior to the selected operation 4 is performed first. The records corresponding to the related operations 1 and 2 performed are displayed with distinguishable display forms different from the display forms of the other records, for example, by the second dark hatching. At this time, among the records corresponding to the related operation 1 and the operation 2, to the record corresponding to the operation 1 which can be rolled back at present, an icon indicating “roll back is possible” is displayed in association Be done. Also, in the record corresponding to operation 2 classified as "wait for rollback", an icon indicating "related rollback" as well as the record corresponding to operation 4 classified as "wait for rollback" is displayed. It is displayed in association with it. In this case, since the rollback of the operation 4 can not be performed unless the rollback of the related operations 1 and 2 is performed, the execute button 730 is displayed in the inactive state. According to the rollback list screen 720, it is possible to grasp at a glance the rollbacks of the operations 1 and 2 that should be performed before the rollback of the operation 4.

  Then, when the rollback of the operations 1 and 2 is executed on the rollback list screen 720, the display of the client terminal 50 is the rollback shown in the lower part of FIG. 7 from the rollback list screen 720 shown in the middle of FIG. A transition to a list screen 740 is made. As shown in the rollback list screen 740 shown in FIG. 7, the operation 1 and the operation 2 for which the rollback is already performed are deleted from the list, and the record corresponding to the operation 4 for which the selection is subsequently performed is another record. The display form is different from the display form, and is displayed with the darkest hatching in the figure. Furthermore, since the operation 4 for which the selection has been performed is subject to the rollback of the device B which is out of the range of the user authority of the GrpA administrator 5, the execution button 750 is displayed in an inactive state. In this case, the GrpA administrator 5 requests the GrpZ administrator 1, the overall administrator 3 or the overall administrator 4 to execute rollback.

  Subsequently, the display in the case where the rollback is not possible will be described. For example, it is assumed that the link connected to the device A is changed or deleted on the period between the operation 2 and the operation 3, for example, on May 10, 2015. In this case, "true" is set to the columns of the operations 4 to 7 among the columns of the flag 2 included in the operation history data 13a shown in FIG. If these operations 4 to 7 are rolled back, there is a high possibility that the integrity of the entire network NW can not be obtained. Therefore, the rollback list screen 800 shown in the upper part of FIG. 8 is displayed. In the rollback list screens 800, 820, and 840 shown in FIG. 8, it is assumed that a display for a user having the overall administrator authority is shown.

  In the rollback list screen 800 illustrated in FIG. 8, the records corresponding to the operations 4 to 7 are displayed in association with an icon indicating that the status regarding rollback of each record is “rollback impossible”. On the other hand, since the VLAN setting is performed after the link of the device A is changed in the operation 1 and the operation 2, there is a high possibility that consistency as a whole network configuration can be obtained even if rollback is performed. Therefore, the operations 1 and 2 are not considered as rollback impossible. That is, the record corresponding to the operation 1 is displayed in association with an icon indicating that the status regarding rollback is "rollback enabled", and the record corresponding to the operation 2 is "wait for rollback". As it is classified, in the present situation where no record is selected, the icon is not given and is displayed without a mark at present. For example, when the record corresponding to the operation 2 is selected, an icon indicating that the status regarding rollback is “wait for rollback” may be displayed in association with the record corresponding to the operation 2 . In addition, since the operation 3 is an operation to the device B which is not related to the device A which changed the link, it is not considered as "rollback not possible" and the status regarding the roll back is "rollback is possible" The icon which shows is matched and displayed. Under such circumstances, even if a non-rollback record is selected, the state of the execute button 810 is displayed as inactive.

  Next, assume that Device A is removed from the topology after Operation 1. In this case, a rollback list screen 820 shown in the middle of FIG. 8 is displayed. In the rollback list screen 820 shown in FIG. 8, in the records corresponding to the operations 1, 2, 4 to 7 in which the device A is included in the field “setting operation content”, the status regarding the rollback of each record is “rollback not possible An icon indicating “is displayed in association with one another. Therefore, rollback of the operation performed on the device A can not be performed at all. On the other hand, since the operation 3 is an operation to the device B which is not related to the device A deleted from the topology, it is not determined that "rollback is not possible" and that the status regarding roll back is "rollback is possible". The icon which shows is matched and displayed. Under such circumstances, even if a non-rollback record is selected, the state of the execute button 830 is displayed as inactive.

  Next, it is assumed that the external command operation is performed on the device A in a period between the operation 2 and the operation 3, for example, on May 10, 2015. In this case, "true" is set to the columns of the operations 4 to 7 among the columns of the flag 1 included in the operation history data 13a shown in FIG. If these operations 4 to 7 are rolled back, it is not impossible to return the settings to the operations 4 to 7 before the date and time when the external command operation was performed, within the range that can be grasped by the SDN controller. Since there is a possibility that the integrity of the network NW as a whole can not be obtained, the operations 4 to 7 are "rolled back impossible". As a result, the rollback list screen 840 shown in the lower part of FIG. 8 is displayed.

  In the rollback list screen 840 shown in FIG. 8, the records corresponding to the operations 4 to 7 are displayed in association with an icon indicating that the status regarding rollback of each record is “rollback impossible”. On the other hand, since the VLAN setting is performed after the link of the device A is changed in the operation 1 and the operation 2, there is a high possibility that consistency as a whole network configuration can be obtained even if rollback is performed. Therefore, the operations 1 and 2 are not considered as rollback impossible. That is, the record corresponding to the operation 1 is displayed in association with an icon indicating that the status regarding rollback is "rollback enabled", and the record corresponding to the operation 2 is "wait for rollback". As it is classified, in the present situation where no record is selected, the icon is not given and is displayed without a mark at present. For example, when the record corresponding to the operation 2 is selected, an icon indicating that the status regarding rollback is “wait for rollback” may be displayed in association with the record corresponding to the operation 2 . In addition, since the operation 3 is an operation on the device B that is not related to the device A on which the external command operation has been performed, "rollback is not possible" is not made and the status regarding rollback is "rollback is possible" An icon indicating that there is a corresponding is displayed. Under such circumstances, even if a non-rollback record is selected, the state of the execute button 850 is displayed as inactive.

  Subsequently, display in the case of a rollback error will be described. For example, it is assumed that the rollback in step 3 is performed but fails due to the device B being turned off. In this case, "true" is set to the column of the operation 3 among the columns of the flag 3 included in the operation history data 13a shown in FIG. In this case, a rollback list screen 900 shown in FIG. 9 is displayed. The rollback list screen 900 shown in FIG. 9 differs from the rollback list screen 600 shown in FIG. 6 in the display of the record corresponding to the operation 3. That is, in the record corresponding to the operation 3, an icon indicating that the status regarding rollback is "rollback error" is displayed in association. This means that since the operation 3 was originally "rollback enabled", the user has performed rollback, but as a result, the rollback has failed. In this case, if the cause of the rollback failure is a temporary factor such as a power failure of the device B or a network failure, the execution may be successful again. Therefore, it is possible to select and execute the record corresponding to the operation 3 again. That is, when the record corresponding to the operation 3 in the rollback error state is selected, the state of the execute button 910 is switched to active. Under such circumstances, for example, when the record corresponding to the operation 4 is selected, the related rollback icons are operated 1 and 2 so as to roll back in the order of the operation 1, the operation 2 and the operation 3. It is displayed in association with each record of operation 3.

[Flow of processing]
Next, the flow of processing of the network management device 10 according to the present embodiment will be described. Here, after (1) reverse command generation processing executed by the network management apparatus 10 is described, (2) rollback processing will be described.

(1) Reverse Command Generation Process FIG. 10 is a flowchart showing a procedure of reverse command generation process according to the first embodiment. This process is started, for example, when the first accepting unit 15a accepts editing of the setting. As shown in FIG. 10, when the setting operation is accepted by the first accepting unit 15a (step S101), for example, the monitoring unit 15b transmits “startup-config” from the network device 30 for which the setting operation has been performed in step S101. The "running-config" is acquired (step S102).

  Then, the monitoring unit 15b determines whether or not the two setting files match by comparing the two setting files of “startup-config” and “running-config” acquired in step S102. (Step S103).

  Here, when “startup-config” and “running-config” do not match (No in step S103), the setting unit 15c transmits a setting command regarding the content for which the editing is accepted in step S101 to the network device 30. The setting of the device 30 is updated (step S111). In this case, the setting unit 15 c invalidates the operation history record relating to the network device 30 in which the external command operation is detected among the reverse command data 13 b stored in the storage unit 13 by setting the flag 1 to “true”. (Step S112).

  On the other hand, when “startup-config” and “running-config” match (step S103 Yes), the monitoring unit 15b refers to the link data (not shown) stored in the storage unit 13 and edits the setting in step S101. It is determined whether "false" is set in the deletion flag regarding the link including the accepted network device 30 (step S104).

  At this time, when “true” is set in the deletion flag related to the link (No at step S104), the setting unit 15c transmits the setting command regarding the content for which the editing is accepted at step S101 to the network device 30. The setting of 30 is updated (step S111). Also in this case, the setting unit 15c invalidates the setting of the flag 2 of the operation history record related to the network device 30 in which the deletion of the link is detected among the reverse command data 13b stored in the storage unit 13 as "true". (Step S112).

  On the other hand, when “false” is set in the deletion flag related to the link (Yes at Step S104), the monitoring unit 15b determines that the “startup-config” acquired from the network device 30 at Step S102 and the storage unit 13 are the network device 30. And “startup-config” stored for the management of (step S105).

  Here, when the two “startup-config” do not match (No in step S105), it can be determined that the probability that the above external command operation has been performed is high. In this case, the setting unit 15c updates the setting of the network device 30 by transmitting, to the network device 30, a setting command related to the content for which the editing has been accepted in step S101 (step S111). In this case as well, the setting unit 15 c is invalidated by setting the flag 1 of the operation history record related to the network device 30 in which the external command operation is detected among the reverse command data 13 b stored in the storage unit 13 to “true”. (Step S112).

  On the other hand, when “startup-config” matches between the network management device 10 and the network device 30 (Yes at step S105), the setting unit 15c transmits, to the network device 30, a setting command regarding the content for which editing is accepted at step S101. By doing this, the setting of the network device 30 is updated (step S106).

  After that, the reverse command generation unit 15d obtains the updated "running-config" from the network device 30, and then compares the difference between the two "running-config" by comparing the "running-config" before and after the update. It extracts (Step S107).

  Subsequently, the reverse command generation unit 15 d determines whether the setting operation is a change of the setting value from the difference between the two “running-config” (step S 108). Then, if the setting operation is the change of the setting value (Yes at Step S108), the reverse command generation unit 15d generates a reverse command as follows. That is, the reverse command generation unit 15d changes the setting value of the item from which the difference is extracted among the items included in "running-config" for each of the network devices 30 for which the setting operation has been performed to the setting value before the setting operation. A reverse command to be changed is generated (step S109).

  In addition, when the setting operation is not the change of the setting value (No at Step S108), the reverse command generation unit 15d determines whether the setting operation is a new registration from the difference between the two "running-config" (Step S110). . Then, if the setting operation is new registration (Yes at step S110), the reverse command generating unit 15d extracts the difference among the items included in “running-config” for each of the network devices 30 for which the setting operation has been performed. A reverse command for deleting the setting value of the item is generated (step S1101). On the other hand, when the setting operation is not new registration (No at step S110), it is determined that the setting operation is deletion of the setting value. In this case, the reverse command generation unit 15d sets the setting value of the item from which the difference is extracted among the items included in "running-config" for each of the network devices 30 for which the setting operation has been performed, to the setting value before the deletion operation. In step S1102, a reverse command to be newly registered is generated.

  Then, the setting unit 15 c acquires the updated date and time of the “startup-config” or “startup-config” after update from the network device 30, and stores the storage unit 13 for management of the network device 30 “startup— The update date and time of “config” or “startup-config” is overwritten and updated (step S113).

  Thereafter, the setting unit 15c additionally registers a record regarding the setting operation received in step S101 in the operation history data 13a stored in the storage unit 13 (step S114), and ends the process. Here, in step S114, when it is determined No in the branch of step S103, the setting unit 15c determines the device name of the network device 30 in which the external command operation is detected among the operation history data 13a stored in the storage unit 13. Is set in the field of the setting operation content and “true” is set in the flag 1 of the record before the time when the external command operation is detected. Further, in step S114, when the branch of step S104 is determined to be No, the setting unit 15c sets the device name of the network device 30 in which deletion of the link is detected among the operation history data 13a stored in the storage unit 13. "True" is set to the flag 2 included in the field of the setting operation content and included in the record before the point when deletion of the link is detected. Further, in step S114, when the branch of step S105 is determined as No, the setting unit 15c selects the device name of the network device 30 in which the external command operation is detected among the operation history data 13a stored in the storage unit 13. "True" is set to the flag 1 included in the field of the setting operation content and included in the record before the time when the external command operation is detected.

(2) Roll Back Process FIGS. 11 and 12 are flowcharts showing the procedure of the roll back process according to the first embodiment. This process is started, for example, when a request for viewing a rollback list screen including a list of setting operations to be rolled back is received from the client terminal 50.

  As illustrated in FIG. 11, the rollback control unit 15e reads the operation history data 13a stored in the storage unit 13 (step S301). Subsequently, the rollback control unit 15 e selects one of the records included in the operation history data 13 a (step S 302).

  Subsequently, the rollback control unit 15 e determines whether “false” is set in the rollback error flag 3 of the record of the operation history data 13 a selected in step S 302 (step S 303).

  At this time, when “true” is set in flag 3 of the rollback error (No at step S303), although the rollback processing of the setting operation corresponding to the record selected at step S302 is performed in the past, It turns out that the result was an error. In this case, the rollback control unit 15 e assigns “rollback error” to the status of the rollback regarding the record (step S 304). Thereafter, the process proceeds to step S313.

  On the other hand, when the flag 3 of rollback error is set to “false” (Yes at step S303), the rollback control unit 15e determines that the setting operation corresponding to the record of the operation history data 13a selected at step S302 is the user authority. It is further determined whether it is within the range of (step S305). At this time, when the setting operation is out of the range of the user authority (No at Step S305), the rollback control unit 15e "out of list display target" in the status of rollback regarding the record of the operation history data 13a selected at Step S302. Are assigned (step S3051). Thereafter, the process proceeds to step S313.

  When the setting operation is within the range of the user authority (Yes at step S305), the rollback control unit 15e sets "false" in flag 1 of the external command operation of the record of the operation history data 13a selected at step S302. It is further determined whether it is set (step S307). At this time, when “true” is set in the flag 1 of the external command operation (No at step S307), it is understood that the external command operation is performed after the setting operation corresponding to the record is performed. In this case, the rollback control unit 15 e assigns “rollback impossible” to the status of the rollback regarding the record (step S 306). Thereafter, the process proceeds to step S313.

  In addition, when “false” is set to the flag 1 of the external command operation (Yes at step S307), the rollback control unit 15e further executes the following processing. That is, the rollback control unit 15 e is included in the field “setting operation content” of the record of the operation history data 13 a selected earlier among the network devices 30 included in the device data (not shown) stored in the storage unit 13. It is determined whether "false" is set in the deletion flag of the target network device 30 (step S308).

  At this time, when "true" is set to the deletion flag of the network device 30 (No at step S308), data on the network device 30 is deleted from the device data after the setting operation corresponding to the record is performed. I understand. In this case, the rollback control unit 15 e assigns “rollback impossible” to the status of the rollback regarding the record (step S 306). Thereafter, the process proceeds to step S313.

  Further, when “false” is set in the deletion flag of the network device 30 (Yes at step S308), the rollback control unit 15e performs editing and deletion of the link of the record of the operation history data 13a selected at step S302. It is further determined whether "false" is set to the flag 2 (step S309). At this time, when “true” is set to flag 2 of link editing / deletion (No at step S309), the link including the network device 30 is deleted from the topology after the setting operation corresponding to the record is performed. I understand that In this case, the rollback control unit 15 e assigns “rollback impossible” to the status of the rollback regarding the record (step S 306). Thereafter, the process proceeds to step S313.

  When the flag 2 of link editing / deletion is set to “false” (step S309 Yes), the rollback control unit 15e sets the field “setting operation of the record of the operation history data 13a selected in step S302. For each network device 30 included in the “content”, it is determined whether the first setting operation, that is, the latest setting operation is performed retroactively from the point of time when the request for browsing the rollback list screen is received (step S310).

  Here, in the case where the setting operation is the latest in all the network devices 30 (Yes in step S310), it can be determined that there is a high probability that there will be no hindrance to the execution of the rollback processing. In this case, the rollback control unit 15 e assigns “rollback possible” to the status of the rollback regarding the record (step S 311).

  On the other hand, if it is not the latest setting operation in any of the network devices 30 (No at Step S310), the field “in the setting operation performed before the setting operation corresponding to the record of the operation history data 13a selected at Step S302. The setting operation corresponding to the record of the operation history data 13a selected earlier on condition that the rollback process related to the related setting operation performed prior to the network device 30 included in the “setting operation content” is executed. It is understood that the rollback of may be permitted. In this case, the rollback control unit 15 e assigns “waiting for rollback” to the status of rollback regarding the record (step S 312).

  Thereafter, the process from step S302 to step S312 is repeatedly executed until each record included in the operation history data 13a is selected (No in step S313). Then, when each record included in the operation history data 13a is selected (Yes in step S313), the output control unit 15f displays a rollback list screen according to the rollback status allocated for each setting operation by the rollback control unit 15e. Are displayed on the client terminal 50 (step S314).

  Thereafter, the second accepting unit 15g accepts selection of any one of the records in the list of records included in the rollback list screen (step S315). At this time, when the record to which “rollback is possible” is assigned as the status of rollback is selected (Yes at step S316), the output control unit 15f displays an execution button for receiving an execution instruction of rollback processing in an active state. (Step S317).

  When a record to which “wait for rollback” is assigned as a status of rollback is selected (Yes at step S318), the following display is performed by the output control unit 15f. That is, the output control unit 15f is a setting operation performed before the setting operation corresponding to the record selected in step S315, and is included in the field "setting operation content" of the selected record. The record corresponding to the related setting operation for which the setting operation with respect to the apparatus 30 has been performed earlier is distinguishable from the display form of the other records, such as a distinguishable display form such as changing the display color of characters and filling, or highlighting The display is displayed, and the execution button is displayed in an inactive state (steps S319 and S320).

  When the record to which “rollback impossible” is assigned as the status of roll back is selected (No at step S318), the output control unit 15f displays the execute button in an inactive state (step S320).

  After that, until the roll back execution button is operated (No at step S321), the processes at steps S315 to S320 are repeatedly executed. When the rollback execution button is operated (Yes at step S321), the rollback control unit 15e determines whether the state of the execution button is active (step S322).

  Here, when the state of the execution button is active (step S322 Yes), the roll back control unit 15e performs a roll back of the setting operation by executing a reverse command corresponding to the setting operation for which the specification has been received. The back process is executed (step S323). When the state of the execution button is inactive (No in step S322), the rollback process of the setting operation for which the specification has been received is restricted. In this case, the process returns to step S315.

  Thereafter, the rollback control unit 15 e acquires “startup-config” after the setting is updated by the rollback process from each of the network devices 30 on which the rollback process is performed, and then the storage unit 13 acquires the “network”. The update date and time of “startup-config” or “startup-config” to be stored for management is overwritten and updated (step S324), and the record corresponding to the setting operation for which the rollback process is performed is recorded from the operation history data 13a. It deletes (Step S325). Thereafter, the process returns to the acquisition of the operation history data described in step S301, and the subsequent processes are repeatedly executed.

[One side of effect]
As described above, when there is a difference between the setting data stored in the network device 30 and the setting data stored in the network management device 10, the network management device 10 according to the present embodiment sends a difference to the network device 30 in the past. Disable the generated reverse command. Therefore, according to the network management apparatus 10 according to the present embodiment, it is possible to suppress the network failure that occurs due to the execution of the reverse command.

  Although the embodiments of the disclosed apparatus have been described above, the present invention may be implemented in various different forms other than the above-described embodiments. Therefore, another embodiment included in the present invention will be described below.

Reverse command
In the first embodiment described above, the case where the generation of the reverse command is restricted when the external command operation is detected is exemplified, but even if the setting is performed by the external command, the reverse of the setting file before and after the update is reversed. It is also possible to execute rollback if it is a setting that can be interpreted to determine a command.

[roll back]
Although the case where the network management system 1 rolls back the operation one by one is exemplified in the above-described first embodiment, it is also possible to roll back a plurality of operations at one time. In this case, a series of reverse commands may be executed, or it may be determined whether the series of reverse commands is the same type of command, and if it is the same type of command, an operation for which rollback is specified, that is, a plurality of operations. It is also possible to execute only the reverse command corresponding to the oldest operation among the operations of. For example, when all the reverse commands are the change of the setting value, the setting can be returned to the operation immediately before the operation for which the rollback is specified by changing the setting value once.

Distributed and integrated
Further, each component of each device shown in the drawings does not necessarily have to be physically configured as shown in the drawings. That is, the specific form of the distribution and integration of each device is not limited to the illustrated one, and all or a part thereof may be functionally or physically dispersed in any unit depending on various loads, usage conditions, etc. It can be integrated and configured. For example, the first reception unit 15a, the monitoring unit 15b, the setting unit 15c, the reverse command generation unit 15d, the rollback control unit 15e, the output control unit 15f or the second reception unit 15g can be used as an external device of the network management apparatus 10 via the network. It may be connected. In addition, another apparatus has the first reception unit 15a, the monitoring unit 15b, the setting unit 15c, the reverse command generation unit 15d, the rollback control unit 15e, the output control unit 15f, or the second reception unit 15g, and is network-connected. The functions of the above-mentioned network management device 10 may be realized by cooperating together.

[Inverse command generator]
The various processes described in the above embodiments can be realized by executing a prepared program on a computer such as a personal computer or a workstation. Therefore, an example of a computer that executes a reverse command generation program having the same function as that of the above embodiment will be described below with reference to FIG.

  FIG. 13 is a diagram illustrating an example of a hardware configuration of a computer that executes the reverse command generation program according to the first embodiment and the second embodiment. As shown in FIG. 13, the computer 100 includes an operation unit 110 a, a speaker 110 b, a camera 110 c, a display 120, and a communication unit 130. The computer 100 further includes a CPU 150, a ROM 160, an HDD 170, and a RAM 180. The components 110 to 180 are connected via a bus 140.

  In the HDD 170, as shown in FIG. 13, the first reception unit 15a, the monitoring unit 15b, the setting unit 15c, the reverse command generation unit 15d, the rollback control unit 15e, the output control unit 15f or the output control unit 15f described in the first embodiment A reverse command generation program 170a that exerts the same function as the second reception unit 15g is stored. The reverse command generation program 170a is implemented by the first reception unit 15a, the monitoring unit 15b, the setting unit 15c, the reverse command generation unit 15d, the rollback control unit 15e, the output control unit 15f, or the second reception unit 15g illustrated in FIG. Like each component, it may be integrated or separated. That is, the HDD 170 may not necessarily store all the data described in the first embodiment, and data used for processing may be stored in the HDD 170.

  Under such an environment, the CPU 150 reads the reverse command generation program 170 a from the HDD 170 and then develops the program on the RAM 180. As a result, the reverse command generation program 170a functions as a reverse command generation process 180a as shown in FIG. The reverse command generation process 180a expands various data read from the HDD 170 in the area allocated to the reverse command generation process 180a in the storage area of the RAM 180, and executes various processes using the expanded various data. . For example, the processes shown in FIGS. 10 to 12 are included as an example of the process executed by the reverse command generation process 180a. In the CPU 150, all the processing units described in the first embodiment may not necessarily operate, and processing units corresponding to processing to be executed may be virtually realized.

  The reverse command generation program 170a may not necessarily be stored in the HDD 170 or the ROM 160 from the beginning. For example, each program is stored in a “portable physical medium” such as a flexible disk, so-called FD, CD-ROM, DVD disk, magneto-optical disk, or IC card, which is inserted into the computer 100. Then, the computer 100 may acquire each program from these portable physical media and execute it. Also, each program is stored in another computer or server device connected to the computer 100 via a public line, the Internet, LAN, WAN, etc., and the computer 100 acquires and executes each program from these. You may

DESCRIPTION OF SYMBOLS 1 network management system 10 network management apparatus 11 communication I / F unit 13 storage unit 13a operation history data 13b reverse command data 15 control unit 15a first reception unit 15b monitoring unit 15c setting unit 15d reverse command generation unit 15e rollback control unit 15f Output control unit 15g Second reception unit 30A, 30B, 30C Network device

Claims (5)

A process of storing, in a predetermined storage unit, first setting data stored in the communication device each time the setting of the communication device is updated;
A process of receiving a setting operation on the communication device;
A process of acquiring second setting data stored in the communication device from the communication device targeted for the received setting operation;
A process of generating a reverse command of a setting command to be transmitted to the communication device based on the acquired second setting data;
Based on the first setting data stored in the storage unit when there is a difference between the second setting data acquired in the acquisition process and the first setting data stored in the storage unit Processing to invalidate the reverse command generated by
An inverse command generation program characterized by causing a computer to execute. The acquiring process acquires third setting data stored in a non-volatile memory of the communication device, and the second setting data stored in a volatile memory of the communication device.
The invalidating process may be performed when there is a difference between the first setting data and the third setting data acquired in the acquiring process, or the first setting data stored in the storage unit and the second setting data. The reverse command generation program according to claim 1, wherein the reverse command generated based on the first setting data stored in the storage unit is invalidated when there is a difference between the setting data and the second setting data. . A process of extracting a difference between setting data stored in the communication device before and after the setting of the communication device is updated;
And causing the computer to further execute a process of determining whether the setting value is changed or whether the setting value is newly registered or deleted from the difference extracted in the extracting process.
The process of generating generates a reverse command to change the setting value of the item from which the difference before and after updating is extracted to the setting value before the setting operation when the setting operation is a change of the setting value, and the setting operation Generates a reverse command to delete the setting value of the item from which the difference before and after updating extracted the setting value when the setting value is new registration, and the difference before and after updating is extracted when the setting operation is deletion of the setting value The reverse command generation program according to claim 1, wherein a reverse command is generated to newly register the setting value of the selected item with the setting value before the deletion operation. A process of storing, in a predetermined storage unit, first setting data stored in the communication device each time the setting of the communication device is updated;
A process of receiving a setting operation on the communication device;
A process of acquiring second setting data stored in the communication device from the communication device targeted for the received setting operation;
A process of generating a reverse command of a setting command to be transmitted to the communication device based on the acquired second setting data;
Based on the first setting data stored in the storage unit when there is a difference between the second setting data acquired in the acquisition process and the first setting data stored in the storage unit Processing to invalidate the reverse command generated by
A reverse command generation method characterized in that is executed by a computer. A storage unit for storing, in a predetermined storage unit, first setting data stored in the communication device each time the setting of the communication device is updated;
A reception unit that receives a setting operation on the communication device;
An acquisition unit configured to acquire second setting data stored in the communication device from the communication device that is the target of the received setting operation;
A generation unit configured to generate a reverse command of a setting command to be transmitted to the communication device based on the acquired second setting data;
When there is a difference between the second setting data acquired by the acquisition unit and the first setting data stored in the storage unit, based on the first setting data stored in the storage unit A setting unit that invalidates the generated reverse command;
An inverse command generator characterized by having:

Images