RU2784713C1 - Method and apparatus for operational control of communication channels - Google Patents

Abstract

FIELD: telecommunications.

SUBSTANCE: method includes the stages of polling the communication channel control switches; establishing communication with the router via the command line interface through the physical interface on the router dedicated thereto; sending messages to the router via the command line interface in accordance with the position of the switch and the required parameter values; receiving response messages from the router via the command line interface; analysing the messages received from the router; generating and sending new messages depending on the content of the response messages from the router; verifying the match of the parameters with the required values by sending request commands to the command line interface; receiving response messages from the router and analysing the content of the response messages; delaying between repeat iterations of the general cycle in accordance with the required polling interval.

EFFECT: possibility of automated changes in the configuration of communication channels.

3 cl, 5 dwg

Description

The present invention relates to the field of telecommunications, namely, to the management of communication channels. The present invention can be used in industrial automation, plant automation, and other fields using packet data networks.

Modern computer networks created to provide information exchange between devices are a system with a complex structure that can include a variety of data transmission media, protocols, services and other resources. In order for the network to function stably, securely and in accordance with the needs of the owner and users, all its components must be carefully selected and configured.

The logical topology of a computer network is usually different from the physical one. Within a physical network, there are a plurality of logical communication channels that form logical networks. Also, logical communication channels may include nodes of different physical local networks that have an Internet connection or other possibility of exchanging data with each other.

A logical communication channel can be defined as a set of means that enable data to be exchanged between two or more devices. At the same time, from the point of view of devices connected by a communication channel, the structure of the channel does not matter, which can include any number of transit gaps, physical media, protocols, services, and other software and hardware. Devices using the same logical communication channel can be located both in the same local network and on different continents. To form logical communication channels, intermediate specialized devices are used - switches and routers, which ensure optimal network loading, guaranteed delivery of data packets, selection of the optimal route for packets, and other important functions.

Switches and routers play a key role in the formation of logical communication channels. Having many settings, they provide the ability to flexibly manage communication channels, allowing you to connect and disconnect individual nodes, connect and disconnect different subnets among themselves, perform filtering, block, redirect data packets according to specified rules based on certain characteristics, and perform many other functions. In order to make a change in the functioning of the communication link, it is necessary to configure the involved switches and / or routers using the built-in command line interface (CLI) or a graphical interface.

In some cases, there is a need for operational management of communication channels. Most often, this means setting or changing known parameters or parameter sets in switches and/or routers. For example, there may be a need to temporarily restrict the access of one of the users to certain network resources. This task can be solved manually, for example, by excluding a host or group of hosts from the ACL on the target resource access router using the router's web interface or command line interface. After that, when you need to restore access to network resources for this node, you will need to manually change the corresponding settings in the router again. However, this approach has a number of disadvantages:

- the need to use a personal computer to connect to the interface of a switch or router;

- the need for a qualified person to interact with the interface of the switch or router;

- low security: an employee who makes a change in the configuration of a switch or router has access to all its settings, which makes the system potentially unprotected from the employee's possible malicious intent;

- probability of erroneous actions: an employee who makes a change in the configuration of a switch or router can perform erroneous actions, potentially having negative or even dangerous consequences;

- tangible time spent on repetitive actions: establishing a connection with the interface of a switch or router, authorization, making changes and checking the changes made.

The closest analogue of the method of operational management of communication channels presented in the present invention is the invention "Administration of a remote system using the command line environment" (patent RU No. 2357289, published on September 29, 2009). The method for administering a remote system via the command line describes a method in which operator actions are converted into command line string messages and sent to the command line interface of the target system. However, this method does not allow solving the indicated problem due to a number of features, namely: connection to the router and interaction with it through the command line interface is not provided; management of communication channels is not provided; interaction with the user is carried out through a graphical interface using a computer.

There are many devices that physically break the transit gap. An example of such a device is ipELB manufactured by IPCOMM GmbH, Germany (link to device description: https://www.ipcomm.de/product/ipELB/en/sheet.html). The ipELB is housed in a housing designed for installation in a standard 19-inch telecommunications rack. It allows up to four hops to be disconnected by physical relay switching. The ipELB device is controlled by switches located on its front side. Also, the ipELB device allows you to organize remote control via a digital serial interface.

The hardware-software complex “Lan Lzoe” (patent RU 2578697 C2, published on March 27, 2016) can be considered as a prototype of the communication channel control device of the present invention. This prototype provides for the control of the switch, aimed at disabling its individual ports, one of which is connected to the computer's network card, the others - to one or different computer networks. Thus, the device allows you to break and restore the connection of a computer with one or more networks and / or different networks among themselves, and such control can be carried out both from a computer and from buttons.

In general, devices such as ipELB and the “Lan Lzoe” hardware-software complex perform the task of managing communication channels at their level. However, in reality, the management of communication channels does not always imply a break in the transit gap. A single hop can be used by multiple logical links, and tearing it can disrupt the operation of all logical links using the broken hop. One device connected to the network can use several logical communication channels, and physical breakers are not able to provide operational control of these channels separately. In other words, devices that break physical communication channels operate exclusively at the physical layer of the vertical OSI model, without affecting the channel, network, and higher layers of the OSI model. At the same time, the main disadvantage of such devices is the inability to change the settings of the switch or router regarding protocols such as MAC, IP, TCP / UDP and others.

Thus, there is a problem that allows you to quickly and safely manage both physical and logical communication channels, without the involvement of special employees and the use of personal computers. Accordingly, there is a problem in the absence of a device that implements such a method, having switches for operational control by the user and an interface for automated interaction with the router.

The objective of the present invention is to create a new method for the operational management of communication channels with a high level of automation, security and speed, as well as a device that implements this method.

The technical result of the present invention is the creation of a method for automatically changing the configuration of communication channels through the settings of a switch or router by exchanging messages via the command line interface of the switch or router and introducing preset sets of parameters into the configuration of the switch or router in accordance with the position of the switches, as well as a device containing a microprocessor, I / O ports, switches and software, the algorithm of which corresponds to the above method.

The technical result of the method of operational control of communication channels is achieved by the fact that the method of operational control of communication channels, based on control through the command line interface, converting user actions into groups of sequential string commands, receiving and analyzing response messages, according to the invention, provides for:

- Polling the status of communication channel control switches;

- establishment of communication with the switch or router via the command line interface through the physical interface intended for this purpose;

- sending messages to the switch or router through the command line interface in accordance with the position of the switch and the required parameter values;

- formation and sending of new messages depending on the content of response messages from the switch or router;

- checking the compliance of the parameters with the required values by sending query commands to the command line interface, receiving response messages from the switch or router and analyzing the content of the response messages;

- delay between repetitions of the general cycle in accordance with the required polling interval.

The technical result is achieved by the fact that a device that controls communication channels through an external network device, having a user interaction interface in the form of switches and with the possibility of program control through an external port, a microprocessor, input-output interfaces, according to the invention, includes: switches and LED indicators located (write how they are fixed) on the front panel and designed to interact with the user and connected through shift registers and a synchronous serial interface with the central processor; discrete outputs controlled by the central processor; synchronous serial communication interface with expansion modules to increase the number of controlled communication channels; secondary power supply; built-in software that implements the method of on-line control of channels, and also contains additionally one or more expansion modules designed to increase the number of controlled communication channels, containing switches and LED indicators located on the front panel and intended for user interaction and connected through shift registers and synchronous serial interface with microprocessor and other expansion modules.

The presence of a new set of essential distinguishing features from the prototype in the claimed invention allows us to conclude that the claimed invention meets the criterion of "novelty".

An additional comparative analysis of patent and scientific and technical information did not reveal sources containing information about the fame of the totality of the distinctive features of the claimed invention, which indicates its compliance with the criterion of "inventive step".

The invention is illustrated by drawings, where in Fig. 1 shows the algorithm of the method;

Figure 2 is a block diagram of the basic module of the device;

Figure 3 - an example of a fragment of the circuit block of switches;

Figure 4 is a block diagram of the expansion module and the wiring diagram for connecting the base module and expansion modules;

Figure 5 - base module, front view

An algorithm is a cyclically repeated set of actions. At the beginning of each repetition of the cycle, the state of the switches is read, with which the user sets the required state of the communication channels. In fact, the reading function provides not for a single measurement of the logic level, but for repeating this measurement several times with a given pause and averaging the result in order to protect against false alarms due to contact bounce or electromagnetic interference. The reading results are compared with the state of the switches read in the previous iteration of the loop. If the state of the switches has changed, commands are sent to the switch or router through its command line interface and parameters are written corresponding to the new state of the switches whose state has changed. After recording new data, the state of all monitored parameters and communication channels is polled and compared with the specified values. If the state of the switches remains unchanged, the status of the monitored communication channels and parameters is polled without sending commands and writing new values.

Also, as one of the options for implementing this method, it is possible to send commands and write new data even if the state of the switches is unchanged. This may be required, for example, with dynamically changing parameters, the value of which must be written to the switch or router each time the cycle is repeated. In the general case, this method provides for a flexible and, if necessary, multi-stage message exchange with the switch or router via the command line interface, while one of the input parameters is the state of the switches.

Polling the monitored parameters of a switch or router is sending special command-requests via the command line interface, initiating the sending of a response message from the side of the switch or router containing some parameter or group of parameters, the values of which are then compared with the expected (required) values.

If there is a discrepancy between the actual and expected values of the parameters, the corresponding communication channel is considered to be faulty. Such a communication channel failure is signaled by a light indication, a message via any data transfer protocol, a change in the state of discrete outputs, and/or any other available method. If there is no discrepancy between the actual and preset values of the parameters, then the channel is considered to be in good order, which is also signaled in the same way.

Signaling the state of the channels, in addition to the presence or absence of a malfunction, also reflects the value of the monitored parameter or group of parameters of the communication channel. LED control is a configurable function. The set of data for light indication, the state of discrete outputs and transmission according to the selected protocol is updated with each repetition of the cycle.

Looping too often can cause an excessive load on the computing resources of the router's processor and the data interface used. To avoid this, there is a delay at the end of each iteration of the loop with an adjustable duration.

Also, in order to optimize the control of communication channels, the processing of certain channels can occur not every time, but with skips of a given number of cycle repetitions. Thus, a number of such cycles, each of which has a certain set of controlled parameters, can be included in a larger cycle and executed in turn.

The communication channel control device consists of one base module and, if it is necessary to increase the number of controlled communication channels, it can include the required number of expansion modules.

The base module contains a microprocessor unit, an I/O interface unit, a switch unit, an LED indication board, and a power supply. The block diagram of the basic module is shown in Fig. 2.

The power supply is a switching voltage converter that has two outputs - 5 V and 3.3 V. The 5 V output is connected to I / O ports, switches, LED display panel. The 3.3 V output is connected to the microprocessor unit. Depending on the modification, the power supply supports input voltage of 24, 48, 110 and/or 230 V DC and/or AC, has a single input, a duplicated input with diode isolation or a duplicated input, and duplicated power converter circuits. According to the topology used, the power supply is a buck, forward or flyback converter.

The microprocessor unit consists of a microprocessor, system memory, ROM and communication interfaces and auxiliary elements such as a clock generator, a power controller, and so on, depending on the microprocessor used. In the case of using a microcontroller or system on a chip (SoC), some of these elements are integrated into one chip with a processor core. The ROM contains software that includes the functions of data exchange via external interfaces, interrogation of switches, control of LED indication and discrete outputs, as well as data processing in accordance with user settings.

The communication channel control switches, located on the front side of the device, are connected to a 5 V supply and shift registers with pull-up resistors. Each switch has a redundant number of contacts to control the validity of its positions. Shift registers are integrated circuits with parallel input and serial output, such as the 74HC165. The switch contacts are connected to the parallel input, and the lines of the serial synchronous data transmission interface of the microprocessor unit are connected to the serial output. In FIG. 3 shows an example of a circuit fragment for four two-position switches. Switches SW1..SW4 are connected by a common contact to a 5 V supply, and by normally closed and normally open contacts to the inputs of the shift register DD1. Pull-up resistors R1..R8 are connected between the parallel inputs of the shift register and the circuit ground. Several such circuit fragments are interconnected in such a way that the data output Q of one shift register is connected to the serial input DS of the next shift register, while the data output of the last shift register in this chain is connected to the input of the serial synchronous interface of the microprocessor unit. The CE and CP inputs are connected to the enable (chip select) and clock signal (clock) outputs of the serial synchronous interface of the microprocessor unit, respectively. If a large number (6 or more) of shift registers are used, the clock and chip select signals are enabled through digital buffers (repeaters) to reduce the current load on the output and ensure signal integrity.

The LED display panel contains LEDs and shift registers. Shift registers with serial input and parallel output (for example, SN54HC16) are connected to each other and to the serial synchronous interface of the microprocessor unit in a similar way, and LEDs are connected to the outputs through current-limiting outputs. Also, as one of the options, LEDs with an integrated shift register with a serial asynchronous interface and a PWM controller, such as WS1812B, can be used.

The circuit implementation of the input-output ports is highly dependent on the design of the microprocessor unit. Interfaces built into a microprocessor or SoC require little to no external circuitry components. Others require a number of external components. Also, if necessary, additional elements for galvanic isolation can be used - galvanic isolation microcircuits, optocouplers, isolated voltage converters, etc.

If it is necessary to increase the number of controlled communication channels, one or more external expansion modules are connected to the base module of the device, each of which contains an additional set of switches and an LED display panel. Such modules are connected to the base module by a cable. The block diagram of the expansion module and the wiring diagram for connecting the base module and expansion modules are shown in Fig.4.

Structurally, the basic module is made in a housing for mounting in a standard 19-inch telecommunications rack. The front side view is shown in Fig. 5, which shows the device status LEDs 1 (8 pcs.), Link status LEDs 2 (16 pcs.), Switches 3 (16 pcs.), Mounting holes for installation in a telecommunications rack 4, Channel communication LEDs connections 5 (16 pcs.). On the rear side, the base module has connectors for power supply, communication interfaces and discrete outputs.

The expansion module, like the base module, is made in a housing designed for installation in a standard 19-inch telecommunications rack, but, unlike the base module, it does not have device status indicators, and on the rear side it has only two connectors for a communication interface with base module and other expansion modules.

The present invention is applicable to all industries using computer networks. As a result of research and development work carried out by the authors of the present invention, it was found that the described method and a device that implements this method can be successfully used, for example, in the electric power industry for the operational input-output of control actions in emergency automation systems, which greatly simplifies and increases the safety of upcoming repairs and speeds up the commissioning of equipment after the completion of repairs, while minimizing the number of personnel actions and the likelihood of errors. This invention can be used to ensure information security, allowing you to quickly and flexibly manage the access of certain individuals or groups of individuals to certain data. In general, the scope of the present invention is limited only to the scope of packet data networks, since the task of operational management of communication channels may arise in various industries and fields of activity.

Claims (9)

1. A method for operational management of communication channels, based on control via a command line interface, converting user actions into groups of sequential string commands, receiving and analyzing response messages, characterized in that it includes: - Polling the status of communication channel control switches; - establishment of communication with the switch or router via the command line interface through the physical interface intended for this purpose; - sending messages to the switch or router through the command line interface in accordance with the position of the switch and the required parameter values; - formation and sending of new messages depending on the content of response messages from the switch or router; - checking the compliance of the parameters with the required values by sending query commands to the command line interface, receiving response messages from the switch or router and analyzing the content of the response messages; - the delay between repetitions of the general cycle in accordance with the specified interval for sending and receiving messages through the command line interface and polling the state of the communication channel control switches. 2. A device that manages communication channels through an external network device, having a user interaction interface in the form of switches and with the ability to program control through an external port, a microprocessor, input-output interfaces, characterized in that it includes: switches and LED indicators installed on the front panel board and intended for interaction with the user, and connected through shift registers and a synchronous serial interface with the central processor; discrete outputs controlled by the central processor; synchronous serial communication interface with expansion modules to increase the number of controlled communication channels; secondary power supply; embedded software that implements the functionality in accordance with clause 1. 3. The device according to claim 2, characterized in that it additionally contains one or more expansion modules containing switches and LED indicators installed on the front panel and connected via shift registers and a synchronous serial interface with a microprocessor and other expansion modules.

Images