WO2009152700A1 - Method, system and transfer device for managing the network device port status - Google Patents

Method, system and transfer device for managing the network device port status Download PDF

Info

Publication number
WO2009152700A1
WO2009152700A1 PCT/CN2009/070180 CN2009070180W WO2009152700A1 WO 2009152700 A1 WO2009152700 A1 WO 2009152700A1 CN 2009070180 W CN2009070180 W CN 2009070180W WO 2009152700 A1 WO2009152700 A1 WO 2009152700A1
Authority
WO
WIPO (PCT)
Prior art keywords
port
state
logical group
ports
transit
Prior art date
Application number
PCT/CN2009/070180
Other languages
French (fr)
Chinese (zh)
Inventor
张日华
苏然
杨勇
毛世峰
侯贵斌
Original Assignee
成都市华为赛门铁克科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 成都市华为赛门铁克科技有限公司 filed Critical 成都市华为赛门铁克科技有限公司
Priority to US12/478,131 priority Critical patent/US20090316572A1/en
Publication of WO2009152700A1 publication Critical patent/WO2009152700A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks

Definitions

  • the present invention relates to the field of network management, and in particular, to a method, a system, and a transit device for managing a port state of a network device. Background technique
  • FIG. 1 is a schematic diagram of networking of a dual-system hot standby solution provided by the prior art. Under normal circumstances, the service is transmitted through the primary link router A ⁇ firewall A ⁇ router C. When the primary link fails, the service is switched to the backup link router 8 ⁇ firewall B ⁇ router D for transmission, thus ensuring Uninterrupted transmission of terminal services.
  • the service from terminal A to terminal B can be transmitted through link router C ⁇ router D ⁇ firewall B ⁇ router B. From The service that terminal B returns to terminal A may be transmitted through link router A ⁇ firewall A ⁇ router C. Because the port connected to firewall A and router C fails, the link between firewall A and router C is interrupted. B The service returned to terminal A cannot pass. At this time, because the router A cannot sense the port status between the firewall A and the router C, the route switching cannot be performed, and the terminal service transmission is interrupted. If the current networking situation is becoming more and more complex, when the dual-system hot backup networking solution is adopted, if the port of the transit device fails, the upstream and downstream devices connected to the transit device cannot switch the terminal service to the standby link. As a result, the terminal service transmission is interrupted. Summary of the invention
  • the embodiment of the invention provides a method, a system and a relay device for managing the state of the port of the network device.
  • a method for managing a port state of a network device comprising:
  • the transit device detects the working status of the port in the preset logical group, and the port is the port connected to the uplink and downlink device on the transit device;
  • the working state of any port in the preset logical group is a fault state
  • the working state of the other ports in the preset logical group is set to a fault state, so that the uplink and downlink devices of the transit device are detected.
  • the transit device port is in a fault state, the terminal service is switched to the standby link.
  • a relay device, the relay device includes:
  • a detecting module configured to detect a working state of a port in the preset logical group, where the port is a port connected to the uplink and downlink device on the transit device;
  • a setting module configured to set other ports in the preset logical group to a fault state when detecting that the working state of any port in the preset logical group is a fault state.
  • a system for managing port status of a network device comprising:
  • a transit device configured to detect an operating state of a port in the preset logical group, when the pre-detection is detected
  • the other ports in the preset logical group are set to the fault state, so that the uplink and downlink devices of the transit device detect that the port of the transit device is faulty.
  • the terminal service is switched to the standby link, and the port is the port connected to the uplink and downlink device on the transit device.
  • the technical solution provided by the embodiment of the present invention detects the working state of the port in the preset logical group by using the transit device.
  • the other ports in the preset logical group work.
  • the state is set to the fault state, so that the upstream and downstream devices of the transit device can switch the terminal service to the standby link when the transit device port is detected as the fault state, so that the terminal service can be continuously transmitted.
  • FIG. 1 is a schematic diagram of networking of a dual-system hot standby solution provided by the prior art
  • FIG. 2 is a flow chart of a method for managing a port state of a network device according to an embodiment of the present invention
  • FIG. 3 is a schematic diagram of a networking diagram of a method for managing port status of a network device according to an embodiment of the present invention
  • FIG. 4 is a schematic structural diagram of a relay device according to an embodiment of the present invention.
  • FIG. 5 is a schematic structural diagram of a system for managing a port state of a network device according to an embodiment of the present invention. detailed description
  • the embodiment of the invention provides a method for managing the state of a port of a network device, including: setting, when the working state of any port in the preset logical group is a fault state, setting the working state of other ports in the preset logical group In the fault state, when the uplink and downlink device of the transit device detects that the transit device port is in a fault state, the terminal service is switched to the standby link, so that the terminal service can be normally transmitted.
  • the specific steps of the embodiment of the present invention are: logical groups.
  • Ports C, D, E, and F are assigned to the same logical group.
  • the relationship between the port and the logical group of the transit device is not limited to the above example. In actual applications, the corresponding settings can be made according to the requirements of the terminal service.
  • Step 1 02 The transit device detects the working status of the port in the preset logical group. When the transit device detects that any port in the preset logical group is faulty, the other ports in the preset logical group are set to the Down state. .
  • Step 1 03 When the uplink device and the downlink device of the transit device detect that the port of the transit device is faulty, the terminal service is switched to the standby link.
  • step 102 Since in step 102, the state of the port in the logical group of the transit device is a fault state, the state change of the port causes the uplink (lower) link of the transit device to be faulty, and at this time, the transit device is The connected upper (lower) row device can detect the port failure through the fault state of the port and simultaneously switch the terminal service to the standby link.
  • the transit device detects that all ports in the preset logical group are working properly, all ports in the preset logical group are set to the normal state.
  • the upper (lower) row device connected to the transit device can pass the normal state of the port, and sense that the port works normally and simultaneously switch the service back to the active link.
  • firewalls A and B are transit devices (transit devices can also be routers, servers or switches), the primary link is router A ⁇ firewall A ⁇ router C, and the standby link is router B ⁇ firewall B router D, normal In this case, the traffic is transmitted over the primary link.
  • the logical group In the initial state, multiple ports in the logical group of firewall A and firewall B are in the UP (normal) state.
  • Firewall A detects the port fault status in the logical group stored in its own. When it detects that any port in the logical group is in the fault state, the other ports in the logical group are set to the fault state. At this point, both Router A and Router C can detect port faults and perform route switching to switch services from the primary link to the standby link. When firewall A detects that all ports in the logical group are working properly. In the status, the port status in the logical group is set to the UP state. At this time, both Router A and Router C can detect that the port is normal and perform route switching to switch the terminal service from the standby link to the active link to ensure uninterrupted operation of the terminal service.
  • FIG. 3 The networking diagram of the second scenario is shown in 3.
  • network A and network B are connected by router A, and router A is connected to firewall A through two links (firewall A is a transit device).
  • firewall A is a transit device.
  • the terminal service is sent to the firewall A through the router A.
  • the firewall sends the service to the router A.
  • the router A sends the filtered terminal service to the terminal in the network.
  • the path of the service transmission is called high.
  • Priority link also known as the primary link
  • a low-priority link also referred to as a backup link
  • firewall A When firewall A detects that the working status of any port in the logical group is faulty, the other ports in the logical group are set to the fault state. At this time, when Router A detects that the port of firewall A is faulty, it switches the terminal service to the low-priority link. When firewall A detects that all the ports in the logical group are working properly, all the ports in the logical group are set. In the normal state, when all the ports of the firewall A are detected, the router A switches the terminal service to the high-priority link to ensure the uninterrupted operation of the terminal service.
  • the embodiment of the invention further provides a relay device, which can be a firewall, a router, a switch or a server.
  • the transit device itself stores a list of associations between port numbers and logical group numbers, and assigns the same logical group number to multiple ports.
  • the transit device detects the working status of the ports in the logical group. When it detects that the working status of any port in the logical group is the fault state, the other ports in the logical group are set to the fault state; when all ports in the logical group are detected When working normally, all ports in the logical group are set to the normal state.
  • the structure of the relay device provided by the embodiment of the present invention is as shown in FIG. 4, and includes: a detecting module 11 configured to detect a working state of a port in a preset logical group, where the port is connected to an uplink and downlink device on the transit device.
  • the setting module 12 is configured to set other ports in the preset logical group to a fault state when the detecting module 11 detects that the working state of any port in the preset logical group is a fault state.
  • the setting module 12 is further configured to set all ports in the preset logical group to a normal state when the detecting module 11 detects that all ports in the preset logical group are working normally.
  • the embodiment of the present invention further provides a system for managing the state of a port of a network device.
  • the system includes: a transit device 21, configured to detect an operating state of a port in a preset logical group, when detecting the When the working state of any port in the preset logical group is a fault state, the other ports in the preset logical group are set to a fault state, and the port is a port connected to the uplink and downlink device on the transit device;
  • the uplink and downlink device 22 of the device is configured to switch the terminal service to the standby link when detecting that the port of the relay device 21 is in a fault state.
  • the relay device 21 is further configured to: when detecting that all ports in the preset logical group are working normally When the working status of all the ports in the preset logical group is set to the normal state, the upstream and downstream devices 22 of the transit device switch the terminal service from the standby link to the active link when detecting that the transit device port is in the normal state. road.
  • the transit device can be a firewall, a router, a switch, or a server.
  • the technical solution provided by the embodiment of the present invention detects the working state of the port in the preset logical group by using the transit device.
  • the other ports in the preset logical group work.
  • the state is set to the fault state, so that the upstream and downstream devices of the transit device can switch the terminal service to the standby link when the transit device port is detected as the fault state, so that the terminal service can be continuously transmitted.

Abstract

A method, system and transfer device for managing the network device port status. The method includes: the transfer device detects the working status of the ports in the preset logic group; said ports are those that connect the uplink and downlink devices on the transfer device; when detecting that the working status of any port in the preset logic group is in a failure status, it sets the working status of all the other ports in the preset logic group to be the failure status so that the uplink and downlink devices of said transfer device switch the terminal service to a standby link when they detect that said transfer device ports are in the failure status. The transfer device includes a detecting module and a setting module. The system includes a transfer device. The technical solution of the embodiments of the present invention ensures that the terminal service is transmitted incessantly.

Description

管理网络设备端口状态的方法、 系统及中转设备 本申请要求于 2008 年 06 月 20 日提交中国专利局、 申请号为 2008101 15302. 8 , 发明名称为"管理网络设备端口状态的方法、 系统及设备" 的中国专利申请的优先权, 其全部内容通过引用结合在本申请中。 技术领域  Method, system and transfer device for managing network device port status The application is submitted to the Chinese Patent Office on June 20, 2008, and the application number is 2008101 15302. 8 , and the invention name is "method, system and device for managing network device port status" The priority of the Chinese Patent Application, the entire contents of which is incorporated herein by reference. Technical field
本发明涉及网络管理领域,特别涉及一种管理网络设备端口状态的方法、 系统及中转设备。 背景技术  The present invention relates to the field of network management, and in particular, to a method, a system, and a transit device for managing a port state of a network device. Background technique
在当前的网络应用中, 用户对网络可靠性的要求越来越高, 特别是在一 些重点的业务入口或接入点上, 例如企业的 interne t接入点, 银行的数据库 服务器等, 用户希望保证网络的不间断运行, 在这种业务点上如果只使用一 台网络设备, 无论其可靠性多高, 系统都必然要承受因单点故障而导致网络 中断的风险。  In current network applications, users have higher and higher requirements for network reliability, especially at some key service portals or access points, such as the enterprise's intern t access point, the bank's database server, etc. To ensure the uninterrupted operation of the network, if only one network device is used at this service point, no matter how high the reliability, the system must bear the risk of network interruption due to a single point of failure.
釆用双机热备组网方案可以很好解决当前网络应用中单台网络设备可靠 性不高的问题。 该方案釆用两条动态虚拟链路, 一条链路是主用链路, 另一 条链路是备用链路, 当主用链路出现故障时, 系统会将业务切换到备用链路 上进行正常传输, 从而保障了业务传输的不间断性。 图 1是现有技术提供的 双机热备方案的组网示意图。 正常情况下, 业务通过主用链路路由器 A→防 火墙 A 路由器 C进行传输, 当主用链路出现故障时, 业务被切换到备用链 路路由器8→防火墙 B→路由器 D进行传输, 从而保障了终端业务传输的不 间断性。 The dual-system hot backup networking solution can solve the problem of low reliability of single network equipment in current network applications. The solution uses two dynamic virtual links. One link is the primary link and the other link is the standby link. When the primary link fails, the system switches the service to the standby link for normal transmission. Thus, the uninterrupted nature of service transmission is guaranteed. FIG. 1 is a schematic diagram of networking of a dual-system hot standby solution provided by the prior art. Under normal circumstances, the service is transmitted through the primary link router A → firewall A router C. When the primary link fails, the service is switched to the backup link router 8 → firewall B → router D for transmission, thus ensuring Uninterrupted transmission of terminal services.
如果防火墙 A和路由器 C相连的端口发生故障, 从终端 A到终端 B的业 务可以通过链路路由器 C →路由器 D→防火墙 B→路由器 B 进行传输。 从 终端 B返回给终端 A的业务可能会通过链路路由器 A→ 防火墙 A→路由器 C 进行传输, 由于防火墙 A和路由器 C相连的端口发生故障, 防火墙 A和路由 器 C之间的链路中断, 从终端 B返回给终端 A的业务无法通过。 此时, 由于 路由器 A并不能感知防火墙 A和路由器 C之间的端口状态, 无法进行路由切 换, 导致终端业务传输中断。 当前组网情况日益复杂的情况下, 在釆用双机热备组网方案时, 如果中 转设备的端口出现故障, 会导致与中转设备相连的上下行设备无法将终端业 务切换到备用链路, 从而导致终端业务传输中断。 发明内容 If the port connected to firewall A and router C fails, the service from terminal A to terminal B can be transmitted through link router C → router D → firewall B → router B. From The service that terminal B returns to terminal A may be transmitted through link router A→firewall A→router C. Because the port connected to firewall A and router C fails, the link between firewall A and router C is interrupted. B The service returned to terminal A cannot pass. At this time, because the router A cannot sense the port status between the firewall A and the router C, the route switching cannot be performed, and the terminal service transmission is interrupted. If the current networking situation is becoming more and more complex, when the dual-system hot backup networking solution is adopted, if the port of the transit device fails, the upstream and downstream devices connected to the transit device cannot switch the terminal service to the standby link. As a result, the terminal service transmission is interrupted. Summary of the invention
为了避免终端业务传输中断, 本发明实施例提供了一种管理网络设备端 口状态的方法、 系统及中转设备。  In order to avoid the interruption of the transmission of the terminal service, the embodiment of the invention provides a method, a system and a relay device for managing the state of the port of the network device.
一种管理网络设备端口状态的方法, 所述方法包括:  A method for managing a port state of a network device, the method comprising:
中转设备检测预设逻辑组内端口的工作状态, 所述端口为中转设备上的 与上下行设备相连的端口;  The transit device detects the working status of the port in the preset logical group, and the port is the port connected to the uplink and downlink device on the transit device;
当检测到所述预设逻辑组内任意端口的工作状态为故障状态时, 将所述 预设逻辑组内其它端口的工作状态都设置为故障状态, 使所述中转设备的上 下行设备在检测到所述中转设备端口为故障状态时, 将终端业务切换到备用 链路。  When it is detected that the working state of any port in the preset logical group is a fault state, the working state of the other ports in the preset logical group is set to a fault state, so that the uplink and downlink devices of the transit device are detected. When the transit device port is in a fault state, the terminal service is switched to the standby link.
一种中转设备, 所述中转设备包括:  A relay device, the relay device includes:
检测模块, 用于检测预设逻辑组内的端口的工作状态, 所述端口为中转 设备上的与上下行设备相连的端口;  a detecting module, configured to detect a working state of a port in the preset logical group, where the port is a port connected to the uplink and downlink device on the transit device;
设置模块, 用于当检测到所述预设逻辑组内的任意端口的工作状态为故 障状态时, 将所述预设逻辑组内的其它端口都设置为故障状态。  And a setting module, configured to set other ports in the preset logical group to a fault state when detecting that the working state of any port in the preset logical group is a fault state.
一种管理网络设备端口状态的系统, 所述系统包括:  A system for managing port status of a network device, the system comprising:
中转设备, 用于检测预设逻辑组内的端口的工作状态, 当检测到所述预 设逻辑组内的任意端口的工作状态为故障状态时, 将所述预设逻辑组内的其 它端口都设置为故障状态, 使中转设备的上下行设备在检测到所述中转设备 的端口为故障状态时, 将终端业务切换到备用链路, 所述端口为中转设备上 的与上下行设备相连的端口。 a transit device, configured to detect an operating state of a port in the preset logical group, when the pre-detection is detected When the working state of any port in the logical group is a fault state, the other ports in the preset logical group are set to the fault state, so that the uplink and downlink devices of the transit device detect that the port of the transit device is faulty. In the state, the terminal service is switched to the standby link, and the port is the port connected to the uplink and downlink device on the transit device.
本发明实施例提供的技术方案通过中转设备检测预设逻辑组内端口的工 作状态, 当检测到预设逻辑组内任意端口的工作状态为故障状态时, 将预设 逻辑组内其它端口的工作状态都设置为故障状态, 使中转设备的上下行设备 在检测到中转设备端口为故障状态时, 将终端业务切换到备用链路, 可以保 证终端业务不间断传输。 附图说明 施例或现有技术描述中所需要使用的附图作一简单地介绍, 显而易见地, 下 面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲, 在不付出创造性劳动的前提下, 还可以根据这些附图获得其他的附图。  The technical solution provided by the embodiment of the present invention detects the working state of the port in the preset logical group by using the transit device. When detecting that the working state of any port in the preset logical group is a fault state, the other ports in the preset logical group work. The state is set to the fault state, so that the upstream and downstream devices of the transit device can switch the terminal service to the standby link when the transit device port is detected as the fault state, so that the terminal service can be continuously transmitted. BRIEF DESCRIPTION OF THE DRAWINGS The accompanying drawings, which are to be regarded as Other drawings may also be obtained from these drawings without paying for creative labor.
图 1是现有技术提供的双机热备方案的组网示意图;  FIG. 1 is a schematic diagram of networking of a dual-system hot standby solution provided by the prior art;
图 2 是本发明实施例提供的一种管理网络设备端口状态的方法的流程 图;  2 is a flow chart of a method for managing a port state of a network device according to an embodiment of the present invention;
图 3是本发明实施例提供的基于管理网络设备端口状态的方法的一种组 网示意图;  FIG. 3 is a schematic diagram of a networking diagram of a method for managing port status of a network device according to an embodiment of the present invention; FIG.
图 4是本发明实施例提供的一种中转设备的结构示意图;  4 is a schematic structural diagram of a relay device according to an embodiment of the present invention;
图 5是本发明实施例提供的一种管理网络设备端口状态的系统的结构示 意图。 具体实施方式  FIG. 5 is a schematic structural diagram of a system for managing a port state of a network device according to an embodiment of the present invention. detailed description
为使本发明的目的、 技术方案和优点更加清楚, 下面将结合附图对本发 明实施方式作进一步地详细描述。 显然, 所描述的实施例仅仅是本发明一部 分实施例, 而不是全部的实施例。 基于本发明中的实施例, 本领域普通技术 人员在没有作出创造性劳动前提下所获得的所有其他实施例, 都属于本发明 保护的范围。 The embodiments of the present invention will be further described in detail below with reference to the accompanying drawings. Obviously, the described embodiment is only one part of the invention. The embodiments are divided into embodiments, not all. All other embodiments obtained by those skilled in the art based on the embodiments of the present invention without creative efforts are within the scope of the present invention.
本发明实施例提供了一种管理网络设备端口状态的方法, 包括: 中转设 测到预设逻辑组内任意端口的工作状态为故障状态时, 将预设逻辑组内其它 端口的工作状态都设置为故障状态, 使所述中转设备的上下行设备在检测到 中转设备端口为故障状态时, 将终端业务切换到备用链路, 从而可以保证终 端业务正常传输。 如图 2所示, 本发明实施例的具体步骤为: 个逻辑组。  The embodiment of the invention provides a method for managing the state of a port of a network device, including: setting, when the working state of any port in the preset logical group is a fault state, setting the working state of other ports in the preset logical group In the fault state, when the uplink and downlink device of the transit device detects that the transit device port is in a fault state, the terminal service is switched to the standby link, so that the terminal service can be normally transmitted. As shown in FIG. 2, the specific steps of the embodiment of the present invention are: logical groups.
按照终端业务需求在中转设备建立一个端口号和逻辑组号关联关系的列 表, 为与中转设备相连的上下行设备的多个端口分配同一个逻辑组号。 例如, 设备中的与中转设备的下行设备相连的端口 B进行传输, 此时可以将端口 A 和端口 B分配给同一逻辑组。 又如, 终端业务经过中转设备中的与中转设备 的上行设备相连的端口 C和端口 D , 以及中转设备中的与中转设备的下行设 备相连的端口 E和端口 F进行传输, 此时, 可以将端口 C、 D、 E、 F分配给同 一逻辑组。 中转设备的端口和逻辑组的关系并不局限于上述实例, 实际应用 中, 可以按照终端业务的需求进行相应设置。  Set a port number and logical group number association relationship on the transit device according to the terminal service requirements, and assign the same logical group number to multiple ports of the uplink and downlink devices connected to the transit device. For example, port B in the device connected to the downstream device of the transit device is transmitted. In this case, port A and port B can be assigned to the same logical group. For example, the terminal service is transmitted through the port C and the port D of the transit device connected to the uplink device of the transit device, and the port E and the port F connected to the downlink device of the transit device in the transit device. Ports C, D, E, and F are assigned to the same logical group. The relationship between the port and the logical group of the transit device is not limited to the above example. In actual applications, the corresponding settings can be made according to the requirements of the terminal service.
步骤 1 02 : 中转设备检测预设逻辑组内端口的工作状态, 当中转设备检 测到预设逻辑组中的任意端口出现故障时, 将预设逻辑组中其它端口都设置 为故障 (Down )状态。  Step 1 02: The transit device detects the working status of the port in the preset logical group. When the transit device detects that any port in the preset logical group is faulty, the other ports in the preset logical group are set to the Down state. .
步骤 1 03 : 当中转设备的上行设备和下行设备检测到中转设备的端口出 现故障时, 将终端业务切换到备用链路。  Step 1 03: When the uplink device and the downlink device of the transit device detect that the port of the transit device is faulty, the terminal service is switched to the standby link.
由于在步骤 1 02中, 中转设备的逻辑组内的端口状态都为故障状态, 端 口的状态变化使中转设备的上(下)行链路出现故障, 此时, 与中转设备相 连的上(下)行设备可以通过端口的故障状态, 感知到端口出现故障, 并同 时将终端业务切换到备用链路。 Since in step 102, the state of the port in the logical group of the transit device is a fault state, the state change of the port causes the uplink (lower) link of the transit device to be faulty, and at this time, the transit device is The connected upper (lower) row device can detect the port failure through the fault state of the port and simultaneously switch the terminal service to the standby link.
此外, 当中转设备检测到预设逻辑组中的所有端口工作正常时, 将预设 逻辑组中所有端口都设置为正常状态。 此时, 与中转设备相连的上 (下)行 设备可以通过端口的正常状态, 感知到端口工作正常, 并同时将业务切换回 主用链路。  In addition, when the transit device detects that all ports in the preset logical group are working properly, all ports in the preset logical group are set to the normal state. At this time, the upper (lower) row device connected to the transit device can pass the normal state of the port, and sense that the port works normally and simultaneously switch the service back to the active link.
下面将结合以下场景对本实施例进行详细的描述:  The present embodiment will be described in detail below in conjunction with the following scenarios:
第一种场景的组网示意图仍然基于图 1所示的组网而实现。 图中, 防火 墙 A和 B为中转设备(中转设备也可以是路由器、 服务器或交换机) , 主用 链路是路由器 A→防火墙 A→路由器 C , 备用链路是路由器 B→防火墙 B 路 由器 D , 正常情况下, 业务通过主用链路进行传输。 按照终端业务的需求将 防火墙 A中的与路由器 A和路由器 C相连的多个端口绑定到一个逻辑组中, 将防火墙 B中的与路由器 B和路由器!)相连的多个端口绑定到一个逻辑组中。 初始状态下, 防火墙 A和防火墙 B的逻辑组中的多个端口是 UP (正常)状态。 防火墙 A检测自身内部存储的逻辑组中的端口故障状态, 当检测到逻辑组中 的任意端口工作状态是故障状态时,将逻辑组中的其它端口设置为故障状态。 此时, 路由器 A和路由器 C都能感知到端口故障, 并进行路由切换, 将业务 从主用链路切换到备用链路上; 当防火墙 A检测到逻辑组内的所有端口的工 作状态是正常状态时, 将逻辑组内的端口状态都设置 UP状态。 此时, 路由器 A 和路由器 C都能感知到端口正常, 并进行路由切换, 将终端业务从备用链 路切换到主用链路上, 从而保证终端业务不间断运行。  The networking diagram of the first scenario is still implemented based on the networking shown in FIG. 1. In the figure, firewalls A and B are transit devices (transit devices can also be routers, servers or switches), the primary link is router A → firewall A → router C, and the standby link is router B → firewall B router D, normal In this case, the traffic is transmitted over the primary link. Bind multiple ports connected to Router A and Router C in firewall A to a logical group according to the requirements of the terminal service, and bind multiple ports connected to Router B and Router! in Firewall B to one. In the logical group. In the initial state, multiple ports in the logical group of firewall A and firewall B are in the UP (normal) state. Firewall A detects the port fault status in the logical group stored in its own. When it detects that any port in the logical group is in the fault state, the other ports in the logical group are set to the fault state. At this point, both Router A and Router C can detect port faults and perform route switching to switch services from the primary link to the standby link. When firewall A detects that all ports in the logical group are working properly. In the status, the port status in the logical group is set to the UP state. At this time, both Router A and Router C can detect that the port is normal and perform route switching to switch the terminal service from the standby link to the active link to ensure uninterrupted operation of the terminal service.
第二种场景的组网示意图如 3所示。 图 3中, 网络 A和网络 B之间通过 路由器 A连接, 路由器 A通过两条链路连接到防火墙 A (防火墙 A为中转设 备) 。 正常情况下, 终端业务经过路由器 A发送给防火墙 A , 防火墙对业务 进行过滤后, 再发送给路由器 A , 路由器 A将过滤的终端业务发送给网络中 的终端, 这种业务传输的路径称为高优先级链路(也可称为主用链路) 。 低 优先级链路(也可称为备用链路)是指网络间直接通过路由器 A传输业务。 将防火墙 A上的与路由器 A相连的多个端口绑定到同一逻辑组。 当防火墙 A 检测到逻辑组内的任意端口的工作状态为故障状态时, 将逻辑组内的其它端 口都设置为故障状态。 此时, 路由器 A检测到防火墙 A的端口故障时, 将终 端业务切换到低优先级链路上; 当防火墙 A检测到逻辑组内的所有端口工作 正常时, 将逻辑组内的所有端口都设置为正常状态, 此时路由器 A检测到防 火墙 A的所有端口正常时, 将终端业务切换到高优先级链路上, 从而保证终 端业务的不间断运行。 The networking diagram of the second scenario is shown in 3. In Figure 3, network A and network B are connected by router A, and router A is connected to firewall A through two links (firewall A is a transit device). Normally, the terminal service is sent to the firewall A through the router A. After filtering the service, the firewall sends the service to the router A. The router A sends the filtered terminal service to the terminal in the network. The path of the service transmission is called high. Priority link (also known as the primary link). A low-priority link (also referred to as a backup link) refers to the transmission of traffic between routers directly through router A. Bind multiple ports on Router A that are connected to Router A to the same logical group. When firewall A detects that the working status of any port in the logical group is faulty, the other ports in the logical group are set to the fault state. At this time, when Router A detects that the port of firewall A is faulty, it switches the terminal service to the low-priority link. When firewall A detects that all the ports in the logical group are working properly, all the ports in the logical group are set. In the normal state, when all the ports of the firewall A are detected, the router A switches the terminal service to the high-priority link to ensure the uninterrupted operation of the terminal service.
本发明实施例还提供了一种中转设备, 该中转设备可以为防火墙、 路由 器、 交换机或服务器等。 具体地, 中转设备自身存储端口号和逻辑组号关联 关系的列表, 为多个端口分配同一个逻辑组号。 中转设备检测逻辑组内端口 的工作状态, 当检测到逻辑组内的任意端口的工作状态为故障状态时, 将逻 辑组内的其它端口都设置为故障状态; 当检测到逻辑组内的所有端口工作正 常时, 将逻辑组内的所有端口都设置为正常状态。  The embodiment of the invention further provides a relay device, which can be a firewall, a router, a switch or a server. Specifically, the transit device itself stores a list of associations between port numbers and logical group numbers, and assigns the same logical group number to multiple ports. The transit device detects the working status of the ports in the logical group. When it detects that the working status of any port in the logical group is the fault state, the other ports in the logical group are set to the fault state; when all ports in the logical group are detected When working normally, all ports in the logical group are set to the normal state.
本发明实施例提供的中转设备的结构示意图如图 4所示, 包括: 检测模 块 11 , 用于检测预设逻辑组内的端口的工作状态, 所述端口为中转设备上的 与上下行设备相连的端口; 设置模块 12 , 用于当检测模块 11检测到预设逻 辑组内的任意端口的工作状态为故障状态时, 将预设逻辑组内的其它端口都 设置为故障状态。  The structure of the relay device provided by the embodiment of the present invention is as shown in FIG. 4, and includes: a detecting module 11 configured to detect a working state of a port in a preset logical group, where the port is connected to an uplink and downlink device on the transit device. The setting module 12 is configured to set other ports in the preset logical group to a fault state when the detecting module 11 detects that the working state of any port in the preset logical group is a fault state.
其中, 设置模块 12还用于当检测模块 11检测到预设逻辑组内的所有端 口工作正常时, 将预设逻辑组内的所有端口都设置为正常状态。  The setting module 12 is further configured to set all ports in the preset logical group to a normal state when the detecting module 11 detects that all ports in the preset logical group are working normally.
本发明实施例还提供了一种管理网络设备端口状态的系统,如图 5所示, 该系统包括: 中转设备 21 , 用于检测预设逻辑组内的端口的工作状态, 当检 测到所述预设逻辑组内的任意端口的工作状态为故障状态时, 将所述预设逻 辑组内的其它端口都设置为故障状态, 所述端口为中转设备上的与上下行设 备相连的端口; 中转设备的上下行设备 22 , 用于当检测中转设备 21的端口 为故障状态时, 将终端业务切换到备用链路。  The embodiment of the present invention further provides a system for managing the state of a port of a network device. As shown in FIG. 5, the system includes: a transit device 21, configured to detect an operating state of a port in a preset logical group, when detecting the When the working state of any port in the preset logical group is a fault state, the other ports in the preset logical group are set to a fault state, and the port is a port connected to the uplink and downlink device on the transit device; The uplink and downlink device 22 of the device is configured to switch the terminal service to the standby link when detecting that the port of the relay device 21 is in a fault state.
进一步, 中转设备 21还用于当检测到预设逻辑组内所有端口工作正常 时, 将预设逻辑组内所有端口的工作状态都设置为正常状态, 使中转设备的 上下行设备 22在检测到中转设备端口为正常状态时,将终端业务从备用链路 切换到主用链路。 Further, the relay device 21 is further configured to: when detecting that all ports in the preset logical group are working normally When the working status of all the ports in the preset logical group is set to the normal state, the upstream and downstream devices 22 of the transit device switch the terminal service from the standby link to the active link when detecting that the transit device port is in the normal state. road.
其中, 中转设备可以为防火墙、 路由器、 交换机或服务器等。  The transit device can be a firewall, a router, a switch, or a server.
本发明实施例提供的技术方案通过中转设备检测预设逻辑组内端口的工 作状态, 当检测到预设逻辑组内任意端口的工作状态为故障状态时, 将预设 逻辑组内其它端口的工作状态都设置为故障状态, 使中转设备的上下行设备 在检测到中转设备端口为故障状态时, 将终端业务切换到备用链路, 可以保 证终端业务不间断传输。  The technical solution provided by the embodiment of the present invention detects the working state of the port in the preset logical group by using the transit device. When detecting that the working state of any port in the preset logical group is a fault state, the other ports in the preset logical group work. The state is set to the fault state, so that the upstream and downstream devices of the transit device can switch the terminal service to the standby link when the transit device port is detected as the fault state, so that the terminal service can be continuously transmitted.
本领域普通技术人员可以理解实现上述实施例方法中的全部或部分步骤 是可以通过程序来指令相关的硬件来完成, 所述程序可以存储于一计算机可 读取存储介质中, 所述存储介质为 ROM/RAM、 磁碟、 光盘等。  A person skilled in the art can understand that all or part of the steps of implementing the above embodiments can be completed by a program instructing related hardware, and the program can be stored in a computer readable storage medium, where the storage medium is ROM/RAM, disk, CD, etc.
以上所述仅为本发明的较佳实施例, 并不用以限制本发明, 凡在本发明 的精神和原则之内, 所作的任何修改、 等同替换、 改进等, 均应包含在本发 明的保护范围之内。  The above is only the preferred embodiment of the present invention, and is not intended to limit the present invention. Any modifications, equivalent substitutions, improvements, etc., which are within the spirit and scope of the present invention, should be included in the protection of the present invention. Within the scope.

Claims

权 利 要 求 Rights request
1、 一种管理网络设备端口状态的方法, 其特征在于, 所述方法包括: 中转设备检测预设逻辑组内端口的工作状态, 所述端口为中转设备上的 与上下行设备相连的端口;  A method for managing a port state of a network device, the method comprising: the transit device detecting a working state of a port in a preset logical group, wherein the port is a port connected to the uplink and downlink device on the transit device;
当检测到所述预设逻辑组内任意端口的工作状态为故障状态时, 将所述 预设逻辑组内其它端口的工作状态都设置为故障状态, 使所述中转设备的上 下行设备在检测到所述中转设备端口为故障状态时, 将终端业务切换到备用 链路。  When it is detected that the working state of any port in the preset logical group is a fault state, the working state of the other ports in the preset logical group is set to a fault state, so that the uplink and downlink devices of the transit device are detected. When the transit device port is in a fault state, the terminal service is switched to the standby link.
1、 如权利要求 1所述的管理网络设备端口状态的方法, 其特征在于, 所 述将所述预设逻辑组内其它端口的工作状态都设置为故障状态的步骤后还包 括:  The method for managing the state of the port of the network device according to claim 1, wherein the step of setting the working states of the other ports in the preset logical group to the fault state further comprises:
当检测到所述预设逻辑组内所有端口工作正常时, 将所述预设逻辑组内 所有端口的工作状态都设置为正常状态, 使所述中转设备的上下行设备在检 测到所述中转设备端口为正常状态时, 将终端业务切换到主用链路。  When it is detected that all the ports in the preset logical group are working normally, the working state of all the ports in the preset logical group is set to a normal state, so that the uplink and downlink devices of the transit device detect the transit When the device port is in the normal state, the terminal service is switched to the active link.
3、如权利要求 1或 1任意一项权利要求所述的管理网络设备端口状态的 方法, 其特征在于, 所述中转设备为路由器、 防火墙、 交换机或服务器。  The method for managing the port status of a network device according to any one of claims 1 to 1, wherein the relay device is a router, a firewall, a switch or a server.
4、 一种中转设备, 其特征在于, 所述中转设备包括:  4. A relay device, wherein the relay device comprises:
检测模块, 用于检测预设逻辑组内的端口的工作状态, 所述端口为中转 设备上的与上下行设备相连的端口;  a detecting module, configured to detect a working state of a port in the preset logical group, where the port is a port connected to the uplink and downlink device on the transit device;
设置模块, 用于当检测到所述预设逻辑组内的任意端口的工作状态为故 障状态时 , 将所述预设逻辑组内的其它端口都设置为故障状态。  And a setting module, configured to set other ports in the preset logical group to a fault state when detecting that the working state of any port in the preset logical group is a fault state.
5、 如权利要求 4所述的中转设备, 其特征在于, 所述设置模块还用于当 检测到所述预设逻辑组内的所有端口工作正常时, 将所述预设逻辑组内的所 有端口都设置为正常状态。  The relay device according to claim 4, wherein the setting module is further configured to: when it is detected that all ports in the preset logical group are working normally, all of the preset logical groups are The ports are all set to normal.
6、 如权利要求 4或 5所述的中转设备, 其特征在于, 所述中转设备为路 由器、 防火墙、 交换机或服务器。 6. The relay device according to claim 4 or 5, wherein the relay device is a router, a firewall, a switch, or a server.
7、 一种管理网络设备端口状态的系统, 其特征在于, 所述系统包括: 中转设备, 用于检测预设逻辑组内的端口的工作状态, 当检测到所述预 设逻辑组内的任意端口的工作状态为故障状态时, 将所述预设逻辑组内的其 它端口都设置为故障状态, 使中转设备的上下行设备在检测到所述中转设备 的端口为故障状态时, 将终端业务切换到备用链路, 所述端口为中转设备上 的与上下行设备相连的端口。 A system for managing a port state of a network device, the system comprising: a transit device, configured to detect an operating state of a port in a preset logical group, when detecting any of the preset logical groups When the working status of the port is in the fault state, the other ports in the preset logical group are set to the fault state, so that the uplink and downlink devices of the transit device detect the terminal of the transit device when the fault is detected. Switching to the standby link, the port is the port connected to the upstream and downstream devices on the transit device.
8、 如权利要求 7所述的管理网络设备端口状态的系统, 其特征在于, 所述中转设备还用于当检测到所述预设逻辑组内所有端口工作正常时, 将所述预设逻辑组内所有端口的工作状态都设置为正常状态, 使所述中转设 备的上下行设备在检测到所述中转设备逻辑组内端口为正常状态时, 将终端 业务切换到主用链路。  The system for managing the state of the port of the network device according to claim 7, wherein the relay device is further configured to: when detecting that all ports in the preset logical group are working normally, the preset logic The working status of all the ports in the group is set to the normal state, so that the uplink and downlink devices of the transit device switch the terminal service to the active link when detecting that the port in the logical group of the transit device is in a normal state.
9、如权利要求 7或 8所述的管理网络设备端口状态的系统,其特征在于, 所述中转设备为路由器、 防火墙、 交换机或服务器。  The system for managing the port status of a network device according to claim 7 or 8, wherein the relay device is a router, a firewall, a switch or a server.
PCT/CN2009/070180 2008-06-20 2009-01-16 Method, system and transfer device for managing the network device port status WO2009152700A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US12/478,131 US20090316572A1 (en) 2008-06-20 2009-06-04 Method and system for managing port statuses of a network device and relay device

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CNA2008101153028A CN101330404A (en) 2008-06-20 2008-06-20 Method, system and equipment for managing network appliance port state
CN200810115302.8 2008-06-20

Publications (1)

Publication Number Publication Date
WO2009152700A1 true WO2009152700A1 (en) 2009-12-23

Family

ID=40206012

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2009/070180 WO2009152700A1 (en) 2008-06-20 2009-01-16 Method, system and transfer device for managing the network device port status

Country Status (2)

Country Link
CN (1) CN101330404A (en)
WO (1) WO2009152700A1 (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101330404A (en) * 2008-06-20 2008-12-24 华为技术有限公司 Method, system and equipment for managing network appliance port state
CN102412997B (en) * 2011-11-29 2014-12-17 深信服网络科技(深圳)有限公司 Method and system for transmitting link on/off state under main/standby environment
CN103368712A (en) * 2013-07-18 2013-10-23 华为技术有限公司 Switchover method and device for main equipment and standby equipment
CN107347019A (en) * 2017-04-20 2017-11-14 武汉迈力特通信有限公司 The apparatus and method of MSTP system ethernet link failure fast transfers
CN111324504B (en) * 2018-12-14 2024-02-27 国网山西省电力公司信息通信分公司 Method and device for monitoring running state of power communication network
CN112953777A (en) * 2021-03-10 2021-06-11 浪潮云信息技术股份公司 Data center internet outlet architecture and connection method

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1805400A (en) * 2004-12-22 2006-07-19 日本电气株式会社 Notification of failures in a trunk network
US20070047436A1 (en) * 2005-08-24 2007-03-01 Masaya Arai Network relay device and control method
CN101094190A (en) * 2007-08-20 2007-12-26 中兴通讯股份有限公司 Method for transmitting protective controlled message in Ethernet ring net
CN101330404A (en) * 2008-06-20 2008-12-24 华为技术有限公司 Method, system and equipment for managing network appliance port state

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1805400A (en) * 2004-12-22 2006-07-19 日本电气株式会社 Notification of failures in a trunk network
US20070047436A1 (en) * 2005-08-24 2007-03-01 Masaya Arai Network relay device and control method
CN101094190A (en) * 2007-08-20 2007-12-26 中兴通讯股份有限公司 Method for transmitting protective controlled message in Ethernet ring net
CN101330404A (en) * 2008-06-20 2008-12-24 华为技术有限公司 Method, system and equipment for managing network appliance port state

Also Published As

Publication number Publication date
CN101330404A (en) 2008-12-24

Similar Documents

Publication Publication Date Title
RU2530338C2 (en) Prepared connection based on state of communication lines of providers (plsb) with routed redundancy
US8339940B2 (en) Multi-active detection method and stack member device
US7010716B2 (en) Method and apparatus for defining failover events in a network device
WO2009111969A1 (en) Method for blocking the edge port in the ethernet, ethernet loop network system and apparatus
JP5743809B2 (en) Network management system and network management method
WO2011120301A1 (en) Method, apparatus and system for dual-homing protection switching
US7516202B2 (en) Method and apparatus for defining failover events in a network device
US9385944B2 (en) Communication system, path switching method and communication device
WO2015007096A1 (en) Switching method and apparatus for main and standby devices
EP2878105A1 (en) System and method using rsvp hello suppression for graceful restart capable neighbors
JP5211146B2 (en) Packet relay device
CN101068139A (en) Media gateway upper connection link main spare protecting method
EP2209267B1 (en) A system and a method for routing data traffic
WO2008046358A1 (en) A method and device to realize punch-through of point-to-multipoint network link status
WO2011120297A1 (en) Protection method, system, provider edge and customer edge for virtual private lan services
WO2009152700A1 (en) Method, system and transfer device for managing the network device port status
WO2018166308A1 (en) Distributed nat dual-system hot backup traffic switching system and method
WO2008014696A1 (en) Method and apparatus for realizing communication take-over
CN109743197A (en) A kind of firewall deployment system and method based on priority configuration
CN102571612A (en) Virtual router redundancy protocol (VRRP) state switching method and three-layer exchange equipment
CN112491700A (en) Network path adjusting method, system, device, electronic equipment and storage medium
Reghu et al. Development of robust infrastructure in networking to survive a disaster
WO2011113395A2 (en) A method and apparatus for load balance
WO2014146541A1 (en) Cdn and network convergence system, scheduling module selection method and computer storage medium
CN103220189A (en) Multi-active detection (MAD) backup method and equipment

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09765340

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC OF 170511

122 Ep: pct application non-entry in european phase

Ref document number: 09765340

Country of ref document: EP

Kind code of ref document: A1