[go: up one dir, main page]

CN109039703A - The method and system of business scenario network rapid build under a kind of complex network simulated environment - Google Patents

The method and system of business scenario network rapid build under a kind of complex network simulated environment Download PDF

Info

Publication number
CN109039703A
CN109039703A CN201810677351.4A CN201810677351A CN109039703A CN 109039703 A CN109039703 A CN 109039703A CN 201810677351 A CN201810677351 A CN 201810677351A CN 109039703 A CN109039703 A CN 109039703A
Authority
CN
China
Prior art keywords
network
virtual
switch
routing
configuration file
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810677351.4A
Other languages
Chinese (zh)
Inventor
刘歌
宋振宇
严坚
刘宝旭
王晓伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Institute of Information Engineering of CAS
Original Assignee
Institute of Information Engineering of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Institute of Information Engineering of CAS filed Critical Institute of Information Engineering of CAS
Priority to CN201810677351.4A priority Critical patent/CN109039703A/en
Publication of CN109039703A publication Critical patent/CN109039703A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • H04L41/145Network analysis or design involving simulating, designing, planning or modelling of a network

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a kind of method and system of business scenario network rapid build under complex network simulated environment.The method include the steps that 1) network topology structure according to needed for target scene network configuration, virtual router, each IP address section and VLAN, generate the configuration file of the target scene network, and send it to route test network and Switch control network;2) Switch control network completes the configurations of node access networks network according to configuration file;3) the virtual flow-line server of route test network creates virtual flow-line according to the configuration file, and according to configuration file subnet division and VLAN;4) physical interface of virtual flow-line server is connected with the Experimental Network core switch in Experimental Network, accesses each node;5) virtual flow-line server creates the virtual link between virtual switch according to configuration file;6) virtual flow-line server is communicated with virtual switch and is established control, and each virtual switch issues flow table.

Description

一种复杂网络模拟环境下业务场景网络快速构建的方法及 系统A method and method for quickly constructing a business scenario network in a complex network simulation environment system

技术领域technical field

本发明属于互联网网络安全技术领域,涉及一种在复杂网络模拟环境中快速大规模实现复杂场景网络的方法及系统。The invention belongs to the technical field of Internet network security, and relates to a method and system for rapidly and large-scale realization of complex scene networks in a complex network simulation environment.

背景技术Background technique

网络空间对抗形势日趋严峻,网络攻防已成为各国网络攻防对抗的主要内容。网络环境已由单纯互联网发展到了泛在网络空间,攻击方式也由单一模式朝着复杂的APT攻击方向发展。复杂网络模拟环境是针对网络攻防演练和网络新技术评测的重要基础设施,用来提高网络和信息系统的稳定性、安全性和性能。世界各国均高度重视复杂网络模拟环境建设,将其作为支撑网络空间安全技术验证、网络武器试验、攻防对抗演练和网络风险评估的重要手段。The situation of confrontation in cyberspace is becoming increasingly severe, and cyber attack and defense have become the main content of cyber offensive and defensive confrontation in various countries. The network environment has developed from a simple Internet to a ubiquitous cyberspace, and the attack method has also developed from a single mode to a complex APT attack. The complex network simulation environment is an important infrastructure for network attack and defense drills and network new technology evaluation, and is used to improve the stability, security and performance of networks and information systems. All countries in the world attach great importance to the construction of a complex network simulation environment as an important means to support cyberspace security technology verification, network weapon testing, offensive and defensive confrontation exercises, and network risk assessment.

在复杂网络模拟环境实际应用过程中,为达到真实目标网络环境模拟,往往需要复杂网络结构的还原,构建一个和真实环境一模一样的虚拟场景网络。网络中包含路由连接关系,自治域内部和自治域间的复杂链路结构,真实的网络地址等。现有传统的复杂网络模拟环境在场景网络环境构建方面仅能实现不同网段的划分,无法实现复杂的网络层级关系。缺少网络间的路由,或由物理设备构建的网络层级关系无法实现灵活改变,针对大规模复杂的网络结构模拟代价大,纯手工搭建物理设备网络环境耗时久,代价大。无法针对真实的网络地址进行的模拟和自定义,对于真实网络的还原和模拟有很大的局限性。In the actual application process of the complex network simulation environment, in order to achieve the simulation of the real target network environment, it is often necessary to restore the complex network structure and build a virtual scene network that is exactly the same as the real environment. The network includes routing connections, complex link structures within and between autonomous domains, and real network addresses. The existing traditional complex network simulation environment can only realize the division of different network segments in the construction of the scene network environment, and cannot realize complex network hierarchical relationships. There is a lack of routing between networks, or the network hierarchy relationship built by physical devices cannot be flexibly changed. It is expensive to simulate large-scale and complex network structures. It takes a long time and is expensive to build a physical device network environment manually. The simulation and customization that cannot be carried out for real network addresses has great limitations for the restoration and simulation of real networks.

发明内容Contents of the invention

针对现有技术中存在的技术问题,本发明的目的在于提供一种复杂网络模拟环境场景网络快速构建的方法及系统,以解决真实复杂网络拟真和灵活快速构建等问题,本发明通过引入SDN(软件定义网络)技术,生成虚拟路由器(vRouter),SDN控制器通过OpenFlow协议对虚拟路由器进行统一的策略管控,实现场景网络中路由节点的创建,并使用虚拟交换机(OVS)技术生成虚拟的OVS网桥(Bridge),实现场景网络中网段的划分。本发明能够根据实际需要创建出复杂的、多层级、多链路网络场景,解决传统环境无法大规模模拟复杂多层级和多链路网络场景的问题,并且由于是虚拟路由器,添加和删除灵活自由,不受物理设备的限制,生成虚拟设备耗时短代价低,解决了网络结构无法实现灵活改变的问题。综上所述,本发明极大的改善了传统的复杂网络模拟环境对真实网络的还原模拟的局限性。Aiming at the technical problems existing in the prior art, the purpose of the present invention is to provide a method and system for rapidly constructing complex network simulation environment scene networks, so as to solve the problems of real complex network simulation and flexible rapid construction. The present invention introduces SDN (Software Defined Networking) technology to generate a virtual router (vRouter), the SDN controller implements unified policy control on the virtual router through the OpenFlow protocol, realizes the creation of routing nodes in the scene network, and uses the virtual switch (OVS) technology to generate a virtual OVS Bridge (Bridge), to achieve the division of network segments in the scene network. The present invention can create complex, multi-level, and multi-link network scenarios according to actual needs, solving the problem that traditional environments cannot simulate complex multi-level and multi-link network scenarios on a large scale, and because it is a virtual router, adding and deleting is flexible and free , not limited by physical devices, generating virtual devices is time-consuming and cost-effective, and solves the problem that the network structure cannot be flexibly changed. To sum up, the present invention greatly improves the limitations of the traditional complex network simulation environment on the restoration simulation of the real network.

本发明的技术方案是:Technical scheme of the present invention is:

一种复杂网络模拟环境下业务场景网络快速构建的方法,其步骤包括:A method for quickly constructing a business scenario network under a complex network simulation environment, the steps of which include:

1)将复杂网络模拟环境中的服务器连接到实验网络的接入交换机上,各所述接入交换机连接到实验网络的核心交换机;接入网络的交换机连接到实验网络的核心交换机;1) The server in the complex network simulation environment is connected to the access switch of the experimental network, each of the access switches is connected to the core switch of the experimental network; the switch of the access network is connected to the core switch of the experimental network;

2)根据目标场景网络配置所需的网络拓扑结构、虚拟路由器、各IP地址段和VLAN,生成该目标场景网络的配置文件,并将该配置文件发送到路由控制网络和交换机控制网络;2) Generate the configuration file of the target scenario network according to the required network topology, virtual router, each IP address segment and VLAN according to the target scenario network configuration, and send the configuration file to the routing control network and the switch control network;

3)交换机控制网络根据该配置文件完成节点接入网络的基础配置;3) The switch control network completes the basic configuration of the node access network according to the configuration file;

4)路由控制网络的虚拟路由服务器根据该配置文件创建虚拟路由,以及根据该配置文件划分子网和VLAN,将该目标场景网络中的各节点划分到对应的VLAN和子网;4) The virtual routing server of the route control network creates a virtual route according to the configuration file, and divides subnets and VLANs according to the configuration file, and divides each node in the target scene network into corresponding VLANs and subnets;

5)每个虚拟路由服务器创建一个虚拟网桥,该虚拟机网桥与一服务器的物理接口绑定,以及与其他虚拟路由服务器创建的虚拟网桥分别连接;各虚拟网桥分别拥有一个通道接口,各虚拟网桥的通道接口均和每台虚拟路由服务器的一物理接口绑定,虚拟路由服务器的物理接口和实验网络中的实验网络核心交换机相连接,从而接入各节点;5) Each virtual routing server creates a virtual network bridge, which is bound to the physical interface of a server and connected to the virtual network bridges created by other virtual routing servers; each virtual network bridge has a channel interface , the channel interface of each virtual network bridge is bound to a physical interface of each virtual routing server, and the physical interface of the virtual routing server is connected to the experimental network core switch in the experimental network, thereby accessing each node;

6)虚拟路由服务器根据该配置文件创建虚拟交换机之间的虚拟连接,以及配置虚拟交换机与SDN控制器的通信通道;6) The virtual routing server creates a virtual connection between the virtual switches according to the configuration file, and configures a communication channel between the virtual switch and the SDN controller;

7)虚拟路由服务器启动SDN控制器,通过配置的通信通道,与对应的虚拟交换机进行通信并建立管控;然后虚拟路由服务器向SDN控制器发送所述虚拟路由、端口IP地址信息,当SDN控制器根据接收到的信息向各虚拟交换机下发流表,从而完成虚拟路由器的创建。7) The virtual routing server starts the SDN controller, communicates with the corresponding virtual switch and establishes management and control through the configured communication channel; then the virtual routing server sends the virtual routing and port IP address information to the SDN controller, and when the SDN controller According to the received information, the flow table is delivered to each virtual switch, thereby completing the creation of the virtual router.

进一步的,创建所述虚拟路由的方法为:虚拟路由服务器首先从该配置文件中提取各节点之间的连接关系,根据Dijkstra单源最短路径算法计算生成每一节点到其他任意节点间的最短路径,根据最短路径信息,生成路由表条目信息。Further, the method for creating the virtual route is as follows: the virtual route server first extracts the connection relationship between each node from the configuration file, and calculates and generates the shortest path between each node and any other node according to the Dijkstra single-source shortest path algorithm , generate routing table entry information according to the shortest path information.

进一步的,所述根据该配置文件划分子网和VLAN的方法为:虚拟路由服务器根据该配置文件生成所需的虚拟网桥,将虚拟网桥上面的所有端口标记相应的VLAN标签,即划分子网和VLAN。Further, the method for dividing subnets and VLANs according to the configuration file is: the virtual routing server generates the required virtual network bridge according to the configuration file, and marks all ports on the virtual network bridge with corresponding VLAN tags, that is, divides subnets into subnets. network and VLAN.

进一步的,所述步骤7)中,虚拟路由服务器通过北向的API接口向SDN控制器发送所述虚拟路由、端口IP地址信息,当SDN控制器接收到信息后,通过南向的OpenFlow通道向各虚拟交换机下发流表,从而完成虚拟路由器的创建。Further, in the step 7), the virtual routing server sends the virtual routing and port IP address information to the SDN controller through the northbound API interface, and when the SDN controller receives the information, it transmits the information to each The virtual switch delivers the flow table to complete the creation of the virtual router.

进一步的,各所述虚拟路由器通过SDN控制器进行统一的控制和管理。Further, each of the virtual routers is uniformly controlled and managed by an SDN controller.

进一步的,所述配置文件为JSON配置文件;通过SSH协议将该配置文件发送到路由控制网络和交换机控制网络。Further, the configuration file is a JSON configuration file; the configuration file is sent to the routing control network and the switch control network through the SSH protocol.

一种复杂网络模拟环境下业务场景网络快速构建系统,其特征在于,包括路由控制网络、实验网络、交换机控制网络、接入网络;其中,A rapid network construction system for business scenarios in a complex network simulation environment, characterized in that it includes a routing control network, an experimental network, a switch control network, and an access network; wherein,

所述实验网络,为各业务场景使用的定制化网络场景,支持自定义网关、路由和IP;复杂网络模拟环境中的各节点接入到实验网络的接入交换机,各接入交换机连接到实验网络的核心交换机,实验网络和路由控制网络连接;所述节点包括真实节点和虚拟节点;The experimental network is a customized network scenario used in each business scenario, and supports custom gateways, routing and IP; each node in the complex network simulation environment is connected to the access switch of the experimental network, and each access switch is connected to the experimental network. The core switch of the network, the experimental network and the routing control network connection; the nodes include real nodes and virtual nodes;

所述路由控制网络中包含若干虚拟路由服务器,所述虚拟路由服务器中运行SDN控制器,SDN控制器通过目标场景网络的配置文件生成和管理虚拟路由器,实现该目标场景网络中节点间的路由,以及根据该配置文件进行子网划分离;所述路由控制网络中提供了各个节点的网关;每一节点的网关分别指向虚拟路由器的一对应端口;所述路由控制网络中包含若干虚拟网桥,不同用户的网络间通过虚拟网桥实现隔离;The routing control network includes several virtual routing servers, the virtual routing servers run SDN controllers, and the SDN controllers generate and manage virtual routers through the configuration files of the target scene network, so as to realize the routing between nodes in the target scene network, And according to the configuration file, the subnets are divided and separated; the gateways of each node are provided in the routing control network; the gateways of each node point to a corresponding port of the virtual router; the routing control network includes several virtual bridges, Different user networks are isolated through virtual bridges;

所述交换机控制网络,用于根据该配置文件对实验网络的交换机和接入网络的交换机进行配置;The switch control network is used to configure the switch of the experimental network and the switch of the access network according to the configuration file;

所述接入网络,作为与实验网络相对应的接入点网络,提供访问接口,使用户可以访问和使用复杂网络模拟环境业务场景中的网络和资源。The access network, as an access point network corresponding to the experimental network, provides an access interface so that users can access and use the network and resources in the business scene of the complex network simulation environment.

进一步的,根据目标场景网络配置所需的网络拓扑结构、虚拟路由器、各IP地址段和VLAN,生成该目标场景网络的配置文件。Further, the configuration file of the target scene network is generated according to the network topology, virtual router, each IP address segment and VLAN required for the target scene network configuration.

进一步的,每个虚拟路由服务器创建一个虚拟网桥,该虚拟机网桥与一服务器的物理接口绑定,以及与其他虚拟路由服务器创建的虚拟网桥分别连接;各虚拟网桥分别拥有一个通道接口,各虚拟网桥的通道接口均和每台虚拟路由服务器的一物理接口绑定,虚拟路由服务器的物理接口和实验网络中的实验网络核心交换机相连接,从而接入各节点。Further, each virtual routing server creates a virtual network bridge, which is bound to a physical interface of a server, and is respectively connected to virtual bridges created by other virtual routing servers; each virtual bridge has a channel The channel interface of each virtual network bridge is bound to a physical interface of each virtual routing server, and the physical interface of the virtual routing server is connected to the core switch of the experimental network in the experimental network to access each node.

进一步的,各所述虚拟路由器通过SDN控制器进行统一的控制和管理。Further, each of the virtual routers is uniformly controlled and managed by an SDN controller.

本发明的系统主要功能为四部分:路由控制网络(vRouterCtrlNet)、实验网络(ExptNet)、交换机控制网络(MethCtrlNet)、接入网络(AccessNet)。各个网络的具体功能会在具体实施方式环节中详细阐明。The main functions of the system of the present invention are four parts: routing control network (vRouterCtrlNet), experiment network (ExptNet), switch control network (MethCtrlNet), and access network (AccessNet). The specific functions of each network will be clarified in detail in the link of specific implementation.

用户纯图形界面选择场景网络所需资源、自定义绘制网络拓扑结构以及填写网络地址信息并提交。The user purely graphical interface selects the resources required by the scene network, draws the network topology, fills in the network address information and submits it.

系统前台生成场景网络的JSON格式配置文件,该配置文件中的内容包含了根据用户填写的网络地址信息和网络拓扑结构,系统后台按照SDN控制器的北向应用程序接口(API)规范通过SDN(软件定义网络)技术生成虚拟路由器(vRouter),以及SDN控制器通过OpenFlow协议对虚拟路由器进行统一的策略管控,实现场景网络中路由节点的创建,生成虚拟路由器所需的路由关系,即节点间的连接关系,包含路由器与路由器之间的连接关系,终端与路由器之间的连接关系,虚拟路由器的虚拟接口地址信息,使用虚拟交换机(OVS)技术生成虚拟的OVS网桥(Bridge),实现场景网络中网段的划分,发送到虚拟路由服务器。The frontend of the system generates a configuration file in JSON format for the scene network. The content in the configuration file includes the network address information and network topology filled in by the user. The background of the system passes the SDN (software Define the network) technology to generate a virtual router (vRouter), and the SDN controller conducts unified policy control on the virtual router through the OpenFlow protocol, realizes the creation of routing nodes in the scene network, and generates the routing relationship required by the virtual router, that is, the connection between nodes Relationships, including the connection relationship between routers and routers, the connection relationship between terminals and routers, the virtual interface address information of virtual routers, using virtual switch (OVS) technology to generate virtual OVS bridges (Bridge), to realize the The division of the network segment is sent to the virtual routing server.

虚拟路由服务器实时监听虚拟路由服务器中指定目录是否收到新的系统前台生成的场景网络JSON格式配置文件,如果收到,自动启动场景网络的创建流程。The virtual routing server monitors in real time whether the specified directory in the virtual routing server receives the new scene network configuration file in JSON format generated by the system foreground, and if so, automatically starts the creation process of the scene network.

虚拟路由服务器提取前台发送来的配置文件的信息,生成虚拟网桥和虚拟路由器。根据场景网络的需要,自动配置虚拟网桥和虚拟路由器(vRouter)的端口,划分虚拟局域网(VLAN)、配置接口地址、配置虚拟连接线路。The virtual routing server extracts the information of the configuration file sent from the foreground to generate a virtual bridge and a virtual router. According to the needs of the scene network, automatically configure the ports of the virtual bridge and virtual router (vRouter), divide the virtual local area network (VLAN), configure the interface address, and configure the virtual connection line.

虚拟路由服务器根据节点间的连接关系,生成路由表,向虚拟路由器中写入自动生成的路由表,实现场景内的复杂网络路由。The virtual routing server generates a routing table according to the connection relationship between nodes, and writes the automatically generated routing table into the virtual router to realize complex network routing in the scene.

配置文件中包含了真实节点(物理服务器)和虚拟节点(虚拟机),将场景中的真实节点和虚拟节点连接的实验网络接入交换机配置VLAN信息,并创建实验网络核心交换机到虚拟路由服务器的链路,即在核心交换机与虚拟路由服务器相连接的端口配置Tunk通道允许的VLAN。The configuration file contains real nodes (physical servers) and virtual nodes (virtual machines). The experimental network access switches connected to the real nodes and virtual nodes in the scene are configured with VLAN information, and a link between the core switch of the experimental network and the virtual routing server is created. Links, that is, configure the VLANs allowed by the Tunk channel on the port connecting the core switch and the virtual routing server.

本发明的整体网络系统架构根据功能划分的四种网络,即路由控制网络、场景网络、交换机控制网络、接入网络,网络与网络间的连接关系,各网络实现的功能。The overall network system architecture of the present invention is divided into four types of networks according to functions, namely, routing control network, scene network, switch control network, access network, connection relationship between networks, and functions realized by each network.

本发明在处理场景网络配置文件的阶段,自动解析各节点的连接关系,通过最短路径算法生成节点间的连接关系的方法。In the stage of processing scene network configuration files, the invention automatically analyzes the connection relationship of each node, and generates the connection relationship between nodes through the shortest path algorithm.

本发明在场景虚拟路由生成阶段,使用SDN控制器对虚拟网桥(Bridge)进行管控和配置的方式,通过北向的Restful接口向SDN控制器发送路由表信息的方式,SDN控制器将路由表信息通过南向的OpenFlow通道发送给各Bridge的途径和方法。在具体实施方式环节有详细的阐明。In the scene virtual routing generation stage, the present invention uses the SDN controller to control and configure the virtual bridge (Bridge), sends routing table information to the SDN controller through the northbound Restful interface, and the SDN controller sends the routing table information to the SDN controller. The way and method to send to each Bridge through the southbound OpenFlow channel. There are detailed clarifications in the specific implementation mode.

与现有技术相比,本发明有以下明显有点:Compared with prior art, the present invention has following obvious points:

1.能够实现大规模复杂场景网络的构建,改变了传统环境结构单一简单的现状。实现模拟互联网中自治域间、自治域内以及园区网络内部路由连接关系的体现,最大限度的实现真实环境的拟真,弥补了现有技术无法实现层级网络路由关系的不足。1. It can realize the construction of large-scale and complex scene network, which has changed the status quo of single and simple traditional environment structure. Realize the embodiment of the routing connection relationship between autonomous domains, autonomous domains and campus networks in the simulated Internet, realize the simulation of the real environment to the maximum extent, and make up for the deficiency that the existing technology cannot realize the hierarchical network routing relationship.

2.场景网络快速自动化部署,复杂路由关系无需再依赖物理网络设备和人工配置,大幅提高效率。通过SDN技术实现网络地址信息的自定义,即可以是私网地址也可以是公网地址,解决现有技术只能自动分配私网地址,无法定义真实地址的问题。2. The scene network is quickly and automatically deployed, and complex routing relationships no longer need to rely on physical network equipment and manual configuration, greatly improving efficiency. Through the SDN technology, the network address information can be customized, that is, it can be a private network address or a public network address, which solves the problem that the existing technology can only automatically allocate private network addresses and cannot define real addresses.

3.通过SDN技术和虚拟交换机的使用,实现不同场景网络间并行隔离,互不干扰,解决多租户同时使用地址冲突的问题。3. Through the use of SDN technology and virtual switches, parallel isolation between networks in different scenarios can be realized without interfering with each other, and the problem of address conflicts in the simultaneous use of multiple tenants can be solved.

附图说明Description of drawings

图1为总体系统架构图;Figure 1 is an overall system architecture diagram;

图2为虚拟路由业务流程图。Fig. 2 is a flow chart of the virtual routing service.

具体实施方式Detailed ways

为了使相关专业人员能够更好的深入理解本发明的技术方案,下面结合本申请具体实施案例及相关附图对本申请技术方案进行清楚完整的阐述。In order to enable relevant professionals to better understand the technical solution of the present invention, the technical solution of the present application will be clearly and completely described below in combination with specific implementation cases of the present application and related drawings.

本发明根据前端用户自定义的场景网络拓扑信息,自动生成配置文件和路由信息,并下发到路由服务器自动创建和虚拟网络设备、链路,从而快速生成大规模复杂场景网络。The invention automatically generates configuration files and routing information according to the scene network topology information customized by the front-end user, and sends them to the routing server to automatically create virtual network devices and links, thereby quickly generating large-scale complex scene networks.

本发明的系统应用于复杂网络模拟环境之中,系统架构如图1所示,在这其中,本发明的系统功能主要分为四部分:路由控制网络(vRouterCtrlNet)、实验网络(ExptNet)、交换机控制网络(MethCtrlNet)、接入网络(AccessNet)。The system of the present invention is applied in a complex network simulation environment, and the system architecture is as shown in Figure 1. In this, the system function of the present invention is mainly divided into four parts: routing control network (vRouterCtrlNet), experimental network (ExptNet), switch Control network (MethCtrlNet), access network (AccessNet).

本发明的系统中较为核心的部分为虚拟路由控制网络(vRouterCtrlNet),路由控制网络中包含了虚拟路由服务器,服务器中运行着SDN控制器,虚拟路由服务器可以生成若干虚拟路由器(vRouter),实现了场景网络中节点间的路由,所有的vRouter通过SDN控制器进行统一的控制和管理,SDN控制器通过场景网络的配置文件对所有的虚拟路由器进行生成和管理,包括虚拟路由器的接口IP地址信息、路由表。同时,路由控制网络中提供了各个节点的网关,所有的实物和虚拟节点网关均指向虚拟路由器的某个端口。同时,路由控制网络中通过虚拟交换机技术,虚拟路由服务器根据场景网络配置文件创建出的若干虚拟网桥(Bridge),在Bridge中划分了不同的VLAN,实现对子网进行划分和隔离,同时不同用户(租户)的网络间,又通过不同的场景Bridge以及其中的VLAN实现了租户间的隔离。租户与租户间不共享VLAN,且不同租户间的Bridge不互连,故实现了网络隔离。The core part in the system of the present invention is the virtual routing control network (vRouterCtrlNet). The routing control network includes a virtual routing server, and the SDN controller is running in the server. The virtual routing server can generate several virtual routers (vRouter), which realizes Routing between nodes in the scene network, all vRouters are controlled and managed uniformly through the SDN controller, and the SDN controller generates and manages all virtual routers through the configuration file of the scene network, including the interface IP address information of the virtual router, routing table. At the same time, gateways of each node are provided in the routing control network, and all physical and virtual node gateways point to a certain port of the virtual router. At the same time, through the virtual switch technology in the routing control network, the virtual routing server creates several virtual bridges (Bridge) according to the scene network configuration file, and divides different VLANs in the Bridge to realize the division and isolation of subnets. Between the networks of users (tenants), the isolation between tenants is realized through bridges in different scenarios and the VLANs in them. Tenants do not share VLANs between tenants, and bridges between different tenants are not interconnected, so network isolation is realized.

实验网络为各业务场景使用的定制化网络场景,支持自定义网关、路由和IP。整个系统所有业务场景均部署在业务场景网络上,是业务场景运行的网络基础。复杂网络模拟环境中的真实和虚拟节点(Tnode)接入到实验网络接入交换机(ExptNetSW),接入交换机连接到实验网络核心交换机(Core ExptNetSW),实验网络和路由控制网络连接,从而实现Tnode节点间在场景网络中的路由。简单概括两个不同子网节点间的网络路径为:节点1—实验网络—路由控制网络—实验网络—节点2。The experimental network is a customized network scenario used in various business scenarios, and supports custom gateways, routes, and IPs. All business scenarios of the entire system are deployed on the business scenario network, which is the network basis for the operation of the business scenario. The real and virtual nodes (Tnode) in the complex network simulation environment are connected to the experimental network access switch (ExptNetSW), the access switch is connected to the experimental network core switch (Core ExptNetSW), and the experimental network is connected to the routing control network to realize the Tnode Routing between nodes in the scene network. A brief summary of the network path between two different subnet nodes is: node 1—experimental network—routing control network—experimental network—node 2.

交换机控制网络用于对实验网络交换机和接入网络交换机进行配置,包括了创建VLAN、端口开闭、通道创建等操作。The switch control network is used to configure the experimental network switch and access network switch, including operations such as creating VLANs, opening and closing ports, and creating channels.

接入网络(AccessNet)作为与实验网络相对应的接入点网络,提供了最终用户的访问接口,使用户可以访问和使用复杂网络模拟环境业务场景中的网络和其他资源。As the access point network corresponding to the experimental network, the access network (AccessNet) provides an access interface for end users, enabling users to access and use networks and other resources in complex network simulation environment business scenarios.

下面结合创建一个场景网络的实例具体说明本发明的技术实施过程:The technical implementation process of the present invention is specifically described below in conjunction with the example of creating a scene network:

1.场景网络物理设备连接1. Scenario network physical device connection

所有复杂网络模拟环境服务器通过电缆连接到实验网络接入交换机上,每台接入交换机通过光纤线路连接到实验网络核心交换机,接入网络交换机也通过光纤线路连接到实验网络核心交换机。All complex network simulation environment servers are connected to the experimental network access switches through cables, each access switch is connected to the experimental network core switch through optical fiber lines, and the access network switches are also connected to the experimental network core switch through optical fiber lines.

2.接入交换机自动配置2. Automatic configuration of the access switch

用户通过前台界面画图,创建场景网络,配置好所需的网络拓扑结构、虚拟路由器、各IP地址段、VLAN等,而后前台生成了场景网络的JSON配置文件,并通过SSH协议发送到路由控制网络和交换机控制网络。The user draws a picture through the front-end interface, creates a scene network, configures the required network topology, virtual router, each IP address segment, VLAN, etc., and then the front-end generates a JSON configuration file of the scene network, and sends it to the routing control network through the SSH protocol and switch control network.

当场景网络中有一个及以上的VLAN,则需要在实验网络接入交换机中创建场景网络中所需的VLAN,以便终端设备的接入(真实和虚拟节点)能够按照要求加入到相应的VLAN中。通过场景配置文件,交换机控制网络中的系统解析配置文件后,通过SSH协议与物理交换机进行通信,将配置文件中的任务信息解析为指令发送到物理交换机,此步骤包括创建VLAN,配置交换机端口,配置Trunk通道,开启或关闭端口等。When there is one or more VLANs in the scene network, you need to create the required VLANs in the scene network in the experimental network access switch, so that the access of terminal devices (real and virtual nodes) can be added to the corresponding VLAN as required . Through the scene configuration file, after the system in the switch control network parses the configuration file, it communicates with the physical switch through the SSH protocol, and resolves the task information in the configuration file into instructions and sends them to the physical switch. This step includes creating VLANs, configuring switch ports, Configure the trunk channel, open or close the port, etc.

交换机控制网络完成Tnode接入网络的基础配置,此步骤是配合路由控制网络完成各节点的接入,是各节点接入的第一步,属于准备初始基础工作,在接入交换机上将节点相对应的端口划分好VLAN后,即完成了初始基础工作,所有的场景网络路由以及网关均由路由控制网络完成,真实节点和虚拟节点只通过实验网络中的接入交换机接入场景网络。The switch control network completes the basic configuration of the Tnode access network. This step is to cooperate with the routing control network to complete the access of each node. It is the first step for each node access. It belongs to the initial basic work of preparation. After the corresponding ports are divided into VLANs, the initial basic work is completed. All scene network routing and gateways are completed by the routing control network. Real nodes and virtual nodes only access the scene network through the access switches in the experimental network.

3.场景网络虚拟路由配置3. Scenario network virtual routing configuration

如果场景网络中存在三层转发的路由设备,则需要进行虚拟路由的创建和配置。场景网络虚拟路由的创建流程如图2所示。If there is a layer-3 forwarding routing device in the scenario network, you need to create and configure a virtual route. Figure 2 shows the creation process of the scene network virtual route.

●虚拟路由服务器收到配置文件后,便立即开展虚拟路由的创建工作。●After the virtual routing server receives the configuration file, it will start creating the virtual routing immediately.

●虚拟路由服务器首先将接受到的配置文件进行解析,提取所有服务器、交换机、路由器各节点之间的连接关系,根据节点间连接关系,包含路由器与路由器之间,终端与路由器之间的连接关系,根据Dijkstra(迪杰斯特拉)单源最短路径算法,自动计算生成所有节点到其他任意节点间的最短路径,根据最短路径信息,生成路由表条目信息。●The virtual routing server first parses the received configuration file, and extracts the connection relationship between all servers, switches, and routers. According to the connection relationship between nodes, it includes the connection relationship between routers and between terminals and routers. , according to the Dijkstra (Dijkstra) single-source shortest path algorithm, automatically calculate and generate the shortest path between all nodes and any other nodes, and generate routing table entry information according to the shortest path information.

●虚拟路由服务器根据配置文件,首先生成所需的虚拟网桥(Bridge),将Bridge上面的所有端口标记相应的VLAN标签,即划分子网和VLAN,场景网络中的各节点均属于不同的VLAN和子网,这里的每一个带有VLAN标签的接口会和各节点间网络上二层逻辑相连。同时,每个虚拟路由服务器创建一个Bridge和服务器的物理接口绑定,同时和其他所有的Bridge连接,该Bridge上的唯一Trunk接口和每台虚拟路由服务器的一个物理接口绑定,虚拟路由服务器的物理接口和实验网络中的实验网络核心交换机相连接,从而接入各Tnode节点。这样Tnode节点就可以接入到路由控制网络中,访问到自身子网的网关,从而实现不同子网节点间的路由。根据场景网络配置文件中的Bridge间连接关系,创建Bridge之间的虚拟连接。还有一部分的Bridge作为后续步骤的虚拟路由器使用,故虚拟路由服务器将这些Bridge配置与SDN控制器的通信通道,SDN控制器通过OpenFlow协议对Bridge进行管控。●The virtual routing server first generates the required virtual bridge (Bridge) according to the configuration file, and marks all the ports on the Bridge with the corresponding VLAN tags, that is, divides subnets and VLANs, and each node in the scene network belongs to different VLANs And subnet, where each interface with VLAN tag will be logically connected to the Layer 2 network between nodes. At the same time, each virtual routing server creates a Bridge that is bound to the physical interface of the server, and is connected to all other Bridges at the same time. The only Trunk interface on the Bridge is bound to a physical interface of each virtual routing server. The physical interface is connected to the core switch of the experimental network in the experimental network, so as to access each Tnode node. In this way, the Tnode node can be connected to the routing control network and access the gateway of its own subnet, so as to realize the routing between nodes of different subnets. Create a virtual connection between Bridges according to the connection relationship between Bridges in the scene network configuration file. Some of the Bridges are used as virtual routers in the subsequent steps, so the virtual routing server configures these Bridges as communication channels with the SDN controller, and the SDN controller controls the Bridges through the OpenFlow protocol.

●为了使Bridge转化为具有路由转发功能的虚拟路由器(vRouter),此时虚拟路由服务器启动SDN控制器,通过先前配置的通信通道,与相关的Bridge进行通信并建立管控,此时服务器通过北向的API接口向SDN控制器发送之前根据场景配置文件生成的路由表信息、端口IP地址信息,当SDN控制器接收到信息后,通过南向的OpenFlow通道向各Bridge下发流表,从而完成虚拟路由器的创建。SDN控制器、Bridge、均运行在虚拟路由服务器之中,它们之间的通信均发生在服务器内。●In order to convert the Bridge into a virtual router (vRouter) with routing and forwarding functions, the virtual routing server starts the SDN controller at this time, communicates with the related Bridge through the previously configured communication channel and establishes management and control. At this time, the server passes through the northbound The API interface sends the routing table information and port IP address information generated according to the scene configuration file to the SDN controller. After receiving the information, the SDN controller sends the flow table to each Bridge through the southbound OpenFlow channel, thus completing the virtual router. of the creation. The SDN controller and Bridge all run in the virtual routing server, and the communication between them all takes place in the server.

4.接入网络配置4. Access network configuration

接入网络为使用者(可以是租户,或其他实际使用租户所创建的场景网络的相关人员)接入场景网络创建了物理接入点,以便使用者的终端设备可以接入到场景网络中,访问到场景网络中的真实节点和虚拟节点。The access network creates a physical access point for users (who can be tenants, or other relevant personnel who actually use the scene network created by the tenant) to access the scene network, so that the user's terminal equipment can be connected to the scene network, Access to real nodes and virtual nodes in the scene network.

尽管上面对本发明说明性的具体实施方式进行了描述,以便于本技术领域的研究人员理解本发明,但应该清楚,本发明不限于具体实施方式的范围,对本技术领域的普通技术人员来说,凡在本发明的精神和原则之内,所做的任何修改、等同替换、改进等,均应包含在本发明保护的范围之内。Although the illustrative specific embodiments of the present invention have been described above, so that researchers in the technical field can understand the present invention, it should be clear that the present invention is not limited to the scope of the specific embodiments. For those of ordinary skill in the art, Any modifications, equivalent replacements, improvements, etc. made within the spirit and principles of the present invention shall be included within the protection scope of the present invention.

Claims (10)

1.一种复杂网络模拟环境下业务场景网络快速构建的方法,其步骤包括:1. A method for rapidly constructing a business scenario network under a complex network simulation environment, the steps comprising: 1)将复杂网络模拟环境中的服务器连接到实验网络的接入交换机上,各所述接入交换机连接到实验网络的核心交换机;接入网络的交换机连接到实验网络的核心交换机;1) The server in the complex network simulation environment is connected to the access switch of the experimental network, each of the access switches is connected to the core switch of the experimental network; the switch of the access network is connected to the core switch of the experimental network; 2)根据目标场景网络配置所需的网络拓扑结构、虚拟路由器、各IP地址段和VLAN,生成该目标场景网络的配置文件,并将该配置文件发送到路由控制网络和交换机控制网络;2) Generate the configuration file of the target scenario network according to the required network topology, virtual router, each IP address segment and VLAN according to the target scenario network configuration, and send the configuration file to the routing control network and the switch control network; 3)交换机控制网络根据该配置文件完成节点接入网络的基础配置;3) The switch control network completes the basic configuration of the node access network according to the configuration file; 4)路由控制网络的虚拟路由服务器根据该配置文件创建虚拟路由,以及根据该配置文件划分子网和VLAN,将该目标场景网络中的各节点划分到对应的VLAN和子网;4) The virtual routing server of the route control network creates a virtual route according to the configuration file, and divides subnets and VLANs according to the configuration file, and divides each node in the target scene network into corresponding VLANs and subnets; 5)每个虚拟路由服务器创建一个虚拟网桥,该虚拟机网桥与一服务器的物理接口绑定,以及与其他虚拟路由服务器创建的虚拟网桥分别连接;各虚拟网桥分别拥有一个通道接口,各虚拟网桥的通道接口均和每台虚拟路由服务器的一物理接口绑定,虚拟路由服务器的物理接口和实验网络中的实验网络核心交换机相连接,从而接入各节点;5) Each virtual routing server creates a virtual network bridge, which is bound to the physical interface of a server and connected to the virtual network bridges created by other virtual routing servers; each virtual network bridge has a channel interface , the channel interface of each virtual network bridge is bound to a physical interface of each virtual routing server, and the physical interface of the virtual routing server is connected to the experimental network core switch in the experimental network, thereby accessing each node; 6)虚拟路由服务器根据该配置文件创建虚拟交换机之间的虚拟连接,以及配置虚拟交换机与SDN控制器的通信通道;6) The virtual routing server creates a virtual connection between the virtual switches according to the configuration file, and configures a communication channel between the virtual switch and the SDN controller; 7)虚拟路由服务器启动SDN控制器,通过配置的通信通道,与对应的虚拟交换机进行通信并建立管控;然后虚拟路由服务器向SDN控制器发送所述虚拟路由、端口IP地址信息,当SDN控制器根据接收到的信息向各虚拟交换机下发流表,从而完成虚拟路由器的创建。7) The virtual routing server starts the SDN controller, communicates with the corresponding virtual switch and establishes management and control through the configured communication channel; then the virtual routing server sends the virtual routing and port IP address information to the SDN controller, and when the SDN controller According to the received information, the flow table is delivered to each virtual switch, thereby completing the creation of the virtual router. 2.如权利要求1所述的方法,其特征在于,创建所述虚拟路由的方法为:虚拟路由服务器首先从该配置文件中提取各节点之间的连接关系,根据Dijkstra单源最短路径算法计算生成每一节点到其他任意节点间的最短路径,根据最短路径信息,生成路由表条目信息。2. The method according to claim 1, wherein the method for creating the virtual route is: the virtual route server first extracts the connection relationship between each node from the configuration file, and calculates according to the Dijkstra single-source shortest path algorithm Generate the shortest path between each node and any other node, and generate routing table entry information according to the shortest path information. 3.如权利要求1或2所述的方法,其特征在于,所述根据该配置文件划分子网和VLAN的方法为:虚拟路由服务器根据该配置文件生成所需的虚拟网桥,将虚拟网桥上面的所有端口标记相应的VLAN标签,即划分子网和VLAN。3. The method according to claim 1 or 2, wherein the method for dividing subnets and VLANs according to the configuration file is: the virtual routing server generates the required virtual network bridge according to the configuration file, and divides the virtual network All ports on the bridge are marked with corresponding VLAN tags, that is, subnetting and VLANs are divided. 4.如权利要求1所述的方法,其特征在于,所述步骤7)中,虚拟路由服务器通过北向的API接口向SDN控制器发送所述虚拟路由、端口IP地址信息,当SDN控制器接收到信息后,通过南向的OpenFlow通道向各虚拟交换机下发流表,从而完成虚拟路由器的创建。4. The method according to claim 1, characterized in that, in the step 7), the virtual routing server sends the virtual routing and port IP address information to the SDN controller through the northbound API interface, and when the SDN controller receives After receiving the information, send the flow table to each virtual switch through the southbound OpenFlow channel, thereby completing the creation of the virtual router. 5.如权利要求1所述的方法,其特征在于,各所述虚拟路由器通过SDN控制器进行统一的控制和管理。5. The method according to claim 1, wherein each virtual router is uniformly controlled and managed by an SDN controller. 6.如权利要求1所述的方法,其特征在于,所述配置文件为JSON配置文件;通过SSH协议将该配置文件发送到路由控制网络和交换机控制网络。6. The method according to claim 1, wherein the configuration file is a JSON configuration file; the configuration file is sent to the routing control network and the switch control network through the SSH protocol. 7.一种复杂网络模拟环境下业务场景网络快速构建系统,其特征在于,包括路由控制网络、实验网络、交换机控制网络、接入网络;其中,7. A rapid network construction system for business scenarios in a complex network simulation environment, characterized in that it includes a routing control network, an experimental network, a switch control network, and an access network; wherein, 所述实验网络,为各业务场景使用的定制化网络场景,支持自定义网关、路由和IP;复杂网络模拟环境中的各节点接入到实验网络的接入交换机,各接入交换机连接到实验网络的核心交换机,实验网络和路由控制网络连接;所述节点包括真实节点和虚拟节点;The experimental network is a customized network scenario used in each business scenario, and supports custom gateways, routing and IP; each node in the complex network simulation environment is connected to the access switch of the experimental network, and each access switch is connected to the experimental network. The core switch of the network, the experimental network and the routing control network connection; the nodes include real nodes and virtual nodes; 所述路由控制网络中包含若干虚拟路由服务器,所述虚拟路由服务器中运行SDN控制器,SDN控制器通过目标场景网络的配置文件生成和管理虚拟路由器,实现该目标场景网络中节点间的路由,以及根据该配置文件进行子网划分离;所述路由控制网络中提供了各个节点的网关;每一节点的网关分别指向虚拟路由器的一对应端口;所述路由控制网络中包含若干虚拟网桥,不同用户的网络间通过虚拟网桥实现隔离;The routing control network includes several virtual routing servers, the virtual routing servers run SDN controllers, and the SDN controllers generate and manage virtual routers through the configuration files of the target scene network, so as to realize the routing between nodes in the target scene network, And according to the configuration file, the subnets are divided and separated; the gateways of each node are provided in the routing control network; the gateways of each node point to a corresponding port of the virtual router; the routing control network includes several virtual bridges, Different user networks are isolated through virtual bridges; 所述交换机控制网络,用于根据该配置文件对实验网络的交换机和接入网络的交换机进行配置;The switch control network is used to configure the switch of the experimental network and the switch of the access network according to the configuration file; 所述接入网络,作为与实验网络相对应的接入点网络,提供访问接口,使用户可以访问和使用复杂网络模拟环境业务场景中的网络和资源。The access network, as an access point network corresponding to the experimental network, provides an access interface so that users can access and use the network and resources in the business scene of the complex network simulation environment. 8.如权利要求7所述的系统,其特征在于,根据目标场景网络配置所需的网络拓扑结构、虚拟路由器、各IP地址段和VLAN,生成该目标场景网络的配置文件。8. The system according to claim 7, wherein the configuration file of the target scene network is generated according to the network topology, virtual router, each IP address segment and VLAN required for the target scene network configuration. 9.如权利要求7所述的系统,其特征在于,每个虚拟路由服务器创建一个虚拟网桥,该虚拟机网桥与一服务器的物理接口绑定,以及与其他虚拟路由服务器创建的虚拟网桥分别连接;各虚拟网桥分别拥有一个通道接口,各虚拟网桥的通道接口均和每台虚拟路由服务器的一物理接口绑定,虚拟路由服务器的物理接口和实验网络中的实验网络核心交换机相连接,从而接入各节点。9. The system according to claim 7, wherein each virtual routing server creates a virtual network bridge, which is bound to a physical interface of a server, and the virtual network bridge created by other virtual routing servers The bridges are connected separately; each virtual bridge has a channel interface, and the channel interface of each virtual bridge is bound to a physical interface of each virtual routing server, and the physical interface of the virtual routing server is connected to the core switch of the experimental network in the experimental network. connected to each node. 10.如权利要求7所述的系统,其特征在于,各所述虚拟路由器通过SDN控制器进行统一的控制和管理。10. The system according to claim 7, wherein each virtual router is uniformly controlled and managed by an SDN controller.
CN201810677351.4A 2018-06-27 2018-06-27 The method and system of business scenario network rapid build under a kind of complex network simulated environment Pending CN109039703A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810677351.4A CN109039703A (en) 2018-06-27 2018-06-27 The method and system of business scenario network rapid build under a kind of complex network simulated environment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810677351.4A CN109039703A (en) 2018-06-27 2018-06-27 The method and system of business scenario network rapid build under a kind of complex network simulated environment

Publications (1)

Publication Number Publication Date
CN109039703A true CN109039703A (en) 2018-12-18

Family

ID=64610706

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810677351.4A Pending CN109039703A (en) 2018-06-27 2018-06-27 The method and system of business scenario network rapid build under a kind of complex network simulated environment

Country Status (1)

Country Link
CN (1) CN109039703A (en)

Cited By (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107948677A (en) * 2016-10-13 2018-04-20 中国移动通信有限公司研究院 A kind of dispatching method, server and the first peer node
CN111726421A (en) * 2020-07-01 2020-09-29 哈尔滨工业大学(威海) A method and device for realizing the interconnection of network shooting range and industrial control equipment
CN112039691A (en) * 2020-08-06 2020-12-04 中国科学院信息工程研究所 A kind of virtual router automatic configuration method and device in network simulation platform
CN112994915A (en) * 2019-12-16 2021-06-18 中兴通讯股份有限公司 SD-WAN service arranging method, system, equipment and storage medium
CN113037545A (en) * 2021-02-26 2021-06-25 中电数据服务有限公司 Network simulation method, device, equipment and storage medium
CN113364629A (en) * 2021-06-15 2021-09-07 中国建设银行股份有限公司 Configuration method and device of switch port and configuration information rollback method and device
CN113535272A (en) * 2021-07-29 2021-10-22 国家工业信息安全发展研究中心 Industrial Internet simulation environment network construction method and system
CN114039813A (en) * 2021-11-08 2022-02-11 北京天融信网络安全技术有限公司 Virtual route configuration method and device
CN114050977A (en) * 2021-12-28 2022-02-15 中国飞机强度研究所 Control system and control method for aircraft test
CN114363226A (en) * 2021-12-27 2022-04-15 北京安博通科技股份有限公司 Automatic testing method and system based on equipment in virtual complex network scene
CN115150281A (en) * 2022-06-22 2022-10-04 京东科技信息技术有限公司 Method and device for network construction of a data center
CN115208749A (en) * 2022-06-21 2022-10-18 通号城市轨道交通技术有限公司 Network configuration method and device for urban rail sharing test platform
CN115348126A (en) * 2022-07-26 2022-11-15 北京永信至诚科技股份有限公司 Network target range entity equipment access method, device and implementation system
CN115776441A (en) * 2023-02-13 2023-03-10 北京天弛网络有限公司 SDN-based virtual private line service issuing method, device, medium and electronic equipment
CN116016034A (en) * 2023-02-14 2023-04-25 北京天弛网络有限公司 SDN-based service path scheduling method and device
CN116235482A (en) * 2020-07-14 2023-06-06 甲骨文国际公司 Virtual layer 2network
CN116506403A (en) * 2023-05-12 2023-07-28 广州大学 A method and system for automatically generating domain name resolution business scenarios
CN116915543A (en) * 2022-11-30 2023-10-20 中国移动通信集团江苏有限公司 Public cloud-based two-layer cloud private line networking architecture and communication method
CN119299316A (en) * 2024-09-14 2025-01-10 南京赛宁信息技术有限公司 A method and system for constructing a virtual management network in a network range
CN119402345A (en) * 2024-11-15 2025-02-07 郑州云海信息技术有限公司 A network configuration management method, device, program product and medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104104572A (en) * 2014-07-15 2014-10-15 杭州华三通信技术有限公司 Automatic deploying method and device for switch in SDN network
WO2015047451A1 (en) * 2013-09-30 2015-04-02 Hewlett-Packard Development Company, L.P. Software defined network ecosystem
CN105763570A (en) * 2016-04-26 2016-07-13 北京交通大学 Virtualization-technology-based distributed real-time network simulation system
CN106961487A (en) * 2017-04-19 2017-07-18 南京大学 Data stream self-adapting adjustment system and method for adjustment during live migration of virtual machine

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015047451A1 (en) * 2013-09-30 2015-04-02 Hewlett-Packard Development Company, L.P. Software defined network ecosystem
CN104104572A (en) * 2014-07-15 2014-10-15 杭州华三通信技术有限公司 Automatic deploying method and device for switch in SDN network
CN105763570A (en) * 2016-04-26 2016-07-13 北京交通大学 Virtualization-technology-based distributed real-time network simulation system
CN106961487A (en) * 2017-04-19 2017-07-18 南京大学 Data stream self-adapting adjustment system and method for adjustment during live migration of virtual machine

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
刘力: "虚实结合的虚拟网络实验平台设计与实现", 《中国优秀硕士学位论文全文数据库(电子期刊) 信息科技辑》 *
夏之斌: "云计算的虚拟网络管理系统的研究与实现", 《中国优秀硕士学位论文全文数据库(电子期刊) 信息科技辑》 *
李志: "基于SDN的园区网络QoS机制设计与仿真", 《中国优秀硕士学位论文全文数据库(电子期刊) 信息科技辑》 *

Cited By (29)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107948677B (en) * 2016-10-13 2020-02-14 中国移动通信有限公司研究院 Scheduling method, server and first peer node
US11706471B2 (en) 2016-10-13 2023-07-18 China Mobile Communication Co., Ltd Research Inst Scheduling method, server, first peer node and computer-readable storage medium
CN107948677A (en) * 2016-10-13 2018-04-20 中国移动通信有限公司研究院 A kind of dispatching method, server and the first peer node
CN112994915B (en) * 2019-12-16 2024-05-03 中兴通讯股份有限公司 SD-WAN service arrangement method, system, equipment and storage medium
CN112994915A (en) * 2019-12-16 2021-06-18 中兴通讯股份有限公司 SD-WAN service arranging method, system, equipment and storage medium
CN111726421B (en) * 2020-07-01 2022-06-07 哈尔滨工业大学(威海) A method and device for realizing the interconnection of network shooting range and industrial control equipment
CN111726421A (en) * 2020-07-01 2020-09-29 哈尔滨工业大学(威海) A method and device for realizing the interconnection of network shooting range and industrial control equipment
CN116235482A (en) * 2020-07-14 2023-06-06 甲骨文国际公司 Virtual layer 2network
CN112039691A (en) * 2020-08-06 2020-12-04 中国科学院信息工程研究所 A kind of virtual router automatic configuration method and device in network simulation platform
CN113037545A (en) * 2021-02-26 2021-06-25 中电数据服务有限公司 Network simulation method, device, equipment and storage medium
CN113364629A (en) * 2021-06-15 2021-09-07 中国建设银行股份有限公司 Configuration method and device of switch port and configuration information rollback method and device
CN113364629B (en) * 2021-06-15 2023-05-23 中国建设银行股份有限公司 Configuration method and device of switch port and configuration information rollback method and device
CN113535272A (en) * 2021-07-29 2021-10-22 国家工业信息安全发展研究中心 Industrial Internet simulation environment network construction method and system
CN114039813A (en) * 2021-11-08 2022-02-11 北京天融信网络安全技术有限公司 Virtual route configuration method and device
CN114363226A (en) * 2021-12-27 2022-04-15 北京安博通科技股份有限公司 Automatic testing method and system based on equipment in virtual complex network scene
CN114363226B (en) * 2021-12-27 2024-03-01 北京安博通科技股份有限公司 Automatic testing method and system for equipment in complex network scene based on virtualization
CN114050977A (en) * 2021-12-28 2022-02-15 中国飞机强度研究所 Control system and control method for aircraft test
CN114050977B (en) * 2021-12-28 2022-04-12 中国飞机强度研究所 Control system and control method for aircraft test
CN115208749A (en) * 2022-06-21 2022-10-18 通号城市轨道交通技术有限公司 Network configuration method and device for urban rail sharing test platform
CN115150281A (en) * 2022-06-22 2022-10-04 京东科技信息技术有限公司 Method and device for network construction of a data center
CN115348126A (en) * 2022-07-26 2022-11-15 北京永信至诚科技股份有限公司 Network target range entity equipment access method, device and implementation system
CN116915543A (en) * 2022-11-30 2023-10-20 中国移动通信集团江苏有限公司 Public cloud-based two-layer cloud private line networking architecture and communication method
CN115776441B (en) * 2023-02-13 2023-04-28 北京天弛网络有限公司 SDN-based virtual private line service issuing method and device, medium and electronic equipment
CN115776441A (en) * 2023-02-13 2023-03-10 北京天弛网络有限公司 SDN-based virtual private line service issuing method, device, medium and electronic equipment
CN116016034A (en) * 2023-02-14 2023-04-25 北京天弛网络有限公司 SDN-based service path scheduling method and device
CN116016034B (en) * 2023-02-14 2023-06-20 北京天弛网络有限公司 SDN-based service path scheduling method and device
CN116506403A (en) * 2023-05-12 2023-07-28 广州大学 A method and system for automatically generating domain name resolution business scenarios
CN119299316A (en) * 2024-09-14 2025-01-10 南京赛宁信息技术有限公司 A method and system for constructing a virtual management network in a network range
CN119402345A (en) * 2024-11-15 2025-02-07 郑州云海信息技术有限公司 A network configuration management method, device, program product and medium

Similar Documents

Publication Publication Date Title
CN109039703A (en) The method and system of business scenario network rapid build under a kind of complex network simulated environment
Klein et al. An OpenFlow extension for the OMNeT++ INET framework
CN104202266B (en) A kind of communication means, interchanger, controller and communication system
CN104702479B (en) The method and apparatus that tunnel is established in SDN network
CN108123818B (en) A simulation method for flexible and scalable fusion of virtual and real networks
CN105337754B (en) Data communication network opening method and system
CN110290045A (en) A kind of soft or hard binding model construction method in cloud framework lower network target range
US11296997B2 (en) SDN-based VPN traffic scheduling method and SDN-based VPN traffic scheduling system
CN106789637B (en) Cross-domain service intercommunication path establishment method, controller and system
CN112602292B (en) Inter-slice sharing in a 5G core network
CN108123819B (en) A Simulation Method for Seamless Integration of Virtual and Real Networks
CN109347784A (en) Terminal admission control method, controller, management and control equipment and system
CN104135446A (en) System and method of implementing transition from IPv4 (Internet Protocol Version4) to IPv6 (Internet Protocol Version6) based on SDN (Software Defined Network)
Tran et al. A network topology-aware selectively distributed firewall control in SDN
CN110336730A (en) A kind of network system and data transmission method
Yamanaka et al. AutoVFlow: Autonomous virtualization for wide-area OpenFlow networks
KR20180104377A (en) Method for inter-cloud virtual networking over packet optical transport network
CN106330511B (en) Network element equipment and method for opening data communication network
Autefage et al. Network emulator: a network virtualization testbed for overlay experimentations
CN119676115B (en) A method, apparatus, electronic device, and storage medium for testing the connectivity of cloud private lines.
CN108512737B (en) A method for data center IP layer interconnection and SDN controller
Mishra et al. A Framework for OpenFlow-like Policy-based Routing in Hybrid Software Defined Networks.
CN119254633B (en) Network migration method, device, electronic device and storage medium
LEHOCINE et al. VINEMA: Towards automated management of virtual networks in SDN infrastructures
Alotaibi et al. Multistate-bgp manager for multi-domain sdn

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20181218

RJ01 Rejection of invention patent application after publication