[go: up one dir, main page]

CN111654399B - SD-WAN-based networking method, device, equipment and storage medium - Google Patents

SD-WAN-based networking method, device, equipment and storage medium Download PDF

Info

Publication number
CN111654399B
CN111654399B CN202010511737.5A CN202010511737A CN111654399B CN 111654399 B CN111654399 B CN 111654399B CN 202010511737 A CN202010511737 A CN 202010511737A CN 111654399 B CN111654399 B CN 111654399B
Authority
CN
China
Prior art keywords
wan
domain information
central node
transmission domain
terminal equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010511737.5A
Other languages
Chinese (zh)
Other versions
CN111654399A (en
Inventor
刘子杰
樊俊诚
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Secworld Information Technology Beijing Co Ltd
Qax Technology Group Inc
Original Assignee
Secworld Information Technology Beijing Co Ltd
Qax Technology Group Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Secworld Information Technology Beijing Co Ltd, Qax Technology Group Inc filed Critical Secworld Information Technology Beijing Co Ltd
Priority to CN202010511737.5A priority Critical patent/CN111654399B/en
Publication of CN111654399A publication Critical patent/CN111654399A/en
Application granted granted Critical
Publication of CN111654399B publication Critical patent/CN111654399B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0893Assignment of logical groups to network elements

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

本发明公开了一种基于SD‑WAN的组网方法、装置、设备及存储介质,所述方法包括:确定出SD‑WAN中需要进行组网的本端设备和对端设备;分别获取所述本端设备的各个WAN口的传输域信息和所述对端设备的各个WAN口的传输域信息;其中,传输域信息用于表征WAN口的业务需求;判断所述本端设备和对端设备是否具有相同的传输域信息;若具有相同的传输域信息,则在所述本端设备和对端设备中具有相同的传输域信息的WAN口之间建立隧道;本发明能够实现灵活组网,将特殊业务配置到指定的隧道上,从而实现业务的逻辑隔离。

Figure 202010511737

The invention discloses a networking method, device, equipment and storage medium based on SD-WAN. The method includes: determining the local device and the opposite device in SD-WAN that need to be networked; The transmission domain information of each WAN port of the local device and the transmission domain information of each WAN port of the opposite end device; wherein, the transmission domain information is used to represent the service requirements of the WAN port; to determine the local device and the opposite end device. Whether it has the same transmission domain information; if it has the same transmission domain information, a tunnel is established between the WAN ports with the same transmission domain information in the local device and the opposite end device; the present invention can realize flexible networking, Configure special services on specified tunnels to achieve logical isolation of services.

Figure 202010511737

Description

基于SD-WAN的组网方法、装置、设备及存储介质SD-WAN-based networking method, device, equipment and storage medium

技术领域technical field

本发明涉及互联网技术领域,特别涉及一种基于SD-WAN的组网方法、装置、设备及存储介质。The present invention relates to the field of Internet technologies, and in particular, to an SD-WAN-based networking method, device, equipment and storage medium.

背景技术Background technique

SD-WAN,即软件定义的广域网络,是将SDN技术应用到广域网场景中所形成的一种服务,这种服务用于连接广阔地理范围的企业网络、数据中心、互联网应用及云服务。在现有技术中,当终端设备需要加入SD-WAN网络时,需要在终端设备与SD-WAN网络中的其他设备之间进行组网配置,以使终端设备加入SD-WAN网络;传统的组网是在两个设备的各个WAN(Wide Area Network,广域网)口之间随机组件隧道,若需要单独保证某业务占用指定隧道,或者某业务在指定运营商内完成,则需要配置大量的业务策略来实现,当需求较多时,后期对于策略的维护会产生比较大的压力。SD-WAN, software-defined wide area network, is a service formed by applying SDN technology to wide area network scenarios. This service is used to connect enterprise networks, data centers, Internet applications and cloud services with a wide geographical range. In the prior art, when a terminal device needs to join the SD-WAN network, networking configuration needs to be performed between the terminal device and other devices in the SD-WAN network, so that the terminal device can join the SD-WAN network; the traditional group The network is a random component tunnel between each WAN (Wide Area Network) port of two devices. If it is necessary to ensure that a certain service occupies a designated tunnel, or a certain service is completed in a designated operator, a large number of service policies need to be configured. To achieve this, when there are many demands, the maintenance of the strategy in the later period will generate greater pressure.

发明内容SUMMARY OF THE INVENTION

本发明的目的在于提供一种基于SD-WAN的组网方法、装置、设备及存储介质,能够实现灵活组网,将特殊业务配置到指定的隧道上,从而实现业务的逻辑隔离。The purpose of the present invention is to provide a networking method, device, equipment and storage medium based on SD-WAN, which can realize flexible networking and configure special services on designated tunnels, thereby realizing logical isolation of services.

根据本发明的一个方面,提供了一种基于SD-WAN的组网方法,应用于SD-WAN的控制器,所述方法包括:According to one aspect of the present invention, there is provided a networking method based on SD-WAN, which is applied to a controller of SD-WAN, and the method includes:

确定出SD-WAN中需要进行组网的本端设备和对端设备;Determine the local and peer devices that need to be networked in SD-WAN;

分别获取所述本端设备的各个WAN口的传输域信息和所述对端设备的各个WAN口的传输域信息;其中,传输域信息用于表征WAN口的业务需求;Respectively obtain the transmission domain information of each WAN port of the local device and the transmission domain information of each WAN port of the opposite end device; wherein, the transmission domain information is used to represent the service requirements of the WAN port;

判断所述本端设备和对端设备是否具有相同的传输域信息;Determine whether the local device and the peer device have the same transmission domain information;

若具有相同的传输域信息,则在所述本端设备和对端设备中具有相同的传输域信息的WAN口之间建立隧道。If they have the same transmission domain information, a tunnel is established between the WAN ports that have the same transmission domain information in the local device and the opposite end device.

可选的,在所述确定出SD-WAN中需要进行组网的本端设备和对端设备之前,所述方法还包括:Optionally, before determining the local device and the peer device that need to be networked in the SD-WAN, the method further includes:

当检测到有新设备加入SD-WAN时,根据所述新设备的各个WAN口的业务需求为所述新设备的各个WAN口配置对应的传输域信息。When it is detected that a new device joins the SD-WAN, corresponding transport domain information is configured for each WAN port of the new device according to the service requirements of each WAN port of the new device.

可选的,所述确定出SD-WAN中需要进行组网的本端设备和对端设备,具体包括:Optionally, the determining of the local device and the peer device that needs to be networked in the SD-WAN specifically includes:

当所述本端设备为SD-WAN的中心节点时,将SD-WAN中的其他中心节点确定为所述对端设备;When the local device is the central node of SD-WAN, determine other central nodes in SD-WAN as the opposite device;

当所述本端设备为SD-WAN的分支节点时,根据包含所述分支节点的组网关系从SD-WAN的所有中心节点和其他分支节点中确定出所述对端设备。When the local device is a branch node of the SD-WAN, the opposite device is determined from all central nodes and other branch nodes of the SD-WAN according to the networking relationship including the branch node.

可选的,所述方法还包括:Optionally, the method further includes:

判断已组网的目标设备的WAN口信息是否发生变化;Determine whether the WAN port information of the networked target device has changed;

若是,则将所述目标设备变化后的WAN口信息发送至已与所述目标设备组网的其他设备中。If so, send the changed WAN port information of the target device to other devices that have been networked with the target device.

可选的,所述方法还包括:Optionally, the method further includes:

创建中心节点组,并将SD-WAN中的至少两个中心节点添加到所述中心节点组中;Create a central node group, and add at least two central nodes in SD-WAN to the central node group;

分别为所述中心节点组中的每个中心节点设置0至N的优先级;其中,当优先级为0时,表征中心节点不参与组网;Setting a priority of 0 to N for each central node in the central node group; wherein, when the priority is 0, it indicates that the central node does not participate in the networking;

针对SD-WAN的一个分支节点,在所述分支节点与所述中心节点组中的各个非0优先级的中心节点之间建立隧道。For a branch node of the SD-WAN, a tunnel is established between the branch node and each central node with a non-zero priority in the central node group.

可选的,所述方法还包括:Optionally, the method further includes:

当所述中心节点组中的一个中心节点的优先级由0改为非0时,在所述分支节点与所述中心节点之间建立隧道;When the priority of a central node in the central node group is changed from 0 to non-0, establish a tunnel between the branch node and the central node;

当所述中心节点组中的一个中心节点的优先级由非0改为0时,删除在所述分支节点与所述中心节点之间的隧道。When the priority of a central node in the central node group is changed from non-0 to 0, the tunnel between the branch node and the central node is deleted.

为了实现上述目的,本发明还提供一种基于SD-WAN的组网装置,应用于SD-WAN的控制器,所述装置包括:In order to achieve the above object, the present invention also provides a networking device based on SD-WAN, which is applied to the controller of SD-WAN, and the device includes:

确定模块,用于确定出SD-WAN中需要进行组网的本端设备和对端设备;The determination module is used to determine the local device and the peer device that need to be networked in SD-WAN;

获取模块,用于分别获取所述本端设备的各个WAN口的传输域信息和所述对端设备的各个WAN口的传输域信息;其中,传输域信息用于表征WAN口的业务需求;an obtaining module, configured to obtain respectively the transmission domain information of each WAN port of the local device and the transmission domain information of each WAN port of the opposite end device; wherein, the transmission domain information is used to represent the service requirements of the WAN port;

判断模块,用于判断所述本端设备和对端设备是否具有相同的传输域信息;a judgment module for judging whether the local device and the peer device have the same transmission domain information;

组网模块,用于若具有相同的传输域信息,则在所述本端设备和对端设备中具有相同的传输域信息的WAN口之间建立隧道。The networking module is configured to establish a tunnel between the WAN ports that have the same transmission domain information in the local device and the opposite end device if they have the same transmission domain information.

可选的,所述装置还包括:Optionally, the device further includes:

配置模块,用于当检测到有新设备加入SD-WAN时,根据所述新设备的各个WAN口的业务需求为所述新设备的各个WAN口配置对应的传输域信息。The configuration module is configured to configure corresponding transport domain information for each WAN port of the new device according to service requirements of each WAN port of the new device when it is detected that a new device has joined the SD-WAN.

为了实现上述目的,本发明还提供一种计算机设备,该计算机设备具体包括:存储器、处理器以及存储在所述存储器上并可在所述处理器上运行的计算机程序,所述处理器执行所述计算机程序时实现上述介绍的基于SD-WAN的组网方法的步骤。In order to achieve the above object, the present invention also provides a computer device, the computer device specifically includes: a memory, a processor, and a computer program stored in the memory and running on the processor, and the processor executes the computer program. The steps of implementing the SD-WAN-based networking method described above when describing the computer program.

为了实现上述目的,本发明还提供一种计算机可读存储介质,其上存储有计算机程序,所述计算机程序被处理器执行时实现上述介绍的基于SD-WAN的组网方法的步骤。In order to achieve the above object, the present invention also provides a computer-readable storage medium on which a computer program is stored, and when the computer program is executed by a processor, implements the steps of the SD-WAN-based networking method described above.

本发明提供的基于SD-WAN的组网方法、装置、设备及存储介质,分别为设备的各个WAN口配置不同的传输域信息,并在两端设备之间具有相同传输域信息的WAN口之间建立隧道,从而实现了两端设备之间隧道的可视化;通过传输域信息可以很好的区分某条隧道的具体用途,可以将特殊的业务调度到与指定传输域信息相关的隧道上,从而实现了业务的逻辑隔离,保障了业务的安全性。The SD-WAN-based networking method, device, device and storage medium provided by the present invention respectively configure different transmission domain information for each WAN port of the device, and have the same transmission domain information between the WAN ports between the two end devices. A tunnel is established between two devices, thereby realizing the visualization of the tunnel between the devices at both ends; the specific purpose of a tunnel can be well distinguished through the transmission domain information, and special services can be dispatched to the tunnel related to the specified transmission domain information, thereby The logical isolation of the business is realized and the security of the business is guaranteed.

附图说明Description of drawings

通过阅读下文优选实施方式的详细描述,各种其他的优点和益处对于本领域普通技术人员将变得清楚明了。附图仅用于示出优选实施方式的目的,而并不认为是对本发明的限制。而且在整个附图中,用相同的参考符号表示相同的部件。在附图中:Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are for the purpose of illustrating preferred embodiments only and are not to be considered limiting of the invention. Also, the same components are denoted by the same reference numerals throughout the drawings. In the attached image:

图1为实施例一提供的基于SD-WAN的组网方法的一种可选的流程示意图;FIG. 1 is an optional schematic flowchart of the SD-WAN-based networking method provided in Embodiment 1;

图2为实施例二提供的基于SD-WAN的组网装置的一种可选的组成结构示意图;2 is a schematic diagram of an optional composition structure of the SD-WAN-based networking device provided in Embodiment 2;

图3为实施例三提供的计算机设备的一种可选的硬件架构示意图。FIG. 3 is a schematic diagram of an optional hardware architecture of the computer device provided in the third embodiment.

具体实施方式Detailed ways

为了使本发明的目的、技术方案及优点更加清楚明白,以下结合附图及实施例,对本发明进行进一步详细说明。应当理解,此处所描述的具体实施例仅用以解释本发明,并不用于限定本发明。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。In order to make the objectives, technical solutions and advantages of the present invention clearer, the present invention will be further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are only used to explain the present invention, but not to limit the present invention. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.

实施例一Example 1

本发明实施例提供了一种基于SD-WAN的组网方法,应用于SD-WAN的控制器,如图1所示,该方法具体包括以下步骤:An embodiment of the present invention provides an SD-WAN-based networking method, which is applied to an SD-WAN controller. As shown in FIG. 1 , the method specifically includes the following steps:

步骤S101:确定出SD-WAN中需要进行组网的本端设备和对端设备。Step S101: Determine the local device and the opposite device that need to be networked in the SD-WAN.

其中,所述本端设备为新添加到SD-WAN网络中的设备,或者,所述本端设备为该SD-WAN网络中的需要重新进行组网配置的设备;Wherein, the local device is a device newly added to the SD-WAN network, or the local device is a device in the SD-WAN network that needs to be reconfigured for networking;

需要说明的是,当某一设备添加到SD-WAN网络中时,需要在该设备与该SD-WAN网络中的其他设备之间进行组网配置;当SD-WAN网络中的某一设备的设备角色或业务需求发生变化时,需要对该设备重新进行组网配置;其中,设备角色包括:中心节点和分支节点。It should be noted that when a device is added to the SD-WAN network, networking configuration needs to be performed between the device and other devices in the SD-WAN network; when a device in the SD-WAN network has a When a device role or business requirement changes, the device needs to be reconfigured for networking; the device roles include: a central node and a branch node.

具体的,步骤S101,包括:Specifically, step S101 includes:

当所述本端设备为SD-WAN的中心节点时,将SD-WAN中的其他中心节点确定为所述对端设备;When the local device is the central node of SD-WAN, determine other central nodes in SD-WAN as the opposite device;

当所述本端设备为SD-WAN的分支节点时,根据包含所述分支节点的组网关系从SD-WAN的所有中心节点和其他分支节点中确定出所述对端设备。When the local device is a branch node of the SD-WAN, the opposite device is determined from all central nodes and other branch nodes of the SD-WAN according to the networking relationship including the branch node.

在本实施例中,SD-WAN网络中的一个中心节点需要分别与该SD-WAN网络中的其他中心节点之间进行组网;此外,组网关系为用户事先根据网络规划设置的信息,组网关系包含了起始分支节点、终止分支节点,以及由该起始分支节点到该终止分支节点之间途径的中心节点。In this embodiment, a central node in the SD-WAN network needs to form a network with other central nodes in the SD-WAN network; in addition, the networking relationship is the information set by the user in advance according to the network planning, the grouping The network relationship includes a starting branch node, a terminating branch node, and a central node passing from the starting branch node to the terminating branch node.

步骤S102:分别获取所述本端设备的各个WAN口的传输域信息和所述对端设备的各个WAN口的传输域信息;其中,传输域信息用于表征WAN口的业务需求。Step S102 : respectively acquiring the transmission domain information of each WAN port of the local device and the transmission domain information of each WAN port of the opposite end device; wherein the transmission domain information is used to represent the service requirements of the WAN port.

具体的,在步骤S102之前,所述方法还包括:Specifically, before step S102, the method further includes:

当检测到有新设备加入SD-WAN时,根据所述新设备的各个WAN口的业务需求为所述新设备的各个WAN口配置对应的传输域信息。When it is detected that a new device joins the SD-WAN, corresponding transport domain information is configured for each WAN port of the new device according to the service requirements of each WAN port of the new device.

进一步的,所述传输域信息包括:业务类型信息、业务安全等级信息、业务运营商信息;Further, the transmission domain information includes: service type information, service security level information, and service operator information;

其中,所述根据所述新设备的各个WAN口的业务需求为所述新设备的各个WAN口配置对应的传输域信息,具体包括:Wherein, configuring corresponding transport domain information for each WAN port of the new device according to the service requirements of each WAN port of the new device specifically includes:

针对所述新设备,当一个WAN口的业务需求为通过所述WAN口传输指定类型的业务时,为所述WAN口配置与所述指定类型的业务对应的业务类型信息;For the new device, when the service requirement of a WAN port is to transmit a specified type of service through the WAN port, configure service type information corresponding to the specified type of service for the WAN port;

当一个WAN口的业务需求为通过所述WAN口传输指定安全级别的业务时,为所述WAN口配置与所述指定安全级别对应的业务安全等级信息;When a service requirement of a WAN port is to transmit a service of a specified security level through the WAN port, configure service security level information corresponding to the specified security level for the WAN port;

当一个WAN口的业务需求为所述WAN口在指定运营商下传输时,为所述WAN口配置与所述指定运营商对应的业务运营商信息。When the service requirement of a WAN port is that the WAN port is transmitted under a designated operator, configure service operator information corresponding to the designated operator for the WAN port.

在本实施例中,通过传输域信息区分各个WAN口的业务需求,以使各个WAN口的业务需求可视化。In this embodiment, the service requirements of each WAN port are distinguished by the transmission domain information, so as to visualize the service requirements of each WAN port.

步骤S103:判断所述本端设备和对端设备是否具有相同的传输域信息。Step S103: Determine whether the local end device and the opposite end device have the same transmission domain information.

步骤S104:若具有相同的传输域信息,则在所述本端设备和对端设备中具有相同的传输域信息的WAN口之间建立隧道。Step S104: If there is the same transmission domain information, a tunnel is established between the WAN ports that have the same transmission domain information in the local device and the opposite device.

在本实施例中,通过传输域信息可以将某一类型的业务在指定的隧道中传输,也可以将具有较高安全级别需求的业务在指定的隧道中传输,从而保证业务传输的安全性,还可以保证某一业务在指定运营商内完成。在本实施例中,通过为设备的各个WAN口配置不同的传输域信息,并根据传输域信息在两端设备的各个WAN口之间建立隧道,以实现了两端设备之间隧道的可视化;通过传输域信息可以很好的区分某条隧道的具体用途,可以将特殊的业务调度到与指定传输域信息相关的隧道上,从而实现了业务的逻辑隔离,保障了业务的安全性。In this embodiment, a certain type of service can be transmitted in a designated tunnel through the transmission domain information, and a service with a higher security level requirement can also be transmitted in a designated tunnel, thereby ensuring the security of service transmission. It can also ensure that a certain service is completed within a designated operator. In this embodiment, different transmission domain information is configured for each WAN port of the device, and a tunnel is established between each WAN port of the two end devices according to the transmission domain information, so as to realize the visualization of the tunnel between the two end devices; The specific purpose of a tunnel can be well distinguished through the transmission domain information, and special services can be scheduled to the tunnels related to the specified transmission domain information, thereby realizing the logical isolation of the services and ensuring the security of the services.

还需要说明的是,在实际应用中,若对两端设备的组网配置无特殊要求,则可以将两端设备的所有WAN口配置同一个传输域信息,因此,可以按照现有的组网方式在两端设备的各个WAN口之间建立隧道。It should also be noted that, in practical applications, if there are no special requirements for the networking configuration of the devices at both ends, all WAN ports of the devices at both ends can be configured with the same transport domain information. In this way, tunnels are established between the WAN ports of the devices at both ends.

具体的,所述方法还包括:Specifically, the method further includes:

判断已组网的目标设备的WAN口信息是否发生变化;Determine whether the WAN port information of the networked target device has changed;

若是,则将所述目标设备变化后的WAN口信息发送至已与所述目标设备组网的其他设备中。If so, send the changed WAN port information of the target device to other devices that have been networked with the target device.

此外,所述方法还包括:In addition, the method also includes:

对已组网的设备形成的组网关系进行检测;Detect the networking relationship formed by the networked devices;

当检测到有新的设备添加到所述组网关系时,按照上述步骤S101至步骤S104的方式在所述设备与所述组网关系中的其他设备的各个WAN口之间进行隧道建立;When it is detected that a new device is added to the networking relationship, tunnel establishment is performed between the device and each WAN port of other devices in the networking relationship according to the above steps S101 to S104;

当检测到有设备从所述组网关系中删除时,删除所述设备与所述组网关系中的其他设备之间的隧道。When it is detected that a device is deleted from the networking relationship, the tunnel between the device and other devices in the networking relationship is deleted.

进一步的,所述方法还包括:Further, the method also includes:

步骤A1:创建中心节点组,并将SD-WAN中的至少两个中心节点添加到所述中心节点组中;Step A1: Create a central node group, and add at least two central nodes in SD-WAN to the central node group;

步骤A2:分别为所述中心节点组中的每个中心节点设置0至N的优先级;其中,当优先级为0时,表征中心节点不参与组网;Step A2: respectively setting a priority of 0 to N for each central node in the central node group; wherein, when the priority is 0, it indicates that the central node does not participate in the networking;

步骤A3:针对SD-WAN的一个分支节点,在所述分支节点与所述中心节点组中的各个非0优先级的中心节点之间建立隧道。Step A3: For a branch node of SD-WAN, establish a tunnel between the branch node and each central node with non-zero priority in the central node group.

在本实施例中,将多个可使用的中心节点统一放入一个中心节点组中来管理使用,因此,分支节点无需再单独去选择要连接的中心节点,可直接与中心节点组连接。此外,在本实施例中,为中心节点组中的每个中心节点设置对应的优先级信息:0至N,且N为大于2的正整数。当一个中心节点的优先级为0时,表示该中心节点不参加组网;优先级1至N表示,若分支节点可以经过多个中心节点到达时,则由优先级来决定分支节点访问中心节点后业务的路径;分支节点优先使用优先级最大的中心节点进行业务传输,当优先级最大的中心节点无法工作时,可自动将业务传输切换至优先级次之的中心节点上,以此类推。In this embodiment, multiple usable central nodes are put into a central node group for management and use. Therefore, branch nodes do not need to select the central node to be connected separately, and can directly connect to the central node group. In addition, in this embodiment, corresponding priority information is set for each central node in the central node group: 0 to N, and N is a positive integer greater than 2. When the priority of a central node is 0, it indicates that the central node does not participate in the networking; the priorities from 1 to N indicate that if the branch node can reach through multiple central nodes, the priority determines the branch node after accessing the central node. The path of the service; the branch node preferentially uses the central node with the highest priority for service transmission. When the central node with the highest priority cannot work, it can automatically switch the service transmission to the central node with the second priority, and so on.

更进一步的,所述方法还包括:Further, the method also includes:

当所述中心节点组中的一个中心节点的优先级由0改为非0时,在所述分支节点与所述中心节点之间建立隧道;When the priority of a central node in the central node group is changed from 0 to non-0, establish a tunnel between the branch node and the central node;

当所述中心节点组中的一个中心节点的优先级由非0改为0时,删除在所述分支节点与所述中心节点之间的隧道。When the priority of a central node in the central node group is changed from non-0 to 0, the tunnel between the branch node and the central node is deleted.

在本实施例中,若想去除中心节点组中的某个中心节点与分支节点之间的组网,则可以将该中心节点的优先级修改为0,因此,该中心节点会删除与所有分支节点之间的组网;若想让中心节点组中的某个中心节点参与组网,则将该中心节点的优先级修改为非0即可。因此,当中心节点组中的中心节点的优先级发生变化时,会引起隧道相应的调整;若中心节点组中的一个中心节点的优先级由0调整为非0,则会添加该中心节点与引用该中心节点组的各个分支节点之间的隧道;若中心节点组中的一个中心节点的优先级由非0调整为0,则会删除该中心节点与引用该中心节点组的各个分支节点之间的隧道。In this embodiment, if you want to remove the networking between a certain central node in the central node group and a branch node, the priority of the central node can be changed to 0. Therefore, the central node will delete all branches connected to the central node. Networking between nodes; if you want a central node in the central node group to participate in the networking, you can change the priority of the central node to non-zero. Therefore, when the priority of the central node in the central node group changes, the tunnel will be adjusted accordingly; if the priority of a central node in the central node group is adjusted from 0 to non-0, the central node and the Refers to the tunnel between each branch node of the central node group; if the priority of a central node in the central node group is adjusted from non-0 to 0, the central node and each branch node referencing the central node group will be deleted. tunnel between.

实施例二Embodiment 2

本发明实施例提供了一种基于SD-WAN的组网装置,应用于SD-WAN的控制器,如图2所示,该装置具体包括以下组成部分:An embodiment of the present invention provides an SD-WAN-based networking device, which is applied to an SD-WAN controller. As shown in FIG. 2 , the device specifically includes the following components:

1)确定模块201,用于确定出SD-WAN中需要进行组网的本端设备和对端设备。1) The determination module 201 is used to determine the local device and the peer device that need to be networked in the SD-WAN.

具体的,所述本端设备为新添加到SD-WAN网络中的设备,或者,所述本端设备为该SD-WAN网络中的需要重新进行组网配置的设备;Specifically, the local device is a device newly added to the SD-WAN network, or the local device is a device in the SD-WAN network that needs to be reconfigured for networking;

需要说明的是,当某一设备添加到SD-WAN网络中时,需要在该设备与该SD-WAN网络中的其他设备之间进行组网配置;当SD-WAN网络中的某一设备的设备角色或业务需求发生变化时,需要对该设备重新进行组网配置;其中,设备角色包括:中心节点和分支节点。It should be noted that when a device is added to the SD-WAN network, networking configuration needs to be performed between the device and other devices in the SD-WAN network; when a device in the SD-WAN network has a When a device role or business requirement changes, the device needs to be reconfigured for networking; the device roles include: a central node and a branch node.

进一步的,确定模块201,具体用于:Further, the determining module 201 is specifically used for:

当所述本端设备为SD-WAN的中心节点时,将SD-WAN中的其他中心节点确定为所述对端设备;When the local device is the central node of SD-WAN, determine other central nodes in SD-WAN as the opposite device;

当所述本端设备为SD-WAN的分支节点时,根据包含所述分支节点的组网关系从SD-WAN的所有中心节点和其他分支节点中确定出所述对端设备。When the local device is a branch node of the SD-WAN, the opposite device is determined from all central nodes and other branch nodes of the SD-WAN according to the networking relationship including the branch node.

在本实施例中,SD-WAN网络中的一个中心节点需要分别与该SD-WAN网络中的其他中心节点之间进行组网;此外,组网关系为用户事先根据网络规划设置的信息,组网关系包含了起始分支节点、终止分支节点,以及由该起始分支节点到该终止分支节点之间途径的中心节点。In this embodiment, a central node in the SD-WAN network needs to form a network with other central nodes in the SD-WAN network; in addition, the networking relationship is the information set by the user in advance according to the network planning, the grouping The network relationship includes a starting branch node, a terminating branch node, and a central node passing from the starting branch node to the terminating branch node.

2)获取模块202,用于分别获取所述本端设备的各个WAN口的传输域信息和所述对端设备的各个WAN口的传输域信息;其中,传输域信息用于表征WAN口的业务需求。2) Obtaining module 202, configured to obtain respectively the transmission domain information of each WAN port of the local device and the transmission domain information of each WAN port of the opposite end device; wherein, the transmission domain information is used to represent the service of the WAN port need.

具体的,所述装置还包括:Specifically, the device further includes:

配置模块,用于当检测到有新设备加入SD-WAN时,根据所述新设备的各个WAN口的业务需求为所述新设备的各个WAN口配置对应的传输域信息。The configuration module is configured to configure corresponding transport domain information for each WAN port of the new device according to service requirements of each WAN port of the new device when it is detected that a new device has joined the SD-WAN.

进一步的,所述传输域信息包括:业务类型信息、业务安全等级信息、业务运营商信息;Further, the transmission domain information includes: service type information, service security level information, and service operator information;

其中,所述配置模块,具体用于:Wherein, the configuration module is specifically used for:

针对所述新设备,当一个WAN口的业务需求为通过所述WAN口传输指定类型的业务时,为所述WAN口配置与所述指定类型的业务对应的业务类型信息;For the new device, when the service requirement of a WAN port is to transmit a specified type of service through the WAN port, configure service type information corresponding to the specified type of service for the WAN port;

当一个WAN口的业务需求为通过所述WAN口传输指定安全级别的业务时,为所述WAN口配置与所述指定安全级别对应的业务安全等级信息;When a service requirement of a WAN port is to transmit a service of a specified security level through the WAN port, configure service security level information corresponding to the specified security level for the WAN port;

当一个WAN口的业务需求为所述WAN口在指定运营商下传输时,为所述WAN口配置与所述指定运营商对应的业务运营商信息。When the service requirement of a WAN port is that the WAN port is transmitted under a designated operator, configure service operator information corresponding to the designated operator for the WAN port.

在本实施例中,通过传输域信息区分各个WAN口的业务需求,以使各个WAN口的业务需求可视化。In this embodiment, the service requirements of each WAN port are distinguished by the transmission domain information, so as to visualize the service requirements of each WAN port.

3)判断模块203,用于判断所述本端设备和对端设备是否具有相同的传输域信息。3) Judging module 203, configured to judge whether the local device and the opposite device have the same transmission domain information.

4)组网模块204,用于若具有相同的传输域信息,则在所述本端设备和对端设备中具有相同的传输域信息的WAN口之间建立隧道。4) The networking module 204 is configured to establish a tunnel between the WAN ports that have the same transmission domain information in the local device and the opposite end device if they have the same transmission domain information.

在本实施例中,通过传输域信息可以将某一类型的业务在指定的隧道中传输,也可以将具有较高安全级别需求的业务在指定的隧道中传输,从而保证业务传输的安全性,还可以保证某一业务在指定运营商内完成。在本实施例中,通过为设备的各个WAN口配置不同的传输域信息,并根据传输域信息在两端设备的各个WAN口之间建立隧道,以实现了两端设备之间隧道的可视化;通过传输域信息可以很好的区分某条隧道的具体用途,可以将特殊的业务调度到与指定传输域信息相关的隧道上,从而实现了业务的逻辑隔离,保障了业务的安全性。In this embodiment, a certain type of service can be transmitted in a designated tunnel through the transmission domain information, and a service with a higher security level requirement can also be transmitted in a designated tunnel, thereby ensuring the security of service transmission. It can also ensure that a certain service is completed within a designated operator. In this embodiment, different transmission domain information is configured for each WAN port of the device, and a tunnel is established between each WAN port of the two end devices according to the transmission domain information, so as to realize the visualization of the tunnel between the two end devices; The specific purpose of a tunnel can be well distinguished through the transmission domain information, and special services can be scheduled to the tunnels related to the specified transmission domain information, thereby realizing the logical isolation of the services and ensuring the security of the services.

进一步的,所述装置还包括:Further, the device also includes:

同步模块,用于判断已组网的目标设备的WAN口信息是否发生变化;若是,则将所述目标设备变化后的WAN口信息发送至已与所述目标设备组网的其他设备中。The synchronization module is used to judge whether the WAN port information of the networked target device has changed; if so, send the changed WAN port information of the target device to other devices that have been networked with the target device.

进一步的,所述装置还包括:Further, the device also includes:

中心模块,用于创建中心节点组,并将SD-WAN中的至少两个中心节点添加到所述中心节点组中;分别为所述中心节点组中的每个中心节点设置0至N的优先级;其中,当优先级为0时,表征中心节点不参与组网;针对SD-WAN的一个分支节点,在所述分支节点与所述中心节点组中的各个非0优先级的中心节点之间建立隧道。The central module is used to create a central node group, and add at least two central nodes in SD-WAN to the central node group; respectively set a priority of 0 to N for each central node in the central node group wherein, when the priority is 0, it indicates that the central node does not participate in the networking; for a branch node of SD-WAN, between the branch node and each non-zero priority central node in the central node group establish a tunnel between them.

在本实施例中,将多个可使用的中心节点统一放入一个中心节点组中来管理使用,因此,分支节点无需再单独去选择要连接的中心节点,可直接与中心节点组连接。此外,在本实施例中,为中心节点组中的每个中心节点设置对应的优先级信息:0至N,且N为大于2的正整数。当一个中心节点的优先级为0时,表示该中心节点不参加组网;优先级1至N表示,若分支节点可以经过多个中心节点到达时,则由优先级来决定分支节点访问中心节点后业务的路径;分支节点优先使用优先级最大的中心节点进行业务传输,当优先级最大的中心节点无法工作时,可自动将业务传输切换至优先级次之的中心节点上,以此类推。In this embodiment, multiple usable central nodes are put into a central node group for management and use. Therefore, branch nodes do not need to select the central node to be connected separately, and can directly connect to the central node group. In addition, in this embodiment, corresponding priority information is set for each central node in the central node group: 0 to N, and N is a positive integer greater than 2. When the priority of a central node is 0, it indicates that the central node does not participate in the networking; the priorities from 1 to N indicate that if the branch node can reach through multiple central nodes, the priority determines when the branch node accesses the central node. The path of the service; the branch node preferentially uses the central node with the highest priority for service transmission. When the central node with the highest priority cannot work, it can automatically switch the service transmission to the central node with the second priority, and so on.

更进一步的,所述装置还包括:Further, the device also includes:

更新模块,用于当所述中心节点组中的一个中心节点的优先级由0改为非0时,在所述分支节点与所述中心节点之间建立隧道;当所述中心节点组中的一个中心节点的优先级由非0改为0时,删除在所述分支节点与所述中心节点之间的隧道。The updating module is configured to establish a tunnel between the branch node and the central node when the priority of a central node in the central node group is changed from 0 to non-0; When the priority of a central node is changed from non-0 to 0, the tunnel between the branch node and the central node is deleted.

在本实施例中,若想去除中心节点组中的某个中心节点与分支节点之间的组网,则可以将该中心节点的优先级修改为0,因此,该中心节点会删除与所有分支节点之间的组网;若想让中心节点组中的某个中心节点参与组网,则将该中心节点的优先级修改为非0即可。因此,当中心节点组中的中心节点的优先级发生变化时,会引起隧道相应的调整;若中心节点组中的一个中心节点的优先级由0调整为非0,则会添加该中心节点与引用该中心节点组的各个分支节点之间的隧道;若中心节点组中的一个中心节点的优先级由非0调整为0,则会删除该中心节点与引用该中心节点组的各个分支节点之间的隧道。In this embodiment, if you want to remove the networking between a certain central node in the central node group and a branch node, the priority of the central node can be changed to 0. Therefore, the central node will delete all branches connected to the central node. Networking between nodes; if you want a central node in the central node group to participate in the networking, you can change the priority of the central node to non-zero. Therefore, when the priority of the central node in the central node group changes, the tunnel will be adjusted accordingly; if the priority of a central node in the central node group is adjusted from 0 to non-0, the central node and the Refers to the tunnel between each branch node of the central node group; if the priority of a central node in the central node group is adjusted from non-0 to 0, the central node and each branch node referencing the central node group will be deleted. tunnel between.

实施例三Embodiment 3

本实施例还提供一种计算机设备,如可以执行程序的智能手机、平板电脑、笔记本电脑、台式计算机、机架式服务器、刀片式服务器、塔式服务器或机柜式服务器(包括独立的服务器,或者多个服务器所组成的服务器集群)等。如图3所示,本实施例的计算机设备30至少包括但不限于:可通过系统总线相互通信连接的存储器301、处理器302。需要指出的是,图3仅示出了具有组件301-302的计算机设备30,但是应理解的是,并不要求实施所有示出的组件,可以替代的实施更多或者更少的组件。This embodiment also provides a computer device, such as a smart phone, a tablet computer, a notebook computer, a desktop computer, a rack server, a blade server, a tower server, or a cabinet server (including independent servers, or A server cluster composed of multiple servers), etc. As shown in FIG. 3 , the computer device 30 in this embodiment at least includes but is not limited to: a memory 301 and a processor 302 that can be communicatively connected to each other through a system bus. It should be noted that FIG. 3 only shows the computer device 30 having components 301-302, but it should be understood that implementation of all of the illustrated components is not required, and more or fewer components may be implemented instead.

本实施例中,存储器301(即可读存储介质)包括闪存、硬盘、多媒体卡、卡型存储器(例如,SD或DX存储器等)、随机访问存储器(RAM)、静态随机访问存储器(SRAM)、只读存储器(ROM)、电可擦除可编程只读存储器(EEPROM)、可编程只读存储器(PROM)、磁性存储器、磁盘、光盘等。在一些实施例中,存储器301可以是计算机设备30的内部存储单元,例如该计算机设备30的硬盘或内存。在另一些实施例中,存储器301也可以是计算机设备30的外部存储设备,例如该计算机设备30上配备的插接式硬盘,智能存储卡(Smart Media Card,SMC),安全数字(Secure Digital,SD)卡,闪存卡(Flash Card)等。当然,存储器301还可以既包括计算机设备30的内部存储单元也包括其外部存储设备。在本实施例中,存储器301通常用于存储安装于计算机设备30的操作系统和各类应用软件。此外,存储器301还可以用于暂时地存储已经输出或者将要输出的各类数据。In this embodiment, the memory 301 (that is, a readable storage medium) includes a flash memory, a hard disk, a multimedia card, a card-type memory (eg, SD or DX memory, etc.), random access memory (RAM), static random access memory (SRAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), Programmable Read Only Memory (PROM), Magnetic Memory, Magnetic Disk, Optical Disk, etc. In some embodiments, the memory 301 may be an internal storage unit of the computer device 30 , such as a hard disk or a memory of the computer device 30 . In other embodiments, the memory 301 may also be an external storage device of the computer device 30, such as a plug-in hard disk, a smart memory card (Smart Media Card, SMC), a secure digital (Secure Digital, SD) card, flash memory card (Flash Card), etc. Of course, the memory 301 may also include both the internal storage unit of the computer device 30 and its external storage device. In this embodiment, the memory 301 is generally used to store the operating system and various application software installed on the computer device 30 . In addition, the memory 301 can also be used to temporarily store various types of data that have been output or will be output.

处理器302在一些实施例中可以是中央处理器(Central Processing Unit,CPU)、控制器、微控制器、微处理器、或其他数据处理芯片。该处理器302通常用于控制计算机设备30的总体操作。The processor 302 may be a central processing unit (Central Processing Unit, CPU), a controller, a microcontroller, a microprocessor, or other data processing chips in some embodiments. The processor 302 is typically used to control the overall operation of the computer device 30 .

具体的,在本实施例中,处理器302用于执行处理器302中存储的基于SD-WAN的组网方法的程序,所述基于SD-WAN的组网方法的程序被执行时实现如下步骤:Specifically, in this embodiment, the processor 302 is configured to execute the program of the SD-WAN-based networking method stored in the processor 302, and the following steps are implemented when the program of the SD-WAN-based networking method is executed. :

确定出SD-WAN中需要进行组网的本端设备和对端设备;Determine the local and peer devices that need to be networked in SD-WAN;

分别获取所述本端设备的各个WAN口的传输域信息和所述对端设备的各个WAN口的传输域信息;其中,传输域信息用于表征WAN口的业务需求;Respectively obtain the transmission domain information of each WAN port of the local device and the transmission domain information of each WAN port of the opposite end device; wherein, the transmission domain information is used to represent the service requirements of the WAN port;

判断所述本端设备和对端设备是否具有相同的传输域信息;Determine whether the local device and the peer device have the same transmission domain information;

若具有相同的传输域信息,则在所述本端设备和对端设备中具有相同的传输域信息的WAN口之间建立隧道。If they have the same transmission domain information, a tunnel is established between the WAN ports that have the same transmission domain information in the local device and the opposite end device.

上述方法步骤的具体实施例过程可参见第一实施例,本实施例在此不再重复赘述。For the specific embodiment process of the above method steps, reference may be made to the first embodiment, which will not be repeated in this embodiment.

实施例四Embodiment 4

本实施例还提供一种计算机可读存储介质,如闪存、硬盘、多媒体卡、卡型存储器(例如,SD或DX存储器等)、随机访问存储器(RAM)、静态随机访问存储器(SRAM)、只读存储器(ROM)、电可擦除可编程只读存储器(EEPROM)、可编程只读存储器(PROM)、磁性存储器、磁盘、光盘、服务器、App应用商城等等,其上存储有计算机程序,所述计算机程序被处理器执行时实现如下方法步骤:This embodiment also provides a computer-readable storage medium, such as a flash memory, a hard disk, a multimedia card, a card-type memory (for example, SD or DX memory, etc.), random access memory (RAM), static random access memory (SRAM), only Read-only memory (ROM), Electrically Erasable Programmable Read-Only Memory (EEPROM), Programmable Read-Only Memory (PROM), magnetic memory, magnetic disk, optical disk, server, App application mall, etc., on which computer programs are stored, When the computer program is executed by the processor, the following method steps are implemented:

确定出SD-WAN中需要进行组网的本端设备和对端设备;Determine the local and peer devices that need to be networked in SD-WAN;

分别获取所述本端设备的各个WAN口的传输域信息和所述对端设备的各个WAN口的传输域信息;其中,传输域信息用于表征WAN口的业务需求;Respectively obtain the transmission domain information of each WAN port of the local device and the transmission domain information of each WAN port of the opposite end device; wherein, the transmission domain information is used to represent the service requirements of the WAN port;

判断所述本端设备和对端设备是否具有相同的传输域信息;Determine whether the local device and the peer device have the same transmission domain information;

若具有相同的传输域信息,则在所述本端设备和对端设备中具有相同的传输域信息的WAN口之间建立隧道。If they have the same transmission domain information, a tunnel is established between the WAN ports that have the same transmission domain information in the local device and the opposite end device.

上述方法步骤的具体实施例过程可参见第一实施例,本实施例在此不再重复赘述。For the specific embodiment process of the above method steps, reference may be made to the first embodiment, which will not be repeated in this embodiment.

需要说明的是,在本文中,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者装置不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者装置所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括该要素的过程、方法、物品或者装置中还存在另外的相同要素。It should be noted that, herein, the terms "comprising", "comprising" or any other variation thereof are intended to encompass non-exclusive inclusion, such that a process, method, article or device comprising a series of elements includes not only those elements, It also includes other elements not expressly listed or inherent to such a process, method, article or apparatus. Without further limitation, an element qualified by the phrase "comprising a..." does not preclude the presence of additional identical elements in a process, method, article or apparatus that includes the element.

上述本发明实施例序号仅仅为了描述,不代表实施例的优劣。The above-mentioned serial numbers of the embodiments of the present invention are only for description, and do not represent the advantages or disadvantages of the embodiments.

通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到上述实施例方法可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件,但很多情况下前者是更佳的实施方式。From the description of the above embodiments, those skilled in the art can clearly understand that the methods of the above embodiments can be implemented by means of software plus a necessary general hardware platform, and of course hardware can also be used, but in many cases the former is better implementation.

以上仅为本发明的优选实施例,并非因此限制本发明的专利范围,凡是利用本发明说明书及附图内容所作的等效结构或等效流程变换,或直接或间接运用在其他相关的技术领域,均同理包括在本发明的专利保护范围内。The above are only preferred embodiments of the present invention, and are not intended to limit the scope of the present invention. Any equivalent structure or equivalent process transformation made by using the contents of the description and drawings of the present invention, or directly or indirectly applied in other related technical fields , are similarly included in the scope of patent protection of the present invention.

Claims (10)

1. An SD-WAN-based networking method, applied to a controller of an SD-WAN, comprises the following steps:
determining local terminal equipment and opposite terminal equipment which need to be networked in the SD-WAN;
respectively acquiring the transmission domain information of each WAN port of the local terminal equipment and the transmission domain information of each WAN port of the opposite terminal equipment; the transmission domain information is used for representing the service requirement of a WAN port;
judging whether the local terminal equipment and the opposite terminal equipment have the same transmission domain information;
if the transmission domain information is the same, a tunnel is established between the local terminal equipment and the WAN ports with the same transmission domain information in the opposite terminal equipment.
2. The SD-WAN-based networking method according to claim 1, wherein before the determining a local device and an opposite device that need to be networked in the SD-WAN, the method further comprises:
and when detecting that new equipment is added into the SD-WAN, configuring corresponding transmission domain information for each WAN port of the new equipment according to the service requirement of each WAN port of the new equipment.
3. The SD-WAN-based networking method according to claim 1, wherein the determining a home terminal device and an opposite terminal device that need to be networked in the SD-WAN specifically includes:
when the local terminal equipment is a central node of the SD-WAN, determining other central nodes in the SD-WAN as the opposite terminal equipment;
when the local terminal equipment is a branch node of the SD-WAN, determining the opposite terminal equipment from all central nodes and other branch nodes of the SD-WAN according to the networking relationship including the branch node; the networking relation comprises an initial branch node, a termination branch node and a central node of a path from the initial branch node to the termination branch node.
4. The SD-WAN based networking method of claim 1, further comprising:
judging whether WAN port information of the networked target equipment changes or not;
and if so, sending the WAN port information after the target equipment is changed to other equipment which is networked with the target equipment.
5. The SD-WAN based networking method of claim 1, further comprising:
creating a central node group, and adding at least two central nodes in the SD-WAN into the central node group;
setting priorities from 0 to N for each central node in the central node group respectively; when the priority is 0, representing that the central node does not participate in networking;
for a branch node of the SD-WAN, a tunnel is established between the branch node and each non-0 priority central node in the central node group.
6. The SD-WAN based networking method of claim 5, further comprising:
when the priority of one central node in the central node group is changed from 0 to non-0, a tunnel is established between the branch node and the central node;
and when the priority of one central node in the central node group is changed from non-0 to 0, deleting the tunnel between the branch node and the central node.
7. An SD-WAN-based networking device, applied to a controller of an SD-WAN, the device comprising:
the determining module is used for determining local terminal equipment and opposite terminal equipment which need to be networked in the SD-WAN;
an obtaining module, configured to obtain transmission domain information of each WAN port of the local device and transmission domain information of each WAN port of the opposite device, respectively; the transmission domain information is used for representing the service requirement of a WAN port;
the judging module is used for judging whether the local terminal equipment and the opposite terminal equipment have the same transmission domain information;
and the networking module is used for establishing a tunnel between the WAN ports with the same transmission domain information in the local terminal equipment and the opposite terminal equipment if the WAN ports have the same transmission domain information.
8. The SD-WAN based networking device of claim 7, wherein the device further comprises:
and the configuration module is used for configuring corresponding transmission domain information for each WAN port of the new equipment according to the service requirements of each WAN port of the new equipment when the new equipment is detected to be added into the SD-WAN.
9. A computer device, the computer device comprising: memory, processor and computer program stored on the memory and executable on the processor, characterized in that the processor realizes the steps of the method of any of claims 1 to 6 when executing the computer program.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method of any one of claims 1 to 6.
CN202010511737.5A 2020-06-08 2020-06-08 SD-WAN-based networking method, device, equipment and storage medium Active CN111654399B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010511737.5A CN111654399B (en) 2020-06-08 2020-06-08 SD-WAN-based networking method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010511737.5A CN111654399B (en) 2020-06-08 2020-06-08 SD-WAN-based networking method, device, equipment and storage medium

Publications (2)

Publication Number Publication Date
CN111654399A CN111654399A (en) 2020-09-11
CN111654399B true CN111654399B (en) 2022-10-18

Family

ID=72349048

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010511737.5A Active CN111654399B (en) 2020-06-08 2020-06-08 SD-WAN-based networking method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN111654399B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113518104B (en) * 2021-03-11 2024-02-27 网宿科技股份有限公司 Data message processing method, transfer equipment and system
CN113572642B (en) * 2021-07-23 2024-05-10 奇安信科技集团股份有限公司 Networking method, device and system
CN113630276B (en) * 2021-08-16 2024-04-09 迈普通信技术股份有限公司 Main-standby switching control method and device and DVPN network system
CN115834274B (en) * 2023-02-14 2023-04-18 广东奥飞数据科技股份有限公司 SD-WAN (secure digital-wide area network) rapid networking method

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102938741A (en) * 2012-10-30 2013-02-20 汉柏科技有限公司 Method and system for controlling internet protocol security (IPSEC) load sharing
CN104301230A (en) * 2014-10-10 2015-01-21 杭州华三通信技术有限公司 Message forwarding method and device
CN108011907A (en) * 2016-10-31 2018-05-08 华为技术有限公司 The resource allocation methods and device of adapted telecommunication net
CN108989210A (en) * 2017-06-02 2018-12-11 中兴通讯股份有限公司 A kind of tunnel selecting method and software defined network controller based on strategy
CN110290093A (en) * 2018-03-19 2019-09-27 杭州达乎科技有限公司 The SD-WAN network architecture and network-building method, message forwarding method
WO2020081947A1 (en) * 2018-10-19 2020-04-23 Futurewei Technologies, Inc. Secure sd-wan port information distribution

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102938741A (en) * 2012-10-30 2013-02-20 汉柏科技有限公司 Method and system for controlling internet protocol security (IPSEC) load sharing
CN104301230A (en) * 2014-10-10 2015-01-21 杭州华三通信技术有限公司 Message forwarding method and device
CN108011907A (en) * 2016-10-31 2018-05-08 华为技术有限公司 The resource allocation methods and device of adapted telecommunication net
CN108989210A (en) * 2017-06-02 2018-12-11 中兴通讯股份有限公司 A kind of tunnel selecting method and software defined network controller based on strategy
CN110290093A (en) * 2018-03-19 2019-09-27 杭州达乎科技有限公司 The SD-WAN network architecture and network-building method, message forwarding method
WO2020081947A1 (en) * 2018-10-19 2020-04-23 Futurewei Technologies, Inc. Secure sd-wan port information distribution

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
"一种面向融合SD-WAN广域网接入设计及其加速技术研究";夏国鹏;《中国优秀博硕士学位论文全文数据库(硕士)信息科技辑》;20200515;全文 *
Rubén E. Mora-Huiracocha ; Pablo L. Gallegos-Segovia ; Paúl E. Vin."Implementation of a SD-WAN for the interconnection of two software defined data centers".《 2019 IEEE Colombian Conference on Communications and Computing (COLCOM)》.2019, *

Also Published As

Publication number Publication date
CN111654399A (en) 2020-09-11

Similar Documents

Publication Publication Date Title
CN111654399B (en) SD-WAN-based networking method, device, equipment and storage medium
CN108305072B (en) Method, apparatus and computer storage medium for deploying a blockchain network
US9276812B1 (en) Automated testing of a direct network-to-network connection
CN108769258B (en) Method and apparatus for hosting blockchain network to blockchain application platform
US10728107B2 (en) Managing users of cloud services with management tool
CN110780912B (en) Hierarchical spanning tree software patch with segment support
CN112003961A (en) A resource exposure method, system, device and medium in kubernetes
US10911314B2 (en) Systems and methods for determining entry points for mapping a network
US12095734B1 (en) Container-based association and sharing of domain name system configuration objects
CN112217656A (en) Method and device for synchronizing configuration information of network equipment in SD-WAN (secure digital-to-Wide area network) system
CN109104368B (en) A method, device, server and computer-readable storage medium for requesting connection
CN113541987B (en) A method and device for updating configuration data
CN105490843A (en) Information processing method and system
CN110581800B (en) A method and device, storage medium and device for creating a virtual router interface
CN111654398B (en) A method, apparatus, computer device and readable storage medium for updating configuration
CN110620706B (en) Parameter adjusting method and equipment
CN116016211A (en) A network service management method, device, equipment and storage medium
CN108768849A (en) Message processing method and device
CN106559439B (en) A kind of method for processing business and equipment
CN115225645B (en) A service update method, device, system and storage medium
Cheng et al. Reaching Consensus with Byzantine Faulty Controllers in Software‐Defined Networks
CN119136153A (en) System switching method, device, equipment, storage medium and computer program product
CN111447080B (en) Private network decentralization control method, device and computer readable storage medium
JP2025518158A (en) Method, apparatus and system for managing cluster access rights - Patents.com
CN109039907A (en) Determine network traffic data optimal path method, apparatus, equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information
CB02 Change of applicant information

Address after: Room 332, 3 / F, Building 102, 28 xinjiekouwei street, Xicheng District, Beijing 100088

Applicant after: QAX Technology Group Inc.

Applicant after: Qianxin Wangshen information technology (Beijing) Co.,Ltd.

Address before: Room 332, 3 / F, Building 102, 28 xinjiekouwei street, Xicheng District, Beijing 100088

Applicant before: QAX Technology Group Inc.

Applicant before: LEGENDSEC INFORMATION TECHNOLOGY (BEIJING) Inc.

GR01 Patent grant
GR01 Patent grant