CN116170304B - Network equipment configuration file checking method, device, equipment and storage medium - Google Patents
Network equipment configuration file checking method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN116170304B CN116170304B CN202211579957.7A CN202211579957A CN116170304B CN 116170304 B CN116170304 B CN 116170304B CN 202211579957 A CN202211579957 A CN 202211579957A CN 116170304 B CN116170304 B CN 116170304B
- Authority
- CN
- China
- Prior art keywords
- network
- configuration file
- configuration
- checking
- network device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 35
- 238000007689 inspection Methods 0.000 claims abstract 2
- 238000004590 computer program Methods 0.000 claims description 11
- 238000012360 testing method Methods 0.000 claims description 6
- 238000013178 mathematical model Methods 0.000 claims description 4
- 230000006870 function Effects 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 101100384355 Mus musculus Ctnnbip1 gene Proteins 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 239000011810 insulating material Substances 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000011084 recovery Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/02—Standardisation; Integration
- H04L41/0213—Standardised network management protocols, e.g. simple network management protocol [SNMP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0876—Aspects of the degree of configuration automation
- H04L41/0886—Fully automatic configuration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0889—Techniques to speed-up the configuration process
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/28—Restricting access to network management systems or functions, e.g. using authorisation function to access network configuration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Automation & Control Theory (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a network equipment configuration file checking method, a device, equipment and a storage medium, which comprise the steps of acquiring an initial configuration file and a current configuration file from target network equipment; generating a configuration file according to the initial configuration file and the current configuration file; generating a network link table according to configuration files of other network devices in a local area network and the configuration files of the target network device to obtain an upper-level route corresponding to the target network device; checking whether each network device MAC address managed by the superior route exists in a trust certificate of the configuration file; and enabling the upper-level route to access an external network address, tracking each node passing by when accessing the external network address, and checking the consistency of a local link in each node forming link and the network link table. By adopting the invention, comprehensive and comprehensive automatic inspection can be performed, and the integrity and the correctness of the regional whole network configuration and the anti-striking capability of the network are improved.
Description
Technical Field
The present invention relates to the field of insulating material measurement technologies, and in particular, to a method, an apparatus, a device, and a storage medium for checking a configuration file of a network device.
Background
In the network field, no matter in an access network or a core network, user equipment accesses the network, and in the process of running a service, domain name resolution needs to be performed in a domain name system (domai n name system, DNS), namely I P addresses of network elements are queried according to DNS data, information exchange is also required to be performed with equipment in an accessed regional subnetwork, and an interconnection relationship is established.
With the continuous development of network technology, the functions of network equipment become extremely abundant, the configuration of the network equipment becomes very complex, professional technicians and manufacturer personnel are required to configure the network equipment, the existing configuration text comparison function is usually used for performing the text comparison on single equipment, the configuration correlation of multiple equipment is not considered, the configuration is not wrong from the single-machine perspective, but the configuration of the network equipment and the configuration of other equipment have the problem of conflict from the local networking perspective, and the problem of no awareness is solved. From the perspective of the wide area network, if the DNS configuration is invalid due to improper configuration, the internet service will be totally disabled. If the configuration problem is only seen from a single machine, and the conditions of interconnection and access of multiple devices to an external network are not considered, the configuration of the whole network is often non-uniform, and configuration hidden troubles in management, safety and the like are generated.
The accuracy efficiency of checking DNS data and multi-device interconnection condition manually is low, and omission is also easily caused, which may affect the quality of experience of users.
Disclosure of Invention
The embodiment of the invention provides a method, a device, equipment and a storage medium for checking a configuration file of network equipment, which can obviously improve the efficiency of checking the validity of the configuration file.
An embodiment of the present invention provides a method for checking a configuration file of a network device, including:
acquiring an initial configuration file and a current configuration file from target network equipment;
generating a configuration file according to the initial configuration file and the current configuration file;
generating a network link table according to configuration files of other network devices in a local area network and the configuration files of the target network device to obtain an upper-level route corresponding to the target network device;
checking whether each network device MAC address managed by the superior route exists in a trust certificate of the configuration file; if yes, the inline configuration of the target network equipment is qualified;
enabling the upper-level route to access an external network address, tracking each node passing by when accessing the external network address, and checking the consistency of a local link in a link formed by each node and the network link table; and if the configuration is consistent, the external connection configuration of the target network equipment is qualified.
In a possible implementation manner of the first aspect, the checking whether the MAC address of each network device managed by the upper level route exists in the trust certificate of the configuration file specifically includes:
extracting a trust certificate from the configuration file and analyzing the trust certificate to obtain a trust MAC address list in the trust certificate;
checking whether each network device MAC address is in the trusted MAC address list.
In a possible implementation manner of the first aspect, the enabling the upper level route to access an external network address, tracking each node passing through when accessing the external network address, and checking consistency between a local domain network link in a link formed by each node and the network link table specifically includes:
invoking a pi ng command to test the network connection between the upper-level route and an external network address;
after passing the pi ng command test, calling a traceroute command to track each node passing by when accessing the external network address, and recording a local node positioned in the local domain network;
checking whether the local links formed by the local nodes are consistent with the network link table.
In a possible implementation manner of the first aspect, the checking whether the local link formed by each local node is consistent with the network link table specifically includes:
it is checked whether the information flow of the local link formed by each local node is in the network link table.
In a possible implementation manner of the first aspect, the checking whether the information flow direction of the local link formed by each local node is in the network link table specifically includes:
if the information flow of the local link includes a loop, the DNS configuration of the configuration file has a domain name resolution problem.
In a possible implementation manner of the first aspect, the generating a network link table according to the configuration file of the other network devices in the local area network and the configuration file of the target network device specifically includes:
and analyzing the configuration files of other network devices in the local domain network and the information of the configuration files of the target network device according to a preset mathematical model, determining the link relation between the network devices, and establishing a matched network link table according to the link relation.
In a possible implementation manner of the first aspect, the determining a link relationship between network devices specifically includes:
reading basic information of each network device according to SNMP;
the upper level route of each network device is recorded.
In a possible implementation manner of the second aspect, an embodiment of the present invention provides a network device profile checking apparatus, including:
the configuration acquisition module is used for acquiring an initial configuration file and a current configuration file from target network equipment;
the configuration generating module is used for generating a configuration file according to the initial configuration file and the current configuration file;
the link generation module is used for generating a network link table according to the configuration files of other network devices in the local area network and the configuration files of the target network device to obtain an upper-level route corresponding to the target network device;
a first checking module, configured to check whether each network device MAC address managed by the upper level route exists in a trust certificate of the configuration file; if yes, the inline configuration of the target network equipment is qualified;
the second checking module is used for enabling the upper-level route to access an external network address, tracking each node passing by when accessing the external network address, and checking the consistency of a local link in a link formed by each node and the network link table; and if the configuration is consistent, the external connection configuration of the target network equipment is qualified.
In a possible implementation manner of the third aspect, an embodiment of the present invention provides a computer device, which is characterized by including a processor and a memory, where the memory is configured to store a computer program, where the computer program is executed by the processor to implement a network device profile checking method as described above.
In a fourth aspect, an embodiment of the present invention provides a computer readable storage medium, which stores a computer program, which when executed by a processor implements a network device profile checking method as described above.
Compared with the prior art, the method, the device, the equipment and the storage medium for checking the network equipment configuration file provided by the embodiment of the invention can be used for checking the online configuration problem in the network, checking the configuration correlation problem among multiple network equipment and accessing an external network under the local area network structure of the interconnection of the multiple equipment, finding the potential safety configuration problem which cannot be found by single equipment, including routing, switching, management, safety, disaster tolerance and the like, by checking whether the MAC address of each network equipment managed by the superior routing exists in the trust certificate of the configuration file and checking the consistency of the local link in each node forming link and the network link table, thereby improving the integrity and the correctness of the overall area network configuration and the anti-hit capability of the network.
Drawings
Fig. 1 is a flowchart of a method for checking a configuration file of a network device according to an embodiment of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Referring to fig. 1, an embodiment of the present invention provides a method for checking a configuration file of a network device, which specifically includes:
s10, acquiring a starting configuration file and a current configuration file from target network equipment.
S11, generating a configuration file according to the initial configuration file and the current configuration file.
And S12, generating a network link table according to the configuration files of other network devices in the local area network and the configuration files of the target network device, and obtaining the upper-level route corresponding to the target network device.
S13, checking whether each network equipment MAC address managed by the superior route exists in a trust certificate of the configuration file; if yes, the inline configuration of the target network equipment is qualified.
S14, enabling the upper-level route to access an external network address, tracking each node passing by when accessing the external network address, and checking the consistency of a local link in links formed by each node and the network link table; and if the configuration is consistent, the external connection configuration of the target network equipment is qualified.
In general, the local lan includes multiple network devices, where the upper level routing of each network device needs to be set comprehensively according to the link relationship between each network device and the external network access requirement, and the specific network configuration of each network device needs to consider the rationality of the link between the network device and other network devices, the rationality of the upper level routing node setting, the external network access efficiency and the external network access stability, and the rationality of the link between the devices is the guarantee of quick and effective information between the devices. The link information generally includes I P information, VLAN information, MAC information, neighbor relation database information.
The configuration files of the network equipment are generally divided into a current configuration file and an initial configuration file, wherein the current configuration file generally refers to configuration information of the equipment which is currently running and effective, and the configuration information is stored in a RAM; the initial configuration file is that configuration information which is automatically loaded every time the device is started is stored in the F l ash.
On the premise that basic configuration file information provided by a user is obtained, the server automatically identifies the type of the equipment, automatically selects a proper acquisition method, automatically acquires the configuration file of the equipment at regular intervals and stores the configuration file in the central processing unit.
In general, the device is required to turn on an SNMP (simple network management protocol), provide SNMP community str i ng to the user, and provide read-only rights. SNMP is a standard commonly used in the industry, and can read basic information of a device according to SNMP, determine a manufacturer, a device type, and the like of the device, and then determine a suitable collection method, where in general, the suitable collection method is the same or similar collection method set by the manufacturer and the type of the device, so as to improve collection efficiency of configuration file information of the device.
And then comprehensively analyzing configuration files of each device, adding new target network devices on the basis of the original links according to the requirement of the target network devices to be added, and forming a new network link table. In the network link table, the upper route set for the target network device by the upper route corresponding to the target network device is obtained by analyzing according to a preset mathematical model, and the phase of the target network device and other network devices managed by the upper route and the requirement of accessing the external network are comprehensively considered.
Illustratively, the checking whether the MAC address of each network device managed by the upper level route exists in the trust certificate of the configuration file specifically includes:
extracting a trust certificate from the configuration file and analyzing the trust certificate to obtain a trust MAC address list in the trust certificate;
checking whether each network device MAC address is in the trusted MAC address list.
Whether the MAC addresses of all the network devices are in the trust MAC address list can ensure the phase of the target network device and other network devices managed by the superior route, check the configuration correlation problem among multiple network devices, and find out the potential safety configuration problem which cannot be found by a single device, wherein the potential safety configuration problem comprises routing, switching, management, safety and disaster recovery.
Illustratively, the enabling the upper-level route to access an external network address, tracking each node passing by when accessing the external network address, and checking the consistency of the local domain network link in the links formed by each node and the network link table specifically includes:
invoking a pi ng command to test the network connection between the upper-level route and an external network address;
after passing the pi ng command test, calling a traceroute command to track each node passing by when accessing the external network address, and recording a local node positioned in the local domain network;
checking whether the local links formed by the local nodes are consistent with the network link table.
Illustratively, the checking whether the local link formed by each local node is consistent with the network link table specifically includes:
it is checked whether the information flow of the local link formed by each local node is in the network link table.
The p < i > ng command can be used for continuously sending test data packets to the target host, and the display result is fed back; it is tested which network nodes have passed between the current host and the destination host and shows the connection status (response time) of each intermediate node for the nodes that cannot be shown, the connection status will show ".
Illustratively, the checking whether the information flow of the local link formed by each local node exists in the network link table specifically includes:
if the information flow of the local link includes a loop, the DNS configuration of the configuration file has a domain name resolution problem.
The information flow of the local link represents the path of the target network device actually accessing the external network, if the path repeatedly passes through a plurality of local nodes, the DNS domain name analysis has a fault, and the upper level route has an error when accessing the server node at the higher level.
Illustratively, the generating a network link table according to the configuration files of other network devices in the local area network and the configuration files of the target network device specifically includes:
and analyzing the configuration files of other network devices in the local domain network and the information of the configuration files of the target network device according to a preset mathematical model, determining the link relation between the network devices, and establishing a matched network link table according to the link relation.
Illustratively, the determining the link relation between the network devices specifically includes:
reading basic information of each network device according to SNMP;
the upper level route of each network device is recorded.
Compared with the prior art, the method, the device, the equipment and the storage medium for checking the network equipment configuration file provided by the embodiment of the invention can be used for checking the online configuration problem in the network, checking the configuration correlation problem among multiple network equipment and accessing an external network under the local area network structure of the interconnection of the multiple equipment, finding the potential safety configuration problem which cannot be found by single equipment, including routing, switching, management, safety, disaster tolerance and the like, by checking whether the MAC address of each network equipment managed by the superior routing exists in the trust certificate of the configuration file and checking the consistency of the local link in each node forming link and the network link table, thereby improving the integrity and the correctness of the overall area network configuration and the anti-hit capability of the network.
An embodiment of the present invention provides a network device configuration file checking apparatus, including: the device comprises a configuration acquisition module, a configuration generation module, a link generation module, a first checking module and a second checking module.
And the configuration acquisition module is used for acquiring the initial configuration file and the current configuration file from the target network equipment.
And the configuration generating module is used for generating a configuration file according to the initial configuration file and the current configuration file.
And the link generation module is used for generating a network link table according to the configuration files of other network devices in the local area network and the configuration files of the target network device to obtain the upper-level route corresponding to the target network device.
A first checking module, configured to check whether each network device MAC address managed by the upper level route exists in a trust certificate of the configuration file; if yes, the inline configuration of the target network equipment is qualified.
The second checking module is used for enabling the upper-level route to access an external network address, tracking each node passing by when accessing the external network address, and checking the consistency of a local link in a link formed by each node and the network link table; and if the configuration is consistent, the external connection configuration of the target network equipment is qualified.
The network device profile checking apparatus described above may implement the network device profile checking method of the method embodiment described above. The options in the method embodiments described above are also applicable to this embodiment and will not be described in detail here. The rest of the embodiments of the present application may refer to the content of the method embodiments described above, and in this embodiment, no further description is given.
An embodiment of the present application provides a computer device, including: at least one processor, a memory and a computer program 2 stored in the memory and executable on the at least one processor, the processor implementing the steps of any of the method embodiments described above when the computer program is executed.
The computer device can be a smart phone, a tablet computer, a desktop computer, a cloud server and other computing devices. The computer device may include, but is not limited to, a processor, a memory. It will be appreciated by those skilled in the art that the above-described embodiments are merely examples of a computer device and are not limiting of a computer device, and may include more or fewer components than shown, or may combine certain components, or different components, for example, may also include input-output devices, network access devices, etc.
The processor may be a central processing unit (Centra l Process i ng Unit, CPU), it may also be other general purpose processors, digital signal processors (Digita l Signa l Processor, DSP), application specific integrated circuits (App l icat ion Specifi C I ntegrated Ci rcuit, asic), off-the-shelf programmable gate arrays (Fie d-Programmab l e Gate Array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory may in some embodiments be an internal storage unit of the computer device, such as a hard disk or a memory of the computer device. The memory may in other embodiments also be an external storage device of the computer device, such as a plug-in hard disk provided on the computer device, a smart memory Card (Smart Med ia Card, SMC), a Secure Digital (SD) Card, a flash memory Card (F1 ash Card), etc. Further, the memory may also include both internal storage units and external storage devices of the computer device. The memory is used to store an operating system, application programs, boot loader (BootLoader), data, and other programs, etc., such as program code for the computer program, etc. The memory 161 may also be used to temporarily store data that has been output or is to be output.
In addition, the embodiment of the present application further provides a computer readable storage medium, where a computer program is stored, where the computer program is executed by a processor to implement the steps in any of the above-mentioned method embodiments.
The present embodiments provide a computer program product which, when run on a computer device, causes the computer device to perform the steps of the method embodiments described above.
In several embodiments provided herein, it will be understood that each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device to perform all or part of the steps of the method described in the various embodiments of the present application. And the aforementioned storage medium includes: a usb disk, a removable hard disk, a Read-only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
While the foregoing is directed to the preferred embodiments of the present invention, it will be appreciated by those skilled in the art that changes and modifications may be made without departing from the principles of the invention, such changes and modifications are also intended to be within the scope of the invention.
Claims (10)
1. A method for checking a network device profile, comprising:
acquiring an initial configuration file and a current configuration file from target network equipment;
generating a configuration file according to the initial configuration file and the current configuration file;
generating a network link table according to configuration files of other network devices in a local area network and the configuration files of the target network device to obtain an upper-level route corresponding to the target network device;
checking whether each network device MAC address managed by the superior route exists in a trust certificate of the configuration file; if yes, the inline configuration of the target network equipment is qualified;
enabling the upper-level route to access an external network address, tracking each node passing by when accessing the external network address, and checking the consistency of a local link in a link formed by each node and the network link table; and if the configuration is consistent, the external connection configuration of the target network equipment is qualified.
2. The network device profile checking method of claim 1, wherein said checking whether each network device MAC address managed by said superior route exists in a trust certificate of said profile, specifically comprises:
extracting a trust certificate from the configuration file and analyzing the trust certificate to obtain a trust MAC address list in the trust certificate;
checking whether each network device MAC address is in the trusted MAC address list.
3. The method for checking a configuration file of a network device according to claim 1, wherein the step of allowing the upper level router to access an external network address, tracking each node passing by when accessing the external network address, and checking the consistency between the local network link and the network link table in the links formed by each node specifically comprises:
invoking a ping command to test the network connection between the upper level route and an external network address;
after the ping command is tested, calling a traceroute command to track each node passing by when the external network address is accessed, and recording a local node positioned in the local domain network;
checking whether the local links formed by the local nodes are consistent with the network link table.
4. A method for checking a configuration file of a network device according to claim 3, wherein said checking whether the local link formed by each local node is consistent with the network link table comprises:
it is checked whether the information flow of the local link formed by each local node is in the network link table.
5. The method for checking a configuration file of a network device according to claim 4, wherein the checking whether the information flow of the local link formed by each local node exists in the network link table specifically includes:
if the information flow of the local link includes a loop, the DNS configuration of the configuration file has a domain name resolution problem.
6. The method for checking network device configuration files according to claim 1, wherein generating the network link table according to the configuration files of other network devices in the local area network and the configuration files of the target network device specifically comprises:
and analyzing the configuration files of other network devices in the local domain network and the information of the configuration files of the target network device according to a preset mathematical model, determining the link relation between the network devices, and establishing a matched network link table according to the link relation.
7. The method for checking network device configuration files according to claim 6, wherein determining the link relationship between the network devices specifically comprises:
reading basic information of each network device according to SNMP;
the upper level route of each network device is recorded.
8. A network device profile inspection apparatus, comprising:
the configuration acquisition module is used for acquiring an initial configuration file and a current configuration file from target network equipment;
the configuration generating module is used for generating a configuration file according to the initial configuration file and the current configuration file;
the link generation module is used for generating a network link table according to the configuration files of other network devices in the local area network and the configuration files of the target network device to obtain an upper-level route corresponding to the target network device;
a first checking module, configured to check whether each network device MAC address managed by the upper level route exists in a trust certificate of the configuration file; if yes, the inline configuration of the target network equipment is qualified;
the second checking module is used for enabling the upper-level route to access an external network address, tracking each node passing by when accessing the external network address, and checking the consistency of a local link in a link formed by each node and the network link table; and if the configuration is consistent, the external connection configuration of the target network equipment is qualified.
9. A computer device comprising a processor and a memory for storing a computer program which when executed by the processor implements the network device profile checking method of any one of claims 1 to 7.
10. A computer readable storage medium, characterized in that it stores a computer program which, when executed by a processor, implements the network device profile checking method according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211579957.7A CN116170304B (en) | 2022-12-09 | 2022-12-09 | Network equipment configuration file checking method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211579957.7A CN116170304B (en) | 2022-12-09 | 2022-12-09 | Network equipment configuration file checking method, device, equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116170304A CN116170304A (en) | 2023-05-26 |
| CN116170304B true CN116170304B (en) | 2023-08-08 |
Family
ID=86413931
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211579957.7A Active CN116170304B (en) | 2022-12-09 | 2022-12-09 | Network equipment configuration file checking method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116170304B (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108768691A (en) * | 2018-04-16 | 2018-11-06 | 复旦大学 | Ethernet automated topology based on snmp protocol is found and cyclic position detecting system |
| CN113190368A (en) * | 2020-01-14 | 2021-07-30 | 华为技术有限公司 | Method, device and system for realizing table item check and computer storage medium |
| CN113949649A (en) * | 2021-10-14 | 2022-01-18 | 迈普通信技术股份有限公司 | Fault detection protocol deployment method and device, electronic equipment and storage medium |
| CN114221882A (en) * | 2021-12-23 | 2022-03-22 | 锐捷网络股份有限公司 | Method, device, equipment and storage medium for detecting fault link |
| CN114389967A (en) * | 2020-10-19 | 2022-04-22 | 南京中兴新软件有限责任公司 | Link detection method, device, equipment and storage medium |
| CN114666200A (en) * | 2022-02-14 | 2022-06-24 | 国电南瑞科技股份有限公司 | Loop detection method and device for intelligent substation network and storage medium |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111095216B (en) * | 2017-08-02 | 2024-06-04 | 希佩尔图斯公司 | Detecting man-in-the-middle attacks on a local area network |
-
2022
- 2022-12-09 CN CN202211579957.7A patent/CN116170304B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108768691A (en) * | 2018-04-16 | 2018-11-06 | 复旦大学 | Ethernet automated topology based on snmp protocol is found and cyclic position detecting system |
| CN113190368A (en) * | 2020-01-14 | 2021-07-30 | 华为技术有限公司 | Method, device and system for realizing table item check and computer storage medium |
| CN114389967A (en) * | 2020-10-19 | 2022-04-22 | 南京中兴新软件有限责任公司 | Link detection method, device, equipment and storage medium |
| CN113949649A (en) * | 2021-10-14 | 2022-01-18 | 迈普通信技术股份有限公司 | Fault detection protocol deployment method and device, electronic equipment and storage medium |
| CN114221882A (en) * | 2021-12-23 | 2022-03-22 | 锐捷网络股份有限公司 | Method, device, equipment and storage medium for detecting fault link |
| CN114666200A (en) * | 2022-02-14 | 2022-06-24 | 国电南瑞科技股份有限公司 | Loop detection method and device for intelligent substation network and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116170304A (en) | 2023-05-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110710159B (en) | Methods, systems, devices, and media for network configuration and troubleshooting | |
| CN109800258B (en) | Data file deployment method, device, computer equipment and storage medium | |
| CN110754065A (en) | Network authentication between a logic level and a hardware level of a network | |
| CN110674427B (en) | Method, device, equipment and storage medium for responding to webpage access request | |
| CN112818307A (en) | User operation processing method, system, device and computer readable storage medium | |
| CN114915561B (en) | Network topology graph generation method and device | |
| CN116170304B (en) | Network equipment configuration file checking method, device, equipment and storage medium | |
| CN108833129B (en) | Network topology discovery method and device | |
| CN114064475A (en) | Cloud native application testing method, device, equipment and storage medium | |
| JP2019511172A (en) | System, method and device for securely managing network connection | |
| CN114257426B (en) | Background flow generation method, device, electronic equipment and storage medium | |
| CN113364681B (en) | Network path determination method, network path determination device, electronic apparatus, network path determination medium, and program product | |
| US10367691B2 (en) | Multi platform static semantic consistency checking of network configurations | |
| US20150331772A1 (en) | Methods for updating diagnostic tools on a hardware device and devices thereof | |
| CN113282347B (en) | Plug-in operation method, device, equipment and storage medium | |
| CN112579472B (en) | Automatic generation method and device for test cases | |
| CN107919980B (en) | Evaluation method and device for clustered system | |
| CN111143318B (en) | Information processing method, device, electronic equipment and storage medium | |
| CN113852551A (en) | Message processing method and device | |
| CN112422338A (en) | Error positioning method and device for CDN network and electronic equipment | |
| US20240205128A1 (en) | Techniques for dns ecosystem health checks | |
| CN115150298B (en) | Virtual gateway testing method and device, storage medium and electronic equipment | |
| CN117520129B (en) | Data center equipment monitoring method, device, equipment and medium | |
| US11799856B2 (en) | Application identification | |
| CN116302711B (en) | Disaster recovery method and device based on cloud platform mirror image, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 510000 room 1301, No. 37, Jinlong street, Xiangjiang financial and business center, Nansha District, Guangzhou City, Guangdong Province (office only) Patentee after: Guangzhou Tongze Kangwei Technology Co.,Ltd. Address before: 510000 room 1301, No. 37, Jinlong street, Xiangjiang financial and business center, Nansha District, Guangzhou City, Guangdong Province (office only) Patentee before: Guangzhou Tongze Kangwei Intelligent Technology Co.,Ltd. |