1. Field of the Invention
The present invention relates to a technique for enhancing the efficiency and quality of a series of work such as initial design, verification test, laying and operation of a network infrastructure, which is increasingly becoming complicated and large-scaled recently, for example, for Internet businesses. In particular, the present invention relates to a network design processing device, a network design processing method and a network design processing program for supporting network system design.
As a large-scale network infrastructure, for example, a group of servers and storages of an IDC (Internet data center), and a network configuration for connecting them are conceivable.
2. Description of the Related Art
Recently, with the diversification and expansion of businesses utilizing the Internet, a network infrastructure is becoming indispensable as a social infrastructure. Therefore, stable operation, such as sufficient-security and nonstop operation, is required for a network infrastructure. Hardware and software for satisfying the requirement are also becoming diversified and complicated. Furthermore, in Web services, since it is difficult to estimate the traffic required by customers, it is necessary to perform reinforcement of servers, change in network configuration, and the like while performing operation, and the network infrastructure changes every day. Furthermore, it is necessary to perform infrastructure design/verification in a short time in order to seize a business chance.
Conventionally, design of a network infrastructure has been manually performed with the use of general drawing creation software, word processor software, table editing software and the like, and arrangement of devices, construction and operation have been performed on the basis of designed drawings. However, in order to correctly understand the state-of-the-art and various device configurations and perform optimal design and maintenance, referring to past failure examples, skillful techniques are required. This presents a challenge in efficiency and cost reduction.
As prior-art technical documents in which a technique related to design and operation of a network is described, there are, for example, Patent Document 1 and Patent Document 2. In Patent Document 1, there is described a technique related to design/maintenance of a virtual network (VLAN), which is a technique for displaying a correspondence relationship between a physical network and a virtual network in a manner that it can be easily understood. In Patent Document 2, there is described a technique related to a network operation management system, which is a technique for managing logical objects such as users and relationships among the logical objects and changing the setting for each of devices constituting a network according to a change made in the logical objects and the relationships.
Patent Document 1: Japanese Patent Laid-Open No. 2004-40374
Patent document 2: Japanese Patent Laid-Open No. 9-282253
Conventional network design supporting techniques have a problem as described below. For example, each of a drawing among devices, an abstract drawing in which devices are grouped, a drawing indicating a communication flow (session), and the like is separately and manually created as necessary. Therefore, it is difficult to keep consistency among the drawings, and there may be a case where inconsistency occurs among drawings. It is also difficult to comprehensively utilize information the drawings have.
Furthermore, similar drawings, such as drawings for construction workers, system engineers (SE), customer engineers (CE), operations managers and the like, have been separately created for the processes, respectively. Therefore, it requires a lot of time and effort to create the drawings. Furthermore, there is a problem that, at the time of revision, a mistake may occur due to failure in reflection. Checkup among the drawings has been also manually performed. Furthermore, the drawings are mere documents, and there is a problem that information for mechanically performing checking, such as design rule checking which is commonly performed in CAD design, cannot be obtained from each drawing.
In performing network system design, it is necessary to sufficiently consider how a service session utilizing the network is realized, in addition to the physical configuration of devices. It is necessary not only for a designer but also for SE's, CE's, operations managers and the like who utilize a network diagram to be able to easily grasp what purpose each of physical devices and device groups arranged on the network is used for and what significance it has on the network.
There exists a prior-art technique in which a physical network and a virtual network are designed in association with each other for design of a network, and network addresses assigned to nodes in the virtual network are displayed being overlapped with the configuration of the physical network and the configuration of the virtual network, as shown in Patent Document 1 described above. The technique disclosed in Patent Document 1, however, is a technique for a network having a specific network technique name, such as VLAN (Virtual Local Area Network) and VPN (Virtual Private Network). However, it is not a technique for grouping devices on a network, paying attention to the purpose of each of the devices so that the functional configuration of the entire network can be understandably displayed.
The technique described in the above Patent Document 2 is a technique for managing physical objects on a network and logical object, such as users, in association with each other. Specifically, it is a technique for, in the case where, for example, the section in an organization to which a user who is a logical object belongs changes, making it possible to easily change the address of an information appliance, which is a physical object possessed by the user. However, this is also not a technique for grouping devices on a network, paying attention to the purpose of each of the devices so that the functional configuration of the entire network can be understandably displayed and for facilitating design.
In order to solve the above problems, the object of the present invention is to, by grouping physical devices having the same purpose or function on a network as a virtual device and showing virtual interfaces among such virtual devices on the network, make it easy to grasp the entire configuration and function of a network to be designed or a network already designed and make it possible to internally manage information about the relationship between the network of the virtual devices and the network of the real devices so that the relationship information can be effectively utilized.
In order to solve the above problems, the network design processing device of the present invention groups one or multiple real devices having the same purpose or function and expresses the group as a virtual device in a network diagram, and provides a virtual interface port for the virtual device so that virtual interfaces can be connected. A network diagram constituted by the virtual devices is managed as a virtual device network diagram, in comparison with a real device network diagram indicating a network configured by actual physical equipment, and configuration data of the real device network diagram and configuration data of the virtual device network diagram are stored in a database in association with each other. By expressing devices with the same purpose being integrated as a group, display can be simplified.
For the virtual devices in the virtual device network diagram, purpose attributes (hot standby, load distribution and the like) are set, and means for outputting information about the set purpose attributes is provided. Thereby, it is possible to compare the real device network diagram and the virtual device network diagram and check the way of connecting each device according to the purpose attribute. Thus, it becomes possible to easily and accurately check whether connections have been made according to purposes.
Specifically, the present invention is a network design processing device to which a network diagram is inputted with the use of a computer screen and which supports design of a network system, and it is provided with: a network diagram creation processing section having processing means for creating or editing a real device network diagram constituted by real devices which are actual physical equipment, from input with the use of the computer screen, and processing means for creating or editing a virtual device network diagram constituted by virtual devices by expressing one or multiple real devices having the same purpose or function as a virtual device and connecting virtual interface ports defined for virtual devices; a network configuration data storage section which stores configuration data of the real device network diagram created or edited by the network diagram creation processing section, configuration data of the virtual device network diagram, and information about the relationship between the configuration data; and a network configuration data output processing section which switches among output of the real device network diagram, output of the virtual device network diagram and output of a network diagram in which the network diagrams are overlapped with each other, on the basis of the data stored in the network configuration data storage section, in response to specification from the outside, and performs output.
According to the present invention, it is possible to express a physical structure of a network and a virtual structure of the network in which devices are grouped. That is, it is possible to express physical network connections among devices, such as a server, a storage, a router, a firewall and a load distribution device, which constitute a network system, and it is also possible to group the devices according to purposes or functions and express a diagram showing a network of virtual devices having logical meanings. As for the order of design, any of a method of designing a real device network and, after that, designing a virtual device network by grouping the real devices and a method of designing a virtual device network first and then designing a real device network by assigning real devices to virtual devices can be used, and it is possible to improve the degree of designing freedom.
Furthermore, by causing a virtual device, which is a group of grouped devices, to have a virtual interface port and connecting such virtual interface ports, the present invention is capable of expressing virtual network connection relationships which do not dependent on physical devices and thereby making it easy to grasp the logical meaning of a network.
Furthermore, according to the present invention, in the network design processing device described above, the network diagram creation processing section has processing means for setting attribute information which logically creates a meaning of the virtual device on the basis of input with the use of the computer screen, and storing the attribute information into the network configuration data storage section in association with the configuration data of the virtual device; and the network configuration data output processing section has processing means for displaying the attribute information in the virtual device network diagram outputted.
The attribute information to be set for a virtual device is, for example, information about creation of a logical meaning, such as duplication (namely, hot standby system), redundancy distribution and clustering of the device. By storing this attribute information, it becomes possible to output information required to automatically perform design checking, for example, about whether the network configuration is duplicated, whether load distribution can be performed, and the like, at the time of completion of design, and it is possible to obtain data for improving the quality of design.
Furthermore, according to the present invention, in the network design processing device described above, the network diagram creation processing section has processing means for setting a session indicating a logical connection relationship by communication between real devices in the real device network diagram and a session indicating a logical connection relationship by communication between virtual devices in the virtual device network diagram, on the basis of input with the use of the computer screen, and storing, for each session, session attribute information including information about start/end points of the session into the network configuration data storage section. Furthermore, the network configuration data output processing section has processing means for displaying information about the session being overlapped with the real device network diagram, the virtual device network diagram to be outputted, or both of the diagrams.
Thereby, it is possible to express a logical concept of an unsubstantial session. That is, it is possible to show a session indicating a unit or a flow of a logical series of work provided by a service by a network system on a drawing of a real device network diagram and a virtual device network diagram. A session can hold port information about real or virtual devices to be the start and end points of the session as attribute information, and it can also have information such as a protocol of data communication and a logical port number. Therefore, it is possible to make it easier to grasp the roles of devices within the network and the contents of services provided by each device.
Furthermore, according to the present invention, in the network design processing device described above, the network diagram creation processing section has processing means for determining, on the basis of the information about the session set in the virtual device network diagram, the positions of corresponding start and end points in the real device network diagram from the information about the start and end points of the session, developing the session in the virtual device network diagram to a corresponding session in the real device network diagram, and storing information about the developed session into the network configuration data storage section.
Thereby, it is possible to automatically define a session in a real device network diagram from a virtually set session, and therefore, design can be simplified, and mistakes in design can be reduced.
Furthermore, according to the present invention, in the network design processing device described above, the network diagram creation processing section has processing means for, on the basis of input with the use of the computer screen, grouping the multiple virtual devices and indicating the groups as new virtual devices, and storing configuration data of the new virtual devices into the network configuration data storage section.
Thereby, it is possible to further group grouped real devices and manage configuration data with a group nesting structure, and therefore, it is possible to gradually simplify a complicated network structure and present the simplified structure.
According to the present invention, it is possible to express a physical structure of a network and a virtual structure in which real devices with the same purpose or function are grouped, and it is possible to simplify a network diagram and display it in a manner that it is easily understood. Furthermore, by internally managing information about the relationship between a virtual device network, in which attention is paid to the purposes or functions of real devices, and a real device network, it is possible to effectively utilize output of the relationship information for design checking and the like.
Therefore, at a design stage of a large-scale network infrastructure and the like, it is possible to prevent inconsistency and mistakes between logical design and physical design and, thereby, significantly enhance the design quality (accuracy), and it is also possible to realize improvement of efficiency of design work by performing the work on one drawing. Furthermore, a real device network diagram, a virtual device network diagram, and information about the relationship between the network diagrams can be utilized not only when the network system is operated but also when the design of the network system is changed, and thus, they can be effectively utilized for maintenance and improvement of the network system.
An embodiment of the present invention will be described with the use of drawings.
An input/output device 2 is configured by a display device, a mouse, a keyboard and the like, and it is connected to the network design processing device 1.
The network diagram creation processing section 10 has processing functions of graphic processing software, such as CAD (Computer Aided Design), and it performs processing for creating a network diagram by input/output from the input/output device 2. The real device network editing section 11 performs processing for creating and editing a network diagram constituted by actual physical devices (referred to as real devices), and it has a network diagram creation function similar to that of the prior-art techniques. The virtual device network editing section 12 performs processing for creating and editing a network diagram in which the components are virtual devices grouped according to purposes or functions (referred to virtual devices).
The session information editing section 13 performs processing for editing session information indicating logical connection by communication among real devices or among virtual devices. The association processing section 14 stores network configuration data defined by the real device network editing section 11, the virtual device network editing section 12 and the session information editing section 13 into the network configuration data storage section 15 in association with one another so that the relationships among the configuration data can be understood. Here, storing the network configuration data in association with one another sections, for example, storing configuration data of network elements related with one another in a manner that the data are linked with one another.
The network configuration data storage section 15 stores the data about network configuration, such as data of real devices, virtual devices, session information and attribute information about them, which has been created by the network diagram creation processing section 10.
The network configuration data output processing section 16 performs processing for outputting various information indicating the network configuration, such as a real device network diagram, a virtual device network diagram, a network diagram in which the network diagrams are overlapped with each other, and the network diagrams in which session information is further shown, on the basis of the data stored in the network configuration data storage section 15.
In an equipment stencil window 22, equipment components to be used for a real device network are arranged on the basis of data in a parts library prepared in advance. Similarly, components to be used for creating a virtual device network are arranged in a virtual device stencil window 23. By selecting an equipment component to be arranged on a network diagram, from the equipment stencil window 22 or the virtual device stencil window 23 with the left button of the mouse, and immediately drag-and-dropping it, the designer arranges the selected equipment component on the network diagram. Such a network diagram creation method to which CAD is applied is a method which has been conventionally used.
In response to an operation against the equipment stencil, the real device network editing section 11 operates. In response to an operation against the virtual device stencil, the virtual device network editing section 12 operates. Session information can also be inputted with the use of a session setting stencil, a menu or the like. In response to input of session information, the session information editing section 13 operates.
It is possible to set various attribute information for real devices, virtual devices, sessions and the like arranged on a network diagram as necessary. In the example in
As for attribute information about each of equipment and the like to be arranged on a network diagram, it can be defined in advance for each component of the equipment stencil or the virtual device stencil. The attribute information can be held in an attribute file (not shown) managed by the network diagram creation processing section 10 as component attribute information. In the property setting window 24, as for attribute items defined in the attribute file in advance, attribute information read from the attribute file is embedded as a default value. Therefore, the designer has to input only attribute information specific to each of equipment and the like, from the property setting window 24. For example, he has to input only minimum attribute information, for example, the host name of and address information about a server.
In network design, a network diagram of the real device network 3 as shown in
In the present invention, concepts of grouping of real devices, virtual interface ports and virtual connection are introduced to the real device network 3 so that a virtual device network 4 as shown in
Grouping means integrating multiple real devices and treating them as one virtually configured device (referred to as a virtual device). It is also possible to define one real device as one virtual device as an exception. In the example in
Similarly, since the load distribution devices 304 and 305 for allocating processing requests from the outside to the server devices 306 to 308 are also configured in duplicate and they are intended for the same purpose, they are grouped together and shown as a virtual device 404 in the virtual device network 4. The server devices 306 to 308 are devices which execute the same service in response to a processing request from the outside, and they are also shown as a virtual device 406 in the virtual device network 4. In order to make the entire network configuration clear, the Internet 301 in the real device network 3 is also shown as one virtual device 401 in the virtual device network 4.
For these virtual devices 401, 402, 404 and 406, there are provided virtual interface ports 410 to 415 which are to be connection ports for input/output among the virtual devices. By these virtual interface ports 410 to 415 being connected via lines, virtual connection relationships are expressed as shown as virtual connections 407 to 409 in the virtual device network 4. The lines indicating the virtual connections 407 to 409 are referred to as virtual nets. For example, the switch devices 309 and 310 are involved in the virtual connection 408.
Existing common drawing editing tools and circuit drawing editing tools also perform graphic grouping processing. However, the grouping is performed merely for integration for movement or copying. This embodiment is characterized in that it is possible to express communication with the outside by providing a virtual interface port for grouped elements (namely, a virtual device), and that it is possible to create a meaning of the group by setting attributes for the group.
The network diagram creation processing section 10 in the network design processing device 1 has a function of creating and editing the real device network 3 and the virtual device network 4 as shown in
It is possible not only to display both a real device network and a virtual device network in the network diagram editing window 21 being overlapped with each other but also to select a layer from a menu not shown to selectively display only the real device network or only the virtual device network. Furthermore, it is also possible to easily perform various kinds of selective display, for example, display of real devices corresponding to a particular part of virtual devices selected from a part of a network drawing displayed being enlarged, due to the data structure of data stored in the network configuration data storage section 15 to be described next.
The data structure of network configuration data stored in the network configuration data storage section 15 will be described with the use of
The real device 321 is provided with input/output pins P11 and P12; the real device 322 is provided with pins P21 and P22; and the real device 323 is provided with pins P31 to P33. The pins P12 and P31 are connected via a net NET1 which is a group of lines, and the pins P22 and P32 are connected via a net NET2.
The virtual device 420 is provided with virtual interface ports VP11 and VP12 to indicate communication relationships with other network elements, and the virtual device 421 is provided with virtual interface ports VP21 and VP22. The virtual interface port VP12 and the virtual interface port VP21 are connected via a virtual net VNET.
The data showing the real device network and the virtual device network as shown in
In
On the other hand, to the virtual device layer pointer 4000, virtual symbol objects 4010 and 4020 corresponding to the virtual devices 420 and 421 shown in
Furthermore, similarly to the net objects of the real device, a virtual net object 4030 corresponding to connection of a virtual interface port is linked from the virtual pin objects 4012 and 4021, and a virtual line object 4031 and link information 4032 about links to real devices are linked from the virtual net object 4030. It is also possible to make the symbol objects of the real devices hold attribute information though it is not shown in
In the data structure as described above, an object holds graphic form information. However, as apparent from
As described above, in this embodiment, a logical network diagram referred to as a virtual device network is expressed by:
1) grouping real devices expressed on a physical network diagram referred to as a real device network to generate virtual devices;
2) giving virtual interface ports to the groups; and
3) connecting the virtual interface ports with one another.
Furthermore, for each group,
4) it is possible to set the meaning and attributes of the group. By outputting the set meaning and attributes of the group for each virtual device as list information, they can be utilized for checking of design rules performed after design of the network, and the like. For example, they can be utilized to check whether a necessary device is duplicately configured so that it does not go down even in the case of occurrence of a fault. It is also possible to further group the groups.
<Design of Real Device Network from Virtual Device Network>
In the example described before, a virtual device network is defined by grouping real devices in a real device network and defining virtual devices. However, it is also possible to create a virtual device network first and then design a real device network by assigning and arranging actual physical devices to virtual devices on the virtual device network. An example thereof will be described next.
First, a virtual device network 4 as shown on the upper side of
For example, the virtual interface port on the side of the virtual device 430 of the virtual net VNT1 (similar for VNT2) and the virtual interface port on the side of the virtual device 431 are denoted by the same VL1. However, they are different ports. When it is necessary to distinguish between them for convenience of description, the virtual interface port on the side of the virtual device 430 is denoted by “appG.VL1”, and the virtual interface port on the side of the virtual device 431 is denoted by “dbG.VL1”.
Here, in order to design an actual physical real device network, real devices are assigned to the virtual devices 430 and 431 by the real device network editing section 11. Here, as shown in the lower side diagram in
As interface ports of the real devices, ports P1 to P4 of the hub devices (HUB1 and HUB2) and pins L1 and L2 of each of the real devices 331 to 334 are defined. Though connection relationships are shown being simplified by using wiring harnesses in the network diagram in
In
Virtual pin objects (VL1 and VL2) are virtual interface port objects set for groups. In the example in
A link between a virtual pin and a pin of a real device is not limited to one-to-one correspondence. Both of one-to-n correspondence that one virtual pin corresponds to multiple real device pins and n-to-one correspondence that multiple virtual pins correspond to one real device pin are also possible. For example, in the example in
As for the entity of an device which is a part of wiring, such as a network switch which is a part of a network connection, by providing link information about the link from a virtual net object to the device symbol object, the correspondence relationship between a virtual device network and a real device network can be expressed. In the example in
As described before, it does not matter which of design of a real device network and design of a virtual device network is performed first. Now, description will be made below on an example of a network structure editing operation and network structure editing processing, with regard to two cases of designing a real device network first and designing a virtual device network diagram first.
When, in the network diagram editing window 21 as shown in
Next, when the pins of device symbols arranged on the network diagram are connected to each other via a line by an operation of connecting the pins of the device symbols, and a connection relationship (net) between them is made clear (OP2), the real device network editing section 11 creates a net object and a line object indicating a graphic shape. The association processing section 14 provides a link between the pin object and the net object (S2). The operation OP2 and the processing step S2 are repeated the number of times corresponding to the number of nets required.
Subsequently, the processing proceeds to editing of a virtual device network. When device symbols to be grouped are selected on the network diagram and the shape of a virtual symbol is drawn on the network diagram (OP3), the virtual device network editing section 12 creates a virtual symbol object. The association processing section 14 provides a link between the virtual symbol object and the device symbol objects (S3).
Next, when a virtual pin is defined for the virtual symbol on the network diagram (OP4), the virtual device network editing section 12 creates a virtual pin object (S4). The definition of the virtual pin may be explicitly specified. It is also possible that the definition is automatically performed by drawing out a virtual net from the virtual symbol.
Next, in response to an operation of defining a correspondence relationship between the virtual pin and a real device pin (OP5), the association processing section 14 provides a link between the virtual pin object and the pin object (S5). The operation OP5 and the processing step S5 are repeated the number of times corresponding to the number of the virtual pins of the virtual symbol. It is also possible to automatically associate virtual pins and real device pins by a heuristic method on the basis of classifications of device symbols, classifications of pins, connection relationships among the device symbols, and the like. In this case, it is possible to display the result of the automatic association on the screen and, only for positions where association has not been performed, manually associate virtual pins and real device pins. The above operations OP3 to OP5 and processing steps S3 to S5 are repeated the number of times corresponding to the number of virtual symbols required.
When the virtual pins of virtual symbols are connected to each other via a line by an operation of connecting the pins of the virtual symbols, and a virtual connection relationship (virtual net) between them is made clear (OP6), the virtual device network editing section 12 creates a virtual net object and a virtual line object indicating a graphic shape. The association processing section 14 provides links between the virtual pin objects and virtual net objects. Furthermore, since a correspondence relationship between the virtual net and a real device net is apparent from correspondence relationships between the virtual pins and real device pins, a link is provided between the virtual net object and the real device net object (S6). The operation OP6 and the processing step S6 are repeated the number of times corresponding to the number of virtual nets required.
When an operation of drawing the shape of a virtual symbol is performed on the network diagram (OP11), the virtual device network editing section 12 creates a virtual symbol object (S11). When a virtual pin is defined for the virtual symbol on the network diagram (OP12), the virtual device network editing section 12 creates a virtual pin object (S12). The operation OP12 and the processing step S12 are repeated the number of times corresponding to the number of virtual pins required. The definition of the virtual pin may be explicitly specified. It is also possible that the definition is automatically performed by drawing out a virtual net from the virtual symbol.
The above operations OP11 and OP12 and processing steps S11 and S12 are repeated the number of times corresponding to the number of virtual symbols required.
When the virtual pins of virtual symbols are connected to each other via a line by an operation of connecting the pins of the virtual symbols, and the virtual connection relationship (virtual net) between them is made clear (OP13), the virtual device network editing section 12 creates a virtual net object and a virtual line object. The association processing section 14 provides links between the virtual pin objects and virtual net objects (S13). The operation OP13 and the processing step S13 are repeated the number of times corresponding to the number of virtual nets required.
When an device symbol is arranged on the network diagram, and the device symbol and a virtual symbol is associated (OP14), the real device network editing section 11 creates an device symbol object and a pin object, and the association processing section 14 provides a link between the virtual symbol object and the device symbol object (S14). Device symbols are prepared in advance as library information, and graphic shapes and interface ports (pins) corresponding to real devices are provided in a library database. Furthermore, by arranging an device symbol in a virtual symbol, an operation for explicitly associating them with each other can be omitted. Since scaling of an device symbol is possible on the network diagram, it is possible to reduce an device symbol to be included in a virtual symbol. Though it is also possible to arrange a virtual symbol and an device symbol away from each other on the network diagram, the operation for explicitly associating them with each other is required in this case.
When a correspondence relationship between a virtual pin and a real device pin is defined by an operation subsequently performed (OP15), the association processing section 14 provides a link between a virtual pin object and a pin object (S15). The operation OP15 and the processing step S15 are repeated the number of times corresponding to the number of the virtual pins of the virtual symbol. It is also possible to automatically associate virtual pins and the real device pins by a heuristic method on the basis of classifications of device symbols, classifications of pins, connection relationships among the device symbols, and the like. In this case, it is possible to display the result of the automatic association on the screen and, only for positions where association has not been performed, manually associate virtual pins and real device pins.
The above operations OP14 and OP15 and processing steps S14 and S15 are repeated the number of times corresponding to the number of device symbols required.
When the pins of the device symbols are connected to each other via a line by an operation of connecting the pins of the device symbols, and the physical connection relationship (net) is made clear (OP16), the real device network editing section 11 creates a net object and a line objects indicating a graphic shape. The association processing section 14 provides a link between the pin object and the net object. Furthermore, since a correspondence relationship between a virtual net and the real device net is apparent from a correspondence relationship between a virtual pin and the real device pin, a link is provided between the virtual net object and the net object (S16). The operation OP16 and the processing step S16 are repeated the number of times corresponding to the number of nets required.
For example, in the case of grouping multiple device in an actual network, various meanings of the grouping are conceivable, such as duplication (hot standby function), redundancy distribution and clustering. In the present invention, such information about a purpose/function is held as attribute information, for creation of a meaning of a virtual device obtained by grouping real devices. It becomes possible to automatically generate device configuration information on the basis of the attribute information set for the group.
In the data structure shown in
Next, an example of generating configuration information from the attribute information will be described on the basis of an example of setting for current-use/waiting systems (using a virtual address) in Red Hat (registered trademark) Linux. Here, it is assumed that each of related objects has a property as shown below.
DBn.Lx.name: an interface name property given to Lx of DBn;
DBn.Lx.net.*: a net-related property given to Lx of DBn;
dbG.VLy.number: a number given to a virtual interface y of a DB group (dbG); and
dbG.VLy.net.*: a virtual-net-related property associated with the virtual interface y of the DB group (dbG).
By preparing a setting file template as shown in
The setting file examples in
The characteristics of this setting example are as follows:
1) The real address setting is different between the current-use system and the waiting system (10.77.153.70 and 10.77.153.71), and both of them are enabled at boot time (ONBOOT=yes).
2) The virtual address setting is shared by the current-use system and the waiting system (10.77.153.72). However, the current-use system is enabled at boot time (ONBOOT=yes), while the waiting system is disabled at boot time (ONBOOT=no).
In this embodiment, it is also possible to further perform grouping of groups integrated as virtual devices. In the example in
In
In
In
In
The internal structure for nesting the groups is basically similar to the structure in
Contrary to the example in
The data holding structure in this case can be also realized by extending the description made so far. When thinking of the case of extending the data structure in
1) adds links (LNKs) to objects indicating real devices (for example, app1, DB1, L1 and the like);
2) newly creates an object of a virtual function portion; and
3) provides links from LNKs of the objects indicating the real devices to a corresponding portion of the object of the virtual function portion.
Thus, it is also possible to realize the case where virtual functions are grouped by entity equipment, and the real devices are further grouped as equipment groups.
Association between network devices includes a logical relationship referred to a session, in addition to a physical connection relationship via a LAN cable or the like and a virtual connection relationship in the case where devices are grouped. A session is a unit of a series of processes for making access between cluster devices, and communication by various protocols are performed in each session. In this embodiment, it is possible to express access between devices by such a session in both of a real device network and a virtual device network. In Patent Documents 1 and 2 for prior-art techniques, the concept of this session is not described in a network diagram.
Attribute information (properties) such as a protocol is given to a session, and the attribute information is held in the network configuration data storage section 15 similarly to the attribute information object of a virtual symbol object.
The attribute information about a session can be expressed on a drawing by an icon with the use of an already-known GUI technique, though it is not shown in
Protocols for a session include, for example, TCP, UDP and ICMP. In TCP, the start point is src of an Syn packet, and the end point is dst of the Syn packet. In UDP and ICMP, the start point is src of an IP packet, and the end point is dst of the IP packet. Whether the opposite-direction session is possible or not can be specified.
When the start point of a session can be fixed at a particular server, the server is specified as the start point of the session even if the session is through the Internet. As such a session, there is a ping (ICMP ECHO) session from a monitoring terminal to a service server which is made in the case of perform monitoring through the Internet. It is only necessary for a session to hold a start point, an end point, a net to which each equipment is connected (a physical connection relationship), and route information for expression on a drawing.
As described above, it is possible to express connection called as a session on a network diagram, similarly to a net which expresses a physical connection relationship and a virtual net which expresses a virtual connection relationship. For a session expressed on a network drawing, it is possible to set properties, such as a protocol, a port number, and an ICMP command in the case of ICMP. Furthermore, the structure is such that the start and end points of a session can be linked to pins of device symbols in the network diagram.
As shown in
When an operation of selecting a virtual pin to be a start point of a session is performed on the network diagram editing screen (OP21), the session information editing section 13 creates a temporary session object. The association processing section 14 provides a link between the virtual pin object to be a start point and the start point of the temporary session object (S21). The temporary session object does not become a formal session object until the end point of the session is determined.
Next, in response to an operation of drawing a line segment while specifying the route toward the end of the session (OP22), the session information editing section 13 adds route information to the temporary session object (S22). The operation OP22 and the processing step S22 are repeated the number of times corresponding to the number of routes required. The route information about the session can be changed later.
When a virtual pin to be the end point of the session is selected on the network diagram (OP23), the session information editing section 13 registers the temporary session object as a formal session object. The association processing section 14 provides a link between the virtual pin object to be the end point and the end point of the session object. The session information editing section 13 displays a window for setting attribute information about the session on the screen and prompts input of the attribute information (S23). The session attribute information can be set after main design is completed. In that case, the session attribute information is inputted by an operation, such as an operation of selecting an arrow graphic indicating the session on the network diagram to open the attribute setting window.
When information defining the attribute information, such as the protocol and the port number of the session, is inputted in the window for setting the session attribute information (OP24), the session information editing section 13 creates a session attribute information object and stores the defined attribute information (S24). The operations OP21 to OP24 and the processing steps S21 to S24 are repeated the number of times corresponding to the number of sessions required. Information about the created session object and attribute information object is stored into the network configuration data storage section 15 after it is confirmed to a designer whether the data is to be stored or not.
<Mapping of Session of Virtual Device Network onto Real Device Network>
In
In designing a large-scale system, to express all necessary real sessions for physical connections in a real device network is troublesome and easily causes mistakes. Furthermore, the drawing is filled with sessions and becomes messy. Therefore, it is though that, if there is a method enabling expression of sessions on logical connections and development of them to physical connections, it will be very useful.
Development of a session from a virtual device network to a real device network can be performed with the use of information about association between virtual pins and physical pins. By reaching, from a virtual session object, the virtual pin objects of virtual symbols to be the start/end points of the session and further following the links between the virtual pin object and a physical pin object, devices to be the start/end points of the session in the real device network, and their interface ports can be known.
Processing for developing a session from a virtual device network to a real device network will be described below with the use of
From link information about the start point of a virtual session to be developed, a virtual pin to be the start point of the virtual session is detected (S30). For example, as shown in
By following the link from the detected virtual pin to be the start point of the virtual session, all the pins to be the entities (the pins of real devices) are detected, and they are stored as a set of start points (S31). However, if the link of the virtual pin is to another virtual pin, the link is further followed to detect only pins to be entities, and they are stored as a set of start points. For example, as shown in
Next, from link information about the end point of the virtual session to be developed, a virtual pin to be the end point of the virtual session is detected (S32). For example, as shown in
By following the link from the detected virtual pin to be the end point of the virtual session, all the pins to be the entities (the pins of real devices) are detected, and the pins, including the virtual pins, are stored as a set of end points (S33). However, if the link of the virtual pin is to another virtual pin, the link is further followed to detect only pins to be entities, and the pins, including the virtual pins, are stored as a set of end points. For example, as shown in
All the combinations of start and end pins (including virtual pins) are determined on the basis of the stored set of start points and set of end points. For example, if all the combinations of a pin to be a start point and a pin to be an end point are determined on the basis of the set of start points {app1.L1, app2.L1} and the set of end points {dbG.VL1, DB1.L1, DB2.L1} described above, the following six combinations of start and end points are determined:
app1.L1-dbG.VL1;
app1.L1-DB1.L1;
app1.L1-DB2.L1;
app2.L1-dbG.VL1;
app2.L1-DB1.L1; and
app2.L1-DB2.L1.
From the determined combinations of start and end points, such combinations as satisfy any of the following conditions are extracted (S35).
(Condition 1): a combination of pins belonging to the same net;
(Condition 2): a combination among hubs belonging to the same net and a pin connected via the hubs; and
(Condition 3): such combination of pins that the end point is a virtual pin.
It is assumed that connection between hubs is possible when a pin having a hub and another pin having a hub belong to the same net and the connection is through the net. In the case where the end point is a virtual pin, search is performed from a real net via a virtual net.
For example, when combinations satisfying the conditions 1 to 3 are extracted from the six combinations described above, four combinations of app1.L1-DB1.L1, app1.L1-DB2.L1, app2.L1-DB1.L1 and app2.L1-DB2.L1 are extracted on the basis of the condition 1, and two combinations of app1.L1-dbG.VL1 and app2.L1-dbG.VL1 are extracted on the basis of the condition 3. No combination is extracted on the basis of the condition 2. In this example, all the six combinations are extracted after all.
For the extracted combinations, real session objects are created, and links are provided between the real session objects and the pins (including virtual pins) to be the start/end points of the real sessions (S36). Here, a session the end point of which is a virtual pin is also treated as a real session.
For example, for each of the six combinations described above, a real session object for each real session is created on the assumption of:
session between app1.L1 and dbG.VL1→real session SES1;
session between app1.L1 and DB1.L1→real session SES2;
session between app1.L1 and DB2.L1→real session SES3;
session between app2.L1 and dbG.VL1→real session SES4;
session between app2.L1 and DB1.L1→real session SES5; and
session between app2.L1 and DB2.L1→real session SES6.
For each real session, a link is provided between the start point of the created real session object and a pin to be the start point of the real session. Furthermore, links are provided between the end points of the created real session objects and pins (including virtual pins) to be the end points of the real sessions.
The properties of each of the pins (including virtual pins) are checked, and an enable/disable flag is added to (or changed for) the real session (S37). The processing of step S37 is executed as appropriate when the properties for enabling a link are prepared or changed. For example, in the case of setting a virtual address for a virtual pin, the above sessions SES1 and SES4 are enabled, while, in the case of redundancy of DNS or the like which does not use a virtual address, the above SES1 and SES4 sessions are disabled. In the case of enabling only such accesses that the end point is a virtual address, the above sessions SES2, SES3, SES5 and SES6, which are accesses between entity pins, are disabled.
As a result of the development processing described with reference to
As a result of the development processing described with reference to
In the network diagram on the left side of
In the example in
Description will be made below especially on the case of the combination of app1.L1 and DB1.L2 extracted on the basis of the condition 2 of step S35 in
By HUB1 and HUB2 being trunk-connected, the link between app1.L1 and DB1.L2 can be followed as shown below:
app1.L1-NET1-HUB1.P4-HUB1.P5-NET9-HUB2.P5-HUB2.P3-NET7-DB1.L2
That is, since the combination of app1.L1 and DB1.L2 satisfies the condition 2 of step S35 in
Thus, it is known that there exist five real sessions the start point of which is app1.L1, including the combinations satisfying the conditions 1 or 3 of step S35 in
A real device network is shown on the real device layer 60; a virtual device network is shown on the virtual device layer 61; and a real or virtual session is shown on the session information layer 62. The entire network diagram is constituted by these three layers.
In
In the example in
Some existing graphic creation tools have the concept of layers. However, the concept of layers of the existing graphic creation tools is intended merely to overlap drawings with one another. In comparison, this embodiment provides a system which capable not only of managing a drawing for each layer but also of integrating and grasping the systems, including a real device network and a virtual device network, by providing links connecting objects among layers. Thereby, the system is not a system merely for creating a network drawing but a system capable of managing information which can be applied to verification of connection between devices, checking of inconsistency between a virtual device network and a real device network, automatic generation of setting information about each device, and the like.
If, in the internal data structure in
As shown in
It is possible not only to display the entire network diagram for each layer or by overlap but also to provide means for partly displaying a specified range in the network diagram. For example, it is possible to provide means for, in displaying the virtual device network layer shown in
Processing for display on a screen or processing for output to a printer or the like on the basis of the layer management information described above is performed by the network configuration data output processing section 16. In addition, the network configuration data output processing section 16 is provided with a function of outputting a list of real devices to be used for checking a designed network system, a list of virtual devices, a list of real sessions, a list of virtual sessions, a list of real interface ports (pins), a list of virtual interface ports, a list of attribute information about them, link information indicating relationships among them, and the like, on the basis of data stored in the network configuration data storage section 15, in response to selection from an output menu by a designer.
The above processing performed by the network design processing device can be realized by a computer and a software program, and the program can be recorded in a computer-readable recording medium or provided through a network.
The present invention is practiced on a computer system having a graphical input/output interface. The present invention is a technique useful especially for enhancement of efficiency/quality of design of a large-scale network infrastructure.
This application is based upon and claims priority of PCT international application No. PCT/JP2006/305358 filed Mar. 17, 2006, the contents being incorporated herein by reference.
Number | Date | Country | |
---|---|---|---|
Parent | PCT/JP2006/305358 | Mar 2006 | US |
Child | 12232465 | US |