The present disclosure relates to the technical field of communications. Various embodiments of the teachings herein include network topology construction methods and/or apparatus.
A network topology refers to the physical layout of various devices interconnected using transmission media. Specifically, the network topology may be a specific physical arrangement of devices or a logical arrangement of devices. A network topology is the basis of network management, and most functions in network management can be realized based on a network topology. With the aid of a network topology, a network administrator can intuitively learn the states of all network devices. Thus the network administrator can be freed from repeated mechanical manual monitoring and locate a fault in the network quickly so that the network is visible, controllable and manageable.
Currently, when a network topology is constructed, physical connection relationships between devices in a network, for example, the connection relationship between terminal devices and switches and the connection relationship between switches, need to be manually identified. Then the network topology is constructed according to the identified physical connection relationships between various devices.
In known network topology construction methods, physical connection relationships between devices in a network are determined through manual identifications, and then a network topology is constructed according to the identified physical connection relationships between various devices. However, since a network possibly comprises a large number of devices and the physical connection relationships between devices in a large network are very complicated, the determination of physical connection relationships between various devices in a network through manual identifications is error prone. As a result, the constructed network topology has a low accuracy.
In view of this, the network topology construction method and apparatus, and a computer-readable medium incorporating teachings of the present disclosure can improve the accuracy of the constructed network topology. For example, some embodiments of the teachings herein include a network topology construction method including: acquiring a MAC address table of each port on each switch in a target network, wherein the target network comprises at least two switches and at least one terminal device; determining a first connection relationship in the target network according to the MAC addresses of terminal devices in the target network included in each acquired MAC address table, wherein the first connection relationship is used to represent a connection relationship between terminal devices and switches included in a network; determining at least one first port according to the first connection relationship in the target network, wherein the first port is a port connected with no terminal device on each switch in the target network; determining a second connection relationship in the target network according to the MAC addresses included in the MAC address table of each of the first ports in the target network, wherein the second connection relationship is used to represent a connection relationship between switches in a network; and determining a network topology of the target network according to the first connection relationship and the second connection relationship in the target network.
In some embodiments, determining a first connection relationship in the target network according to the MAC addresses of the terminal devices in the target network that are included in each acquired MAC address table comprises, for each acquired MAC address table, performing the following: if the MAC address table contains only one MAC address of a first terminal device in the target network and no other acquired MAC address tables containing MAC addresses completely the same as the MAC addresses included in the MAC address table exist, determining that the port which the MAC address table belongs to is connected with the first terminal device; if the MAC address table contains at least two MAC addresses of a second terminal device in the target network, determining that the port which the MAC address table belongs to is connected with the second terminal device; determining a first connection relationship in the target network according to the connection relationship between terminal devices and ports on the switches in the target network and the ports included in each switch in the target network.
In some embodiments, determining a second connection relationship in the target network according to the MAC addresses included in the MAC address table of each of the first ports in the target network comprises: determining whether each port on each switch in the target network has a MAC address; if each port on each switch in the target network has a MAC address, determining the second connection relationship in the target network according to the MAC addresses of the ports of the switches included in the MAC address table of each of the first ports in the target network; if at least one port on each switch in the target network has no MAC address, determining the second connection relationship in the target network according to the MAC addresses of terminal devices included in the MAC address table of each of the first ports in the target network.
In some embodiments, determining a second connection relationship in the target network according to the MAC addresses of the ports of the switches included in the MAC address table of each of the first ports in the target network comprises: for any switch in the target network, if the MAC addresses of at least two ports on the switch are in the MAC address table of the same port on another switch in the target network, determining that the switch is a redundancy manager in the target network and deleting the MAC addresses of all ports on the switch from the MAC address table of each first port; for each of the first ports in the target network, if the MAC address table of the first port contains a MAC address of a second port in the target network, determining that the first port is connected with the second port, wherein the first port and the second port are located on different switches in the target network; determining the second connection relationship in the target network according to the connection relationship between each of the first ports and the second port in the target network and the switches the first port and the second port belong to.
In some embodiments, determining a second connection relationship in the target network according to the MAC addresses of terminal devices included in the MAC address table of each of the first ports in the target network comprises: for each of the first ports in the target network, performing the following: screening a third port out of first ports other than the first port in the target network, wherein the MAC address table of the third port and the MAC address table of the first port contain at least one identical MAC address; acquiring a corresponding first MAC address set of the first port, wherein the elements in the first MAC address set are MAC addresses of terminal devices in the MAC address table of the first port; for each of the third ports, acquiring a corresponding second MAC address set of the third port, wherein the elements in the second MAC address set are MAC addresses of terminal devices in the MAC address table of the third port; determining the connection relationship between the first port and the third port according to the inclusion relationship between the first MAC address set and each of the second MAC address sets and the inclusion relationship between the subsets of the first MAC address set and each of the second MAC address sets; and determining the second connection relationship in the target network according to the connection relationship between each of the first ports and the third port in the target network and the switches the first port and the third port belong to.
In some embodiments, acquiring a MAC address table of each port on each switch in a target network comprises acquiring a MAC address table of each port on each switch in the target network from a switch at the convergence layer and/or core layer of the target network, wherein a switch located at the core layer of the target network is connected with a switch located at the convergence layer of the target network, a switch located at the convergence layer of the target network is connected with a switch located at the access layer of the target network, and a switch located at the access layer of the target network is connected with terminal devices.
As another example, some embodiments include a network topology construction apparatus, characterized in that the apparatus comprises: a table acquisition module (21), used to acquire a MAC address table of each port on each switch in a target network, wherein the target network comprises at least two switches and at least one terminal device; a first relationship determination module (22), used to determine a first connection relationship in the target network according to the MAC addresses of terminal devices in the target network that are included in each MAC address table acquired by the table acquisition module (21), wherein the first connection relationship is used to represent a connection relationship between terminal devices and switches in a network; a port screening module (23), used to determine at least one first port according to the first connection relationship determined by the first relationship determination module (22) in the target network, wherein the first port is a port connected with no terminal device on each switch in the target network; a second relationship determination module (24), used to determine a second connection relationship in the target network according to the MAC addresses included in the MAC address table of each of first ports determined by the port screening module (23) in the target network, wherein the second connection relationship is used to represent a connection relationship between switches in a network; and a topology construction module (25), used to determine a network topology of the target network according to the first connection relationship determined by the first relationship determination module (22) and the second connection relationship determined by the second relationship determination module (24) in the target network.
In some embodiments, the first relationship determination module (22) comprises: a first matching unit (221), used for each MAC address table acquired by the table acquisition module (21) to determine that the port which the MAC address table belongs to is connected with a first terminal device if the MAC address table contains only one MAC address of the first terminal device in the target network and no other acquired MAC address tables containing MAC addresses completely the same as the MAC addresses included in the MAC address table exist; a second matching unit (222), used for each MAC address table acquired by the table acquisition module (21) to determine that the port which the MAC address table belongs to is connected with a second terminal device in the target network if the MAC address table contains at least two MAC addresses of the second terminal device; and an integration unit (223), used to determine a first connection relationship in the target network according to the connection relationship determined by the first matching unit (221) and the second matching unit (222) between terminal devices and ports of the switches in the target network and the ports included in each switch in the target network.
In some embodiments, the second relationship determination module (24) comprises: a determination unit (241), used to determine whether each port on each switch in the target network has a MAC address; a first relationship determination unit (242), used to determine the second connection relationship in the target network according to the MAC addresses of the ports of the switches included in the MAC address table of each of the first ports in the target network if the determination unit (241) determines that each port of each switch in the target network has a MAC address; and a second relationship determination unit (243), used to determine the second connection relationship in the target network according to the MAC addresses of terminal devices included in the MAC address table of each of the first ports in the target network if the determination unit (241) determines that at least one port of each switch in the target network has no MAC address.
In some embodiments, the second relationship determination unit (243) comprises: an address deletion subunit (2431), used for any switch in the target network to determine that the switch is a redundancy manager in the target network and delete the MAC addresses of all ports on the switch from the MAC address table of each first port if the MAC addresses of at least two ports on the switch are in the MAC address table of the same port on another switch in the target network; a first relationship determination subunit (2432), used for each of the first ports in the target network to determine that the first port is connected with a second port if the MAC address table of the first port contains a MAC address of the second port in the target network, wherein the first port and the second port are located on different switches in the target network; and a first integration subunit (2433), used to determine the second connection relationship in the target network according to the connection relationship determined by the first relationship determination subunit (2432) between each of the first ports and the second port in the target network and the switches the first port and the second port belong to.
In some embodiments, the second relationship determination unit (243) comprises: a port screening subunit (2434), used for each of the first ports in the target network to screen a third port out of first ports other than the first port in the target network, wherein the MAC address table of the third port and the MAC address table of the first port contain at least one identical MAC address; a first set construction subunit (2435), used for each of first ports in the target network to acquire a corresponding first MAC address set of the first port, wherein the elements in the first MAC address set are MAC addresses of terminal devices in the MAC address table of the first port; a second set construction subunit (2436), used for each of the third ports screened out by the port screening subunit (2434) to acquire a corresponding second MAC address set of the third port, wherein the elements in the second MAC address set are MAC addresses of terminal devices in the MAC address table of the third port; a second relationship determination subunit (2437), used to determine the connection relationship between the first port and the third port according to the inclusion relationship between the first MAC address set acquired by the first set construction subunit (2435) and each of the second MAC address sets acquired by the second set construction subunit (2436) and the inclusion relationship between the subsets of the first MAC address set acquired by the first set construction subunit (2435) and each of the second MAC address sets acquired by the second set construction subunit (2436); and a second integration subunit (2438), used to determine the second connection relationship in the target network according to the connection relationship determined by the second relationship determination subunit (2437) between each of the first ports and the third port in the target network and the switches the first port and the third port belong to.
In some embodiments, the table acquisition module (21) is used to acquire a MAC address table of each port on each switch in the target network from a switch at the convergence layer and/or core layer of the target network, wherein a switch located at the core layer of the target network is connected with a switch located at the convergence layer of the target network, a switch located at the convergence layer of the target network is connected with a switch located at the access layer of the target network, and a switch located at the access layer of the target network is connected with terminal devices.
In some embodiments, the apparatus comprises at least one memory (26) and at least one processor (27), wherein the at least one memory (26) is used to store a machine-readable program, and the at least one processor (27) is used to invoke the machine-readable program to execute the method as described herein.
As another example, some embodiments include a computer-readable medium, characterized in that computer instructions are stored in the computer-readable medium and a processor executes the method as described herein when the computer instructions are executed by the processor.
101: Acquire a MAC address table of each port on each switch in a target network
102: Determine a first connection relationship according to the MAC addresses of terminal devices included in each MAC address table
103: Determine at least one first port according to the first connection relationship in the target network
104: Determine a second connection relationship according to the MAC addresses included in the MAC address table of each of the first ports
105: Determine a network topology of the target network according to the first connection relationship and the second connection relationship in the target network 21: Table 22: First 23: Port screening acquisition module relationship module determination module 24: Second 25: Topology 221: First matching relationship construction module unit determination module 222: Second matching 223: Integration unit 241: Determination unit unit 242: First 243: Second 2431: Address relationship relationship deletion subunit determination unit determination unit 2432: First 2433: First 2434: Port relationship integration subunit screening subunit determination subunit 2435: First set 2436: Second set 2438: Second construction subunit construction subunit integration subunit 2437: Second 26: Memory 27: Processor relationship determination subunit
In some embodiments, a network topology construction method comprises: acquiring a media access control (MAC) address table of each port on each switch in a target network, wherein the target network comprises at least two switches and at least one terminal device; determining a first connection relationship in the target network according to the MAC addresses of terminal devices in the target network in each acquired MAC address table, wherein the first connection relationship is used to represent a connection relationship between terminal devices and switches included in a network; determining at least one first port according to the first connection relationship in the target network, wherein the first port is a port on each switch in the target network that is not connected with a terminal device; determining a second connection relationship in the target network according to the MAC addresses included in the MAC address table of each of the first ports in the target network, wherein the second connection relationship is used to represent a connection relationship between switches in a network; and determining a network topology of the target network according to the first connection relationship and the second connection relationship in the target network.
In some embodiments, a network topology construction apparatus comprises: a table acquisition module, used to acquire a MAC address table of each port on each switch in a target network, wherein the target network comprises at least two switches and at least one terminal device; a first relationship determination module, used to determine a first connection relationship in the target network according to the MAC addresses of terminal devices in the target network that are included in each MAC address table acquired by the table acquisition module, wherein the first connection relationship is used to represent a connection relationship between terminal devices and switches in a network; a port screening module, used to determine at least one first port according to the first connection relationship determined by the first relationship determination module in the target network, wherein the first port is a port connected without a terminal device on each switch in the target network; a second relationship determination module, used to determine a second connection relationship in the target network according to the MAC addresses included in the MAC address table of each of the first ports determined by the port screening module in the target network, wherein the second connection relationship is used to represent a connection relationship between switches in a network; and a topology construction module, used to determine a network topology of the target network according to the first connection relationship determined by the first relationship determination module and the second connection relationship determined by the second relationship determination module in the target network.
In some embodiments, a network topology construction apparatus, comprises at least one memory and at least one processor; the at least one memory is used to store a machine-readable program; and the at least one processor is used to invoke the machine-readable program to execute the method provided in the first aspect.
In some embodiments, a computer-readable medium stores computer instructions, and a processor executes the method provided in the first aspect when the computer instructions are executed by the processor.
In some embodiments, a target network comprises at least two switches and at least one terminal device, after the MAC address table of each port on each switch in the target network is acquired, a first connection relationship representing a connection relationship between terminal devices and switches in the target network can be determined according to the MAC addresses of terminal devices in each of the acquired MAC address table, first ports on each switch that are not connected with a terminal device can be determined according to the first connection relationship, a second connection relationship representing a connection relationship between switches in the target network can be determined according to the MAC addresses included in the MAC address table of each of the first ports, and then the network topology of the target network can be determined according to the first connection relationship and the second connection relationship.
Since the MAC addresses of terminal devices directly or indirectly connected with switch ports are recorded in the MAC address tables of switch ports, the first connection relationship between switches and terminal devices and the second connection relationship between switches in the target network can be derived according to the MAC address tables of ports on each switch in the target network, and then the network topology of the target network can be determined according to the first connection relationship and the second connection relationship. Thus, only the MAC address tables of ports on each switch in the target network need to be acquired and the network topology of the target network can be constructed according to the acquired MAC address tables. In this way, the degree of manual participation in the network topology construction is reduced, an incorrectly constructed network topology caused by an incorrect manual identification of physical connection relationships between devices in a network is avoided, and then the accuracy of the constructed network topology is improved.
In some embodiments, when the first connection relationship is determined according to the MAC addresses of terminal devices that are included in each of the acquired MAC address tables, the connection relationship between terminal devices and switches may be determined according to the number of MAC addresses of terminal devices in the MAC address table. Specifically, the first connection relationship may be determined in the following way: for each acquired MAC address table, if the MAC address table contains only one MAC address of a first terminal device in the target network and no other acquired MAC address tables containing MAC addresses completely the same as the MAC addresses included in the MAC address table exist, determine that the port which the MAC address table belongs to is connected with the first terminal device; if the MAC address table contains at least two MAC addresses of a second terminal device in the target network, determine that the port which the MAC address table belongs to is connected with the second terminal device; determine a first connection relationship in the target network according to the connection relationship between terminal devices and ports of the switches in the target network and the ports included in each switch in the target network.
In some embodiments, if a MAC address table contains only one MAC address of a first terminal device and no other MAC address tables containing MAC addresses completely the same as the MAC addresses in the MAC address table exist, it may be uniquely determined that the switch port which the MAC address table belongs to is connected with the first terminal device. If a MAC address table contains at least two MAC addresses of a second terminal device, it may also be determined that the switch port which the MAC address table belongs to is connected with the second terminal device. For a programmable logic controller (PLC), communication module or host computer supporting PROFIENT, a port usually corresponds to a plurality of MAC addresses, wherein one MAC address is bound to an IP address (the MAC address will appear in the MAC address tables of other switches) and other MAC addresses are used for LLDP/PN-PTCP/MRP communication. Therefore, when the MAC address table of a switch port contains a plurality of MAC addresses corresponding to a terminal device, the connection relationship between the terminal device and the switch port may be determined.
In some embodiments, when the second connection relationship is determined according to the MAC addresses included in the MAC address table of each of the first ports, the second connection relationship may be determined according to whether a port on a switch has a MAC address in different ways. Specifically, the second connection relationship may be determined in the following way: determine whether each port on each switch in the target network has a MAC address; if each port on each switch in the target network has a MAC address, determine the second connection relationship in the target network according to the MAC addresses of the ports of the switches included in the MAC address table of each of the first ports in the target network; if at least one port on each switch in the target network has no MAC address, determine the second connection relationship in the target network according to the MAC addresses of terminal devices in the MAC address table of each of the first ports in the target network.
In some embodiments, the following two cases may exist for a switch: In one case, each port on the switch itself does not have a MAC address (if a management port is provided for the switch, the management port has a MAC address), and in the other case, a MAC address is assigned to each port on the switch. When a switch in a target network is a switch in the first case, the second connection relationship may be determined according to the MAC addresses of terminal devices in the MAC address table of each first port, and when a switch in a target network is a switch in the second case, the second connection relationship may be determined according to the MAC addresses of the ports on switches in the MAC address table of each first port, and of course, the second connection relationship may also be determined according to the MAC addresses of terminal devices in the MAC address table of each first port. If each port on each switch has a MAC address, the MAC addresses of the ports on switches in the MAC address table of the first port may more directly reflect the connection relationship between switches. Thus, the second connection relationship may be determined quickly, and the network topology construction speed may be guaranteed. If not all ports on each switch have a MAC address, the connection relationship between switches may be derived according to the MAC addresses of terminal devices in the MAC address table of the first port. This is a universal way, so, even if each port on each switch has a MAC address, the second connection relationship may also be determined in this way.
In some embodiments, when the second connection relationship is determined according to the MAC addresses of the ports on switches in the MAC address table of each first port, the MAC addresses of ports of a redundancy manager in a target network may be first deleted from the MAC address table of each first port to eliminate interference of the redundancy manager, and then the second connection relationship may be determined according to the MAC addresses of the ports on switches in the MAC address table of each first port.
Specifically, the second connection relationship may be determined in the following way: for any switch in the target network, if the MAC addresses of at least two ports on the switch are in the MAC address table of the same port on another switch in the target network, determine that the switch is a redundancy manager in the target network and delete the MAC addresses of all ports on the switch from the MAC address table of each first port; for each of the first ports in the target network, if the MAC address table of the first port contains a MAC address of a second port in the target network, determine that the first port is connected with the second port, wherein the first port and the second port are located on different switches in the target network; and determine the second connection relationship in the target network according to the connection relationship between each of the first ports and the second port in the target network and the switches the first port and the second port belong to.
In some embodiments, the MAC addresses of at least two ports on a switch serving as a redundancy manager will appear in the MAC address table of the same port on another switch. The switch serving as a redundancy manager may be screened out of the switches according to this feature. After the MAC addresses of each port on the redundancy manager are deleted from the MAC address table of each first port, the MAC addresses of interconnected ports of two switches will appear in each of the respective MAC address tables. Based on this feature, the second connection relationship may be determined according to the MAC addresses of the ports of switches in the MAC address table of each first port. Since the MAC addresses of the ports of switches in each MAC address table may more intuitively reflect the connection relationship between switches, the connection relationship between switches in a target network may be quickly determined according to the MAC addresses of the ports of switches and the network topology construction efficiency may be improved.
In some embodiments, when the second connection relationship is determined according to the MAC addresses of terminal devices in the MAC address table of each first port, the second connection relationship may be determined according to the number of MAC addresses of terminal devices in the MAC address table of each first port and the number of MAC addresses of the same terminal device in the MAC address tables of different first ports.
Specifically, the second connection relationship may be determined in the following way: for each of the first ports in the target network, perform the following: screen a third port out of first ports other than the first port in the target network, wherein the MAC address table of the third port and the MAC address table of the first port contain at least one identical MAC address; acquire a corresponding first MAC address set of the first port, wherein the elements in the first MAC address set are MAC addresses of terminal devices in the MAC address table of the first port; for each of the third ports, acquire a corresponding second MAC address set of the third port, wherein the elements in the second MAC address set are MAC addresses of terminal devices in the MAC address table of the third port; determine the connection relationship between the first port and the third port according to the inclusion relationship between the first MAC address set and each of the second MAC address sets and the inclusion relationship between the subsets of the first MAC address set and each of the second MAC address sets; determine the second connection relationship in the target network according to the connection relationship between each of the first ports and the third port in the target network and the switches the first port and the third port belong to.
In some embodiments, the MAC addresses of terminal devices connected with a lower-layer switch will appear in the MAC address table of a port on an upper-layer switch. Therefore, a set consisting of MAC addresses in the MAC address table of a port on a lower-layer switch is a subset consisting of MAC addresses in a MAC address table of a port on an upper-layer switch. Based on this feature, the second connection relationship may be derived according to the MAC addresses of terminal devices in the MAC address table of each first port. Since different types of switches can acquire a MAC address table containing MAC addresses of terminal devices, the method of determining the second connection relationship is applicable to different types of networks and has high applicability.
In some embodiments, in the case of a MAC address table of each port on each switch in a target network, the MAC address table of each port on each switch in the target network may be acquired from a switch located at the convergence layer and/or core layer of the target network, wherein a switch located at the core layer of the target network is connected with a switch located at the convergence layer of the target network, a switch located at the convergence layer of the target network is connected with a switch located at the access layer of the target network, and a switch located at the access layer of the target network is connected with terminal devices.
In some embodiments, switches in a network may be classified into access layer switches, convergence layer switches and core layer switches. Access layer switches are used to connect terminal devices, convergence layer switches are used to connect access layer switches or terminal devices, and core layer switches are used to connect convergence layer switches or terminal devices. Usually, the number of access layer switches is greater than the number of convergence layer switches, and the number of convergence layer switches is greater than the number of core layer switches. Probes are deployed on convergence layer switches and/or core layer switches, and then the deployed probes are utilized to acquire the MAC address table of a port on a switch from convergence layer switches and/or core layer switches. On the one hand, the number of probes to be deployed to acquire MAC address tables can be reduced, and then the network topology construction efficiency can be improved and the network topology construction cost can be lowered. On the other hand, MAC address tables acquired from convergence layer switches and/or core layer switches can reflect the connection relationship between switches, and thus a complete network topology can be constructed, and the network topology construction solution can be applied to different types of networks.
As mentioned above, currently, when a network topology is constructed, connection relationships between devices in a network, for example, the connection relationship between switches and the connection relationship between switches and terminal devices, need to be manually identified. Then the network topology is constructed according to the identified connection relationships between various devices. When a network comprises a large number of switches and terminal devices, the connection relationship between switches and terminal devices in the network is very complicated. When the connection relationship between devices in the network is incorrectly identified, the constructed network topology will inevitably be incorrect. Therefore, the accuracy of a network topology constructed by the use of the prior method of constructing a network topology through manual identifications of connection relationships between devices in a network is low.
In some embodiments, the MAC address table of a port on a switch contains MAC addresses of terminal devices and the MAC addresses included in the MAC address table can reflect not only the connection relationship between switches and terminal devices, but also the connection relationship between switches. Therefore, the MAC address table of a port on each switch can be acquired from a target network, then the connection relationship between switches and terminal devices and the connection relationship between switches in the target network according to the MAC addresses in each acquired MAC address table can be determined, and then a network topology of the target network according to the connection relationship between switches and terminal devices and the connection relationship between switches can be constructed. Since no manual identification of connection relationships between devices in a network is required during network topology construction, a manual identification error is avoided. Thus, the accuracy of a constructed network topology is improved.
As shown in
Step 101: acquiring a MAC address table of each port on each switch in a target network, wherein the target network comprises at least two switches and at least one terminal device;
Step 102: determining a first connection relationship in the target network according to the MAC addresses of terminal devices in the target network that are included in each acquired MAC address table, wherein the first connection relationship is used to represent a connection relationship between terminal devices and switches in a network;
Step 103: determining at least one first port according to the first connection relationship in the target network, wherein the first port is a port connected with no terminal device on each switch in the target network;
Step 104: determining a second connection relationship in the target network according to the MAC addresses included in the MAC address table of each of the first ports in the target network, wherein the second connection relationship is used to represent a connection relationship between switches in a network;
Step 105: determining a network topology of the target network according to the first connection relationship and the second connection relationship in the target network.
In some embodiments, since the MAC addresses of terminal devices directly or indirectly connected with a switch are recorded in the MAC address table of a switch port, the first connection relationship between switches and terminal devices and the second connection relationship between switches in the target network can be derived according to the acquired MAC address tables after the MAC address table of each port on each switch is acquired from the target network, and then the network topology of the target network can be determined according to the first connection relationship and the second connection relationship. Thus, only the MAC address tables of ports on each switch in the target network need to be acquired and the network topology of the target network can be automatically constructed according to the acquired MAC address tables. In this way, the degree of manual participation in the network topology construction is reduced, an incorrectly constructed network topology caused by an incorrect manual identification of physical connection relationships between devices in a network is avoided, and then the accuracy of the constructed network topology is improved.
In some embodiments, a target network comprises switches and terminal devices, and the terminal devices may be devices having the network communication function, such as hosts, notebook computers, PLCs, communication modules and host computers. In addition, the target network may be an independent network or a part of a network, depending on the requirements for the network topology to be constructed. Therefore, an acquired MAC address table may possibly contain MAC addresses of switches or terminal devices in a network other than the target network. However, the MAC addresses of switches or terminal devices in a network other than the target network have no influence on the implementation of the solution. The MAC addresses of switches or terminal devices in a network other than the target network can be deleted from the acquired MAC address table, or the MAC addresses of switches or terminal devices in a network other than the target network can be used as a reference to construct and validate the network topology.
In some embodiments, when the MAC address table of each port on each switch in the target network is acquired, the MAC address table of each port on each switch can be acquired through the Simple Network Management Protocol (SNMP). Specifically, configuration information complying with the Management Information Base (MIB) framework can be acquired through the SNMP, and then the MAC address table of each port on each switch can be extracted from the acquired configuration information.
In some embodiments, on the basis of the network topology construction method shown in
(1) When a port on a switch is directly connected with a terminal device (other than a switch), the corresponding MAC address set of a corresponding port in the MAC address table of the switch should contain only one MAC address.
(2) For devices supporting PROFIENT (for example, PLC, communication module or host computer), a port usually corresponds to a plurality of MAC addresses, one MAC address is bound to an IP address (the MAC address will appear in the MAC address tables of other switches) and other MAC addresses are used for LLDP/PN-PTCP/MRP communication. Through the SNMP, the MAC address bound to an IP address can be obtained by accessing ifPhysAddress.1, and the other MAC addresses can be obtained by accessing ifPhysAddress.2/3 . . . .
Therefore, the terminal device connected to a port on a switch can be determined according to whether the MAC address table of the port on the switch contains a plurality of MAC addresses corresponding to the same terminal device.
(3) It can be determined that a terminal device is not directly connected to a port on the first switch by determining whether the MAC address table of the port on the switch contains MAC addresses of the terminal device and MAC addresses of ports on other switches.
In some embodiments, the second connection relationship representing the connection relationship between switches can be determined in two ways according to whether a port on each switch in the target network has a MAC address. When each port on each switch in the target network has a MAC address, the second connection relationship can be determined according to the MAC addresses of the ports on switches in each acquired MAC address table, and when the ports on some switches or all switches in the target network have no MAC addresses, the second connection relationship can be determined according to the MAC addresses of terminal devices in each acquired MAC address table.
Below, embodiment 1 is given to describe in detail the method of determining the second connection relationship according to the MAC addresses of terminal devices in each MAC address table, and embodiment 2 is given to describe in detail the method of determining the second connection relationship according to the MAC addresses of the ports on switches in each MAC address table.
1. Initialization Initialize list_of_mac_set=[] (list of MAC address set);
Initialize switch_to_endpoint=[] (list of (direct) connections between terminal devices and switches);
Initialize switch_to_switch=[] (ports connected between switches);
Initialize the network topology which comprises all n switches S1 and all terminal devices, with no connection between switches and terminal devices.
2. Preprocess input data and obtain a list_of_mac_set (list of MAC address tables of ports on each switch). Table 1 is a list_of_mac_set (list of MAC address tables).
3. For data in list_of_mac_set, identify connections between switches and terminal devices (other than connections between switches) and save the connections in switch_to_endpoint.
1) When a port on a switch is directly connected with an IT device (other than a switch), the corresponding MAC address set of a corresponding port in the MAC address table of the switch should contain only one MAC address.
2) For devices supporting PROFIENT (including PLC, communication module or host computer), a port usually corresponds to a plurality of MAC addresses, one MAC address is bound to an IP address (the MAC address will appear in the MAC address tables of other switches) and other MAC addresses are used for LLDP/PN-PTCP/MRP communication. Through the SNMP, the MAC address bound to an IP address can be obtained by accessing ifPhysAddress.1, and the other MAC addresses can be obtained by accessing ifPhysAddress.2/3 . . . .
Therefore, the terminal device connected to a port on a switch can be determined according to whether the MAC address table of the port on the switch contains a plurality of MAC addresses corresponding to the same device.
3) It can be determined that a terminal device is not directly connected to a port on the first switch by determining whether the MAC address table of the port on the switch contains the MAC address of the terminal device (for example, S623) and MAC addresses of ports on other switches;
connect the identified terminal device to the corresponding switch in the network topology and add S1={Dj, Dk, . . . } (set of terminal devices directly connected to the switch) to switch_to_endpoint.
If a terminal device appears in the MAC address table of a port on a plurality of switches and the MAC address table of the port contains only the MAC address (for example, S1Pj={Dk}) of the terminal device, the switch which the terminal device is connected to cannot be determined temporarily. In this case, let all such MAC address tables of switch ports form an (equivalent) set {S1Pj={Dk}, . . .} and add it to the end of switch_to_endpoint.
4. Extract MAC address sets of ports not connected to terminal devices on each switch from Table 1 and mark them with S1Pj, wherein S1 is a switch number and Pj is a port number on a switch. Add S1P={Dk, D1, . . . } to switch_to_switch.
Two cases exist for a current switch. In one case, each port on the switch has no MAC address (if a management port is provided for the switch, the management port has a MAC address), and in the other case, a MAC address is assigned to each port on the switch. Through the SNMP, the MAC address of each port can be similarly obtained by accessing OIDifPhysAddress (1.3.6.1.2.1.2.2.1.6).1 of the switch. Therefore, the realization of the algorithm requires that those addresses should be filtered out when switch_to_switch is constructed.
5. Derive the connection relationship between switches based on the equivalent relationship.
1) Take (simultaneously delete) a first Sx out of switch_to_endpoint.
2) If Sx is a set of switches in the form of Sx={. . . }, then:
2.1) search switch_to_switch for Sx (set of included devices)
2.2) if the unique SyPz (set of included devices) in switch_to_switch is the same as Sx, that is to say, SyPz=Sx, delete SyPz={D1, . . . } from switch_to_switch and detect whether the connection between switches Sx and Sy in the current network topology has been determined,
if the connection relationship has not been determined, go to step 4);
if the connection relationship has been derived, go to step 6);
2.3) if more than two elements are matched in switch_to_switch, that is to say, a plurality of SyPz satisfy SyiPz=Sx, i=1, 2, . . . (multiple equivalent relationships), then check the current network topology, and if the network connections between Sx and a plurality of switches Syi have been derived, directly delete the (multiple) equivalent relationship(s) and go to step 6);
otherwise, the connection relationship between the switch Sx and a plurality of switches Syi cannot be determined currently. Thus, delete each SyiPz from switch_to_switch, generate an equivalence class set {Sy1Pz=Sx, Sy2Pv=Sx, . . . }, add it to the end of switch_to_endpoint, and go to step 6);
2.4) If no result is obtained after Sx is matched in the complete set, it is necessary to further perform matching in the subset.
Search switch_to_switch for the subset S′⊆Sx of Sx in the decreasing sequence of the sizes of subsets.
If the unique SyPz (set of included devices) in switch_to_switch is the same as S′, that is to say, SyPz=S′, go to step 2.2) for similar processing.
If more than two elements are matched in switch_to_switch, go to step 2.3) for similar processing.
2.5) If switch_to_switch contains no element corresponding to Sx (and the subset), put Sx back to the end of switch_to_endpoint and go to step 6).
3) If Sx is an equivalence class set in the form of {SyPz={D1}/S1, SuPv={Dj}/S1, . . . }, then
3.1) Starting from the first equivalent relationship in the equivalence class set, attempt to check the current equivalent relationship one by one.
3.2) Check the current equivalent relationship, and if the relationship is satisfied in the current network topology, skip the relationship and go back to step 3.1) to select the next equivalent relationship.
3.3) For the current equivalent relationship SyPz={D1}/S1, attempt to connect a target device or switch D1/S1 to the port Pz on the switch Sy.
3.4) Check whether the current assumption is reasonable according to list_of_mac_set, including:
whether the port Pz on the switch Sy has been occupied by other connections so that it cannot be used to connect D1/S1, and whether the switch Sy also has (or already has had) a port connecting another switch Su so that such an equivalence class can be formed.
3.5) If the assumptions are unreasonable, go to step 3.1) to attempt to check the next assumption.
3.6) If the current assumption is reasonable, then save the field (including current network topology, switch_to_endpoint, switch_to_switch, current equivalence class set, and selections made currently) selected for the equivalence class.
Delete processed assumed relationships (including skipped and selected assumed relationships) from the equivalence class set. For the remaining equivalence class sets, if they are null, directly go to step 4); if only one relationship exists in an equivalence class set, add the relationship to switch_to_switch, and otherwise, put the modified equivalence class set back at the end of switch_to_endpoint. Then go to step 4).
3.7) If none of equivalent relationships in the equivalence class set hold, put equivalent relationships back at the end of switch_to_endpoint, and continue derivations after more information is obtained from further derivations. Go to step 6).
4) Connect the switch Sx to the port Pz on the switch Sy in the network topology. Determine the port on the switch Sx which the port Pz on the switch Sy is connected to according to the corresponding MAC address set of each port on the switch Sx in list_of_mac_set (it is possible that the port cannot be determined).
5) Update the set of devices connected to a switch.
Merge the set of devices connected to the switch Sx into Sy. If Sy already exists in switch_to_endpoint, update Sy (=original Sy+Sx); if switch_to_endpoint does not contain Sy, add the merged Sy to the end of switch_to_endpoint.
Likewise, merge the set of devices connected to Sy into Sx, if Sx already exists in switch_to_endpoint, update Sx (=original Sx+Sy); if switch_to_endpoint does not contain Sx, add the merged Sx to the end of switch_to_endpoint.
6) If switches in the current network topology have been connected to form a complete topology, the algorithm ends; otherwise, the algorithm goes back to step 1) to continue performing processing.
If switch_to_endpoint is null and the switches are still not connected to form a complete topology, take the field saved for the latest equivalence class set selection, discard the previous selection, and make an attempt on the reselected equivalent relationship. If a topology cannot be constructed yet, go back to an earlier equivalence class set selection until a complete topology is constructed. Or a complete topology cannot be constructed after attempts are made on all equivalence class sets and the algorithm also ends at this moment.
It should be noted that in the network topology construction method provided by embodiment 1, when at least two terminal devices are connected to an access switch, the algorithm can accurately and completely construct a network topology (embodiment 1) consistent with the actual network connection condition; when only one (or even no) terminal device is connected to an access switch, the algorithm can still derive a complete network topology (embodiment 2), but the network topology, possibly inconsistent with the actual network connection condition, is an equivalent network topology.
1. Initialization Initialize list_of_mac_set=[] (list of MAC address set); initialize the network topology which comprises all n switches S1 and all terminal devices, with no connection between switches and terminal devices.
2. Preprocess input data (MAC address tables of each port on each switch acquired through the SNMP and the MAC address of the port) and obtain (address table) the MAC address table list_of_mac_set of each port on each switch.
3. Determine the connections between switches and terminal devices according to the MAC address table of each port on each switch:
1) The terminal device connected to a port on a switch can be determined according to whether the MAC address table of the port on the switch contains a plurality of MAC addresses corresponding to the same device.
2) It can be determined that a terminal device is not directly connected to a port on the first switch by determining whether the MAC address table of the port on the switch contains MAC addresses of the terminal device and MAC addresses of ports on other switches.
4. Remove all MAC addresses other than MAC addresses of switch ports from list_of_mac_set, including:
1) MAC addresses of terminal devices;
2) MAC address of the management port of switches;
3) other unrelated MAC addresses.
Then obtain list_of_mac_set only associated with the connections between switches.
5. Derive the connection relationship between switches according to the addresses in the MAC address table of each port on each switch.
In an industrial control network, a ring network consisting of a plurality of switches is often supported so as to realize high reliability of the network. Logically, the network is not a ring (a backup link in the ring is not used for actual communication), but when a point in the network is interrupted, the link for backup will be started to recover the connections between switches. To construct and maintain such a ring network, it is necessary to configure a switch in the ring network as a management node (redundancy manager). The MAC addresses of the ports on the switch will be broadcast to the MAC address tables of different ports on all switches in the ring network. According to this feature, it is very easy to rule out such MAC addresses.
Therefore, the switches in the network are analyzed one by one according to list_of_mac_set generated after step 4:
1) The corresponding MAC address table of each port on the current switch is analyzed. If different ports on the switch all have MAC addresses of (different) ports on the same switch, the switch can be determined to a redundancy manager and the MAC addresses of the ports can be ruled out.
2) For each port whose MAC address table is not null on the current switch (the MAC address table contains only one MAC address in this case), it can be derived that the current port on the current switch is connected to the corresponding port (on another switch) of the MAC address.
The above-mentioned processing is performed repeatedly until all ports on all switches in list_of_mac_set are processed. So far, all switches have been connected to form a complete topology.
The network topology construction method provided by embodiment 1 and embodiment 2 is further described in detail below in combination with specific embodiments. Wherein, embodiments 3, 4 and 5 correspond to embodiment 1, and the second connection relationship is determined according to the MAC addresses of terminal devices in each MAC address table during a network topology construction; embodiment 6 corresponds to embodiment 2, and the second connection relationship is determined according to the MAC addresses of the ports on switches in each MAC address table during a network topology construction.
In the present embodiment, the network topology to be monitored is assumed to be what is shown in
Supposing that the MAC address table of each switch is obtained in advance through an SNMP detection, then the derivation process of the network topology is as follows:
1. Initialize list_of_access_switch=[], switch_to_endpoint=[], and switch_to_switch=[], and initialize the network topology, as shown in
2. Organize data in the MAC address tables of switch ports obtained through an SNMP detection to obtain list_of_mac_set shown in Table 2.
3. Identify the terminal device D1, i=1 . . . 11, and connect it to the corresponding switch in the network topology, as shown in
Construct (list of MAC address sets of an access switch) switch_to_endpoint=[S1={D1, D2}, S2={D3, D4}, S3={D5, D6}, S4={D7, D8}, S5={D9, D10}, S6={D13, D14}, S8={D12}, {S2P3={D11}, S7P2={D11}}]
4. Construct switch_to_switch (list of MAC address sets between switches) switch_to_switch=[S1P3={D11, D12, D13, D14}, S3P3={D11, D13, D14}, S4P3={D12, D13, D14}, S5P3={D11, D12}, S6P3={D1, D2, D5, D6, D7, D8, D11, D12}, S7P1={D1, D2}, S7P3={D3, D4}, S7P4={D5, D6}, S7P5={D12, D13, D14}, S8P2={D7, D8}, S8P3={D9, D10}, S8P4={D11, D13, D14}, S9P1={D13, D14}, S9P2={D1, D2, D5, D6, D7, D8, D11, D12}, S10P1={D1, D2, D5, D6, D11}, S10P2={D7, D8, D9, D10, D12}, S10P3={D13, D14}]
5. Derive the connection relationship between switches based on the equivalent relationship.
(1) Take S1={D1, D2} out of switch_to_endpoint, first search switch_to_switch for elements equivalent to {D1, D2} and find a unique S7P1={D1, D2}, then in the network topology, connect the switch S1 to the port P1 on the switch S7. According to the list_of_mac_set of the ports on the switch S1, the port P1 on the switch S7 can be connected only to the port P3 on the switch S1.
Delete S7P1={D1, D2} from switch_to_switch.
Since switch_to_endpoint originally does not contain S7, add S7={D1, D2} to the end of switch_to_endpoint.
(2) Take S2={D3, D4}, S3={D5, D6}, S4={D7, D8} and S5={D9, D10} out of switch_to_endpoint in turn and similarly perform corresponding processing (differently, switch_to_endpoint already contains S7, and the new device is added to the existing set S7 at this time) to obtain the network topology shown in
(3) Take S6={D13, D14} out of switch_to_endpoint and search switch_to_switch for elements equivalent to {D13, D14}. Two elements S9P1={D13, D14} and S10P3={D13, D14} are matched. At this time, it is impossible to determine whether the switch S6 is connected to the switch S9 or the switch S10. Thus, it is necessary to create an equivalence class set {S9P1=S6, S10P3=S6} and add it to the end of switch_to_endpoint.
At this time, switch_to_endpoint=[S8={D12, D7, D8, D9, D10}, {S2P3={D11}, S7P2={D11}}, S7={D1, D2, D3, D4, D5, D6}, {S9P1=S6, S10P3=S6}]; switch_to_switch=[S1P3={D11, D12, D13, D14}, S3P3={D11, D13, D14}, S4P3={D12, D13, D14}, S5P3{D11, D12}, S 6P3={D1, D2, D5, D6, D7, D8, D11, D12}, S7P5={D12, D13, D14 } S8P4={D11, D13, D14}, S9P2={D1, D2, D5, D6, D7, D8, D11, D12}, S10P1={D1, D2, D5, D6, D11}, S10P2={D7, D8, D9, D10D12}, S9P1{D13, D14}, S10P3{D13, D14}].
(4) Take S8={D12, D7, D8, D9, D10} out of switch_to_endpoint and search switch_to_switch for corresponding equivalent elements. Only S10P2={D7, D8, D9, D10, D12} is matched.
Connect the switch S8 to the port P2 on the switch S10 in the network topology.
Delete S10P2={D7, D8, D9, D10, D12} from switch_to_switch. Since switch_to_endpoint originally does not contain S7, add S10={D7, D8, D9, D10, D12} to the end of switch_to_endpoint.
(5) Take an equivalence class set {S2P3={D11}, S7P2={D11}} out of switch_to_endpoint and make inferences in turn.
First assume that D11 is connected to the port P3 on the switch S2. From the previous inference, it can be learned that the port is already used for connecting the switch S7 and thus the assumption is infeasible.
Then assume that D11 is connected to the port P2 on the switch S7. Since it has been inferred that the port P3 on the switch S2 is connected to the port P3 on the switch S7, it is natural to obtain S2P3={D11}. Therefore, the assumption holds.
Based on the above-mentioned derivation, connect the device D11 to the port P2 on the switch S7 in the network topology, and add D11 to S7 in switch_to_endpoint.
(6) Take S7={D1, D2, D3, D4, D5, D6, D11} out of switch_to_endpoint and search switch_to_switch for corresponding equivalent elements. No element is matched.
Further, search switch_to_switch for the subsets of S7 (in a decreasing sequence of the sizes of the subsets). Only S10P1={D1, D2, D5, D6, D11} can be matched.
Connect the switch S7 to the port P1 on the switch S10 in the network topology.
Delete S10P1={D1, D2, D5, D6, D11} from switch_to_switch.
Add {D1, D2, D5, D6, D11} to the set S10 in switch_to_endpoint. Now, the network topology is shown in
(7) Take an equivalent relationship {S9P1=S6, S10P3=S6} out of switch_to_endpoint and make inferences in turn.
First assume that the switch S6 is connected to the port P3 on the switch S10. Then, the equivalent relationship {S9P1=S6, S10P3=S6} possibly appears only when the switch S9 is still connected to the switch S10. However, the switch S10 has three network ports in total according to list_of_mac_set, one is connected to the switch S7, one is connected to the switch S8, and it is impossible that the remaining port is simultaneously connected to the switch S6 and the switch S9. Therefore, the assumption does not hold.
Assume that the switch S6 is connected to the port P1 on the switch S9. No evidence shows that the assumption is contradictory.
Based on the above-mentioned derivation, connect the device D6 to the port P1 on the switch S9 in the network topology, and add S9={D13, D14} to the end of switch_to_endpoint.
(8) Take S10={D1, D2, D5, D6, D11, D7, D8, D9, D10, D12} out of switch_to_endpoint and search switch_to_switch for corresponding equivalent elements. No element is matched.
Further, search switch_to_switch for subsets of S10 (in a decreasing sequence of sizes of the subsets). Wherein, the subset {D1, D2, D5, D6, D7, D8, D11, D12} can match two elements: S6P3={D1, D2, D5, D6, D7, D8, D11, D12} and S9P2={D1, D2, D5, D6, D7, D8, D11, D12}.
An analysis shows that the two sets reflect the connection relationship between S9 and S6, obtained in step 7. Thus, delete S6P3={D1, D2, D5, D6, D7, D8, D11, D12} and S9P2={D1, D2, D5, D6, D7, D8, D11, D12} from switch_to_switch.
(9) Take S9={D13, D14} out of switch_to_endpoint and search switch_to_switch for elements equivalent to {D13, D14}. Two elements S9P1={D13, D14} and S10P3={D13, D14} are matched (again). Wherein, S9P1={D13, D14}, a reflection of the current S9={D13, D14}, is skipped. Thus, connect the switch S9 to the port P3 on the switch S10 in the network topology, and delete S9P1={D13, D14} and S10P3={D13, D14} from switch_to_switch.
At this time, switch_to_endpoint is null and all switches are mutually connected (to form an arbitrary reachable topology). The algorithm ends. It can be seen that the algorithm accurately derives the original network topology.
In the present embodiment, the network topology to be monitored is assumed to be what is shown in
Since the MAC address table of a port on a switch is associated with whether communication exists between devices, the following assumptions are made in the present embodiment:
D1 to D4 communicate with only D10,
D5 to D7 communicate with only D11,
and D8, D9, D10 and D11 communicate with each other.
Supposing that the MAC address table of each switch is obtained through an SNMP detection, then the derivation process of the network topology is as follows:
1. Initialize list_of_mac_set=[], switch_to_endpoint=[], and switch_to_switch=[], and initialize the network topology, as shown in
2. Organize data in the MAC address tables of switch ports obtained through an SNMP detection to obtain list_of_mac_set shown in Table 3.
3. Identify the terminal device D1, i=1 . . . 11, and connect it to the corresponding switch in the network topology, as shown in
Construct a list of MAC address sets of the access switch: switch_to_endpoint=[S2={D2, D3}, S4={D5, D6}, S6={D8, D9}, {S7P1={D1}, S1P1={D1}}, {S1P2={D10}, S2P3={D10}, S3P2={D10}, S7P2={D10}, S10P1={D10}, {S3P1={D4}, S7P4=}}, {S5P1={D7}, S8P3={D7}}, {S4P3={D11}, S5P2={D11}, S8P1={D11}, S10P2={D11}].
Since other devices, for example, D1 and DL4, simultaneously appear on ports of a plurality of switches, it is temporarily impossible to determine the switches which they are directly connected to.
4. Construct switch_to_switch (list of MAC address sets between switches) as follows:
switch_to_switch=[S6P3={D10, D11}, S7P3={D2, D3} S 8P2={D5, D6}, S8P4={D8, D9, D10}, S9P1={D8, D9}, S9P2={D10, D11}, S10P3={D8, D9}].
5. Derive the connection relationship between switches based on the equivalent relationship.
(1) Take S2={D2, D3} out of switch_to_endpoint, first search switch_to_switch for elements equivalent to {D1, D2} and find a unique S7P3={D2, D3}, then in the network topology, connect the switch S2 to the port P3 on the switch S7. According to the list_of_mac_set of the ports on the switch S2, the port P3 on the switch S7 can be connected only to the port P3 on the switch S2.
Delete S7P1={D1, D2} from switch_to_switch. Since switch_to_endpoint originally does not contain S7, add S7={D2, D3} to the end of switch_to_endpoint.
(2) Take S4={D5, D6} out of switch_to_endpoint, first search switch_to_switch for elements equivalent to {D5, D6} and find a unique S8P2={D5, D6}, then in the network topology, connect the switch S4 to the port P2 on the switch S8. According to the list_of_mac_set of the ports on the switch S4, the port P2 on the switch S8 can be connected only to the port P3 on the switch S4.
Delete S8P2={D5, D6} from switch_to_switch.
Since switch_to_endpoint originally does not contain S8, add S8={D5, D6} to the end of switch_to_endpoint.
(3) Take S6={D8, D9} out of switch_to_endpoint and search switch_to_switch for elements equivalent to {D8, D9}. Two elements S9P1={D8, D9} and S10P3={D8, D9} are matched. At this time, it is impossible to determine whether the switch S6 is connected to the switch S9 or the switch S10. Thus, it is necessary to create an equivalence class set {S9P1=S6, S10P3=S6} and add it to the end of switch_to_endpoint. Meanwhile, delete S9P1={D8, D9} and S10P3={D8, D9} from switch_to_switch.
(4) Take an equivalence class set {S7P1={D1}, S1P1={D1}} out of switch_to_endpoint and make inferences in turn.
First assume that D1 is connected to the port P1 on the switch S7. According to list_of_mac_set, the assumption currently may hold. Thus, save the existing selected field.
Based on the above-mentioned derivation, save the remaining S1P1={D1} in the equivalence class set into switch_to_switch.
Connect the device D1 to the port P1 on the switch S7 in the network topology.
Add D1 to S7 in switch_to_endpoint.
(5) Take an equivalence class set {S1P2={D10}, S2P3={D10}, S3P2={D10} S7P2={D10}, S10P1={D10}} out of switch_to_endpoint and make inferences in turn.
First assume that D10 is connected to the port P2 on the switch S1. According to list_of_mac_set, the assumption currently may hold.
Then, save the existing selected field.
Based on the above-mentioned derivation, add the remaining {S2P3={D10}, S3P2={D10}, S7P2={D10}, S10P1={D10}} in the equivalence class set to the end of switch_to_endpoint.
Connect the device D10 to the port P2 on the switch S1 in the network topology.
Since switch_to_endpoint originally does not contain S1, add S1={D10} to the end of switch_to_endpoint.
(6) Take an equivalent relationship {S3P1={D4}, S7P4={D4}} out of switch_to_endpoint and make inferences in turn.
First assume that D4 is connected to the port P1 on the switch S3. According to list_of_mac_set, the assumption currently may hold. Thus, save the existing selected field.
Based on the above-mentioned derivation, save the remaining S7P4={D4} in the equivalence class set into switch_to_switch.
Connect the device D4 to the port P1 on the switch S3 in the network topology.
Since switch_to_endpoint originally does not contain S3, add S3={D4} to the end of switch_to_endpoint.
(7) Take an equivalent relationship {S5P1={D7}, S8P3={D7}} out of switch_to_endpoint and make inferences in turn.
First assume that D7 is connected to the port P1 on the switch S5. According to list_of_mac_set, the assumption currently may hold. Thus, save the existing selected field.
Based on the above-mentioned derivation, save the remaining S8P3={D7} in the equivalence class set into switch_to_switch.
Connect the device D7 to the port P1 on the switch S5 in the network topology.
Since switch_to_endpoint originally does not contain S5, add S5={D7} to the end of switch_to_endpoint.
(8) Take an equivalent relationship {S4P3={D11}, S5P2={D11}, S8P1={D11}, S10P2={D11}} out of switch_to_endpoint and make inferences in turn.
First assume that D11 is connected to the port P3 on the switch S4. According to list_of_mac_set, it can be determined that the port P3 on the switch S4 is already connected to the switch S8, and therefore, the assumption does not hold.
Then assume that D11 is connected to the port P2 on the switch S5. According to list_of_mac_set, it can be determined that S5 has only two related ports and P1 is connected to D7. If P2 is connected to (another terminal device) D11, the switch has no network port to connect other switches. Thus, the current equivalence class set is formed. Therefore, the assumption does not hold, either.
Then assume that D11 is connected to the port P1 on the switch S8. According to list_of_mac_set, the assumption holds. Thus, save the existing selected field.
Based on the above-mentioned derivation, add the remaining {S4P3={D11}, S5P2={D11}, S10P2={D11}} in the equivalence class set to the end of switch_to_endpoint. Connect the device D11 to the port P1 on the switch S8 in the network topology.
Merge S8={D11} into S1 in switch_to_endpoint.
(9) Take S7={D2, D3, D1} out of switch_to_endpoint and search switch_to_switch for elements equivalent to {D2, D3, D1}. No element is found.
Thus, construct the subset of {D2, D3, D1} in a decreasing sequence of the sizes of subsets and search switch_to_switch for the corresponding subset. Finally, a unique S1P1={D1} is found according to {D1}. Then, in the network topology, connect the switch S7 to the port P1 on the switch S1. According to the list_of_mac_set of the ports on the switch S7, the port P1 on the switch S1 can be connected only to the port P2 on the switch S7.
Since S1={D10}, it is natural to expand S7={D2, D3, D1, D10}. Add it to the end of switch_to_endpoint.
Delete S1P1={D1} from switch_to_switch.
Merge D1 into S1 in switch_to_endpoint.
(10) Take S8={D5, D6, D11} out of switch_to_endpoint and search switch_to_switch for elements equivalent to {D5, D6, D11} and the subsets thereof. No element is found. Thus, put S8={D5, D6, D11} back to the end of switch_to_endpoint.
(11) Take an equivalent relationship {S9P1=S6, S10P3=S6} out of switch_to_endpoint and make inferences in turn.
First assume that S6 is connected to the port P1 on the switch S9. According to list_of_mac_set, the assumption holds. Thus, save the existing selected field.
Based on the above-mentioned derivation, save the remaining S10P3={D8, D9} in the equivalence class set into switch_to_switch.
Connect the switch S6 to the port P1 on the switch S9 in the network topology.
Add S9={D8, D9} to the end of switch_to_endpoint.
(12) Take an equivalent relationship {S2P3={D10}, S3P2={D10}, S7P2={D10}, S10P1={D10}} out of switch_to_endpoint and make inferences in turn.
Since it has been inferred that D10 is connected to the switch S1, the switch S1 is connected to the switch S7 and the switch S7 is connected to the switch S2 in the existing network topology, S2P3={D10} is satisfied and can be skipped.
For S3P2={D10}, first assume that the device is directly connected to the switch S1. According to list_of_mac_set, the assumption does not hold. Then assume that the device is connected to the switch S7. According to the available information, the assumption holds. According to list_of_mac_set, it can also be derived that the switch S3 is connected to the port P4 on the switch S7.
Based on the above-mentioned derivation, save the remaining S10P1={D10} in the equivalence class set into switch_to_switch and delete S7P4={D4} from switch_to_switch. Connect the switch S3 to the port P4 on the switch S7 in the network topology.
Add S3={D4, D10} and S3={D4} to the end of switch_to_endpoint.
(13) Take S1={D10, D1} out of switch_to_endpoint and search switch_to_switch for elements equivalent to {D10, D1} and the subsets thereof. No element is found. Thus, put S1={D10, D1} back to the end of switch_to_endpoint.
(14) Take an equivalent relationship {S4P3={D11}, S5P2={D11}, S10P2={D11}} out of switch_to_endpoint and make inferences in turn.
Since it has been inferred that D11 is connected to the switch S8 and the switch S4 is connected to the switch S8 according to the existing network topology, S4P3={D11} is satisfied and can be skipped.
For S5P2={D11}, first assume that the device is directly connected to the switch S8. According to list_of_mac_set, the assumption holds. According to list_of_mac_set, it can also be derived that the switch S5 is connected to the port P3 on the switch S8.
Based on the above-mentioned derivation, save the remaining S10P2={D11} in the equivalence class set into switch_to_switch.
Connect the switch S5 to the port P3 on the switch S8 in the network topology.
Add S5={D7, D11} and S8={D7} to switch_to_endpoint.
(15) Take an equivalent relationship {S4P3={D11}, S5P2={D11}, S10P2={D11}} out of switch_to_endpoint and make inferences in turn.
Since it has been inferred that D11 is connected to the switch S8 and the switch S4 is connected to the switch S8 according to the existing network topology, S4P3={D11} is satisfied and can be skipped.
Similarly, S5 is connected to S8 according to the existing network topology. Thus, S5P2={D11} is satisfied and can be skipped.
For S10P2={D11}, first assume that the device is directly connected to the switch S8. According to list_of_mac_set, the assumption holds. According to list_of_mac_set, it can also be derived that the switch S10 is connected to the port P4 on the switch S8.
Based on the above-mentioned derivation, connect the device S10P2 to the port P4 on the switch S8 in the network topology.
Add S10={D5, D6, D11, D7} to switch_to_endpoint.
(16) Take S7={D2, D3, D1, D4, D10} out of switch_to_endpoint and search switch_to_switch for elements equivalent to {D2, D3, D1, D4, D10}. No element is found.
Thus, construct the subset of {D2, D3, D1, D4, D10} in a decreasing sequence of the sizes of subsets and search switch_to_switch for the corresponding subset. Finally, a unique S10P2={D11} is found according to {D11}. Then, in the network topology, connect the switch S7 to the port P1 on the switch S10. According to the list_of_mac_set of the ports on the switch S7, the port P1 on the switch S10 can be connected only to the port P4 on the switch S7.
Thus, S10={D2, D3, D1, D4, D10} can be expanded into switch_to_endpoint.
Delete S10P2={D11} from switch_to_switch.
Merge D1 into S1 in switch_to_endpoint.
(17) Take S8={D5, D6, D11, D7} out of switch_to_endpoint and search switch_to_switch for elements equivalent to {D5, D6, D11, D7}. No element is found.
Thus, construct the subset of {D5, D6, D11, D7} in a decreasing sequence of the sizes of subsets and search switch_to_switch for the corresponding subset. Finally, a unique S8P3={D7} is found according to {D11}. Then, in the network topology, the switch S8 is already connected to the switch S10 and thus can be skipped.
(18) Take S9={D8, D9} out of switch_to_endpoint and search switch_to_switch for elements equivalent to {D8, D9}. The unique S10P3={D8, D9} is matched. Then, connect the switch S9 to the port P3 on the switch S10 in the network topology.
In addition, according to the ports of S9 (according to list_of_mac_set), the port P1 of S190 can be connected only to the port P3 of the switch S10.
Thus, S10={D8, D9} can be expanded into switch_to_endpoint.
Delete S10P3={D8, D9} from switch_to_switch.
So far, all switches have been connected to form an integral body. The algorithm ends. The obtained network topology is shown in
This topology is equivalent to the original topology. The only difference is that the switches which D1 and D10 are connected to are different. It is very easy to manually adjust the difference to obtain an accurate original topology.
The network adopted in the present embodiment is a common operational technology (OT) network consisting of a plurality of switches.
1. Initialize list_of_mac_set=[], switch_to_endpoint=[], and switch_to_switch=[], and initialize the network topology, as shown in
2. Organize data in the MAC address tables of switch ports obtained through an SNMP detection to obtain list_of_mac_set shown in Table 4, and map it into symbols of corresponding devices (obtained through the SNMP detection).
In the present embodiment, the ports on each switch and the management port on the switch have their own MAC addresses, and the MAC addresses also appear in the MAC address table of each port on each switch. The MAC address in the form of “XX-XX-XX-XX-XX-XX SmPn” represents the MAC address of the port n on the switch m.
The algorithm commonly utilizes terminal devices in the MAC address tables of switches for analyses, instead of utilizing the MAC addresses of ports on switches to derive the connection relationship between switches. However, port information of switches can help to determine whether a terminal device is directly connected to a switch. For example, although the switch S623 appears on a port on each switch, only the port S6P3 has the MAC address of the switch S623 and the other ports on which the switch S623 appears also have MAC addresses of other ports. Thus, it can be inferred that the switch S623 is directly connected to the port S6P3.
The list_of_mac_set obtained after the MAC address of the switch is removed (again) is shown in Table 5.
3. Identify the terminal device D1, i=1 . . . 11, and connect it to the corresponding switch in the network topology, as shown in
Construct a list of MAC address sets of the access switch:
switch_to_endpoint=[S1={CP443(1), CP443(2)}, S2={CP1543}, S3={CP343(1)}, S4={HP, CP343(2)}, S5={1214}, S6={S623}].
4. Construct switch_to_switch list of MAC address sets between switches as follows:
switch_to_switch=[S1P1={S623}, S1P2={1214, HP}, S2P1={S623}, S2P2={CP44 3(1), CP443(2), 1214, Hp}, S3P1={S623}, S3P2={CP1543, CP443(1), CP443(2), 1214,HP}, S4P1={S623}, S5P1={S623}, S5P2={HP}, S6P2={CP1543, CP343 (1), CP 443 (1), CP443 (2), 1214, HP}].
5. Derive the connection relationship between switches based on the equivalent relationship.
(1) Take S1={CP443(1),CP443(2)} out of switch_to_endpoint and search switch_to_switch for elements equivalent to {CP443(1),CP443(2)} and the subsets thereof. No element is found. Thus, put S1={CP443(1),CP443(2)} back to the end of switch_to_endpoint.
(2) Take S2={CP1543} out of switch_to_endpoint and search switch_to_switch for elements equivalent to {CP1543}. No element is found. Thus, put S2={CP1543} back to the end of switch_to_endpoint.
(3) Take S3={CP343(1)} out of switch_to_endpoint and search switch_to_switch for elements equivalent to {CP343(1)}. No element is found. Thus, put S3={CP343(1)} back to the end of switch_to_endpoint.
At this time, switch_to_endpoint=[S4={HP,CP343(2)}, S5={1214}, S6={S623}, S1={CP443 (1),CP443(2)}, S2={CP1543}, S3={CP343(1)}] switch_to_switch=[S1P1={S623}, S1P2={1214,HP},S2P1={S623},S2P2={CP443 (1),CP443(2),1214,Hp}, S3P1={S623},S3P2={CP1543,CP443(1),CP443(2), 1214,HP}, S4P1={S623}, S5P1={S623}, S5P2={HP},S6P2={CP1543,CP343(1),CP443 (1),CP443(2),1214,HP}
(4) Take S4={HP,CP343(2)} out of switch_to_endpoint and search switch_to_switch for elements equivalent to {HP,CP343(2)}. No element is found.
Thus, construct the subset of {HP,CP343(2)} in a decreasing sequence of the sizes of subsets and search switch_to_switch for the corresponding subset. Finally, a unique S5P2={HP} is found according to {HP}. Then, connect the switch S4 to the port P2 on the switch S5 in the network topology.
Thus, S5={1214,HP,CP343(2)} can be expanded into switch_to_endpoint.
Delete S5P2={HP} from switch_to_switch.
At this time, switch_to_endpoint=[S5={1214,HP,CP343(2)}, S6={S623}, S1={CP443(1), CP443(2)}, S2={CP1543}, S3={CP343(1)}] switch_to_switch=[S1P1={S623},S1P2={1214,HP},S2P1={S623},S2P2={CP443 (1),CP443(2),1214,Hp}, S3P1={S623},S3P2={CP1543,CP443(1),CP443(2), 1214,HP},S4P1={S623}, S5P1={S623}, S6P2={CP1543,CP343(1),CP443(1),CP443 (2),1214,HP}]
(5) Take S5={1214,HP,CP343(2)} out of switch_to_endpoint and search switch_to_switch for elements equivalent to {1214,HP,CP343(2)}. No element is found.
Thus, construct the subset of {1214,HP,CP343(2)} in a decreasing sequence of the sizes of subsets and search switch_to_switch for the corresponding subset. Finally, a unique S1P2={1214,HP} is found according to {1214,HP}. Then, connect the switch S5 to the port P2 on the switch S1 in the network topology.
Thus, S5={CP443(1),CP443(2),1214,HP,CP343(2)} can be expanded into switch_to_endpoint.
Delete S1P2={1214,HP} from switch_to_switch.
According to the operation described in step 5.5 of the algorithm, S1 should be expanded and S5 should be deleted. After the operations, the following are obtained: switch_to_endpoint=[S6={S623}, S1={CP443(1),CP443(2),1214,HP,CP343(2)}, S2={CP1543},S3={CP343(1)}]; switch_to_switch=[S1P1={S623}, S2P1={S623}, S2P2={CP443(1),CP443(2), 1214,HP},S3P1={S623}, S3P2={CP1543,CP443(1),CP443(2),1214,HP},S4P1={S623}, S5P1={S623}, S6P2={CP1543,CP343(1),CP443(1),CP443(2),1214,HP}];
(6) Take S6={S623} out of switch_to_endpoint and search switch_to_switch for elements equivalent to {S623}. A plurality of elements:
S1P1={S623}, S2P1={S623}, S3P1={S623}, S4P1={S623}, S5P1={S623} are matched.
At this time, it is impossible to determine the connection relationship between switches according to S623. Thus, create an equivalence class set {S1P1={S623}, S2P1={S623}, S3P1={S623}, S4P1={S623}, S5P1={S623}56 , add it to the end of switch_to_endpoint, and delete S1P1={S623}, S2P1={S623}, S3P1={S623}, S4P1={S623}, S5P1={S623} from switch_to_switch.
According to the step described in section 5.2.3 of the algorithm, generate an equivalence class set {S1P1=S6,S2P1=S6, S3P1=S6, S4P1=S6,S5P1=S6}. At this time, switch_to_endpoint=[S1={CP443(1),CP443(2),1214,HP,CP343(2)}, S2={CP 1543}, S3={CP343 (1)}, {S1P132 S6, S2P1=S6, S3P1=S6, S4P1=S6, S5P1=S6}]; switch_to_switch=[S2P2={CP443(1),CP443(2),1214,HP}, S3P2={CP1543,CP 443(1),CP443(2),1214,HP},S6P2={CP1543,CP343(1),CP443(1),CP443(2), 1214,HP}];
(7) Take S1={CP443(1),CP443(2),1214,HP,CP343(2)} out of switch_to_endpoint and search switch_to_switch for elements equivalent to {CP443(1),CP443(2),1214,HP,CP343(2)}. No element is found.
Thus, construct the subset of {CP443(1),CP443(2),1214,HP,CP343(2)} in a decreasing sequence of the sizes of subsets and search switch_to_switch for the corresponding subset. Finally, a unique element S2P2={CP443(1),CP443(2),1214,HP} is found according to {CP443(1),CP443(2),1214,HP}, then connect the switch S1 to the port P2 on the switch S2 in the network topology.
Thus, S2={CP443(1),CP443(2),1214,HP,CP343(2)} can be expanded into switch_to_endpoint.
Delete S2P2={CP443(1),CP443(2),1214,HP} from switch_to_switch.
At this time, switch_to_endpoint=[S2={CP1543,CP443(1),CP443(2),1214,HP,CP343(2)}, S3={CP343 (1)}, {S1P1=S6, S2P1=S6, S3P1=S6, S4P1=S6, S5P1=S6}]; switch_to_switch=[S3P2={CP1543,CP443(1),CP443(2),1214,HP},S6P2={CP 1543,CP343(1),CP443(1),CP443(2),1214,HP}];
(8) Take S2={CP1543,CP443(1),CP443(2),1214,HP,CP343(2)} out of switch_to_endpoint and search switch_to_switch for elements equivalent to {CP1543,CP443(1),CP443(2),1214,HP,CP343(2)}. No element is found.
Thus, construct the subset of {CP1543,CP443(1),CP443(2),1214,HP,CP343(2)} in a decreasing sequence of the sizes of subsets and search switch_to_switch for the corresponding subset. Finally, a unique element S3P2={CP1543,CP443(1),CP443(2),1214,HP} is found according to {CP1543,CP443(1),CP443(2),1214,HP}; then, connect the switch S2 to the port P2 on the switch S3 in the network topology.
Thus, S3={CP1543,CP443(1),CP443(2),1214,HP} can be expanded into switch_to_endpoint.
Delete S2P2={CP443(1),CP443(2),1214,HP} from switch_to_switch.
At this time, switch_to_endpoint=[S3={CP1543,CP443(1),CP443(2),1214,HP,CP343(2), CP343 (1)}, {S1P1=S6, S2P1=S6, S3P1=S6, S4P1=S6, S5P1=S6}]; switch_to_switch=[S6P2={CP1543,CP343(1),CP443(1),CP443(2),1214,HP}];
(9) Take S3={CP1543,CP443(1),CP443(2),1214,HP,CP343(1)} out of switch_to_endpoint and search switch_to_switch for elements equivalent to {CP1543,CP443(1),CP443(2),1214,HP,CP343(1)}. A unique element S6P2={CP1543, CP343 (1) , CP443 (1) , CP443 (2) , 1214, HP} is matched. Then, connect the switch S3 to the port P2 on the switch S6 in the network topology.
Thus, S6={CP1543,CP343(1),CP443(1),CP443(2),1214,HP} can be expanded into switch_to_endpoint.
Delete S6P2={CP1543,CP343(1),CP443(1),CP443(2),1214,HP} from switch_to_switch.
So far, all switches have been connected to form a complete topology. The algorithm ends. The network topology obtained by the algorithm is completely consistent with the actual network topology.
The network adopted in the present embodiment is the same as the one adopted in embodiment 5.
1. First initialize the network topology, as shown in
2. Organize data in the MAC address tables of switch ports obtained through an SNMP detection to obtain list_of_mac_set shown in Table 4 in embodiment 5, and map it into symbols of corresponding devices (obtained through the SNMP detection).
3. Determine the connections of terminal devices. Similar to embodiment 5, determine the connections of terminal devices according to the following rules:
1) The terminal device connected to a port on a switch can be determined according to whether the MAC address table of the port on the switch contains a plurality of MAC addresses corresponding to the same device.
2) It can be determined that a terminal device is not directly connected to a port on the first switch by determining whether the MAC address table of the port on the switch contains the MAC address of the terminal device (for example, 5623) and MAC addresses of ports on other switches.
Accordingly, the network topology shown in
4. Remove all MAC addresses other than MAC addresses of switch ports from list_of_mac_set, including:
1) MAC addresses of terminal devices;
2) MAC address of the management port of switches;
3) other unrelated MAC addresses.
Then obtain the list_of_mac_set shown in Table 6.
5. Derive the connection relationship between switches according to the MAC addresses in the MAC address table of each port on each switch.
According to the list_of_mac_set, it can be derived that the connection relationship between switches is as follows:
1) First analyze the MAC addresses of the ports on the switch S1. It is found that the MAC address tables of the port P1 and the port P2 both contain the MAC address of the switch S4. Usually, this situation will not appear. Thus, it can be determined that the switch S4 is a management node (redundancy manager) of the ring network and the MAC addresses of the ports on the switch can be removed.
According to the remaining MAC addresses, it can directly be inferred that the port P1 on the switch S1 is connected to the port P2 on the switch S2, and the port P2 on the switch S1 is connected to the port P1 on the switch S5.
2) Similarly, remove the MAC addresses of the ports on the switch S4 from the MAC address tables of ports on the switch S2. According to the remaining MAC addresses, it can directly be inferred that: the port P1 on the switch S2 is connected to the port P2 on the switch S2, and the port P2 on the switch S2 is connected to the port P1 on the switch S1.
3) Similarly, remove the MAC addresses of the ports on the switch S4 from the MAC address tables of ports on the switch S3. According to the remaining MAC addresses, it can directly be inferred that the port P1 on the switch S3 is connected to the port P2 on the switch S6, and the port P2 on the switch S3 is connected to the port P1 on the switch S2.
4) For the MAC address tables of the ports on the switch S4, which is a management switch, it can directly be inferred according to the MAC addresses on the ports that the port P1 on the switch S4 is connected to the port P2 on the switch S5.
5) Similarly, remove the MAC addresses of the ports on the switch S4 from the MAC address tables of ports on the switch S5. According to the remaining MAC addresses, it can directly be inferred that the port P1 on the switch S5 is connected to the port P2 on the switch S1, and in addition, it can be learned from step 4) that the port P2 on the switch S5 is connected to the port P1 on the switch S4.
6) Similarly, remove the MAC addresses of the ports on the switch S4 from the MAC address tables of ports on the switch S6. According to the remaining MAC addresses, it can directly be inferred that the port P2 on the switch S6 is connected to the port P1 on the switch S3.
So far, all switches have been connected to form a complete topology. The algorithm ends. The network topology obtained by the algorithm is completely consistent with the actual network topology.
In addition, when the MAC address table of each port on each switch is acquired from a target network, the MAC address table of each port on each switch in the target network can be acquired from a switch at the convergence layer and/or core layer of the target network.
Switches in a network may be classified into access layer switches, convergence layer switches and core layer switches. Access layer switches are used to connect terminal devices, convergence layer switches are used to connect access layer switches or terminal devices, and core layer switches are used to connect convergence layer switches or terminal devices. Usually, the number of access layer switches is greater than the number of convergence layer switches, and the number of convergence layer switches is greater than the number of core layer switches.
When the MAC address table of a port on a switch is acquired from a switch at the access layer of a network, it is necessary to deploy a probe on each of the switches S1-S6, as shown in
When the MAC address table of a port on a switch is acquired from a switch at the convergence layer of a network, it is necessary to deploy a probe on each of the switches S7-S9, as shown in
When the MAC address table of a port on a switch is acquired from a switch at the core layer of a network, it is necessary to deploy a probe only on the switch S10, as shown in
From the above-mentioned comparative analysis, it can be learned that, if the MAC address table of each port on each switch is acquired from a switch at the convergence layer and/or the core layer, but not from a switch at the access layer, a probe needs to be deployed on a smaller number of switches so that the MAC address table of each port on each switch in a target network can be acquired. Thus, it is more convenient to acquire MAC address tables and meanwhile the cost of acquiring MAC address tables is also lowered.
As shown in
In some embodiments, the table acquisition module 21 can be used to execute step 101 in the embodiment of the above-mentioned method, the first relationship determination module 22 can be used to execute step 102 in the embodiment of the above-mentioned method, the port screening module 23 can be used to execute step 103 in the embodiment of the above-mentioned method, the second relationship determination module 24 can be used to execute step 104 in the embodiment of the above-mentioned method, and the topology construction module 25 can be used to execute step 105 in the embodiment of the above-mentioned method.
In some embodiments, on the basis of the network topology construction apparatus shown in
a second matching unit 222, used for each MAC address table acquired by the table acquisition module 21 to determine that the port which the MAC address table belongs to is connected to a second terminal device in the target network if the MAC address table contains at least two MAC addresses of the second terminal device;
an integration unit 223, used to determine a first connection relationship in the target network according to the connection relationship determined by the first matching unit 221 and the second matching unit 222 between terminal devices and ports of the switches in the target network and the ports included in each switch in the target network.
In some embodiments, on the basis of the network topology construction apparatus shown in
a determination unit 241, used to determine whether each port on each switch in the target network has a MAC address;
a first relationship determination unit 242, used to determine the second connection relationship in the target network according to the MAC addresses of the ports of the switches in the target network that are included in the MAC address table of each of the first ports in the target network if the determination unit 241 determines that each port on each switch in the target network has a MAC address;
a second relationship determination unit 243, used to determine the second connection relationship in the target network according to the MAC addresses of terminal devices included in the MAC address table of each of the first ports in the target network if the determination unit 241 determines that at least one port on each switch in the target network has no MAC address.
In some embodiments, on the basis of the network topology construction apparatus shown in
a first relationship determination subunit 2432, used for each of the first ports in the target network to determine that the first port is connected with a second port if the MAC address table of the first port contains a MAC address of the second port in the target network, wherein the first port and the second port are located on different switches in the target network;
a first integration subunit 2433, used to determine the second connection relationship in the target network according to the connection relationship determined by the first relationship determination subunit 2432 between each of the first ports and the second port in the target network and the switches the first port and the second port belong to.
In some embodiments, on the basis of the network topology construction apparatus shown in
a port screening subunit 2434, used for each of the first ports in the target network to screen a third port out of first ports other than the first port in the target network, wherein the MAC address table of the third port and the MAC address table of the first port contain at least one identical MAC address;
a first set construction subunit 2435, used for each of the first ports in the target network to acquire a corresponding first MAC address set of the first port, wherein the elements in the first MAC address set are MAC addresses of terminal devices in the MAC address table of the first port;
a second set construction subunit 2436, used for each of the third ports screened out by the port screening subunit 2434 to acquire a corresponding second MAC address set of the third port, wherein the elements in the second MAC address set are MAC addresses of terminal devices in the MAC address table of the third port;
a second relationship determination subunit 2437, used to determine the connection relationship between the first port and the third port according to the inclusion relationship between the first MAC address set acquired by the first set construction subunit 2435 and each of the second MAC address sets acquired by the second set construction subunit 2436 and the inclusion relationship between the subsets of the first MAC address set acquired by the first set construction subunit 2435 and each of the second MAC address sets acquired by the second set construction subunit 2436;
a second integration subunit 2438, used to determine the second connection relationship in the target network according to the connection relationship determined by the second relationship determination subunit 2437 between each of the first ports and the third port in the target network and the switches the first port and the third port belong to.
In some embodiments, on the basis of the network topology construction apparatus shown in any of
As shown in
In some embodiments, on the basis of the network topology construction apparatus shown in
In some embodiments, on the basis of the network topology construction apparatus shown in
In some embodiments, on the basis of the network topology construction apparatus shown in
In some embodiments, on the basis of the network topology construction apparatus shown in
In some embodiments, on the basis of the network topology construction apparatus shown in
In some embodiments, a computer-readable medium stores instructions used to allow a machine to execute the network topology construction method described in this document. Specifically, a system or device may be equipped with a storage medium. Software program codes which can realize the function in any of the above-mentioned embodiments are stored in the storage medium and the computer (or CPU or MPU) of the system or device can read and execute the program codes stored in the storage medium.
In some embodiments, program codes read from the storage medium themselves can realize the function in any of the above-mentioned embodiments. Therefore, program codes and the storage medium where program codes are stored constitute a part of the teachings herein.
Embodiments of the storage medium used to provide program codes include a floppy disk, hard disk, magneto-optical disk, compact disk (for example, compact disk read-only memory (CD-ROM), compact disk-recordable (CD-R), compact disk-rewritable (CD-RW), digital video disk-read only memory (DVD-ROM), digital versatile disk-random access memory (DVD-RAM), digital versatile disk-rewritable (DVD-RW), digital versatile disk plus rewritable (DVD+RW), magnetic tape, non-volatile memory card, and read-only memory (ROM). Alternatively, the program codes may be downloaded from a server computer over a communication network.
In some embodiments, the function of any of the above-mentioned embodiments can be realized not only by executing the program codes read out by a computer, but also by allowing the operating system running on the computer to complete a part or all of practical operations through program code based instructions.
In some embodiments, the program codes read out of a storage medium are written into the memory in the expansion board in a computer or are written into a memory in an expansion module connected to the computer, and then the program code-based instructions allow the CPU installed on the expansion board or expansion module to execute a part or all of the practical operations to realize the function of any of the above-mentioned embodiments.
In some embodiments, not all steps or modules in the above-mentioned flowcharts and system structure diagrams are required, and some steps or modules can be omitted, depending on the actual requirements. The execution sequence of the steps is not fixed and may be adjusted as required. The system structures described in the above-mentioned embodiments can be physical structures or logical structures. That is to say, some modules may be realized by a physical entity, or some modules may be realized by a plurality of physical entities or may jointly be realized by some components in a plurality of self-contained devices.
In some embodiments, hardware modules can mechanically or electrically be realized. For example, a hardware module can comprise a permanent dedicated circuit or logic (for example, special processor, FPGA, or ASIC) to complete the corresponding operations. A hardware module can further comprise a programmable logic or circuit (for example, a general processor or other programmable processor) and can complete the corresponding operations through temporary software setting. The specific implementation mode (mechanical mode, or dedicated permanent circuit, or circuit which is temporarily set) can be determined on the basis of consideration of cost and time.
The teachings of the present disclosure have been revealed and described in detail above in combination with the drawings and example embodiments. However, the scope of the present disclosure is not limited to the disclosed embodiments. On the basis of the plurality of above-mentioned embodiments, those skilled in the art can know that more embodiments of the present disclosure can be obtained by combining the code review means in the above-mentioned different embodiments, and all these embodiments should also fall within the scope of protection of the present disclosure.
This application is a U.S. National Stage Application of International Application No. PCT/CN2020/093785 filed Jun. 1, 2020, which designates the United States of America, the contents of which are hereby incorporated by reference in their entirety.
Filing Document | Filing Date | Country | Kind |
---|---|---|---|
PCT/CN2020/093785 | 6/1/2020 | WO |