白丝美女被狂躁免费视频网站,500av导航大全精品,yw.193.cnc爆乳尤物未满,97se亚洲综合色区,аⅴ天堂中文在线网官网

Bulk discovery of devices behind a network address translation device

專(zhuān)利號(hào)
US11159370B2
公開(kāi)日期
2021-10-26
申請(qǐng)人
Juniper Networks, Inc.(US CA Sunnyvale)
發(fā)明人
Pradeep H. Krishnamurthy; Chandrasekhar A; Rahamath Sharif; Raviraj Satish Deshmukh
IPC分類(lèi)
H04L12/28; H04L12/24; H04L12/46; H04L29/12; H04W8/00
技術(shù)領(lǐng)域
network,management,devices,seed,device,14a,system,may,ssh,tunneled
地域: CA CA Sunnyvale

摘要

In one example, a network management system discovers a plurality of network devices behind a network address translation device, such as a firewall. The network management system may receive a model of a seed network device, generate a first activation configuration and commit the first activation configuration on the seed network device. The network management system may connect to the seed network device and discover neighboring devices from information in the seed network device. The network management system may connect to the neighboring devices, automatically create a model of the neighboring network devices, generate s activation configurations for the neighboring network devices and commit the activation configurations on the neighboring network devices. The network management system may iterative perform these steps until it discovers all the discoverable network devices behind the network address translation device.

說(shuō)明書(shū)

TECHNICAL FIELD

This disclosure relates to computer networks, and more particularly, to discovering and configuring network devices.

BACKGROUND

A computer network is a collection of interconnected computing devices that may exchange data and share resources. A variety of devices operate to facilitate communication between the computing devices. For example, a computer network may include routers, switches, gateways, firewalls, and a variety of other devices to provide and facilitate network communication.

These network devices typically include mechanisms, such as management interfaces, for locally or remotely configuring the devices. By interacting with the management interface, an administrator may perform configuration tasks as well as perform operational commands to collect and view operational data of the managed devices. For example, the administrator may configure interface cards of the device, adjust parameters for supported network protocols, specify physical components within the device, modify routing information maintained by a router, access software modules and other resources residing on the device, and perform other configuration tasks. In addition, the administrator may allow a user to view current operating parameters, system logs, information related to network connectivity, network activity or other status information from the devices as well as view and react to event information received from the devices.

權(quán)利要求

1
What is claimed is:1. A system comprising:memory; andone or more processors coupled to the memory, the one or more processors being configured to:connect from the system to a seed network device through a first connection, the seed network device being behind a network address translation device or a firewall relative to the system;discover, through the first connection, a plurality of neighboring network devices that neighbor the seed network device, the plurality of neighboring network devices being behind the network address translation device or the firewall relative to the system;initiate tunneled second connections from the system to the plurality of neighboring network devices through the seed network device;commit, through the tunneled second connections, an activation configuration on each of the plurality of neighboring network devices, each activation configuration being unique to one of the plurality of neighboring network devices; andin response to the committing of each activation configuration, establish a non-tunneled secure shell (ssh) connection from the system to each of the plurality of neighboring network devices.2. The system of claim 1, wherein the one or more processors are configured to discover the plurality of neighboring network devices by using Link Layer Discovery Protocol (LLDP) information on the seed network device.3. The system of claim 1, wherein the one or more processors are configured to discover the plurality of neighboring network devices by receiving a private IP address for at least one of the plurality of neighboring network devices.4. The system of claim 1, wherein the first connection comprises an ssh connection.5. The system of claim 1, wherein the second connections comprise ssh connections.6. The system of claim 1, wherein the one or more processors are further configured to commit a first activation configuration on the seed network device through the first connection.7. The system of claim 1, wherein the one or more processors are further configured automatically model the plurality of neighboring network devices.8. The system of claim 1, wherein the one or more processors are further configured to automatically generate each activation configuration for the plurality of neighboring network devices.9. A method comprising:connecting through a first connection, from a network management system, to a seed network device, the seed network device being behind a network address translation device or a firewall relative to the system;discovering through the first connection, by the network management system, a plurality of neighboring network devices that neighbor the seed network device, the plurality of neighboring network devices being behind the network address translation device or the firewall relative to the system;initiating, by the network management system, second tunneled connections from the network management system to the plurality of neighboring network devices through the seed network device;committing through the second connections, by the network management system, an activation configuration on each of the plurality of neighboring network devices, each activation configuration being unique to one of the plurality of neighboring devices;establishing, by the network management system and in response to the committing of each activation configuration, a non-tunneled secure shell (ssh) connection from the network management system to each of the plurality of neighboring network devices.10. The method of claim 9, wherein the discovering the plurality of neighboring network devices comprises using Link Layer Discovery Protocol (LLDP) information on the seed network device.11. The method of claim 9, wherein the discovering the plurality of neighboring network devices comprises receiving a private IP address for at least one of the plurality of neighboring network device.12. The method of claim 9, wherein the first connection comprises an ssh connection.13. The method of claim 9, wherein the second connections comprise ssh connections.14. The method of claim 9, further comprising committing, by the network management system, a first activation configuration on the seed network device through the first connection.15. The method of claim 9, further comprising automatically modeling, by the network management system, the plurality of neighboring network devices.16. The method of claim 9, further comprising automatically generating, by the network management system, each activation configuration for the plurality of neighboring network devices.17. A non-transitory computer readable medium comprising instructions that when executed by one or more processors cause the one or more processors to:connect from a network management system to a seed network device through a first connection, the seed network device being behind a network address translation device or a firewall relative to the system;discover through the first connection a plurality of neighboring network devices that neighbor the seed network device, the plurality of neighboring network devices being behind the network address translation device or the firewall relative to the system;initiate tunneled second connections from the network management system to the plurality of neighboring network devices through the seed network device;commit through the tunneled second connections an activation configuration on each of the plurality of neighboring network devices, each activation configuration being unique to one of the plurality of neighboring network devices; andin response to the committing of each activation configuration, establish a non-tunneled secure shell (ssh) connection from the network management system to each of the plurality of neighboring network devices.18. The non-transitory computer readable medium of claim 17, wherein the instructions cause the one or more processors to discover the plurality of neighboring network devices by using Link Layer Discovery Protocol (LLDP) information on the seed network device.
微信群二維碼
意見(jiàn)反饋