Methods and systems for controlling network infrastructure devices
First Claim
1. A network management system for managing a plurality of network devices, comprising:
- a device database for storing a native configuration for one of the plurality of network devices;
a component database for storing configuration information used to configure the plurality of network devices, wherein the configuration information is stored as a plurality of components and a plurality of candidate components;
a device learning module for receiving the native configuration from the device database, identifying the configuration information from the native configuration, and storing the configuration information in the component database; and
a grammar builder for receiving a candidate component, resolving the candidate component into a component, and storing the component in the component database.
1 Assignment
0 Petitions
Accused Products
Abstract
A network management system is provided that allows a user to configure multiple devices according to a consistent set of policies. The system includes a device learning module that can read configuration data from a network device and automatically match that configuration data to existing policies and components of policies within the system. The device learning module also identifies unknown configuration data, which does not match any existing policy. The system further includes a grammar builder that can parse the unknown configuration data and construct a component or policy from the unknown data, by matching the unknown data to a grammar of configuration commands for the network device. The system also provided auditing capabilities, where policies are compared to running network configurations, and differences are identified.
181 Citations
86 Claims
-
1. A network management system for managing a plurality of network devices, comprising:
-
a device database for storing a native configuration for one of the plurality of network devices;
a component database for storing configuration information used to configure the plurality of network devices, wherein the configuration information is stored as a plurality of components and a plurality of candidate components;
a device learning module for receiving the native configuration from the device database, identifying the configuration information from the native configuration, and storing the configuration information in the component database; and
a grammar builder for receiving a candidate component, resolving the candidate component into a component, and storing the component in the component database. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45)
-
-
24. A method of parsing a native configuration into a policy-driven configuration, comprising:
-
receiving configuration information comprising a plurality of components;
receiving the native configuration;
tokenizing the native configuration using a lexer module;
parsing the tokenized native configuration using a parser module, to identify a plurality of input components contained in the native configuration and match the plurality of input components with the plurality of components;
parsing the tokenized native configuration using the parser module, to identify one or more unknown regions contained in the native configuration, which do not match any of the plurality of components;
emitting a tree of components, comprising the plurality of matched input components and the one or more unknown regions;
processing the one or more unknown regions to identify one or more candidate components;
analyzing the tree of components to identify one or more policies present in the tree of components; and
outputting the one or more policies and the one or more candidate components, as a policy-driven configuration. - View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32, 33)
-
-
46. A method of producing a grammar, comprising:
-
receiving unknown command information;
generating an abstract syntax tree for the unknown command information; and
transforming the abstract syntax tree into a component tree. - View Dependent Claims (47, 48, 49, 50)
-
-
51. A method of generating a syntax tree for a command for a network device, comprising:
-
identifying a command root;
providing the command root to the network device;
using a command completion feature on the network device for the command root, to identify a plurality of next completions for the command root;
recursively entering each of the plurality of next completions;
recording in the syntax tree each next completion; and
outputting the syntax tree. - View Dependent Claims (52, 53, 54, 55, 56, 57, 58)
-
-
59. A method of transforming a syntax tree including a plurality of syntax nodes into a grammar, comprising:
-
transforming the plurality of syntax nodes into a plurality of equivalent grammar constructs, resulting in the creation of a grammar;
transforming the grammar to remove unnecessary terminations; and
re-factoring the grammar to remove structural anomalies. - View Dependent Claims (60, 61, 62, 63, 64, 65)
-
-
66. A method of identifying a semantic effect caused by modification of a device configuration on a network device, comprising:
-
selecting the network device;
retrieving the device configuration from the network device;
storing the device configuration;
modifying the device configuration on the network device;
retrieving the modified device configuration from the network device;
comparing the modified device configuration with the stored device configuration;
identifying a difference between the modified and stored device configurations; and
processing the difference to identify the semantic effect. - View Dependent Claims (67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79)
-
-
80. A method of compiling a native device configuration for a network device, comprising:
-
retrieving a full grammar for the network device;
retrieving a policy-driven configuration for the network device;
configuring a parser using the full grammar;
supplying the policy-driven configuration to the parser;
recursively walking the policy-driven configuration to generate the native device configuration. - View Dependent Claims (81, 82)
-
-
83. A method of auditing a native configuration running on a network device, comprising:
-
retrieving the running configuration from the network device;
retrieving a stored configuration corresponding to the running configuration;
comparing the running configuration and the stored configuration; and
recording any differences between the running configuration and the stored configuration. - View Dependent Claims (84, 85, 86)
-
Specification