Automatic application of implementation-specific configuration policies
First Claim
1. A method comprising:
- creating a temporary copy of operational configuration data of a network device in response to receiving a configure command from a client;
applying changes to the copy of the configuration data in response to commands from the client to form candidate configuration data for the network device;
receiving a commit command from the client;
in response to the commit command, selecting an implementation-specific configuration policy from a plurality of implementation-specific configuration policies based on an authorization level associated with the client wherein the implementation-specific configuration policy comprises a set of rules representing the specific operational requirements of the particular networks within which the network device operates; and
applying the implementation-specific configuration policy to validate the changed candidate configuration data,committing the changes to the candidate configuration data from the temporary copy to the operational configuration data for the network device based on a result of the validation.
0 Assignments
0 Petitions
Accused Products
Abstract
Techniques are described for application of implementation-specific configuration policies within a network device. For example, a device, such as a router, may comprise memory to store operational configuration data and candidate configuration data. The device further includes a control unit to apply changes to the candidate configuration data based on input from a client, and apply an implementation-specific configuration policy to a copy of the changed candidate configuration data. Based on a result of applying the implementation-specific configuration policy, the device selectively commits the changes made to the candidate configuration to the operational configuration. In the event an error occurs while applying the implementation-specific configuration policy, the device does not commit the changes to the operational configuration. In this manner, the device does not allow changes that violate the implementation-specific configuration policy to be committed to the operational configuration, thereby detecting misconfiguration that may otherwise be syntactically and semantically correct.
-
Citations
17 Claims
-
1. A method comprising:
-
creating a temporary copy of operational configuration data of a network device in response to receiving a configure command from a client; applying changes to the copy of the configuration data in response to commands from the client to form candidate configuration data for the network device; receiving a commit command from the client; in response to the commit command, selecting an implementation-specific configuration policy from a plurality of implementation-specific configuration policies based on an authorization level associated with the client wherein the implementation-specific configuration policy comprises a set of rules representing the specific operational requirements of the particular networks within which the network device operates; and applying the implementation-specific configuration policy to validate the changed candidate configuration data, committing the changes to the candidate configuration data from the temporary copy to the operational configuration data for the network device based on a result of the validation. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system comprising:
-
a first database to store operational configuration data; a second database to store candidate configuration data, wherein the second database is a temporary copy of at least a portion of the first database created in response to a configure command from a client; and a control unit to apply an implementation-specific configuration policy in response to a commit command from the client to validate changes to the candidate configuration data, and copy the changed candidate configuration data from the second database to the operational configuration data of the first database based on a result of the validation, wherein the implementation-specific configuration policy comprises a set of rules representing the specific operational requirements of the particular networks within which the network device operates, and wherein the control unit selects the implementation-specific configuration policy based on an authorization level for the client. - View Dependent Claims (13, 14, 15, 16, 17)
-
Specification