Currently, a network supports more and more application services, and for many cluster networks, such as a large-scale cross-regional corporation network, and a cluster data center, a plurality of network devices need to be deployed to support numerous and diversified services. A user controls a service by customizing a corresponding service rule for various services in a network device, such as a switcher, a router, or the onion router (TOR).
As service types continuously increase, service rules corresponding to various services also increase correspondingly. Each network device may bear a plurality of services, and a plurality of service rules is required, that is, a rule set is formed. In order to reduce a management cost of the user, and improve coordinated orchestration for rule sets of a plurality of network devices, in the prior art, generally orchestration processing is performed on the rule sets in the following manner: a management device sends service rules of all services that a cluster network can bear to each network device, and each network device performs orchestration processing on the rule sets and is responsible for execution; or, the management device performs orchestration processing such as parsing and compiling on the service rules of all the network devices, to form, after the orchestration processing, a rule set, which serves as a rule knowledge base to be then sent to each network device, and each network device queries the rule knowledge base to find a matching rule and execute the matched rule.
However, in the foregoing manner, what is received by each network device is all service rules or a rule knowledge base after orchestration processing, and each network device does not need to bear all services, and does not need all rules, so the foregoing rule set orchestration processing method has a problem of repetitive processing and excessive processing on a rule set.