This invention relates to the field of network management and support, and in particular to a method and system that facilitates the identification and analysis of changes to the configuration of the network, and elements thereof.
The management of a communications network is a complex and time-consuming task, particularly as the size and capabilities of such networks continue to grow. Changes to the configuration of a network often cause problems that are difficult to anticipate or diagnose. Often, such problems remain latent until their compound effect cause network disruptions or other anomalous behavior.
Because of the demands placed upon typical networks, changes are often and continually made; equipment is added or removed, attributes associated with the equipment are adjusted, connections are rerouted, and so on. Ideally, each change is recorded and reported to the network manager, so that if a problem develops on the network, the manager can assess the changes that have been introduced, to identify potential causes. However, this ideal is rarely achieved, and when network problems develop, the typical network manager does not have a complete and/or up-to-date list, and must painstakingly generate one manually.
Also, network managers often use simulation tools to simulate the effect of proposed changes to the network, before the changes are actually made. Even in these cases, however, the complexity of a typical network is such that minor changes may be continually made and unmade throughout the network representation in such a way that it is not easy to build a final list of migration steps or to diagnose problems in the virtual network.
When a network is installed, a ‘baseline’ network description, or model, is typically created. The user provides the system with configuration and operational data about the devices in the network. Configuration data may include, for example, the device configuration file of the routers in the system, and operational data may include, for example, the output of the “show cdp neighbors detail” command on a network switch. The network model is preferably a high-fidelity representation of the actual network, and includes, for example, representations of the physical devices, physical links between devices, logical links (e.g., ATM PVCs) between devices, and so on. Each representation of a device, link, etc. contains its configuration and operational information, typically using an attribute-value pair structure. Although the network model is preferably organized as an integral set of data, for the purposes of this disclosure, a network model comprises any collection of data that represents a network, including a collection of ‘raw data’ from some or all of the network devices.
The baseline network model represents a stable point for the network. Whenever major changes are introduced, either in the simulated network or in the actual network, a new baseline is made. In some environments, daily or weekly baselines are also kept. When a network problem develops, the network manager compares the latest network model to the appropriate baseline to identify changes since the last known stable point. However, the network model for even a relatively small network may include hundreds of pages of description, and identifying such changes to diagnose a problem can be a time-consuming and frustrating process, particularly if the change included replacing a piece of equipment or modifying connectivity.
Conventional text-based “file-compare” programs are generally unsuitable for comparing and analyzing changes to a network model for a variety of reasons. Generally, a network model of the entire network does not exist as a single file, and comparing the configuration files of individual devices does not provide a complete picture of the overall effects of individual changes on the entire network. Additionally, some devices may not have text-based configuration files. Even if a complete network model were made available, using for example, an XML format, a comparison of two network models, whether performed manually or via a file-compare program, is particularly difficult if the two models are similar, but not exactly alike, because it is often difficult to distinguish among similar network entities to provide an appropriate one-to-one mapping between the entities in each network model. For example, a network may include dozens or hundreds of routers, and establishing a direct mapping of each router in one model to each router in the other model, based on differently structured network descriptions, may not be feasible. An automated text-based comparison process is further complicated by the fact that any and all differences are identified, regardless of the significance of the difference. For example, a change to a descriptive field, such as the serial number of a device, is not distinguishable from a change to a functional field, such as a routing table entry. Additionally, a single functional or logical change to the network can result in a variety of changes to multiple network entities, and the identification of the cause of the changes is often obscured by the appearance of these multiple changes.
It is an objective of this invention to provide a method and system that facilitates an identification of configuration differences between two models of a network. It is a further objective to provide a method and system that facilitates analysis of such configuration differences. It is a further objective of this invention to provide a method and system that facilitates the determination of possible causes of multiple changes to the network configuration.
These objectives and others are achieved by a system and method that provides a contextual and semantic analysis of each of a pair of network models to facilitate a mapping of network entities between the network models, and a contextual and semantic analysis of the changes between the paired network entities to facilitate analysis of the potential causes and effects of such changes. The system includes a plurality of refine handler and match handler pairs that are specific to the type, or class, of network entities being analyzed. Comparison ‘rules’include one or more refine and match handler pairs and a difference handler that processes the output of these pairs. The refine handler analyzes the network model to identify the entities for which its rules apply, and the match handler processes these identified entities to establish a pairing between corresponding entities in each model. A sequence of refine-match processes are applied to the network models, typically in accordance with a hierarchy of rules until each entity is identified as a matched, added, or removed entity. A difference handler processes the identified pairings to provide a difference analysis that facilitates a meaningful interpretation of the configuration changes.