CN106789862A - A kind of method of data synchronization and device - Google Patents
A kind of method of data synchronization and device Download PDFInfo
- Publication number
- CN106789862A CN106789862A CN201610263872.6A CN201610263872A CN106789862A CN 106789862 A CN106789862 A CN 106789862A CN 201610263872 A CN201610263872 A CN 201610263872A CN 106789862 A CN106789862 A CN 106789862A
- Authority
- CN
- China
- Prior art keywords
- data
- mark
- business
- message
- board
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 46
- 238000001514 detection method Methods 0.000 claims abstract description 17
- 238000004321 preservation Methods 0.000 claims description 13
- 230000005540 biological transmission Effects 0.000 claims description 12
- 230000008569 process Effects 0.000 description 9
- 230000004913 activation Effects 0.000 description 7
- 230000001360 synchronised effect Effects 0.000 description 6
- 239000004744 fabric Substances 0.000 description 3
- 230000007123 defense Effects 0.000 description 1
- 206010022000 influenza Diseases 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0654—Management of faults, events, alarms or notifications using network fault recovery
- H04L41/0663—Performing the actions predefined by failover planning, e.g. switching to standby network elements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Alarm Systems (AREA)
- Hardware Redundancy (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
A kind of method of data synchronization and device are the embodiment of the invention provides, the main control board after masterslave switchover in distributed fire wall is applied to, methods described includes:The data synchronization request that the business board in the distributed fire wall sends is received, wherein, the data synchronization request includes the first mark of corresponding first data of business module that the business board is currently preserved;When the second mark of local corresponding second data of the business module for preserving is different from the described first mark, second data and the second mark are sent to the business board.In the embodiment of the present invention, the data syn-chronization time during masterslave switchover can be reduced, reduce influence of the masterslave switchover to distributed fire wall flow detection business.
Description
Technical field
The present invention relates to computer defense technique field, more particularly to a kind of method of data synchronization and device.
Background technology
Fire wall is generally deployed between the network egress of large and medium-sized enterprise, Intranet or data center
Outlet, the purpose that protection intranet security is realized in detection is carried out to the flow of extranet access Intranet, Intranet is visited
Ask that the flow of outer net carries out detecting the control for realizing enterprise's sensitive information.For example, fire wall can be according to user
Configuration and predefined feature database in carry matched rule carry out flow detection, realize flow identification and
Control function.
In practical application, for the consideration of high availability, distributed fire wall can be typically disposed.Distribution is anti-
Wall with flues generally includes multiple master control borads and multiple business boards, wherein, a master can be included in multiple master control borads
With master control borad and multiple slave control board.Main control board is the control centre of whole fire wall, by it to each
Master control borad and business board realize control function and data synchronizing function, such as matched rule, configuration information, list item
Deng synchronization.Also, the main control board of distributed fire wall and each business board need to preserve same data,
Flow detection is carried out with according to the data.
In actual applications, the main control board of distributed fire wall may be due to originals such as failure or user inputs
Because causing to restart, in this case, a slave control board will quickly upgrade to new main control board,
To control whole fire wall to continue normal operation.Above-mentioned slave control board upgrades to the mistake of new main control board
Journey is properly termed as masterslave switchover process.
It is same in order to realize the data between new main control board and each business board during masterslave switchover
Step, when each business board detects generation masterslave switchover, each business board can send to new main control board
Data synchronization request.For example, when each business board is detected and reconnected with main control board, each business board
Data synchronization request can be sent to the main control board after reconnecting.New main control board receives each business
After the data synchronization request that plate sends, all of data that can be preserved itself are sent to each business successively
Plate, each business board updates the local data for preserving using the data for receiving, so as to realize new primary master control
Data syn-chronization between plate and each business board.
But, for distributed fire wall, it will usually including greater number of business board, and each business
Plate includes multiple business modules again, and its corresponding data is preserved in each business module, therefore, new primary master
Control plate needs the data for issuing generally more, so as to cause the data syn-chronization time more long, so as to cause primary master
Control plate is busy for a long time, for user response not in time.Also, during data syn-chronization, each business board needs
Data synchronization request is sent, and receives the data that new main control board sends, using the data for receiving more
The new local data for preserving, each business board cannot carry out normal flow detection in this period, therefore, this
Being normally carried out for the flow detection business of distributed fire wall will be influenceed.
The content of the invention
The purpose of the embodiment of the present invention is to provide a kind of method of data synchronization and device, to reduce masterslave switchover
During the data syn-chronization time, reduce influence of the masterslave switchover to distributed fire wall flow detection business.
Concrete technical scheme is as follows:
In a first aspect, the embodiment of the invention provides a kind of method of data synchronization, distributed fire wall is applied to
Main control board after middle masterslave switchover, methods described includes:
The data synchronization request that the business board in the distributed fire wall sends is received, wherein, the data
Synchronization request includes the first mark of corresponding first data of business module that the business board is currently preserved;
When second mark and the described first mark of local corresponding second data of the business module for preserving
When different, second data and the second mark are sent to the business board.
Second aspect, the embodiment of the invention provides a kind of method of data synchronization, be applied to distributed fire wall
In any business board, methods described includes:
Detect whether to be reconnected with main control board;
If it is, data synchronization request is sent to the main control board, wherein, the data synchronization request
Include the first mark of corresponding first data of business module that the business board is currently preserved, so that the master
Determine the second mark of local corresponding second data of the business module for preserving with described the with master control borad
When one mark is different, second data and the second mark are sent to the business board;
Receive the second data and the second mark that the main control board sends, and by first data and the
One mark is updated to the second data and second mark respectively.
The third aspect, the embodiment of the invention provides a kind of data synchronization unit, be applied to distributed fire wall
Main control board after middle masterslave switchover, described device includes:
Receiver module, the data synchronization request for receiving the transmission of the business board in the distributed fire wall,
Wherein, the data synchronization request includes corresponding first number of business module that the business board is currently preserved
According to first mark;
Sending module, the second mark of corresponding second data of the business module for ought locally preserve with
When first mark is different, second data and the second mark are sent to the business board.
Fourth aspect, the embodiment of the invention provides a kind of data synchronization unit, be applied to distributed fire wall
In any business board, described device includes:
Detection module, for detecting whether being reconnected with main control board;
Sending module, for sending data synchronization request to the main control board, wherein, the data are same
Step request includes the first mark of corresponding first data of business module that the business board is currently preserved, so that
The main control board determine the second mark of local corresponding second data of the business module for preserving with
When first mark is different, second data and the second mark are sent to the business board;
Receiver module, for receiving the second data and the second mark that the main control board sends, and by institute
State the first data and the first mark is updated to the second data and second mark respectively.
A kind of method of data synchronization and device are the embodiment of the invention provides, after there is masterslave switchover, new master
Each business board can be directed to master control borad, when the mark of the data that the business module on the business board is currently preserved
Know preservation current with master control borad to should business module data mark it is different when, by the business module
Data and its mark are sent to the business board, without the corresponding data of each business module are sent to
Business board, therefore, it is possible to reduce the data syn-chronization time during masterslave switchover, reduces masterslave switchover to dividing
The influence of cloth fire wall flow detection business.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to implementing
Example or the accompanying drawing to be used needed for description of the prior art are briefly described, it should be apparent that, describe below
In accompanying drawing be only some embodiments of the present invention, for those of ordinary skill in the art, do not paying
On the premise of going out creative work, other accompanying drawings can also be obtained according to these accompanying drawings.
Fig. 1 is a kind of flow chart of method of data synchronization provided in an embodiment of the present invention;
Fig. 2 is the flow chart of another method of data synchronization provided in an embodiment of the present invention;
Fig. 3 is a kind of structural representation of data synchronization unit provided in an embodiment of the present invention;
Fig. 4 is the structural representation of another data synchronization unit provided in an embodiment of the present invention;
Fig. 5 (a), 5 (b) are data synchronization process provided in an embodiment of the present invention.
Specific embodiment
In order to reduce the data syn-chronization time during masterslave switchover, masterslave switchover is reduced to distributed fire wall
The influence of flow detection business, the embodiment of the invention provides a kind of method of data synchronization and device.
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clearly
Chu, it is fully described by, it is clear that described embodiment is only a part of embodiment of the invention, rather than
Whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art are not making creation
Property work under the premise of the every other embodiment that is obtained, belong to the scope of protection of the invention.
It should be noted that in the case where not conflicting, the embodiment in the present invention and the feature in embodiment
Can be mutually combined.Describe the present invention in detail below with reference to the accompanying drawings and in conjunction with the embodiments.
In actual applications, when there is masterslave switchover in distributed fire wall, in order to realize new primary master
Data syn-chronization between control plate and each business board, when each business board detects generation masterslave switchover, each business
Plate can send data synchronization request to new main control board, be sent to the main control board for receiving new
Data, realize the data syn-chronization between each business board and new main control board.
But, in actual applications, in main control board and each slave control board preserve data be according to
What family input information and/or feature library file were obtained, the number preserved in main control board and each slave control board
According to typically identical.Therefore, after there is masterslave switchover, new main control board can be first determined whether respectively
Whether the data preserved in business board are identical with what itself was preserved, if identical, need not carry out data syn-chronization,
If it is different, the data is activation that itself will then preserve is to each business board, to realize each business board and the data of itself
It is synchronous.
Specifically, in embodiments of the present invention, main control board can be directed to the local each business module for preserving
Corresponding data, preserve the mark of the data, and the mark for example can be version number.When detect due to
Caused by family is input into or feature database is upgraded during data variation, the corresponding mark of the data is updated.
Further, the corresponding data syn-chronization of each business module that main control board preserves itself gives each business
During plate, in data synchronization message in addition to including the corresponding data of each business module, can also be including the number
According to mark.After each business board receives the data synchronization message of main control board transmission, can be by the message
The data and its mark for including are maintained in local.
In order to reduce the data syn-chronization time during masterslave switchover, masterslave switchover is reduced to distributed fire wall
The influence of flow detection business, the embodiment of the invention provides a kind of method of data synchronization process, be applied to point
Main control board in cloth fire wall after masterslave switchover, the process is comprised the following steps:
S101, receives the data synchronization request that the business board in the distributed fire wall sends, wherein, institute
Stating data synchronization request includes the of corresponding first data of business module that the business board is currently preserved
One mark.
In embodiments of the present invention, when there is masterslave switchover, the main control board after masterslave switchover can connect
The data synchronization request that business board sends being received, wherein, can work as including the business board in the data synchronization request
First mark of corresponding first data of business module of preceding preservation.
In actual applications, when there is masterslave switchover, business board can be with the primary master control before masterslave switchover
Plate is disconnected, and is connected to the main control board after masterslave switchover.Therefore, in embodiments of the present invention,
Business board can detect whether to be reconnected with main control board, if it is, showing to have carried out masterslave switchover.This
When, business board can send data to the main control board after the main control board being connected to, i.e. masterslave switchover
Synchronization request, to realize the data syn-chronization of itself and main control board.
S102, when second mark and described first of local corresponding second data of the business module for preserving
When identifying different, second data and the second mark are sent to the business board.
In actual applications, in distributed fire wall in main control board and each slave control board, all preserve
The corresponding data of each business module and its mark.
After main control board receives the data synchronization request of business board transmission, main control board can be directed to
The business module of business board, judging the second mark of local corresponding second data of the business module for preserving is
It is no identical with the first mark.
When the second mark of local corresponding second data of the business module for preserving is different from the first mark,
May indicate that the data and the local difference for preserving of the business module preserved in business board.In this case,
Main control board can send the second data and the second mark to business board, to realize the business mould in business board
The corresponding data of block are synchronous with local.
It should be noted that the embodiment of the present invention any business board only in a distributed manner in fire wall, the business
The method of data synchronization that the present embodiment is provided is illustrated as a example by any business module in plate.In practical application,
Each business module in each business board, and each business board can use data provided in an embodiment of the present invention
Synchronous method realizes itself data syn-chronization and between main control board.
A kind of method of data synchronization is the embodiment of the invention provides, after there is masterslave switchover, new primary master control
Plate can be directed to each business board, mark and master when the current data for preserving of business module on the business board
Control plate currently preserve to should business module data mark it is different when, by the data of the business module and
Its mark is sent to the business board, without the corresponding data of each business module are sent into business
Plate, therefore, it is possible to reduce the data syn-chronization time during masterslave switchover, reduces masterslave switchover to distribution
The influence of fire wall flow detection business.
It is appreciated that in actual applications, for the business module of business board, Ke Nengbao in main control board
Deposit the second more data.In this case, in order to avoid sending all of second data by a piece of news,
The excessive problem of the network resource loads that cause, main control board can be by least two message to business board
Send the second data.
Further, in actual applications, in fact it could happen that for business module, its corresponding second data is not
When synchronously completing, there is the situation of masterslave switchover again.For example, when main control board passes through the second data
5 message is sent to the business board, when the business board receives 3 message, masterslave switchover is there occurs again.
In this case, in order to ensure the integrality of the second data preserved in business board, main control board leads to
When crossing at least two message to business board the second data of transmission, the last item message at least two message is taken
Partial data with the second data and the second mark, other message at least two message carry the second data
Other parts data and the mark different from the second mark.
If it is appreciated that in every message all comprising second mark, when for the business module, its is corresponding
Second data are not synchronously completed, and when there is masterslave switchover again, the business board is sent to new main control board
Mark as second mark of the data of the business module for including of data synchronization request.Such case
Under, new main control board judge the mark of the data for obtaining the business module with it is local preserve to should industry
When the mark of the data of module of being engaged in is identical, the business would not be given by the corresponding data is activation of the business module
Plate.And the complete data for the business module are not preserved in the business board, so as to the industry can be caused
Data in business plate for business module preservation are imperfect.
Therefore, in embodiments of the present invention, when the second data are sent by least two message, last
Bar message includes the second mark, and other message include the marks different from the second mark, ensure that and work as
Second data are not synchronously completed, and when there is masterslave switchover again, new main control board will can be preserved locally
The data is activation for the business module give the business board, so as to ensure that in business board for the business mould
The integrality of the data that block is preserved.
For example, when main control board is for the second data of business module, the industry is sent to by 5 message
Business plate, when locally the second of corresponding second data of the business module of preservation is designated 100, then first 4 disappear
The mark that breath includes is not 100, such as can be 0, ffff, the mark that only the last item message includes
It is 100.
When the business board is not received entirely the second data, its corresponding data of the business module for preserving
The mark that mark then includes for preceding 4 message, i.e., 0, ffff etc..When there is masterslave switchover again, newly
Main control board in mark (100) and the business board of the data for the business module for preserving
Difference, then new main control board can be by the local data is activation for the business module for preserving to the business
Plate.
When the business board receives the second whole data, its corresponding data of the business module for preserving
Mark is then the mark that the 5th article of message includes, i.e., 100.When there is masterslave switchover again, new is primary
The mark (100) of the data for the business module preserved in master control borad is identical with the business board,
Then the corresponding data is activation of the business module will not be given the business board by new main control board.
It is appreciated that in actual applications, when there is no masterslave switchover, main control board is likely to needs
The data syn-chronization of each business module that itself will be preserved is to each business board.For example, when due to user input or spy
When levying data caused by qurush level and updating, the data syn-chronization after renewal can be given business by main control board
Plate.
Specifically, when main control board is detected, the second data corresponding to business module are related to be updated the data
When, can be updated the data according to this and the second data are updated to the 3rd data, and by the second mark be updated to
Corresponding 3rd mark of 3rd data.In this case, main control board can mark the 3rd data and the 3rd
Knowledge is sent to business board, with the data syn-chronization in realizing itself and business board.
It should be noted that in embodiments of the present invention, when there is no masterslave switchover, main control board is by
When three data and the 3rd mark are synchronized to business board, it would however also be possible to employ the above method, by least two message
3rd message is sent to business board.Also, in order to ensure the integrality of the data preserved in business board, extremely
The last item message in few two articles of message carries the partial data and the 3rd mark of the 3rd data, at least two
Other message in message carry the other parts data and the mark different from the 3rd mark of the 3rd data.
Further, the embodiment of the present invention additionally provides another method of data synchronization process, is applied to distribution
Any business board in formula fire wall, the process is comprised the following steps:
S201, detects whether to be reconnected with main control board.
In embodiments of the present invention, any business board in distributed fire wall can detect whether with it is primary
Master control borad is reconnected, to determine whether to there occurs masterslave switchover.
S202, when detect reconnected with main control board when, to the main control board send data syn-chronization please
Ask, wherein, the data synchronization request includes the business module corresponding first that the business board is currently preserved
First mark of data, so that the main control board determines the local business module for preserving corresponding the
When second mark of two data is different from the described first mark, to business board transmission second data and
Second mark.
When detect reconnected with main control board when, may indicate that has carried out masterslave switchover, now, business board
Data synchronization request can be sent to the main control board after the main control board being connected to, i.e. masterslave switchover,
To realize the data syn-chronization of itself and main control board.
Wherein, the business module corresponding that the business board is currently preserved can be included in the data synchronization request
First mark of one data.
After main control board receives the data synchronization request of business board transmission, main control board can be directed to
The business module of business board, judging the second mark of local corresponding second data of the business module for preserving is
It is no identical with the first mark.
When the second mark of local corresponding second data of the business module for preserving is different from the first mark,
May indicate that the data and the local difference for preserving of the business module preserved in business board.In this case,
Main control board can send the second data and the second mark to business board, to realize the business mould in business board
The corresponding data of block are synchronous with local.
S203, receives the second data and the second mark that the main control board sends, and described first is counted
According to and first mark be updated to respectively the second data and it is described second mark.
In embodiments of the present invention, business board can receive the second data that main control board sends to itself and
Second mark, and local the first data for preserving and the first mark are updated to the second data and the second mark respectively
Know, to realize the data of the business module of local preservation and identify business mould all corresponding with main control board
The data and mark of block are synchronous.
A kind of method of data synchronization is the embodiment of the invention provides, after there is masterslave switchover, new primary master control
Plate can be directed to each business board, when on the business board business module currently preserve data mark with should
Master control borad currently preserve to should business module data mark it is different when, by the data of the business module
And its mark is sent to the business board, without the corresponding data of each business module are sent into business
Plate, therefore, it is possible to reduce the data syn-chronization time during masterslave switchover, reduces masterslave switchover to distribution
The influence of fire wall flow detection business.
Further, in embodiments of the present invention, when data syn-chronization is carried out, main control board can pass through
At least two message send the second data to business board.
Further, in actual applications, in fact it could happen that for business module, its corresponding second data is not
When synchronously completing, there is the situation of masterslave switchover again.For example, when main control board passes through the second data
5 message is sent to the business board, when the business board receives 3 message, masterslave switchover is there occurs again.
In this case, in order to ensure the integrality of the second data preserved in business board, main control board leads to
When crossing at least two message to business board the second data of transmission, the last item message at least two message is taken
Partial data with the second data and the second mark, other message at least two message carry the second data
Other parts data and the mark different from the second mark.
Business board can receive at least two message of main control board transmission, delete local the first number for preserving
According to, the partial data of the second data that at least two message include is preserved, and using in rear a piece of news
Second mark updates the mark that other message at least two message for preserving include.So as to ensure to work as industry
When business plate receives whole message, the corresponding mark of local the second data for preserving be just the second mark, its
In the case of remaining, the corresponding mark of the second data of local preservation is different from the second mark.
If it is appreciated that in every message all comprising second mark, when for the business module, its is corresponding
Second data are not synchronously completed, and when there is masterslave switchover again, the business board is sent to new main control board
Mark as second mark of the data of the business module for including of data synchronization request.Such case
Under, new main control board judge the mark of the data for obtaining the business module with it is local preserve to should industry
When the mark of the data of module of being engaged in is identical, the business would not be given by the corresponding data is activation of the business module
Plate.And the complete data for the business module are not preserved in the business board, so as to the industry can be caused
Data in business plate for business module preservation are imperfect.
Therefore, in embodiments of the present invention, when the second data are sent by least two message, last
Bar message includes the second mark, and other message include the marks different from the second mark, ensure that and work as
Second data are not synchronously completed, and when there is masterslave switchover again, new main control board will can be preserved locally
The data is activation for the business module give the business board, so as to ensure that in business board for the business mould
The integrality of the data that block is preserved.
Corresponding to above method embodiment, the embodiment of the present invention additionally provides corresponding device embodiment.
Fig. 3 is a kind of data synchronization unit provided in an embodiment of the present invention, is applied to master in distributed fire wall
For the main control board after switching, described device includes:
Receiver module 310, the data syn-chronization for receiving the transmission of the business board in the distributed fire wall please
Ask, wherein, the data synchronization request includes the business module corresponding that the business board is currently preserved
First mark of one data;
Sending module 320, for of corresponding second data of the business module for ought locally preserve
When two marks are different from the described first mark, second data and the second mark are sent to the business board.
A kind of data synchronization unit is the embodiment of the invention provides, after there is masterslave switchover, new primary master control
Plate can be directed to each business board, when on the business board business module currently preserve data mark with should
Master control borad currently preserve to should business module data mark it is different when, by the data of the business module
And its mark is sent to the business board, without the corresponding data of each business module are sent into business
Plate, therefore, it is possible to reduce the data syn-chronization time during masterslave switchover, reduces masterslave switchover to distribution
The influence of fire wall flow detection business.
Further, the sending module 320, specifically for by least two message to the business board
Second data are sent, wherein, the last item message at least two message carries described second
The partial data of data and the second mark, other message at least two message carry second number
According to other parts data and the mark different from the described second mark.
Further, described device also includes:
Update module (not shown), the second data corresponding with the business module are detected for working as
Second data are updated to the 3rd data by when updating the data of correlation according to described updating the data, and will
Second mark is updated to the 3rd mark corresponding with the 3rd data.
Further, Fig. 4 is another data synchronization unit provided in an embodiment of the present invention, is applied to point
Any business board in cloth fire wall, described device includes:
Detection module 410, for detecting whether being reconnected with main control board;
Sending module 420, for sending data synchronization request to the main control board, wherein, the number
Include the first mark of corresponding first data of business module that the business board is currently preserved according to synchronization request,
So that the main control board determines the second mark of local corresponding second data of the business module for preserving
When knowing different from the described first mark, second data and the second mark are sent to the business board;
Receiver module 430, for receiving the second data and the second mark that the main control board sends, and
First data and the first mark are updated to the second data and second mark respectively.
A kind of data synchronization unit is the embodiment of the invention provides, after there is masterslave switchover, new primary master control
Plate can be directed to each business board, when on the business board business module currently preserve data mark with should
Master control borad currently preserve to should business module data mark it is different when, by the data of the business module
And its mark is sent to the business board, without the corresponding data of each business module are sent into business
Plate, therefore, it is possible to reduce the data syn-chronization time during masterslave switchover, reduces masterslave switchover to distribution
The influence of fire wall flow detection business.
Further, the receiver module 430, including:
Receiving submodule (not shown), disappears for receiving at least two that the main control board sends
Breath, wherein, the partial data comprising second data in every message, at least two message
The last item message include it is described second mark, other message at least two message include with
The different mark of second mark;
Implementation sub-module (not shown), the first data for deleting local preservation, preserve described in extremely
The partial data of the second data that few two message include, and using the second mark in rear a piece of news more
The mark that other message in new at least two message for preserving include.
The method of data synchronization that the present invention is provided is carried out specifically with reference to a specific embodiment
It is bright.
As shown in Fig. 5 (a), the distributed fire wall of the present embodiment can include the primary master control restarted
Plate, new main control board and multiple business board (business board 1, business board 2 ... business board n).
In the present embodiment, the data syn-chronization mistake of the embodiment of the present invention is illustrated so that business board 1 carries out data syn-chronization as an example
Journey.
In the present embodiment, business board 1 can include business module 1 and business module 2, also, business
Business module 1 and the corresponding data of business module 2 and its mark, e.g., business module 1 are preserved in plate 1
Corresponding data are designated 100, and the corresponding data of business module 2 are designated 0.
As shown in Fig. 5 (b), when detect reconnected with main control board when, the business module 1 of business board 1,
Business module 2 can send data synchronization request to new main control board respectively.Wherein, business module 1
The first data synchronization request for sending includes the mark 100 of the data that business module 1 is currently preserved, business
The second data synchronization request that module 2 sends includes the mark 0 of the data that business module 2 is currently preserved.
After main control board receives the first data synchronization request of the transmission of business module 1, according to local preservation
Corresponding business module 1 identification information 100, determine the mark of the data that business module 1 is preserved in business board
Know identical with local preservation.
After main control board receives the second data synchronization request of the transmission of business module 2, according to local preservation
Corresponding business module 2 identification information 200, determine the mark of the data that business module 2 is preserved in business board
Know and the local difference for preserving.
The data of the local corresponding business module 2 for preserving and its mark can be sent to business by main control board
Module 2, the data and mark that business module 2 is sent using main control board update the local data for preserving and
Mark, you can realize data syn-chronization locally between main control board.
It should be noted that herein, such as first and second or the like relational terms be used merely to by
One entity or operation make a distinction with another entity or operation, and not necessarily require or imply these
There is any this actual relation or order between entity or operation.And, term " including ", " bag
Containing " or any other variant thereof is intended to cover non-exclusive inclusion, so that including a series of key elements
Process, method, article or equipment not only include those key elements, but also including being not expressly set out
Other key elements, or it is this process, method, article or the intrinsic key element of equipment also to include.
In the case of there is no more limitations, the key element limited by sentence "including a ...", it is not excluded that including
Also there is other identical element in the process of the key element, method, article or equipment.
Each embodiment in this specification is described by the way of correlation, identical phase between each embodiment
As part mutually referring to, what each embodiment was stressed be it is different from other embodiment it
Place.For especially for system embodiment, because it is substantially similar to embodiment of the method, so description
Fairly simple, the relevent part can refer to the partial explaination of embodiments of method.
Presently preferred embodiments of the present invention is the foregoing is only, is not intended to limit the scope of the present invention.It is all
Any modification, equivalent substitution and improvements made within the spirit and principles in the present invention etc., are all contained in this
In the protection domain of invention.
Claims (10)
1. a kind of method of data synchronization, it is characterised in that be applied in distributed fire wall after masterslave switchover
Main control board, methods described includes:
The data synchronization request that the business board in the distributed fire wall sends is received, wherein, the data
Synchronization request includes the first mark of corresponding first data of business module that the business board is currently preserved;
When second mark and the described first mark of local corresponding second data of the business module for preserving
When different, second data and the second mark are sent to the business board.
2. method according to claim 1, it is characterised in that described to send described to the business board
Second data and the second mark include:
Second data are sent to the business board by least two message, wherein, described at least two
The last item message in message carries the partial data and the second mark of second data, described at least two
Other message in bar message carry the other parts data of second data and are identified not with described second
Same mark.
3. method according to claim 1 and 2, it is characterised in that methods described also includes:
When detect the second data corresponding to the business module it is related when updating the data, according to it is described more
Second data are updated to the 3rd data by new data, and the described second mark is updated to and the described 3rd
Corresponding 3rd mark of data.
4. a kind of method of data synchronization, it is characterised in that be applied to any business in distributed fire wall
Plate, methods described includes:
Detect whether to be reconnected with main control board;
If it is, data synchronization request is sent to the main control board, wherein, the data synchronization request
Include the first mark of corresponding first data of business module that the business board is currently preserved, so that the master
Determine the second mark of local corresponding second data of the business module for preserving with described the with master control borad
When one mark is different, second data and the second mark are sent to the business board;
Receive the second data and the second mark that the main control board sends, and by first data and the
One mark is updated to the second data and second mark respectively.
5. method according to claim 4, it is characterised in that the reception main control board hair
The second data sent and the second mark, and first data and the first mark are updated to the second data respectively
And second mark includes:
At least two message that the main control board sends are received, wherein, comprising described the in every message
The partial data of two data, the last item message at least two message includes second mark
Know, other message at least two message include the marks different from the described second mark;
Delete local the first data for preserving, preserve described in the portion of the second data that includes of at least two message
Divided data, and update its at least two message for preserving using the second mark in rear a piece of news
The mark that its message includes.
6. a kind of data synchronization unit, it is characterised in that be applied in distributed fire wall after masterslave switchover
Main control board, described device includes:
Receiver module, the data synchronization request for receiving the transmission of the business board in the distributed fire wall,
Wherein, the data synchronization request includes corresponding first number of business module that the business board is currently preserved
According to first mark;
Sending module, the second mark of corresponding second data of the business module for ought locally preserve with
When first mark is different, second data and the second mark are sent to the business board.
7. device according to claim 6, it is characterised in that the sending module, specifically for logical
Cross at least two message and send second data to the business board, wherein, at least two message
The last item message carry the partial data and the second mark of second data, at least two message
In other message carry the other parts data and the mark different from the described second mark of second data
Know.
8. the device according to claim 6 or 7, it is characterised in that described device also includes:
Update module, for the second data corresponding to the business module are related to be updated the data when detecting
When, second data are updated to by the 3rd data according to described updating the data, and by the described second mark more
New is the 3rd mark corresponding with the 3rd data.
9. a kind of data synchronization unit, it is characterised in that be applied to any business in distributed fire wall
Plate, described device includes:
Detection module, for detecting whether being reconnected with main control board;
Sending module, for sending data synchronization request to the main control board, wherein, the data are same
Step request includes the first mark of corresponding first data of business module that the business board is currently preserved, so that
The main control board determine the second mark of local corresponding second data of the business module for preserving with
When first mark is different, second data and the second mark are sent to the business board;
Receiver module, for receiving the second data and the second mark that the main control board sends, and by institute
State the first data and the first mark is updated to the second data and second mark respectively.
10. device according to claim 9, it is characterised in that the receiver module, including:
Receiving submodule, for receiving at least two message that the main control board sends, wherein, every
Partial data comprising second data in message, in the last item message at least two message
Including the described second mark, other message at least two message are included with the described second mark not
Same mark;
Implementation sub-module, the first data for deleting local preservation, wraps at least two message described in preservation
The partial data of the second data for including, and updated using the second mark in rear a piece of news preserve it is described extremely
The mark that other message in few two message include.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610263872.6A CN106789862B (en) | 2016-04-25 | 2016-04-25 | Data synchronization method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610263872.6A CN106789862B (en) | 2016-04-25 | 2016-04-25 | Data synchronization method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106789862A true CN106789862A (en) | 2017-05-31 |
| CN106789862B CN106789862B (en) | 2021-05-07 |
Family
ID=58972086
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610263872.6A Active CN106789862B (en) | 2016-04-25 | 2016-04-25 | Data synchronization method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106789862B (en) |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1479452A (en) * | 2002-08-28 | 2004-03-03 | 华为技术有限公司 | Method for online data exchange between the main control board and the service board in the hot backup of the main control board |
| CN1605182A (en) * | 2001-12-19 | 2005-04-06 | 国际商业机器公司 | Method and system for network caching |
| CN101526958A (en) * | 2009-04-09 | 2009-09-09 | 中兴通讯股份有限公司 | Method and system for synchronizing data between IPTV system modules |
| CN101557568A (en) * | 2008-04-08 | 2009-10-14 | 中国移动通信集团公司 | Transmission method of multimedia message as well as device and system thereof |
| CN102404326A (en) * | 2011-11-23 | 2012-04-04 | 北京星网锐捷网络技术有限公司 | Method, system and device for validating safety of messages |
| CN102404339A (en) * | 2011-12-16 | 2012-04-04 | 山石网科通信技术(北京)有限公司 | Fire wall system and data processing method based on fire wall system |
| CN103329467A (en) * | 2010-10-18 | 2013-09-25 | 意法爱立信有限公司 | System and method to detect and communicate loss and retention of synchronization in a real-time data transfer scheme |
| CN103441987A (en) * | 2013-07-30 | 2013-12-11 | 曙光信息产业(北京)有限公司 | Method and device for managing dual-computer firewall system |
| US20140003434A1 (en) * | 2012-06-29 | 2014-01-02 | Avaya, Inc. | Method for Mapping Packets to Network Virtualization Instances |
| CN103973674A (en) * | 2014-04-09 | 2014-08-06 | 汉柏科技有限公司 | Method and device for synchronizing host and backup information |
-
2016
- 2016-04-25 CN CN201610263872.6A patent/CN106789862B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1605182A (en) * | 2001-12-19 | 2005-04-06 | 国际商业机器公司 | Method and system for network caching |
| CN1479452A (en) * | 2002-08-28 | 2004-03-03 | 华为技术有限公司 | Method for online data exchange between the main control board and the service board in the hot backup of the main control board |
| CN101557568A (en) * | 2008-04-08 | 2009-10-14 | 中国移动通信集团公司 | Transmission method of multimedia message as well as device and system thereof |
| CN101526958A (en) * | 2009-04-09 | 2009-09-09 | 中兴通讯股份有限公司 | Method and system for synchronizing data between IPTV system modules |
| CN103329467A (en) * | 2010-10-18 | 2013-09-25 | 意法爱立信有限公司 | System and method to detect and communicate loss and retention of synchronization in a real-time data transfer scheme |
| CN102404326A (en) * | 2011-11-23 | 2012-04-04 | 北京星网锐捷网络技术有限公司 | Method, system and device for validating safety of messages |
| CN102404339A (en) * | 2011-12-16 | 2012-04-04 | 山石网科通信技术(北京)有限公司 | Fire wall system and data processing method based on fire wall system |
| US20140003434A1 (en) * | 2012-06-29 | 2014-01-02 | Avaya, Inc. | Method for Mapping Packets to Network Virtualization Instances |
| CN103441987A (en) * | 2013-07-30 | 2013-12-11 | 曙光信息产业(北京)有限公司 | Method and device for managing dual-computer firewall system |
| CN103973674A (en) * | 2014-04-09 | 2014-08-06 | 汉柏科技有限公司 | Method and device for synchronizing host and backup information |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106789862B (en) | 2021-05-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10237295B2 (en) | Automated event ID field analysis on heterogeneous logs | |
| EP3231135B1 (en) | Alarm correlation in network function virtualization environment | |
| CN111970198A (en) | Service routing method, device, electronic equipment and medium | |
| CN109981279B (en) | Block chain system, communication method, device, equipment and medium | |
| CN109842694B (en) | Method for synchronizing MAC addresses, network equipment and computer readable storage medium | |
| CN105787077A (en) | Data synchronizing method and device | |
| CN107992537B (en) | Service attribute transmission method, device, computer equipment and storage medium | |
| WO2016111525A1 (en) | Source code transfer control method, computer program therefor, and recording medium therefor | |
| CN108445788B (en) | Hotel scene control method and related device | |
| CN106250487A (en) | A kind of database concurrency control method and device | |
| US10020982B2 (en) | Failure isolation method and management server for failure isolation | |
| CN110808839A (en) | Processing method, device, equipment and medium for block chain abnormal data | |
| CN103701653A (en) | Processing method for interface hot plugging and unplugging configuration data and network configuration server | |
| CN108733477B (en) | Method, device and device for data clustering processing | |
| CN106919426A (en) | A kind of method of multipath server FPGA version synchronizations | |
| CN115016820A (en) | Application program updating method, device, equipment and storage medium | |
| CN106789862A (en) | A kind of method of data synchronization and device | |
| US8424008B2 (en) | Application management support for acquiring information of application programs and associated logical volume updates and displaying the acquired information on a displayed time axis | |
| CN112037055B (en) | Transaction processing method, device, electronic equipment and readable storage medium | |
| CN108650320B (en) | Method for synchronizing configuration files of isomorphic cascading equipment in cluster environment | |
| CN113328973A (en) | Method and device for detecting invalid Access Control List (ACL) rule | |
| CN105471884A (en) | Authentication method and server | |
| US12045492B2 (en) | Data storage method, apparatus, device and storage medium using distributed hosts for user identifications | |
| CN107766232B (en) | Plug-in management method and device | |
| CN106789863B (en) | Matching rule upgrading method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |