AMENDED CLAIMS received by the International Bureau on 03 October 2007 (03.10.2007)
1. A computer apparatus, comprising: means for receiving a first request for a change in a configuration of a network device to a potential operational state from a current operational state of the network device, wherein electronically stored configuration data describes the change in the configuration of the network device; means for storing the configuration data in a buffer memory; means for receiving a second request to modify the configuration and the current operational state of the network device to reflect the configuration data stored in the buffer memory; means responsive to the second request for obtaining an exclusive lock on the network device; and means responsive to the second request for modifying the current operational state of the network device to reflect the configuration data only upon obtaining the exclusive lock, wherein operation of the network device is improved by preventing the configuration data to cause unauthorized modifications to the current operational state.
2. The apparatus of Claim 1 , wherein the network device is a router for a packet- switched network.
3. The apparatus of Claim 1 , wherein the means for modifying the current operational state has means for storing the configuration data from the buffer memory to a device configuration database.
4. The apparatus of Claim 1 , further comprising means for creating and storing information identifying, for each of the one or more configuration changes, when the configuration change was made, what user initiated the configuration change, and a location from which the configuration change was initiated.
5. The apparatus of Claim 3, wherein the configuration data stored in the device configuration database specifies only a set of configuration options that changed from a first operational state of the network device to a second operational state of the network device.
34
6. The apparatus of Claim 3, wherein the device configuration database stores configuration history data that describes all changes in an operational state of the network device that occur over a period of time; and wherein the apparatus includes means for creating and providing a view of the configuration history data stored in the device configuration database associated with a particular point in time.
7. The apparatus of Claim 6, wherein the apparatus includes means for generating, based on the configuration history data, a set of configuration changes that describe the change in configuration between two different operational states of the network device.
8. The apparatus of Claim 1, wherein the buffer memory is a particular buffer memory in a set of buffer memories, and wherein the apparatus includes means for determining that the particular buffer memory in the set of buffer memories is associated with a particular user associated with the first request.
9. The apparatus of Claim 1, wherein the apparatus includes means for determining whether the second request contains one or more semantic errors or one or more verification errors; and means for informing a user associated with the second request that the second request contains one or more semantic errors or one or more verification errors in response to a determination that the first second contains one or more semantic errors or one or more verification errors.
10. The apparatus of Claim 1, wherein the change in configuration described by the configuration data includes one or more configuration changes, and wherein the apparatus includes means for determining if the second request requires that each of the one or more configuration changes described by the configuration data be performed; means for determining if each of the one or more configuration changes is capable of being performed in response to a determination that the second request requires that each of the one or more configuration changes described by the configuration data be performed; and means for modifying the current operational state of the network device to reflect the configuration data only if each of the one or more configuration changes is capable of being performed in response to the determination that the second request requires that each of the one or more configuration changes described by the configuration data be performed.
35
1 1. The apparatus of Claim 1 , wherein the change in configuration described by the configuration data includes one or more configuration changes, and wherein the apparatus includes means for determining if the second request requires that each of the one or more configuration changes described by the configuration data be performed; and means for modifying the current operational state of the network device to reflect any of the one or more configuration changes described by the configuration data that can be performed, even if one or more configuration changes described by the configuration data are not capable of being performed in response to a determination that the second request does not require that each of the one or more configuration changes described by the configuration data be performed.
12. The apparatus of Claim 1 , wherein the first request is associated with a first user that holds an exclusive lock, wherein the exclusive lock indicates that only the holder of the exclusive lock may effect change to the current operational state of the network device, and wherein the apparatus includes means for determining that a third request to change the configuration of the network device is associated with a second user who does not have the exclusive lock; and means for notifying the second user that the third request is not performed.
13. The apparatus of Claim 1, wherein the apparatus includes means for receiving a third request to change the configuration of the network device from the current operational state of the network device to a prior operational state of the network device; means for determining if a user associated with the third request has a sufficient privilege level for the third request to be performed; and means for changing the configuration of the network device from the current operational state of the network device to the prior operational state of the network device upon determining that the user has the sufficient privilege level for the third request to be performed.
14. An apparatus comprising one or more electronic digital data processors, an interface to a network for receiving and transmitting packet data from and to the network, and a memory storing a plurality of digital program instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of: receiving a first request for a change in a configuration of a network device to a potential operational state from a current operational state of the network device, wherein electronically stored configuration data describes the change in configuration of the network device; storing the configuration data in a buffer memory; receiving a second request to modify configuration and the current operational state of the network device to reflect the configuration data stored in the buffer memory; in response to the second request: obtaining an exclusive lock on the network device; and modifying the current operational state of the network device to reflect the configuration data only upon obtaining the exclusive lock, wherein operation of the network device is improved by preventing the configuration data from causing unauthorized modifications to the current operational state.
15. The apparatus of Claim 14, wherein the network device is a router for a packet- switched network.
16. The apparatus of Claim 14, wherein the step of modifying the current operational state further comprises storing the configuration data from the buffer memory to a device configuration database.
17. The apparatus of Claim 14, wherein the memory further comprises one or more additional instructions which, when executed by the one or more processors, cause the one or more processors to perform creating and storing information identifying, for each of the one or more configuration changes, when the configuration change was made, what user initiated the configuration change, and a location from which the configuration change was initiated.
18. The apparatus of Claim 16, wherein the configuration data stored in the device configuration database reflects only a set of configuration options that changed from a first operational state of the network device to a second operational state of the network device.
19. The apparatus of Claim 16, wherein the device configuration database stores configuration history data that describes all changes in an operational state of the network device that occur over a period of time; and wherein the memory further comprises one or more additional instructions which, when executed by the one or more processors, cause the one or more processors to perform creating and providing
37 a view of the configuration history data stored in the device configuration database associated with a particular point in time.
20. The apparatus of Claim 19, wherein the memory further comprises one or more additional instructions which, when executed by the one or more processors, cause the one or more processors to perform generating, based on the configuration history data, a set of configuration changes that describe the change in configuration between two different operational states of the network device.
21. The apparatus of Claim 14, wherein the buffer memory is a particular buffer memory in a set of buffer memories, and wherein the step of storing the configuration data further comprises determining that the particular buffer memory in the set of buffer memories is associated with a particular user associated with the first request.
22. The apparatus of Claim 14, wherein the memory further comprises one or more additional instructions which, when executed by the one or more processors, cause the one or more processors to perform the steps of determining whether the second request contains one or more semantic errors or one or more verification errors; and in response to a determination that the first second contains one or more semantic errors or one or more verification errors, informing a user associated with the second request that the second request contains one or more semantic errors or one or more verification errors.
23. The apparatus of Claim 14, wherein the change in configuration described by the configuration data includes one or more configuration changes, and wherein the memory further comprises one or more additional instructions which, when executed by the one or more processors, cause the one or more processors to perform the steps of determining if the second request requires that each of the one or more configuration changes described by the configuration data be performed; and in response to a determination that the second request requires that each of the one or more configuration changes described by the configuration data be performed: determining if each of the one or more configuration changes is capable of being performed, and modifying the current operational state of the network device to reflect the configuration data only if each of the one or more configuration changes is capable of being performed.
38
24. The apparatus of Claim 14, wherein the change in configuration described by the configuration data includes one or more configuration changes, and wherein the memory further comprises one or more additional instructions which, when executed by the one or more processors, cause the one or more processors to perform the steps of determining if the second request requires that each of the one or more configuration changes described by the configuration data be performed; and in response to a determination that the second request does not require that each of the one or more configuration changes described by the configuration data be performed: modifying the current operational state of the network device to reflect any of the one or more configuration changes described by the configuration data that can be performed, even if one or more configuration changes described by the configuration data are not capable of being performed.
25. The apparatus of Claim 14, wherein the first request is associated with a first user that holds an exclusive lock, wherein the exclusive lock indicates that only the holder of the exclusive lock may effect change to the current operational state of the network device, and wherein the memory further comprises one or more additional instructions which, when executed by the one or more processors, cause the one or more processors to perform the steps of: determining that a third request to change the configuration of the network device is associated with a second user who does not have the exclusive lock; and notifying the second user that the third request is not performed.
26. The apparatus of Claim 14, wherein the memory further comprises one or more additional instructions which, when executed by the one or more processors, cause the one or more processors to perform the steps of receiving a third request to change the configuration of the network device from the current operational state of the network device to a prior operational state of the network device; determining if a user associated with the third request has a sufficient privilege level for the third request to be performed; and changing the configuration of the network device from the current operational state of the network device to the prior operational state of the network device upon determining that the user has the sufficient privilege level for the third request to be performed.
39
27. An apparatus, comprising: means for updating configuration history data that describes a plurality of operational states of the network device to reflect the configuration data in response to receiving a first request to change a configuration of a network device to reflect configuration data; means for receiving a second request from a client to view a subset of the configuration history data, wherein the request identifies the subset by an association with a particular period of time or a particular operational state of the network device; and means for transmitting the subset to the client.
28. The apparatus of Claim 27, wherein the means for updating the configuration history data comprises means for updating the configuration history data to include data that describes a change in the configuration of the network device from a first state to a second state without storing data that fully describes the second state.
29. The apparatus of Claim 27, wherein the network device loads a base configuration when the network device initially starts, and further comprising means for updating the base configuration to reflect at least a portion of the configuration history data.
30. The apparatus of Claim 27, further comprising means for removing a portion of the configuration history data in response to determining that the size of the configuration history data exceeds a configurable threshold.
31. The apparatus of Claim 27, wherein the means for transmitting the subset to the client further comprises means for transmitting information that identifies a username to the client, wherein the username is associated with a user that initiated a change in the configuration of the network device associated with the subset.
32. The apparatus of Claim 27, wherein the means for transmitting the subset to the client further comprises means for transmitting information that identifies a location identifier to the client, wherein the location identifier identifies a location that is associated with a change in the configuration of the network device associated with the subset.
33. The apparatus of Claim 27, wherein the means for transmitting the subset to the client further comprises means for transmitting information that identifies a timestamp to
40 the client, wherein the timestamp identifies a time associated with the change in the configuration of the network device associated with the subset.
34. The apparatus of Claim 27, wherein the subset fully describes a particular operational state of the network device.
35. The apparatus of Claim 27, wherein the subset identifies a change in the operational state of the network device from a first state to a second state.
36. The apparatus of Claim 27, further comprising means for receiving a third request to change the current operational state of the network device to reflect the subset of the configuration history data.
37. An apparatus, comprising: means for assigning an exclusive lock to a first user of a plurality of users, wherein the exclusive locks prevents any other user of the plurality of users who is not assigned the exclusive lock from changing the operational state of a network device; means for updating a set of data that describes which user of the plurality of users is currently assigned the exclusive lock in response to assigning the exclusive lock to the first user; and means for automatically transmitting a notification to the second user that the request is rejected because another user of the plurality of users is assigned the exclusive lock in response to receiving, from a second user of the plurality of users, a request to change the operational state of a network device.
38. The apparatus of Claim 37, wherein the request is a first request, and wherein the means for assigning the exclusive lock to the first user assigns the exclusive lock to the first user in response to receiving a second request from the first user to change the operational state of the network device to reflect a set of configuration data.
39. The apparatus of Claim 37, wherein the request is a first request, and wherein the means for assigning the exclusive lock to the first user assigns the exclusive lock to the first user in response to receiving a second request from the first user to obtain the exclusive lock.
41
40. The apparatus of Claim 37, further comprising means for revoking the assignment of the exclusive lock to the first user in response to receiving a second request from the second user to revoke the assignment of the exclusive lock to the first user.
41. The apparatus of Claim 37, further comprising means for transmitting information that identifies configuration data to the second user in response to receiving, from the second user, a second request to view the configuration data associated with the first user.
42. The apparatus of Claim 37, further comprising means for transmitting information that identifies the first user in response to receiving, from the second user, a second request to view information that identifies which user of the plurality of users is assigned the exclusive lock.
43. An apparatus comprising a memory storing instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of: in response to receiving a first request to change a configuration of a network device to reflect configuration data, updating configuration history data that describes a plurality of operational states of the network device to reflect the configuration data; receiving a second request from a client to view a subset of the configuration history data, wherein the request identifies the subset by an association with a particular period of time or a particular operational state of the network device; and transmitting the subset to the client.
44. The apparatus of Claim 43, wherein the step of updating the configuration history data comprises updating the configuration history data to include data that describes a change in the configuration of the network device from a first state to a second state without storing data that fully describes the second state.
45. The apparatus of Claim 43, wherein the network device loads a base configuration when the network device initially starts, and wherein the instructions which, when executed by the one or more processors, cause the one or more processors to perform the further step of updating the base configuration to reflect at least a portion of the configuration history data.
42
46. The apparatus of Claim 43, wherein the instructions which, when executed by the one or more processors, cause the one or more processors to perform the further step of: in response to determining that the size of the configuration history data exceeds a configurable threshold, removing a portion of the configuration history data.
47. The apparatus of Claim 43, wherein the step of transmitting the subset to the client further comprises transmitting information that identifies a username to the client, wherein the username is associated with a user that initiated a change in the configuration of the network device associated with the subset.
48. The apparatus of Claim 43, wherein the step of transmitting the subset to the client further comprises transmitting information that identifies a location identifier to the client, wherein the location identifier identifies a location that is associated with a change in the configuration of the network device associated with the subset.
49. The apparatus of Claim 43, wherein the step of transmitting the subset to the client further comprises transmitting information that identifies a timestamp to the client, wherein the timestamp identifies a time associated with the change in the configuration of the network device associated with the subset.
50. The apparatus of Claim 43, wherein the subset fully describes a particular operational state of the network device.
51. The apparatus of Claim 43, wherein the subset identifies a change in the operational state of the network device from a first state to a second state.
52. The apparatus of Claim 43, wherein the instructions which, when executed by the one or more processors, cause the one or more processors to perform the further step of receiving a third request to change the current operational state of the network device to reflect the subset of the configuration history data.
53. An apparatus comprising a memory storing instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of: assigning an exclusive lock to a first user of a plurality of users, wherein the exclusive locks prevents any other user of the plurality of users who is not assigned the exclusive lock from changing the operational state of a network device;
43 in response to assigning the exclusive lock to the first user, updating a set of data that describes which user of the plurality of users is currently assigned the exclusive lock; and in response to receiving, from a second user of the plurality of users, a request to change the operational state of a network device, automatically transmitting a notification to the second user that the request is rejected because another user of the plurality of users is assigned the exclusive lock.
54. The apparatus of Claim 53, wherein the request is a first request, and wherein the step of assigning the exclusive lock to the first user is performed in response to receiving a second request from the first user to change the operational state of the network device to reflect a set of configuration data.
55. The apparatus of Claim 53, wherein the request is a first request, and wherein the step of assigning the exclusive lock to the first user is performed in response to receiving a second request from the first user to obtain the exclusive lock.
56. The apparatus of Claim 53, wherein the instructions which, when executed by the one or more processors, cause the one or more processors to perform the further step of: in response to receiving a second request from the second user to revoke the assignment of the exclusive lock to the first user, revoking the assignment of the exclusive lock to the first user.
57. The apparatus of Claim 53, wherein the instructions which, when executed by the one or more processors, cause the one or more processors to perform the further step of in response to receiving, from the second user, a second request to view configuration data associated with the first user, transmitting information that identifies the configuration data to the second user.
58. The apparatus of Claim 53, wherein the instructions which, when executed by the one or more processors, cause the one or more processors to perform the further step of: in response to receiving, from the second user, a second request to view information that identifies which user of the plurality of users is assigned the exclusive lock, transmitting information that identifies the first user.
44