How Ctrip Automates Network Management with the Netranger SDN Tool

Hello everyone! Today I will share Ctrip's software-defined networking (SDN) practice in operations, covering the background of SDN at Ctrip and what we have achieved with it.

The Ctrip data‑center network has two main characteristics: it is a traditional network that has been in place for eight to nine years, making changes difficult, and it requires high flexibility due to large‑scale, on‑demand expansion and frequent, time‑critical changes.

To meet these demands, Ctrip developed an SDN‑based auxiliary tool called Netranger , aiming to automate repetitive tasks and provide rich tooling for network engineers.

Design requirements for the tool are efficiency, accuracy, and flexibility. It must operate quickly, include safeguards against incorrect inputs, and adapt to underlying network changes without extensive rewrites.

The tool is built by experienced network engineers, offering a simple UI, reliable operation, and Python‑based implementation.

The Netranger controller provides a web UI for engineers, integrates with the Remedy workflow system via an API, and communicates with devices primarily using NETCONF and SNMP. It also connects to monitoring platforms such as Netcons, SNMP, and Syslog.

Main functions include information collection, command execution, device configuration management, workflow integration, operation auditing, and reporting.

Key automation capabilities are:

Server network port automation: handling massive port‑opening and switching tasks for server rack deployments, processing over 60,000 ports without manual intervention.

Switch onboarding automation: ensuring consistent baseline configurations (AAA, LOG, STP, PORT) and enabling remote, automated provisioning.

For network management and security, Netranger supports virtual routers linked to firewall security zones, allowing servers to join appropriate zones automatically.

Configuration visualization is provided: the system collects VLAN, interface, and VRF data, enabling consistent, bulk configuration across data‑centers via the UI.

An IP path discovery tool addresses the mismatch between physical topology and VRF‑based logical paths, allowing engineers to quickly visualize actual routes.

Netranger also includes Syslog analysis and alerting, routing alerts via SMS or email based on engineer‑defined policies, and a knowledge base that suggests remediation steps when alerts match known issues.

Future work includes enhanced network visualization and performance analysis to further optimize the infrastructure.