CN100411381C - Communication method and system between mixed network VPN stations across different autonomous systems - Google Patents

Communication method and system between mixed network VPN stations across different autonomous systems Download PDF

Info

Publication number
CN100411381C
CN100411381C CNB2005100698315A CN200510069831A CN100411381C CN 100411381 C CN100411381 C CN 100411381C CN B2005100698315 A CNB2005100698315 A CN B2005100698315A CN 200510069831 A CN200510069831 A CN 200510069831A CN 100411381 C CN100411381 C CN 100411381C
Authority
CN
China
Prior art keywords
vpn
provider
website
route
autonomous system
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB2005100698315A
Other languages
Chinese (zh)
Other versions
CN1855872A (en
Inventor
张宏科
郜帅
李德丰
谷志慧
秦亚娟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CNB2005100698315A priority Critical patent/CN100411381C/en
Publication of CN1855872A publication Critical patent/CN1855872A/en
Application granted granted Critical
Publication of CN100411381C publication Critical patent/CN100411381C/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The present invention relates to a method for communicating between hybrid network VPN sites across different autonomous systems and a communication system. By means of a mode that a routing reflector is arranged in a core MPLS backbone network, VPN routing and service flows are relayed and transferred; meanwhile, a routing reflector is respectively arranged in the autonomous systems to which superior VPN provider sites belong, the superior VPN provider sites are relative to the next level of VPN users, corresponding IPv4/v6 VPRs are established in the routing reflectors in the autonomous systems for the next level of VPN sites. Besides, VPN routing announcement and VPN service data are utilized to forward two processes to achieve that Carrier's carrier achieves communication across BGP/MPLS VPN networks between the same class of networks and different classes of websites in IPv4/v6 hybrid networks of different autonomous systems.

Description

Stride communication means and system between the mixed network VPN stations of different autonomous system
Technical field
The present invention relates to network communications technology field, particularly a kind of under the operator of operator (Carrier ' s carrier) strides the communication means between the mixed network VPN stations of different autonomous system and the BGP/MPLS VPN traffic system of Internet protocol edition 4/Internet protocol edition 6 (IPv4/v6) hybrid network.
Background technology
BGP/MPLS VPN is meant that with the multiprotocol label switching (mpls) network be bearer network, and a kind of three-layer VPN technology of VPN(Virtual Private Network) service is provided in conjunction with Border Gateway Protocol (BGP).In BGP/MPLS VPN, in provider's border router, set up virtual routing forwarding (VRF) for different VPN, be used to store the VPN route; Multi-protocols extended attribute by BGP transmits the VPN route of tape label, realizes the announcement of VPN route.When provider's border router receives vpn service stream, can Business Stream be encapsulated as the MPLS bag transmit according to the next VPN routing iinformation of BGP announcement, thereby the transmission of realization vpn service stream reaches the purpose of communicating by letter between the VPN website.
BGP/MPLS VPN under Carrier ' the s carrier is meant: VPN user also is the VPN supplier simultaneously, can provide BGP/MPLS VPN service for other users; Or VPN user also is an Internet provider simultaneously, can provide Internet access service for other users.In draft-ietf-ppvpn-rfc2547bis-04 (a kind of network service management work group constituent instruments), proposed in the IPv4 network,, promptly belonged to the VPN user of same autonomous system if belong to same VPN.And provide BGP/MPLS VPN service implementing method under above two kinds of situations.
Two kinds of schemes have been proposed: all support MPLS as if all-router in the VPN website that the VPN service is provided, then between the VPN website of the second level, set up label switched path among the BGP/MPLS VPN under Carrier ' the s carrier that proposes in draft-ietf-ppvpn-rfc2547bis-04; If only provide in the VPN website of VPN service ce router to support MPLS, then between two ce routers, set up label switched path.Below first kind of mode described in detail, its network topological diagram is seen Fig. 1.
As shown in Figure 1, the MPLS backbone network is an autonomous system (AS) 10, for AS100 provides VPN service; And AS100 provides VPN service for user site 1, website 2, website 3, website 4, and all-network is the IPv4 network in this structure.
Being communicated to website 3, website 3 with VPN route 100.0.0.0/8 in the website 1 below, to send vpn service stream to website 1 be example, and the transmittance process of control flows in this scheme and the repeating process of Business Stream are described.
The transmittance process of control flows:
1) the VPN route 100.0.0.0/8 in the website 1 is communicated to PE3 by dispose Interior Gateway Protocol (IGP), External BGP (EBGP) or static routing between customer edge (CE) 3 and provider's edge device (PE) 3, write the VRFa in the PE3, PE3 is this route assignment label 1000;
2) be 100 to label switched path (LSP) label of PE3 among the supposition CE1, then CE1 is that 100 PE3 route 10.0.0.1/32 is communicated to PE1 by multi-protocols expansion-External BGP (MP-EBGP) with label;
3) PE1 receives the PE3 route 10.0.0.1/32 of label 100, is its distributing labels 200, writes among the VRF A of PE1;
4) PE1 by and PE2 between the MP-IBGP session, be that 200 PE3 advertising of route is given PE2 with label; And write according to route target community among the VRF A of PE2, PE2 is this route assignment label 300;
5) PE2 is 300 PE3 route 10.0.0.1/32 to CE2 announcement label;
6) CE2 writes oneself forwarding information table and routing table with this label route 10.0.0.1/32, is its distributing labels 400, announces this route by IGP other routing devices in this website.
7) by the advertising of route of CE2, PE4 has learnt the route of the PE3 of tape label.The same manner, PE3 may learn the PE4 route of tape label.Between PE3 and PE4, can set up two-way label switched path, carry out the MP-IBGP session.PE3 is that VPN route 100.0.0.0/8 announces to PE4 in 1000 the website 1 with label;
8) VPN route 100.0.0.0/8 writes among the VRF a in the website that will learn of PE4 1, and by IGP, EBGP or static routing to website 3 these VPN routes of announcement.
The repeating process of Business Stream is as follows:
1) in the website 3 on purpose the location be that the vpn service stream of 100.0.0.1 will mail to website 1, then at first according to the routing table of CE4, this Business Stream is forwarded to PE4;
2) PE4 searches among the VRF a label 1000 that should the VPN route, and to LSP label that should route next jump PE3, then this vpn service stream is encapsulated as MPLS (multiprotocol label switching) bag, and the LSP along PE4 to PE3 sends to PE3 with this work flow;
3) PE3 receives the MPLS bag of tape label 1000, and it is reduced to the IP bag, and the forwarding information according to correspondence 1000 in the label forwarding information table forwards it to CE3, and is forwarded to destination host by CE3.
The implementation method of above-mentioned control flows and Business Stream only can solve the BGP/MPLS VPN of Carrier ' scarrier structure under the IPv4 network, and provide the VPN user of VPN service must belong to same VPN, promptly, as shown in Figure 1, be VPN website 1, website 2, website 3, website 4 provides the VPN user of VPN service all to belong to VPN A, promptly all belong to same autonomous system, can not solve the BGP/MPLS VPN of multi self-governing system under the IPv4/v6 hybrid network, promptly can not solve the IPv4/v6 hybrid network, and can not solve and be VPN website 1, website 2, website 3, website 4 provides the VPN user of VPN service to belong to VPN A respectively, VPN B promptly belongs to different autonomous system AS100, the situation of AS200.
Propose to utilize NAT-PT (network address translation-protocol conversion) technology among the RFC2766, realized the scheme that main frame in the pure IPv6 network and the main frame in the pure IPv4 network communicate, its network configuration and domain name mapping process:
As shown in Figure 2, network 1 is the IPv6 network, and network 2 is the IPv4 network.NAT-PT is network address translation-protocol converter, finishes IP bag, ICMP wraps in the conversion between IPv4/v6.Domain name service-ALG (DNS-ALG) is the DNS ALG, realizes the conversion of DNS request response message IPv4/v6, and the detection of IP address in the upper strata message of encapsulation in the IP bag.Short dash line among Fig. 2 is the domain name mapping process that the IPv6 host A in the network 1 is initiated the IPv4 host B communication in network 2, and the IPv4 host B that long dotted line is depicted as in the network 2 is initiated the domain name mapping process that the IPv6 host A in network 1 is communicated by letter.
When the communication of IPv6 host A initiation to the IPv4 host B, at first host A sends IPv6DNS (" AAAA ") request to NAT-PT, NAT-PT receives this request, by DNS-ALG this request is converted to IPv4DNS (" A ") request, mails to the IPv4DNS server of network 2; NAT-PT is returned in the IPv4 address that the dns server of network 2 will be resolved back, adds the particular address prefix by NAT-PT before this address and is converted to the IPv6 address and returns to host A; Host A is constructed the IPv6 packet with this address; This packet uses the IPv4 address of removing prefix as destination address because the particular prefix of destination address is routed to NAT-PT at NAT-PT, and changing this IPv6 packet is the IPv4 packet, mails to host B.
When the communication of IPv4 host B initiation to the IPv6 host A, at first host B sends IPv4DNS (" A ") request to NAT-PT, DNS-ALG is converted to IPv6DNS (" AAAA ") request with this request, mail to the IPv6DNS server in the network 1, the IPv6 address that dns server in the network 1 will be resolved back returns to NAT-PT, and NAT-PT selects an IPv4 address and returns to host B from this locality has the IPv4 address pool of particular address prefix; Host B is constructed the IPv4 packet with this address, this packet is routed to NAT-PT, finding the IPv6 address corresponding with this packet rs destination address by NAT-PT, is purpose IPv6 address with this address, this IPv4 packet is converted to the IPv6 packet mails to host A.
The scheme that main frame in the pure IPv6 network of above-mentioned realization and the main frame in the pure IPv4 network communicate only can provide the intercommunication between foreign peoples's web site in next-door neighbour's IPv4 network and the IPv6 network, does not propose concrete scheme for the situation of crossing over a plurality of territories between foreign peoples's web site of intercommunication.
Summary of the invention
The invention provides communication means and system between a kind of mixed network VPN stations of striding different autonomous system, thereby under the situation of IPv4 IPv4/v6 hybrid network in the IPv6 transient process, can make and accept BGP/MPLS VPN service and in the IPv4/v6 hybrid network, realize communicating by letter with foreign peoples VPN user for other users provide the similar of BGP/MPLS VPN service again.
For achieving the above object, the communication means between mixed network VPN stations of striding different autonomous system of the present invention, this method is by being provided with Router Reflector in core MPLS backbone network, relaying, transmit VPN route and Business Stream; Simultaneously, in respect to the autonomous system under next stage VPN user's the higher level VPN provider sites, Router Reflector is set respectively, and sets up corresponding IPv4/v6VRF respectively for the different VPN website of next stage in the Router Reflector in each autonomous system; Utilize the similar net of the IPv4/v6 hybrid network of striding different autonomous system under two processes realization Carrier ' s carrier of VPN advertising of route and vpn service data forwarding (operator of operator) and the BGP/MPLS VPN network service between foreign peoples's web site.
The similar Netcom of described BGP/MPLS VPN communication network is configured to:
Between provider's edge device of the core backbone of forming by single autonomous system and provider's edge device, dispose MP-IBGP, between provider's edge device of the core backbone of forming by a plurality of autonomous systems and provider's edge device, dispose MP-EBGP, be used to transmit the VPN route of next-door neighbour's next stage VPN website;
(being applicable to the VPN bearing structure more than three grades) configuration MP-IBGP in the same autonomous system between Router Reflector and the customer edge, between provider's edge device and the customer edge is used to transmit the IPv4/v6 route of tape label; Dispose MP-EBGP between customer edge in the different autonomous system and the provider's edge device, be used to transmit the IPv4/v6 route of tape label; Dispose MP-IBGP between the Router Reflector of core backbone and the provider's edge device, be used to transmit the IPv4/v6 route of tape label;
Dispose IGP, EBGP or static routing between the provider's edge device of each autonomous system and the customer edge of variant website.
Communication network is configured between described BGP/MPLS VPN foreign peoples web site:
NAT-PT transducer/DNS-ALG domain name service-ALG and DNS name server are set respectively in the foreign peoples's web site that communicates;
Dispose IGP, EBGP or static routing between provider's edge device of the customer edge of foreign peoples's web site and upper level autonomous system;
Dispose MP-EBGP between provider's edge device of the customer edge of next stage autonomous system and backbone network, be used to transmit the IPv4/v6 route of tape label;
Dispose MP-IBGP between the Router Reflector of autonomous system inside and the customer edge, be used to transmit the IPv4/v6 route of tape label;
Dispose MP-IBGP between the Router Reflector of autonomous system inside and the provider's edge device, be used to transmit the IPv4/v6VPN route of tape label;
Dispose MP-EBGP between the Router Reflector of the Router Reflector of backbone network and next stage autonomous system, be used to transmit the IPv4/v6VPN route of tape label.
NAT-PT transducer and DNS name server in described provider edge device, customer edge and the foreign peoples's web site are the IPv4/v6 dual stack, and its IPv6 loop-back address is the compatible IPv4 of IPv6 address, and the address of the upper level DNS name server of the DNS name server in described foreign peoples's web site is respectively the DNS-ALG address in foreign peoples's web site.
Similar net comprises the following steps: with the process that the foreign peoples nets the VPN advertising of route of communicating by letter between the VPN website
1) sets up bidirectional LSP between the Router Reflector of the Router Reflector of MPLS backbone network and each autonomous system;
2), announce Router Reflector by this provider's edge device again to affiliated autonomous system with the VPN advertising of route of initiation of communication website provider's edge device to coupled upper level autonomous system;
3) by bidirectional LSP with VPN advertising of route in the initial website to the Router Reflector of backbone network, and write among the VRF of Router Reflector of backbone network; Again by the Router Reflector of backbone network with the Router Reflector of VPN advertising of route in the initial website to the upper level autonomous system of purpose website;
4) the provider edge device of the Router Reflector of the upper level autonomous system of purpose website in native system announced the VPN route of initial website, announces this VPN route by provider's edge device to the purpose website again.
Label exchange message with corresponding VPN route when the VPN advertising of route writes among the LFIB of routing devices such as provider's edge device and Router Reflector.
Transmitting routing iinformation by the MP-IBGP session between Router Reflector in the same autonomous system and provider's edge device and the customer edge is this routing iinformation distributing labels also, writes according to routing property in the label forwarding information table of purpose provider edge device or customer edge.
The vpn service data forwarding of communicating by letter between foreign peoples VPN website is by the VPN route learning of crossing over a plurality of autonomous systems and crosses over a plurality of autonomous systems and carry out dns resolution at other websites of affiliated VPN, utilizes NAT-PT (DNS-ALG) to carry out that the conversion of IP type of data packet realizes.
Dns server in the described VPN website provides analysis service to the domain name in this website.
The present invention also provides a kind of hybrid network communication system, and it comprises core backbone and a plurality of autonomous system, has Router Reflector in the core MPLS backbone network of system, relaying, transmission VPN route and Business Stream; In with respect to the autonomous system under next stage VPN user's the higher level VPN provider sites, have Router Reflector respectively, and set up corresponding IPv4/v6VRF respectively for the different VPN website of next stage in the Router Reflector in each autonomous system.
Between provider's edge device of the core backbone of single autonomous system and provider's edge device, dispose MP-IBGP, between provider's edge device of core backbone and provider's edge device, dispose MP-EBGP, be used to transmit the VPN route of next-door neighbour's next stage VPN website with a plurality of autonomous systems.
(being applicable to the VPN bearing structure more than three grades) configuration MP-IBGP in same autonomous system between Router Reflector and the customer edge, between provider's edge device and the customer edge is used to transmit the IPv4/v6 route of tape label; Between the customer edge of different autonomous system and provider's edge device, dispose MP-EBGP, be used to transmit the IPv4/v6 route of tape label; Between the Router Reflector of core backbone and provider's edge device, dispose MP-IBGP, be used to transmit the IPv4/v6 route of tape label; Dispose IGP, EBGP or static routing between the provider's edge device of each autonomous system and the customer edge of variant website.
Described Router Reflector, provider's edge device and customer edge are the IPv4/v6 dual stack, and its IPv6 loop-back address is the compatible IPv4 of IPv6 address.
Another kind of hybrid network communication system provided by the invention, it comprises core backbone and a plurality of autonomous system, has Router Reflector in the core MPLS backbone network of described system, relaying, transmission VPN route and Business Stream; In with respect to the autonomous system under next stage VPN user's the higher level VPN provider sites, have Router Reflector respectively, and set up corresponding IPv4/v6VRF respectively for the different VPN website of next stage in the Router Reflector in each autonomous system.
Described communication system has NAT-PT transducer/DNS-ALG domain name service-ALG and DNS name server respectively in the foreign peoples's web site that communicates;
Dispose IGP, EBGP or static routing between provider's edge device of the customer edge of foreign peoples's web site and upper level autonomous system;
Dispose MP-EBGP between provider's edge device of the customer edge of next stage autonomous system and backbone network, be used to transmit the IPv4/v6 route of tape label;
Dispose MP-IBGP between the Router Reflector of autonomous system inside and the customer edge, be used to transmit the IPv4/v6 route of tape label;
Dispose MP-IBGP between the Router Reflector of autonomous system inside and the provider's edge device, be used to transmit the IPv4/v6VPN route of tape label;
Dispose MP-EBGP between the Router Reflector of the Router Reflector of backbone network and next stage autonomous system, be used to transmit the IPv4/v6VPN route of tape label.
Described NAT-PT and DNS-ALG are the same equipment that combines; NAT-PT transducer and DNS name server in provider's edge device, customer edge and the foreign peoples's web site are the IPv4/v6 dual stack, and its IPv6 loop-back address is the compatible IPv4 of IPv6 address; The address of the upper level DNS name server of the DNS name server in foreign peoples's web site is respectively the DNS-ALG address in foreign peoples's web site.
Described IPv4/v6VPN route comprises route and dns server address route and other relevant VPN routes of domain name service-ALG in the VPN website.
If the situation of multistage carrying occurs, then in the one-level VPN website Router Reflector is set thereon, in backbone network, set up a Router Reflector, set up LSP between the Router Reflector of in the Router Reflector of higher level VPN website and backbone network, setting up.
Another hybrid network communication system provided by the invention comprises MPLS backbone network and a plurality of autonomous system, the MPLS backbone network is made up of a plurality of autonomous systems, in the territory, two borders of MPLS backbone network, have Router Reflector respectively, between Router Reflector, set up LSP.
The invention has the advantages that to make and accept BGP/MPLS VPN service and in the IPv4/v6 hybrid network, set up bidirectional LSP for other users provide the similar and foreign peoples VPN user of BGP/MPLS VPN service again, thereby realize striding under Carrier ' the s carrier the similar net of IPv4/v6 hybrid network of different autonomous system and the BGP/MPLS VPN network service between foreign peoples's web site.
Description of drawings
Fig. 1 is the BGP/MPLS VPN schematic network structure under Carrier ' the s carrier of prior art;
Fig. 2 realizes the network topological diagram of communicating by letter between pure IPv4 network host and pure IPv6 network host for prior art with NAT-PT;
Fig. 3 is for according to striding different autonomous system IPv4/v6 hybrid network BGP/MPLS VPN network configuration schematic diagram under Carrier ' the s carrier of the present invention;
Fig. 4 is for according to striding different autonomous system IPv4/v6 hybrid network BGP/MPLS VPN schematic network structure under Carrier ' the s carrier of the present invention;
Fig. 5 is according to the schematic diagram of setting up the LSP of Router Reflector RR3 to RR1, RR1 to RR2 of the present invention;
Fig. 6 is the schematic diagram of RR3 according to the present invention by the VPN route of RR1 in the website 1 that the RR2 announcement is come by the PE3 announcement;
Fig. 7 is website 3 according to the present invention is transmitted a schematic diagram from vpn service stream to website 1;
Fig. 8 is for according to striding different autonomous system IPv4/v6 hybrid network BGP/MPLS VPN foreign peoples Netcom communication network structural representation under Carrier ' the s carrier of the present invention;
Fig. 9 is according to the IPv4/v6 hybrid network BGP/MPLS VPN schematic network structure under multistage carrying Carrier ' the s carrier structure of the present invention;
Figure 10 is the schematic diagram of MPLS backbone network according to the present invention IPv4/v6 hybrid network under Carrier ' the s carrier structure when being made up of a plurality of autonomous systems.
Embodiment
Below in conjunction with accompanying drawing, implementation method of the present invention is elaborated from two aspects of communicating by letter between communication between the similar web site of VPN and foreign peoples's web site.Each aspect will be from VPN advertising of route and vpn service forwarding of data, that is, two processes of the transmission of control flows and the forwarding of Business Stream are elaborated for example.
(1) communicates by letter between the similar web site of VPN
With network topology shown in Figure 3 is example, and intercommunication between the similar web site of VPN in this programme is elaborated.
In network shown in Figure 3, MPLS backbone network AS10 provides BGP/MPLS VPN service for AS100, AS200, and wherein AS100 belongs to VPN A, and AS200 belongs to VPN B; AS100, AS200 provide BGP/MPLSVPN service for user site 1, website 2, website 3, website 4 again, and wherein website 1, website 3 belong to VPN a, and website 2, website 4 belong to VPN b; AS10, user site 2, website 4 are the IPv6 network in the whole network, and all the other are the IPv4 network.
The configuration of capital equipment is as follows among Fig. 3:
1.PE3 and between the RR3, between PE4 and the RR2, dispose MP-IBGP between PE1 and the PE2, be used to transmit the VPN route of tape label; Between RR3 and the RR1, dispose MP-EBGP between RR2 and the RR1, be used to transmit the VPN route of tape label;
2.RR3 and between the CE1, between RR1 and PE1, the PE2, dispose MP-IBGP between RR2 and the CE2, be used to transmit the IPv4/v6 route of tape label; Between CE1 and the PE1, dispose MP-EBGP between CE2 and the PE2, be used to transmit the IPv4/v6 route of tape label;
3. between PE3 and CE3, CE5, dispose IGP, EBGP or static routing between PE4 and CE4, the CE6;
4.RR1, RR2, RR3, PE1, PE2, PE3, PE4, CE1, CE2 are the IPv4/v6 dual stack, and its IPv6 loop-back address is the compatible IPv4 of IPv6 address.
Being communicated to website 3 with VPN route 100.0.0.0/8 in the website among Fig. 41 is example, the transmittance process of the control flows that is elaborated.In this programme, final stage VPN website 1 is divided into four processes to the advertising of route of website 3:
At first be set up between RR3 and the RR1, the bidirectional LSP between RR1 and the RR2; The VPN advertising of route of website 1 is announced to RR3 by PE3 behind PE3; By the LSP between RR3 and the RR1, the VPN advertising of route writes among the VRF a of RR1 to RR1 in the website 1, by the LSP between RR1 and the RR2, is communicated to RR2 by RR1 again, writes among the VRF a of RR2; RR2 announces these VPN routes by PE4 to website 3 again to the VPN route of PE4 announcement website 1.
First process be set up between RR3 and the RR1, the bidirectional LSP between RR1 and the RR2.
Set up the LSP result of RR3 to LSP, the RR1 of RR1 to RR2 as shown in Figure 5, detailed process is as follows:
It is as follows to the LSP process of RR1 to set up RR3:
1) PE1 is with the IPv6 loop-back address of RR1:: 40.0.0.1/32 heavily is assigned among the BGP, and be this route assignment label 100, by the EBGP session between CE1 and the PE1, PE1 is 100 RR1IPv6 loop-back address route to CE1 announcement label, then can write in the label forwarding information table of PE1:
Input interface output interface input label output label
E1 E0 100 ----
2) to receive the label that PE1 announcement comes be 100 RR1IPv6 loop-back address route to CE1, for it redistributes label 200, by and RR3 between the IBGP session, give RR3 with this advertising of route, next jump for the CE1IPv6 loop-back address (:: 20.0.0.1); In the label forwarding information table of CE1, write:
Input interface output interface input label output label
E1 E0 200 100
3) to receive label be 200 RR1IPv6 loop-back address route to RR3, because RR3 is direct-connected with CE1, so can write following information in the forwarding information table of RR3:
Purpose prefix output interface output label
::40.0.0.1/32 E0 200
Prefix with this routing iinformation purpose prefix next hop address:: cast out, be converted to the IPv4 routing iinformation, write the forwarding information table, therefore in the forwarding information table of RR3, add following information:
Destination address output interface output label
40.0.0.1/32 E0 200
Learnt the IPv4 loop-back address route of RR1 through above process RR3, in the forwarding information table of RR3, write the IPv4 loop-back address route 40.0.0.1/32 of RR1, therefore, RR3 sets up successfully to the LSP of RR1, the following describes RR1 and sets up process to the LSP of RR2:
1) CE2 heavily is assigned to the IPv4 loop-back address route 70.0.0.1/32 of RR2 among the BGP, and be its distributing labels 300, by the EBGP session between CE2 and the PE2, give PE2 with the RR2IPv4 loop-back address advertising of route of label 300, in the label forwarding information table of CE2, write:
Input interface output interface input label output label
E1 E0 300 ----
2) to receive label be 300 RR2IPv4 loop-back address route to PE2, redistributes label 400 for it, writes the label forwarding information table, and by and RR1 between this route of IBGP session announcement give RR1; In the label forwarding information table of PE2, write:
Input interface output interface input label output label
E1 sends out E0 400 300
3) to receive label be 400 RR2IPv4 loop-back address route to RR1, because PE2 is direct-connected with RR1, so writes in the forwarding information table of RR1:
Destination address output interface output label
70.0.0.1/32 E0 400
Through above process, RR1 has learnt the IPv4 loop-back address route of RR2, writes the IPv4 loop-back address route of RR2 in the forwarding information table of RR1, and therefore, RR1 sets up successfully to the LSP of RR2, and the result after it is set up as shown in Figure 5.
Set up the LSP process of RR2 similarly, no longer describe in detail to the LSP of RR1 and RR1 to RR3.Set up the bidirectional LSP between RR1 and RR2, the RR3, can be between RR1 and RR2, set up being connected of TCP/IPv4 between RR1 and the RR3 and carry out the EBGP session.
Second process is that the VPN route 100.0.0.0/8 with website 1 is communicated to RR3, and its process is specific as follows:
1) the VPNa route 100.0.0.0/8 in the website 1 is communicated to PE3 by IGP, EBGP or static routing, write among the VRF a of PE3, and PE3 is this VPN route assignment label 1000;
2) owing between PE3 and RR3, disposed MP-IBGP, so the VPN route 100.0.0.0/8 of PE3 in RR3 announcement VRF a, label is 1000;
3) to receive label be 1000 VPN route 100.0.0.0/8 to RR3, redistributes label 2000 for it, writes the VRF a of RR3, and the label forwarding information table; In the label forwarding information table of RR3, write following information:
Input interface output interface input label output label
E0 E1 2000 1000
To be RR3 announce the VPN route 100.0.0.0/8 of website 1 to RR1 for the 3rd process, announce to RR2 by RR1 again, its result as shown in Figure 6, detailed process is as follows:
1) owing to set up the LSP of RR3 to RR1 through first process, can carry out the EBGP session between RR3 and RR1, the BGP message that therefore transmits VPN route (100.0.0.0/8) is encapsulated as the MPLS bag, by the LSP of RR3 to RR1, is forwarded to RR1;
2) to receive label be 2000 VPN route 100.0.0.0/8 to RR1, according to route target community it write among the VRF a, and redistribute label 3000 for it, and EBGP peer-to-peer RR2 is given in announcement; Suppose that in process two RR1 that sets up is 600 to the LSP of RR3 at the label of RR1, then writes in the label forwarding information table of RR1:
Label output stack top label at the bottom of the input interface output interface input label output stack
E0 E1 3000 2000 600
3) RR1 by and RR2 between the EBGP session, utilize the LSP of RR1 to RR2, the VPN route 100.0.0.0/8 of label 3000 is announced to RR2, next is jumped and is the IPv4 loop-back address 40.0.0.1 of RR1.RR2 receives this route, among the VRF a that writes, redistributes label 4000, and the IBGP session by RR2 and PE4, announces this VPN route to PE4; Suppose in the process two that the RR2 that sets up is 800 to the LSP of RR1 at the label of RR2, writes in the label forwarding information table of RR2:
The outgoing label output stack ejects label at the bottom of the input interface output interface input label output stack
E0 E1 4000 3000 800
Through above process, the VPN route 100.0.0.0/8 in the website 1 is communicated to RR2 by RR3, and writes in the label forwarding information table and VRF a of RR2.
The 4th process RR2 is by the VPN route of PE4 in website 3 announcement websites 1, and its detailed process is as follows:
1) PE4 receives the VPN route 100.0.0.0/8 that RR2 comes by the IBGP session announcement, writes among the VRF a, and announces this VPN route to CE4; Because PE4 and RR2 are direct-connected, therefore, the forwarding information table of PE4 (VRF writes in a):
Destination address (prefix) output interface output label
100.0.0.0/8 E1 4000
2) PE4 announces VPN route 100.0.0.0/8 by IGP, EBGP or static routing to CE4, is diffused into other routing devices in the website 3 by CE4 again.
Through above four processes, VPN route 100.0.0.0/8 in the website 1 is communicated to website 3, and because RR1 and PE1, PE2 in this example, RR2 and CE2, PE4, RR3 and CE3, PE3 are direct-connected, therefore, one deck or two-layer label when writing the label forwarding information table or transmitting, have only been comprised.In actual design, possible not direct-connected between them, at this moment corresponding VPN route 100.0.0.0/8 just need be pressed into three layers of label at RR2, RR1, need be pressed into two-layer label at PE4, PE3.
Business Stream is transmitted process:
Finish the advertising of route of VPN, then can between website 3 and website 1, carry out the forwarding of Business Stream.Sending destination address with website 3 to website 1 below is that the vpn service stream of 100.0.0.1 is example, as shown in Figure 7, its concrete repeating process is described:
1) destination addresses are the vpn service stream of 100.0.0.1 in the website 3, at first by CE4 according to local routing table, be transmitted to PE4;
2) PE4 receives the vpn service stream that destination address is 100.0.0.1, the interface of sending according to this work flow, in VRF a, search the prefix route of this destination address, the label that finds this route is 4000, outgoing interface is E1, therefore this Business Stream is encapsulated as the MPLS bag, E1 is transmitted to RR2 from interface;
3) RR2 receives this MPLS bag, and switch label 4000 is 3000, is pressed into stack top label 800 again, according to the LSP of RR2 to RR1, this MPLS bag is transmitted to RR1; (supposing the LSP of RR2 to RR1 here, be pressed into label 800 at RR2, is 700 at CE2 switch label 800, ejects label 700 at PE2)
4) the MPLS bag of label 3000 at the bottom of the RR1 reception stack, therefore, according to content in the label forwarding information table, switch label 3000 is 2000, is pressed into label 600 again, the LSP from interface E1 along RR1 to RR3 is transmitted to RR3; (supposing the LSP of RR1 to RR3 here, be pressed into label 600 at RR1, is 500 at PE1 switch label 600, ejects label 500 at CE1)
5) to receive label be 2000 MPLS bag to RR3, switch label 2000 to 1000, and E1 is transmitted to PE3 from interface;
6) PE3 receives the MPLS bag of label 1000, ejects label, and being reduced to destination address is the IP packet of 100.0.0.1, and according to label forwarding information table information it is transmitted to CE1;
7) CE1 is the vpn service stream of 100.0.0.1 with the destination address that receives, and is forwarded to destination host according to local routing table.
(2) communicate by letter between VPN foreign peoples's web site
Compare with similar Netcom letter, communicate by letter between the BGP/MPLS VPN foreign peoples web site under IPv4/v6 hybrid network Carrier ' the s carrier, in the foreign peoples's web site that communicates, need to be provided with transducer and DNS name server respectively.Adopt the NAT-PT converter technology to realize communicating by letter between VPN foreign peoples's web site in this programme.Its network configuration is as shown in Figure 8:
Among Fig. 8, NAT-PT is network address translation-protocol converter, is used for carrying out between foreign peoples's net the conversion of IPv4/v6, ICMPv4/v6; DNS-ALG is domain name service-ALG, is used for the address of upper-layer protocol is scanned, and the processing that the DNS domain name request is replied; NAT-PT and DNS-ALG are the same equipment that combines in this programme.Dns server in the VPN website is to provide analysis service to the domain name in this website.
The configuration of capital equipment is as follows among Fig. 8:
1.PE1, PE2, PE3, PE4, CE1, CE2, CE3, CE4, CE5, CE6, dns server, NAT-PT in website 1, the website 4 are the IPv4/v6 dual stack; And its IPv6 address is the compatible IPv4 of IPv6 address;
2. the address of the upper level dns server of dns server, website 4 interior dns servers is respectively DNS-ALG addresses in website 1, the website 4 in the configuration site 1;
3.PE3, dispose IGP, EBGP or static routing between PE4 and CE4, the CE6 with CE3, CE5;
4.CE1 with PE1, dispose MP-EBGP between CE2 and the PE2, be used to transmit the IPv4/v6 route of tape label; CE1 and RR3, PE1 and RR1, PE2 and RR1 dispose MP-IBGP between CE2 and the RR2, are used to transmit the IPv4/v6VPN route of tape label;
5.PE3 with RR3, PE4 and RR2 dispose MP-IBGP between PE1 and the PE2, are used to transmit the IPv4/v6VPN route of tape label; RR1 and RR2 dispose MP-EBGP between RR1 and the RR3, are used to transmit the IPv4/v6VPN route of tape label.
Be communicated to website 4 with VPN route 100.0.0.0/8 in the website 1 respectively below, it is that the vpn service stream of 100.0.0.1 is example that website 4 sends destination address to website 1, and this programme is elaborated.
VPN advertising of route process:
In order to realize announcing between the VPN website, at first must between foreign peoples's web site that will communicate, carry out route learning.VPN route learning process is identical with similar network process, also is divided into four processes: set up between RR3 and the RR1 bidirectional LSP between RR1 and the RR2; The VPN route is communicated to RR3 by PE4 in the website 1; RR3 is communicated to RR2 with this route by RR1; RR2 announces to website 4 by PE4.
Because the CE6 in the website 4, dns server, NAT-PT is the IPv4/v6 dual stack, therefore the IPv4/v6VPN advertising of route in above four the process websites 1 of process has arrived the CE6 in the website 4, comprise NAT-PT (DNS-ALG) address and dns server address route in the website 1, and other all IPv4VPN routes; And announce to the dns server in the website 4, NAT-PT by CE6.
IPv4 host A in the website 1 IPv6 host B in website 4 is initiated communication, and its detailed process is as follows:
1) dns server of IPv4 host A in website 1 sends IPv4DNS request (" A "), because there is not this domain name in the dns server of website 1, therefore this DNS request is addressed to higher level's dns server, be DNS-ALG address in the website 1, so the IPv4DNS of host A request is forwarded to the DNS-ALG in the website 1;
2) DNS-ALG is converted to IPv6DNS request (" AAAA ") with the IPv4DNS request (" A ") that receives in the website 1, according to the prefix route of dns server in the website of learning 4, the IPv6DNS request is transmitted to the dns server of website 4;
3) dns server in the website 4 receives this IPv6DNS request, resolves the IPv6 address that obtains host B, and the DNS-ALG that returns to website 1 is replied in this IPv6 address as DNS;
4) because website 4 interior dns servers have also been learnt the route of DNS-ALG in the website 1, therefore, this DNS replys the DNS-ALG that is returned in the website 1;
5) among the DNS-ALG IPv4 address pool with particular address prefix is arranged in the website 1, this prefix route is pointed to NAT-PT in the website 1; DNS-ALG replys as DNS optional IPv4 address in the IPv4 address pool, returns to requesting host A; And, write in the mapping table of DNS-ALG in the website 1 mapping address of this IPv4 address as host B IPv6 address;
6) host A is constructed the IPv4 packet with this IPv4 address as destination address.Because the particular prefix of this destination address, so this IPv4 packet is routed to NAT-PT in the website 1;
7) website 1 interior NAT-PT receives the IPv4 packet of particular address prefix, search IPv6 address corresponding in the mapping table with this IPv4 destination address, search the IPv6 address that obtains host B, therefore, NAT-PT is converted to the IPv6 packet with this IPv4 packet, mails to the destination host B in the website 4;
8) because the NAT-PT in the website 1 is IPv4/v6 pair of stacks, learnt the IPv6VPN route in the website 4, therefore, this IPv6 packet can similar Netcom with aforementioned VPN believe that mode is identical, be forwarded to the host B in the website 4, thereby realized the communication that the IPv4 host A is initiated to the IPv6 host B.
IPv6 host B in the website 4 IPv4 host A in website 1 is initiated communication, and its detailed process is as follows:
1) dns server of IPv6 host B in website 4 sends IPv6DNS request (" AAA "), because there is not this domain name in the dns server of website 4, therefore this DNS request is forwarded to higher level's dns server, be DNS-ALG address in the website 4, so this IPv6DNS request is forwarded to the DNS-ALG in the website 4;
2) DNS-ALG is converted to IPv4DNS request (" A ") with this IPv6DNS request in the website 4, and the prefix route according to dns server in the website of learning 1 mails to dns server in the website 1;
3) dns server in the website 1 receives this IPv4DNS request, resolves the IPv4 address that obtains host A, and this IPv4 address is returned to DNS-ALG in the website 4;
4) because website 1 interior dns server has also been learnt the route of DNS-ALG in the website 4, therefore, this DNS replys the DNS-ALG that is returned in the website 4;
5) website 4 interior DNS-ALG receive the IPv4 address of host A, add a particular prefix before this address, are configured to the IPv6 address, return to requesting host B; The route of this address prefix is the particular prefix route that can point to NAT-PT in the website 4;
6) host B with the IPv6 address that receives with particular address prefix as destination address, structure IPv6 packet.Because this IPv6 packet rs destination address has particular prefix, therefore, packet is routed to the NAT-PT in the website 4;
7) NAT-PT in the website 4 receive this IPv6 packet, with back 32 taking-ups in the destination address, promptly with the IPv4 address of host A as destination address, the IPv6 packet that receives is converted to the IPv4 packet, mail to the IPv4 host A in the website 1;
8) because the NAT-PT in the website 4 has learnt the prefix route that website 1 interior IPv4VPN route comprises host A, therefore, this IPv4 packet is identical with method for communicating in the similar web site of aforementioned VPN, can be forwarded to the destination host in the website 1, thereby realize the communication that the IPv6 host B is initiated to the IPv4 host A.
Adopt among the present invention and in higher level VPN provider sites, Router Reflector is set with respect to next stage VPN user, and in core MPLS backbone network, Router Reflector is set, relaying, transmission VPN route and Business Stream, this thought and the method for the IPv4/v6 hybrid network BGP/MPLS VPN under different autonomous system Carrier ' the s carrier structure striden in realization.This solution can not occur belonging between the route of different VPN to be revealed mutually; And, only at upper level VPN supplier's pe router, RR, and the RR in the core MPLS backbone network can know VPN route at the corresponding levels, the burden that has reduced other routers has improved performance.
In Fig. 3, for BGP/MPLS VPN being provided service for the website 1, website 2, website 3, the website 4 that belong to VPN a, VPN b, can in upper level VPN website AS100, AS200, Router Reflector RR3, RR2 be set respectively, Router Reflector RR1 is set in the MPLS backbone network, and in RR1, RR2, RR3, sets up IPv4/v6VRF a/b respectively for VPN a, VPN b.The VPN route of website 1, website 2 can be delivered to RR3 by PE3, is delivered to RR1 by the LSP between RR3 and the RR1, by RR1 by and RR2 between LSP be communicated to RR2, be communicated to PE4 by RR2 again, be communicated to website 3 or website 4 at last by PE4.In like manner can finish website 3, website 4 advertising of route to website 1, website 2.
In this process, upper level VPN website AS100 (belonging to VPNA), the AS200 (belonging to VPN B) of website 1,2,3,4 only can learn the routing iinformation of RR1 in the backbone network, by the relaying of RR1, can not cause the route between VPN A, the VPN B to reveal.And the VPN route in the website 1,2,3,4 only is that the RR1 in PE3, PE4, RR3, RR2 and the backbone network in its upper level VPN website learns, and other any router can not learnt this route.
If the situation of multistage carrying occurs, only need in the one-level VPN website RR to be set thereon, in backbone network, can set up a RR, set up LSP between the RR that in the RR of higher level VPN website and backbone network, sets up, the method that the method for handling is handled during with two-stage VPN is identical, and its structure as shown in Figure 9.
Among Fig. 9, website 1 and website 4 provide BGP/MPLS VPN service for website 5,6,7,8 again.Then can in website 1 and website 4, set up RR5, RR4 respectively, in backbone network, set up RR0, the VPN route of website 5, website 6 is communicated to RR5 after can being delivered to PE5 again, be delivered to RR0 by the LSP that sets up between RR5 and the RR0, be delivered to RR4 by the LSP between RR0 and the RR4, be communicated to PE6 by RR4 again, be communicated to website 7, website 8 by PE6 at last.
Herein in the reason process, the BGP/MPLS VPN supplier that website 5,6,7,8 is only arranged, be PE5, the RR5 in website 1 and the website 4, RR0 in PE6, RR4 and the backbone network learns the VPN route of website 5,6,7,8, guaranteed the isolation of VPN route, and can not increase load other routing devices in the network.
If the disposal ability of RR1 is enough big in the backbone network, then can not set up RR0, in RR1, set up VRF for VPN 1, VPN 2, finish whole relaying work by RR1.Can between RR5 and RR1, RR1 and RR4, set up LSP, transmit route and the Business Stream of VPN 1, VPN 2.
If the MPLS backbone network is made up of a plurality of autonomous systems, then can in the territory, two borders of MPLS backbone network, Router Reflector RR0, RR0 ' be set respectively, by between RR0 and RR0 ', setting up LSP, can transmit VPN route and Business Stream through No. three relayings, as shown in figure 10.
Among Figure 10, the MPLS backbone network is made up of AS10 and AS20, for can be for website 1,2,3,4 provides BGP/MPLS VPN service, can be at first the VPN route of website 1, website 2 at first be communicated to RR3 by PE3; By the LSP between RR3 and the RR0, the VPN advertising of route to RR0, is write among the VRF a/b of RR0; Between RR0 and RR0 ', set up LSP, by EBGP with the VPN advertising of route of website among the RR0 1, website 2 to RR0 ', write among the VRFa/b of RR0 '; Pass through the LSP between RR0 ' and the RR2 again, by RR0 ' with the VPN advertising of route of website 1 website 2 to RR2, write among the VRF a/b of RR2; Again by RR2 with the VPN advertising of route to PE4, write among the VRF a/b of PE4, be communicated to website 3 or website 4 by PE4.The method that website 3, website 4 are announced the VPN routes to website 1, website 2 is identical with it, and process in contrast.
Stride the transmission of different autonomous system IPv4/v6 hybrid network BGP/MPLS vpn service stream under Carrier ' the s carrier structure, the process of its process and VPN advertising of route is basic identical, but owing to the label exchange message of corresponding VPN route is write among the LFIB of routing devices such as PE, CE, RR when the VPN advertising of route.Therefore, when transmitting vpn service stream, when vpn service stream is encapsulated as the MPLS bag in entry PE, then later repeating process all can be transmitted according to the content among the LFIB of routing devices such as PE, RR, CE, and needn't search corresponding VPN routing iinformation among the VRF, ce router until arriving the purpose website is forwarded to destination host by CE again.

Claims (16)

1. the communication means between a mixed network VPN stations of striding different autonomous system is characterized in that: this method is by being provided with Router Reflector in core MPLS backbone network, relaying, transmits VPN route and Business Stream; In with respect to the autonomous system under next stage VPN user's the higher level VPN provider sites, Router Reflector is set respectively, and sets up corresponding IPv4/v6VRF respectively for the different VPN website of next stage in the Router Reflector in each autonomous system; Utilize two processes of VPN advertising of route and vpn service data forwarding to realize striding under Carrier ' the s carrier of operator of operator the similar net of IPv4/v6 hybrid network of different autonomous system and the BGP/MPLS VPN network service between foreign peoples's web site,
Wherein in same autonomous system between Router Reflector and the customer edge, dispose MP-IBGP between provider's edge device and the customer edge; Between the customer edge of different autonomous system and provider's edge device, dispose MP-EBGP; Between the Router Reflector of core backbone and provider's edge device, dispose MP-IBGP; Dispose IGP, EBGP or static routing between the provider's edge device of each autonomous system and the customer edge of variant website.
2. the communication means between mixed network VPN stations of striding different autonomous system as claimed in claim 1, it is characterized in that: the similar Netcom of described BGP/MPLS VPN communication network is configured to:
Between provider's edge device of the core backbone of forming by single autonomous system and provider's edge device, dispose MP-IBGP, between provider's edge device of the core backbone of forming by a plurality of autonomous systems and provider's edge device, dispose MP-EBGP, be used to transmit the VPN route of next-door neighbour's next stage VPN website.
3. the communication means between mixed network VPN stations of striding different autonomous system as claimed in claim 1, it is characterized in that: communication network is configured between described BGP/MPLS VPN foreign peoples web site:
NAT-PT transducer/DNS-ALG domain name service-ALG and DNS name server are set respectively in the foreign peoples's web site that communicates;
Dispose IGP, EBGP or static routing between provider's edge device of the customer edge of foreign peoples's web site and upper level autonomous system;
Dispose MP-EBGP between provider's edge device of the customer edge of next stage autonomous system and backbone network, be used to transmit the IPv4/v6 route of tape label;
Dispose MP-IBGP between the Router Reflector of autonomous system inside and the customer edge, be used to transmit the IPv4/v6 route of tape label;
Dispose MP-IBGP between the Router Reflector of autonomous system inside and the provider's edge device, be used to transmit the IPv4/v6VPN route of tape label;
Dispose MP-EBGP between the Router Reflector of the Router Reflector of backbone network and next stage autonomous system, be used to transmit the IPv4/v6VPN route of tape label.
4. the communication means between mixed network VPN stations of striding different autonomous system as claimed in claim 3, it is characterized in that: NAT-PT transducer and DNS name server in described provider edge device, customer edge and the foreign peoples's web site are the IPv4/v6 dual stack, and its IPv6 loop-back address is the compatible IPv4 of IPv6 address, and the address of the upper level DNS name server of the DNS name server in described foreign peoples's web site is respectively the DNS-ALG address in foreign peoples's web site.
5. the communication means between mixed network VPN stations of striding different autonomous system as claimed in claim 1, it is characterized in that: similar net comprises the following steps: with the process that the foreign peoples nets the VPN advertising of route of communicating by letter between the VPN website
1) sets up bidirectional LSP between the Router Reflector of the Router Reflector of MPLS backbone network and each autonomous system;
2), announce Router Reflector by this provider's edge device again to affiliated autonomous system with the VPN advertising of route of initiation of communication website provider's edge device to coupled upper level autonomous system;
3) by bidirectional LSP with VPN advertising of route in the initial website to the Router Reflector of backbone network, and write among the VRF of Router Reflector of backbone network; Again by the Router Reflector of backbone network with the Router Reflector of VPN advertising of route in the initial website to the upper level autonomous system of purpose website;
4) the provider edge device of the Router Reflector of the upper level autonomous system of purpose website in native system announced the VPN route of initial website, announces this VPN route by provider's edge device to the purpose website again.
6. the communication means between mixed network VPN stations of striding different autonomous system as claimed in claim 5, it is characterized in that: the label exchange message with corresponding VPN route when the VPN advertising of route writes among the LFIB of routing devices such as provider's edge device and Router Reflector.
7. the communication means between mixed network VPN stations of striding different autonomous system as claimed in claim 5, it is characterized in that: transmit routing iinformation by the MP-IBGP session between the Router Reflector in the same autonomous system and provider's edge device and the customer edge and also be this routing iinformation distributing labels, write according to routing property in the label forwarding information table of purpose provider edge device or customer edge.
8. the communication means between mixed network VPN stations of striding different autonomous system as claimed in claim 5, it is characterized in that: the vpn service data forwarding of communicating by letter between foreign peoples VPN website is by the VPN route learning of crossing over a plurality of autonomous systems and crosses over a plurality of autonomous systems and carry out dns resolution at other websites of affiliated VPN, utilizes NAT-PT (DNS-ALG) to carry out that the conversion of IP type of data packet realizes.
9. the communication means between mixed network VPN stations of striding different autonomous system as claimed in claim 8 is characterized in that: the dns server in the described VPN website provides analysis service to the domain name in this website.
10. a hybrid network communication system comprises core MPLS backbone network and a plurality of autonomous system, it is characterized in that: have Router Reflector in the core MPLS backbone network of described system, relaying, transmission VPN route and Business Stream; In with respect to the autonomous system under next stage VPN user's the higher level VPN provider sites, have Router Reflector respectively, and set up corresponding IPv4/v6VRF respectively for the different VPN website of next stage in the Router Reflector in each autonomous system,
Wherein in same autonomous system between Router Reflector and the customer edge, dispose MP-IBGP between provider's edge device and the customer edge; Between the customer edge of different autonomous system and provider's edge device, dispose MP-EBGP; Between the Router Reflector of core backbone and provider's edge device, dispose MP-IBGP; Dispose IGP, EBGP or static routing between the provider's edge device of each autonomous system and the customer edge of variant website.
11. hybrid network communication system as claimed in claim 10, it is characterized in that: between provider's edge device of the core backbone of single autonomous system and provider's edge device, dispose MP-IBGP, between provider's edge device of core backbone and provider's edge device, dispose MP-EBGP, be used to transmit the VPN route of next-door neighbour's next stage VPN website with a plurality of autonomous systems.
12. hybrid network communication system as claimed in claim 10 is characterized in that: described Router Reflector, provider's edge device and customer edge are the IPv4/v6 dual stack, and its IPv6 loop-back address is the compatible IPv4 of IPv6 address.
13. as right 10 described communication systems, it is characterized in that: described communication system has NAT-PT transducer/DNS-ALG domain name service-ALG and DNS name server respectively in the foreign peoples's web site that communicates;
Dispose IGP, EBGP or static routing between provider's edge device of the customer edge of foreign peoples's web site and upper level autonomous system;
Dispose MP-EBGP between provider's edge device of the customer edge of next stage autonomous system and backbone network, be used to transmit the IPv4/v6 route of tape label;
Dispose MP-IBGP between the Router Reflector of autonomous system inside and the customer edge, be used to transmit the IPv4/v6 route of tape label;
Dispose MP-IBGP between the Router Reflector of autonomous system inside and the provider's edge device, be used to transmit the IPv4/v6VPN route of tape label;
Dispose MP-EBGP between the Router Reflector of the Router Reflector of backbone network and next stage autonomous system, be used to transmit the IPv4/v6VPN route of tape label.
14. communication system as claimed in claim 13 is characterized in that: described NAT-PT and DNS-ALG are the same equipment that combines; NAT-PT transducer and DNS name server in provider's edge device, customer edge and the foreign peoples's web site are the IPv4/v6 dual stack, and its IPv6 loop-back address is the compatible IPv4 of IPv6 address; The address of the upper level DNS name server of the DNS name server in foreign peoples's web site is respectively the DNS-ALG address in foreign peoples's web site.
15. communication system as claimed in claim 13 is characterized in that: described IPv4/v6VPN route comprises route and dns server address route and other relevant VPN routes of domain name service-ALG in the VPN website.
16. hybrid network communication system, comprise core MPLS backbone network and a plurality of autonomous system, it is characterized in that: core MPLS backbone network is made up of a plurality of autonomous systems, has Router Reflector respectively in the territory, two borders of MPLS backbone network, between Router Reflector, set up LSP
Wherein in same autonomous system between Router Reflector and the customer edge, dispose MP-IBGP between provider's edge device and the customer edge; Between the customer edge of different autonomous system and provider's edge device, dispose MP-EBGP; Between the Router Reflector of core backbone and provider's edge device, dispose MP-IBGP; Dispose IGP, EBGP or static routing between the provider's edge device of each autonomous system and the customer edge of variant website.
CNB2005100698315A 2005-04-28 2005-04-28 Communication method and system between mixed network VPN stations across different autonomous systems Expired - Fee Related CN100411381C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB2005100698315A CN100411381C (en) 2005-04-28 2005-04-28 Communication method and system between mixed network VPN stations across different autonomous systems

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB2005100698315A CN100411381C (en) 2005-04-28 2005-04-28 Communication method and system between mixed network VPN stations across different autonomous systems

Publications (2)

Publication Number Publication Date
CN1855872A CN1855872A (en) 2006-11-01
CN100411381C true CN100411381C (en) 2008-08-13

Family

ID=37195722

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2005100698315A Expired - Fee Related CN100411381C (en) 2005-04-28 2005-04-28 Communication method and system between mixed network VPN stations across different autonomous systems

Country Status (1)

Country Link
CN (1) CN100411381C (en)

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100405797C (en) * 2006-12-01 2008-07-23 清华大学 IPv4 over IPv6 extension method of BGP protocol software
CN101262410B (en) * 2007-03-07 2010-12-08 上海亿人通信终端有限公司 Implementation method for DNS application gateway based on NAT-PT
CN101267385B (en) * 2007-03-12 2010-10-13 中国电信股份有限公司 A service carrying network realization method based on IP and MPLS mixing technology
CN101102228B (en) * 2007-08-08 2010-06-02 华为技术有限公司 A method and device for flow statistics
CN101494614B (en) * 2009-03-09 2011-11-16 华为技术有限公司 Method, apparatus and system for rapid rerouting
WO2012106888A1 (en) * 2011-07-14 2012-08-16 华为技术有限公司 Method and system for realizing cross-domain information processing
CN111385204B (en) * 2018-12-27 2022-03-29 中国移动通信集团贵州有限公司 Service transmission method, device, equipment and medium
CN110784401B (en) * 2019-10-28 2021-10-26 北京金山云网络技术有限公司 Communication equipment adaptation method and device and communication equipment
CN112910667B (en) * 2019-11-19 2023-03-24 苏州至赛信息科技有限公司 Method and device for generating network topology model, computer equipment and storage medium
CN111614560A (en) * 2020-05-25 2020-09-01 山东汇贸电子口岸有限公司 Distributed dynamic routing method
CN113973026B (en) * 2020-07-24 2023-03-03 厦门网宿有限公司 Site interconnection method, central controller and route reflector
CN113098750A (en) * 2021-03-11 2021-07-09 网宿科技股份有限公司 Site interconnection method, system and transfer equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020184388A1 (en) * 2001-06-01 2002-12-05 Nimer Yaseen Layered approach to virtual private routing
US20040034702A1 (en) * 2002-08-16 2004-02-19 Nortel Networks Limited Method and apparatus for exchanging intra-domain routing information between VPN sites
US20040059829A1 (en) * 2002-09-24 2004-03-25 Chu Thomas P. Methods and devices for converting routing data from one protocol to another in a virtual private network
JP2005020603A (en) * 2003-06-27 2005-01-20 Furukawa Electric Co Ltd:The Routing control method, data gathering apparatus, and routing control system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020184388A1 (en) * 2001-06-01 2002-12-05 Nimer Yaseen Layered approach to virtual private routing
US20040034702A1 (en) * 2002-08-16 2004-02-19 Nortel Networks Limited Method and apparatus for exchanging intra-domain routing information between VPN sites
US20040059829A1 (en) * 2002-09-24 2004-03-25 Chu Thomas P. Methods and devices for converting routing data from one protocol to another in a virtual private network
JP2005020603A (en) * 2003-06-27 2005-01-20 Furukawa Electric Co Ltd:The Routing control method, data gathering apparatus, and routing control system

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
网络运营商部署MPLS VPN需考虑的问题及应用分析. 唐景莲.电信建设,第5期. 2004
网络运营商部署MPLS VPN需考虑的问题及应用分析. 唐景莲.电信建设,第5期. 2004 *

Also Published As

Publication number Publication date
CN1855872A (en) 2006-11-01

Similar Documents

Publication Publication Date Title
CN100411381C (en) Communication method and system between mixed network VPN stations across different autonomous systems
CN100387019C (en) Method for realizing cross-mixed network multi-protocol tag exchange virtual special network
US10164838B2 (en) Seamless segment routing
CN103546374B (en) A kind of method and apparatus E-Packeted in edge double layer network
CN102971992B (en) Virtual special local area network equipment, networking component and data frame forwarding method
CN103270736B (en) A kind of network equipment
CN100450065C (en) Method for providing communication between virtual special network stations
CN100550841C (en) Autonomous System Boundary Router, AS Boundary Router route issuing method and Autonomous System Boundary Router, AS Boundary Router
CN102170386B (en) The implementation method that identify label is separated with position, system and data encapsulation method
CN100571197C (en) A kind of provider's edge device and using method thereof of combining network address conversion
CN100505674C (en) Packet forwarding method, system and verge equipment in virtual private network
CN100433691C (en) Routing method of virtual special network
CN105850102A (en) Control of a chain of services
CN101052022B (en) System and method for virtual special net user to access public net
CN102075438B (en) unicast data frame transmission method and device
CN102413060B (en) User private line communication method and equipment used in VPLS (Virtual Private LAN (Local Area Network) Service) network
JP2013504959A (en) Method and system for realizing virtual private network
CN101355486A (en) Method, equipment and system for switching route
CN100484080C (en) Routing access method, system and operator edge equipment for virtual private network
CN102739501A (en) Message forwarding method in two or three layer virtual private network (VPN) and system thereof
CN100428739C (en) Implementing method and system for support VPLS service on IP skeletal network
CN100414919C (en) Method for realizing virtual special network of over-muti-autonomous system mixed network
EP3018866A1 (en) Signaling aliasing capability in data centers
CN102098353B (en) System and method for interworking between IPv4 (internet protocol version 4) and IPv6 (internet protocol version 6) based on DHT (distributed hash table)
CN113726653A (en) Message processing method and device

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20080813

Termination date: 20170428

CF01 Termination of patent right due to non-payment of annual fee