CN100433691C - Routing method of virtual special network - Google Patents

Routing method of virtual special network Download PDF

Info

Publication number
CN100433691C
CN100433691C CNB2005101174980A CN200510117498A CN100433691C CN 100433691 C CN100433691 C CN 100433691C CN B2005101174980 A CNB2005101174980 A CN B2005101174980A CN 200510117498 A CN200510117498 A CN 200510117498A CN 100433691 C CN100433691 C CN 100433691C
Authority
CN
China
Prior art keywords
vpn
address
routing iinformation
website
compatible
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB2005101174980A
Other languages
Chinese (zh)
Other versions
CN1852214A (en
Inventor
张宏科
郜帅
李德丰
谷志慧
霍宏伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xuzhou Yong Wei Wood Industry Co.,Ltd.
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CNB2005101174980A priority Critical patent/CN100433691C/en
Publication of CN1852214A publication Critical patent/CN1852214A/en
Application granted granted Critical
Publication of CN100433691C publication Critical patent/CN100433691C/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The present invention discloses a routing method for special networks, which is applied to a communication system based on an IPv6 backbone network and an IPv4 user network. The method comprises the steps that an objective VPN site in the IPv4 user network send out the routing information of a source site to a source VPN site of the IPv4 user network through the IPv6 backbone network, and a tunnel is established between an outlet provider edge device PE of the source VPN site and an inlet PE of the objective VPN site; the source VPN site utilizes the routing information of the source VPN site and the tunnel to send out service flows to the objective VPN site. The present invention can effectively solve the problem that SP based on the IPv6 backbone network provides VPN service for users based on the IPv4 user network in the transient process to the IPv6 backbone network. The present invention needs no hardware upgrade and needs only to improve software of a PE device besides, the present invention has the advantages of simple and convenient configuration mode, and favorable expansibility and market generalization.

Description

A kind of method for routing of VPN (virtual private network)
Technical field
The present invention relates to the VPN(Virtual Private Network) technical field, be meant the method for routing of a kind of VPN based on IPv6 backbone network and IPv4 user network especially.
Background technology
Multiprotocol label switching (mpls) is that a kind of utilization is bundled in label in the IP bag carries out data forwarding by network technology.Usually the IP bag is encapsulated as the MPLS message, the MPLS heading is carried according to the forwarding equivalence class distributed labels, carries out tag operational at the MPLS router, and according to label message is forwarded from corresponding interface, is forwarded to the destination step by step.
BGP/MPLS VPN is meant on pe router and sets up different virtual routing forwardings for different VPN users, forming MPLS transmits, utilize the bearing capacity announcement VPN route of the multi-protocols expansion of BGP4+ agreement, and then realize that between VPN user route is isolated and announcement, transmit Business Stream, realize the VPN service.
RFC2547bis has proposed the BGP/MPLS vpn solution based on pure IPv4 territory, and this scheme is quite ripe at present and be widely used in the real network.Along with the appearance of IPv6 network, more and more manufacturers provide the support to IPv6, have proposed based on the BGP/MPLSVPN solution in pure IPv6 territory with based on IPv4 backbone network, IPv6 user's BGP/MPLS vpn solution.But in the later stage of IPv4, IPv6 backbone network, IPv4 user network can occur, and can't realize the BGP/MPLS vpn service under IPv4 user network, the IPv6 backbone configuration at present to the IPv6 transient process.
Specify BGP/MPLS vpn solution referring to Fig. 1 based on IPv4 backbone network, IPv6 user.
As shown in Figure 1, website 1 and website 3 belong to VPN1, and website 2 and website 4 belong to VPN2, and user site is all based on IPv6, and the MPLS backbone network is based on IPv4.Below with the VPN advertising of route of website in VPN2 4 to website 2, website 2 sends vpn services stream to website 4 and is example, and the communication means between two VPN websites among each VPN is described.
Need to prove, in VPN2, set up communication, the VPN route that must at first will learn from each other and to arrive the other side's website between VPN website 2 and the VPN website 4 if make.Because VPN website 2 and VPN website 4 belong to the IPv6 website, backbone network is the MPLS network based on IPv4, so must transmit the IPv6VPN routing iinformation in the IPv4MPLS backbone network.Be to utilize the BGP multi-protocols can reach attribute on IPv4 MPLS backbone network platform, to issue IPv6 VPN routing iinformation at present.
Referring to shown in Figure 1, CE4, promptly VPN website 4 is purpose VPN website, CE2, promptly VPN website 2 is a source VPN website; PE2 is an outlet PE, and PE1 is an entry PE.The issue of routing iinformation belongs to control flows information, and is specific as follows:
(1) CE4 is to PE2 distribution site 4 inner IPv6 route 3ffe:3210: :/32.Concrete mode can adopt Routing Protocols such as static routing, OSPF, RIP.
(2) after PE2 receives this route, it is added among the IPv6 virtual routing forwarding VRF of VPN2 correspondence, and be this route assignment label.
Here, this VRF has write down the VPN route entry of all VPN2.The VPN route is meant the UPDATE packet of a BGP, and inside comprises Route Distinguisher RD and route target RT, VPN destination address and next hop address etc., and is this route assignment label.
(3) PE2 can reach that destination field is 3ffe:3210: in the attribute: the IPv6VPN address of/32 correspondences, the IPv6 VPN address of the IPv4 map addresses that next relaying field is PE1 for PE1, multi-protocols this IPv6 label advertising of route by IBGP.
(4) PE1 receives this route, and it is added among the IPv6 virtual routing forwarding VRF of VPN2 correspondence, and next relaying is PE2, and issues this route by methods such as static routing, OSPF, RIP to CE2.
Two, website 2 belongs to traffic flow information to the vpn service that website 4 sends, and is specific as follows:
(1) website 2 is sent to PE1 with the IPv6 packet.
(2) the corresponding MPLS of PE1 inquiry transmits and VRF, and for the IPv6 packet is pressed into the secondary label, label is that PE2 is the label of IPv6 VPN route assignment in the website 4 at the bottom of the stack, and the stack top label is the LSP label of PE1 to PE2.
(3) through the LSP of PE1 to PE2, this MPLS message is forwarded to PE2 step by step.
(4) PE2 according to stack at the bottom of label the MPLS message is reduced to the IPv6 packet, and be forwarded to website 4.
To have solved backbone network be the single autonomous system of IPv4 or IPv6 to such scheme in the prior art, the VPN user site is a communication issue between the VPN website under the IPv6 network, after IPv6 replaces IPv4, IPv6 backbone network, IPv4 user network can be occurred, the BGP/MPLS vpn service under IPv4 user network, the IPv6 backbone configuration can't be realized at present.
Summary of the invention
In view of this, the purpose of this invention is to provide the method for routing of a kind of VPN based on IPv6 backbone network and IPv4 user network, make it in the network configuration that IPv6 backbone network and IPv4 user form, provide VPN service.
The method for routing of a kind of VPN based on IPv6 backbone network and IPv4 user network provided by the invention is achieved in that
Method for routing in a kind of VPN (virtual private network), be applied in the communication system based on IPv6 backbone network and IPv4 user network, the corresponding compatible virtual routing forwarding VRF of each VPN, compatible VRF supports the compatible IPv6 of IPv4 address, the corresponding route target community of each compatible VRF, this method may further comprise the steps:
In the a.IPv4 user network purpose VPN website to the outlet edge device PE of provider send purpose VPN website, the address is the routing iinformation of IPv4 address format; Outlet PE is converted to the routing iinformation that the address is the compatible IPv6 address format of IPv4 according to the compatible VRF of purpose VPN correspondence with this routing iinformation, and is sent to entry PE by the IPv6 backbone network; Entry PE is according to the compatible VRF of purpose VPN correspondence, is that the routing iinformation of the compatible IPv6 address format of IPv4 is converted to the source VPN website that is sent to behind the routing iinformation that the address is the IPv4 address format in the IPv4 user network with the address that receives;
And between the outlet PE of the entry PE of source VPN website and purpose VPN website, set up the tunnel;
B. VPN website in source utilizes the routing iinformation of purpose VPN website and tunnel to send Business Stream to purpose VPN website.
Described tunnel is a label switching path LSP.
Described tunnel is set up before or after to be described purpose VPN website by the IPv6 backbone network send to Source Site in the IPv4 user network with the VPN routing iinformation of purpose website.
Described LSP utilizes LDP or RSVP to set up.
Among the step a, the routing iinformation of outlet PE after with the reference address form comprises by the step that the IPv6 backbone network is sent to entry PE:
Destination address is set to the IPv4 address in this routing iinformation among the compatible VRF of a11, this VPN of outlet PE, next hop address is set to purpose VPN website, and for this routing iinformation distributes a LSP, and the MPLS Label Forwarding Information Base that utilizes this LSP modification self to preserve;
A12, outlet PE will comprise that routing iinformation and the VPN routing iinformation of the destination address that purpose VPN sends, the LSP label of outlet PE distribution and the target routing property of setting of the input interface of self send to entry PE;
Among the step a, entry PE comprises the step that the routing iinformation of IPv4 address format is sent to the source VPN website in the IPv4 user network:
A21, entry PE judge target routing property value among the target routing property value received all compatible VRF corresponding with self, if from all compatible VRF of self correspondence, find and the identical value of receiving of target routing property value, then according to from the routing iinformation among the identical compatible VRF of the updating route information route target community value of the VPN of outlet PE;
After the equipment in the VPN website of source is received the VPN routing iinformation of entry PE, relevant route entry is installed in self routing table; Router in the VPN website of source is learnt this routing iinformation.
The routing iinformation of input interface is the IPv6 address described in the routing iinformation of VPN described in the step a12, or the compatible IPv6 of the IPv4 address for utilizing input interface;
When the routing iinformation of described input interface was the IPv6 address, to be entry PE can reach purpose prefix in the attribute according to multi-protocols to destination address reflects to penetrate and obtain in the routing iinformation of VPN described in the step a21;
When the routing iinformation of described input interface was the compatible IPv6 of IPv4 address, destination address was directly can reach the compatible IPv6 of IPv4 address in the attribute according to multi-protocols to reflect to penetrate and obtain in the routing iinformation of VPN described in the step a21.
Send the routing iinformation of purpose VPN website between described purpose VPN website and the outlet PE by the routing mode of operation Interior Gateway Protocol, EBGP mode or static configuration.
Step b comprises:
The packet that equipment in b0, the source VPN website will contain destination address is sent in the corresponding gateway router, after this router is received this packet, judge the routing iinformation of self preserving this destination address correspondence, if have, according to this routing iinformation packet is forwarded to next hop router, through transmitting the outlet device in the VPN website of last arrival source step by step;
The routing table that outlet device in b1, the source VPN website self is preserved according to the destination address inquiry of packet obtains the entry PE address, and this packet is transmitted to this entry PE;
After b2, entry PE are received this packet, directly in the compatible VRF of input interface correspondence, find the route of this destination address, and adopt two-layer label mechanism to carry out the encapsulation of MPLS data message, and this packet is forwarded according to the route that finds;
B3, in the SP network, carry out label exchange according to LSP, be transmitted to the router in downstream from the corresponding interface, and transmit successively, up to the last two jump of outlet PE, eject the stack top label in the last two jump of outlet PE, and be transmitted to outlet PE from the corresponding interface;
B4, outlet PE eject the bottom label of this packet, are reduced to destination address and are the IP bag of IPv4 form, directly this IP bag are transmitted to purpose VPN website from output interface according to self MPLS Label Forwarding Information Base;
After equipment in b5, the purpose VPN website was received this packet, the destination address according to this IP bag carried out the longest path matched and searched in local routing table, find corresponding route, and packet is mail to next hop router, finally is forwarded to destination device.
In the present invention, expression IPv6 VPN route on the compatible IPv6 address format of VPN-IPv4, in fact the IPv4VPN route is transmitted in expression, the present invention utilizes the special construction of the compatible IPv6 of IPv4 address, but be mutual mapping relation and its routing characteristic in the IPv6 backbone network of IPv6 address and IPv4 address, thereby solved the legitimacy problem of in the IPv6 backbone network, transmitting IPv4 VPN route.
The present invention can effectively finish at the SP based on the IPv6 backbone network in the transient process of IPv6 and provide VPN the problem of service to the user based on IPv4.And the present invention does not need upgrading hardware, only needs the software of PE equipment is improved simple, the easy row of configuration mode.And method of the present invention meets popular RFC 2547bis system at present, is with good expansibility.
Description of drawings
Fig. 1 is the single AS of IPv4 for backbone network, and the user is the vpn solution of IPv6;
Fig. 2 is the single AS of IPv6 for backbone network, and the user is the vpn solution of IPv4;
Fig. 3 is for being that LSP is the schematic flow sheet of the inventive method of example with the tunnel.
Embodiment
Core concept of the present invention is: purpose VPN website sends to source VPN website in the IPv4 user network by the IPv6 backbone network with the routing iinformation of purpose website in the IPv4 user network, and sets up the tunnel between the outlet PE of the edge device PE of inlet provider of source VPN website and purpose VPN website; Source VPN website utilizes the routing iinformation of purpose VPN website and tunnel to send Business Stream to purpose VPN website.In the present invention, the tunnel can be a label switching path LSP.And purpose VPN website can be set up the tunnel before or after the Source Site that by the IPv6 backbone network VPN routing iinformation of purpose website is sent in the IPv4 user network.
As shown in Figure 2, in the system that the present invention uses, backbone network is based on the single AS of IPv6, and user site is based on the BGP/MPLS VPN of IPv4.Website 1 and website 4 belong to VPN1, and website 2 and website 3 belong to VPN2.Can communicate by letter between the different VPN website among the same VPN, the website in the different VPN can not be visited mutually.Move Interior Gateway Protocol such as OSPF, IS-IS, RIP etc. among Fig. 2 in each user site, the equal configuration of IP v4/v6 dual stack of pe router, operation Interior Gateway Protocol such as OSPFv3, IS-ISv6, RIPng etc. and LDP agreement in the IPv6MPLS backbone network.
In the present invention, the business information among the BGP/MPLS VPN is divided into two big classes: control information and data message.The former comprises common routing iinformation, VPN routing iinformation and sets up the LDP message etc. of LSP needs that the latter mainly refers to user's vpn service stream.Common routing iinformation such as Tunnel Identifier, LSP etc.
Referring to shown in Figure 3, below be that LSP is an example with the tunnel, describe and realize method of the present invention, specific as follows:
Step 301: purpose VPN website is the VPN routing iinformation of IPv4 form to the address that outlet PE sends purpose VPN website.
Step 302: after outlet PE is received this routing iinformation, be LSP of this VPN route assignment, the input interface that utilizes this VPN routing iinformation, this LSP and outlet PE to receive this routing iinformation upgrades the compatible VRF and the MPLS Label Forwarding Information Base of this VPN correspondence, and sets route target community.
Need to prove that compatible VRF has following characteristics: support the compatible IPv6 address input and output of IPv4 address and IPv4 auto-conversion function; Route table items is supported IPv4 purpose prefix and next jumping foreign peoples address coexistence of IPv6; Repertoire with common VRF.
The compatible IPv6 of VPN-IPv4 address is the special address of a class that this programme is used.The compatible IPv6 of IPv4 address wherein, can be expressed as 0:0:0:0:0:0:w.x.y.z or:: w.x.y.z (w.x.y.z is the IPv4 address of representing with dotted decimal notation), the node that is used to have IPv4 and two kinds of agreements of IPv6 uses IPv6 to communicate.And the mode of RD (route distinguishing identifier) and the compatible IPv6 of IPv4 address is adopted in the compatible IPv6 of VPN-IPv4 address, represents the particularity of VPN route in BGP, thereby is implemented in the VPN route of the different address of transmission family in the backbone network cleverly.
Compatible VRF comprises information such as output route target community, Route Distinguisher, destination address, next jumping sign, output interface.Parameters such as the MPLS Label Forwarding Information Base comprises input interface, goes into label, tupe, output interface.
The compatible VRF of this VPN correspondence of described renewal is meant: the pairing destination address of the Route Distinguisher of this VPN is set to the IPv4 address in this routing iinformation, and next jumping is set to the exit address of source VPN website.
Revising the MPLS Label Forwarding Information Base is meant: input interface is set, goes into label, the corresponding relation of tupe and output interface.Here, input interface is the interface of outlet PE receiving data stream.
Step 303: outlet PE is according to the VPN route of the routing iinformation that comprises self routing iinformation and purpose website and from can reaching in the attribute as the LSP bundled encapsulation of this VPN route assignment multi-protocols to BGP, and will can reach the VPN routing iinformation in the attribute for the multi-protocols of the route target community (based on the expansion community attribute of route target) of this VPN route setting and the above-mentioned BGP of being encapsulated into and send to entry PE by the UPDATE message for the LSP of this VPN route assignment.
The routing iinformation of input interface is the IPv6 address described in the described VPN routing iinformation, or the compatible IPv6 of the IPv4 address for utilizing input interface.
Step 304: entry PE compares according to the input objective attribute target attribute value of each compatible VRF among export target property value that carries route in the UPDATE message and the PE, if find the export target property value that comprises this route in the input target of a compatible VRF, then this VPN route and LSP information are deposited among the compatible VRF of this VPN correspondence in the entry PE, otherwise, this route is abandoned.
When the routing iinformation of described input interface was the IPv6 address, entry PE can reach purpose prefix in the attribute according to multi-protocols and reflect to penetrate and obtain destination address;
When the routing iinformation of described input interface is the compatible IPv6 of IPv4 address, directly can reaches the compatible IPv6 of IPv4 address in the attribute and reflect to penetrate and obtain destination address according to multi-protocols.
Step 305: after source VPN website obtains VPN route from entry PE, relevant route entry is installed in the routing table of self.Other router in the VPN website of source is learnt these routes by Interior Gateway Protocol, be installed in the routing table of oneself, and next jumping of these routes all is the next-door neighbour's router address to source CE.
Step 306: source VPN website utilizes the routing iinformation of purpose VPN website and the tunnel between outlet PE and the entry PE to send Business Stream to purpose VPN website.
Below with the VPN advertising of route of website 4 to website 1, website 1 sends vpn services stream to website 4 and is example, and the transmittance process of control information and data message among the present invention is described respectively.
Referring to shown in Figure 2, embodiment one realizes that the processing procedure of control information is as follows:
(1) the unified Interior Gateway Protocol of the router of user site 4 inside operation, through the agreement diffusion, user site equipment CE4 obtains the inside route 10.0.0.0/8 of an IPv4 address format.
(2) CE4 is to the routing iinformation of PE2 distribution site 4, and this routing iinformation is the inside route 10.0.0.0/8 of website 4.
Concrete published method can be not limited to a certain mode, as: can move the Interior Gateway Protocol notice between CE4 and the PE2, also can move the EBGP mode and notify, also can be by the routing mode notice of static configuration.
When (3) PE2 receives route 10.0.0.0/8 from CE4, determine this Route Distinguisher by the interface if1 that receives this routing iinformation, as: the corresponding VPN1 of the if1 interface of PE2, the corresponding VPN2 of if2, and be that LSP of VPN website route assignment among the compatible VRF of VPN1 correspondence among the CE4 is as 100, this label is corresponding with the interface if1 of PE2, and PE2 also is input interface of this route assignment such as if2.PE2 utilizes this LSP and input interface if2, output interface if1 that the MPLS Label Forwarding Information Base is set.Be that this compatibility VRF sets route target community simultaneously, the corresponding relation of this VPN website route and the output route target community that configures promptly is set.
Be shown in Table 1, among the compatible VRF of correspondence, destination address is 10.0.0.0/8 among the VPN1 among the PE2, and next hop address is CE4, and output interface is if1, and bottom label is 100.
Next jumps Route Distinguisher interface bottom label top label destination address
10.0.0.0/8 CE4 RED if1 100 ------
Table 1
Ginseng is shown in Table 2, and input interface is if2 in the amended MPLS Label Forwarding Information Base, goes into label and is set to 100, and tupe is " an ejection label ", and output interface is if1.
Input interface is gone into the tag processes output interface
If2 100 ejects label if1
Table 2
(4) PE2 can reach the VPN routing iinformation of IPv6 and the multi-protocols of PE2 distributed labels LSP bundled encapsulation BGP in the UPDATE message in the attribute, sends to PE1.The VPN routing iinformation comprises Route Distinguisher RD and route target RT, VPN destination address and next hop address.
Here, since the input interface of PE2 directly towards the IPv6 backbone network, so can directly utilize the IPv6 address of PE2 input interface to announce to PE1 as next jumping.Table 3 shows PE2 can reach attribute to the multi-protocols of this route of 10.0.0.0/8 encapsulation format.
AFI is 2
SAFI was 129 (representing that the routing iinformation that the NLRI field is carried is the IPv6VPN route that has the MPLS label)
Next jumps length (24)
Next jumps (the IPv6 address RD:3FFE:3210:FFFF::1 of input interface, the common zero setting of RD)
SNPA information
Length (27)
MPLS label (being assumed to be 100)
VPN purpose prefix RD:::10.0.0.0
Table 3
And PE2 will expand community's attribute and also be encapsulated in the UPDATE message and send.The encapsulation of expansion community attribute is as shown in table 4.
The method of salary distribution
Type
Manager AS
User AS
Table 4
(5) after PE1 receives the UPDATE message, the IPv6VPN route from PE2 is optionally received according to expansion community attribute based on route target.
Be specially: according to the export target property value that carries route in the UPDATE message, compare with the input objective attribute target attribute value of each compatible VRF among the PE1, if find the export target property value that comprises this route in the input objective attribute target attribute of a compatible VRF (also being the compatible VRF of VPN1 correspondence), then with route:: 10.0.0.0/104 deposits among this compatibility VRF; If the input target of all compatible VRF does not comprise this value, then this route is abandoned.
With route:: the process that 10.0.0.0/104 deposits this compatibility VRF in is:
PE1 can reach from the BGP multi-protocols and take out the purpose prefix the attribute:: 10.0.0.0/104 and reflection are penetrated back 10.0.0.0/8, taken out next jumping PE2 (3FFE:3210:FFFF::1) and label 100, and this VPN route is stored among the VRF RED, and be as shown in table 5.
Deposit following routing iinformation among the compatible VRF of the VPN1 correspondence of in PE1, preserving in:
Purpose Next jumping Route target Route Distinguisher Interface Bottom label Top label
10.0.0.0/8 PE2 RD-RED RED if2 100 66
Table 5
Here next the jumping PE2 owing to 10.0.0.0/8 is non-close router, so, want to arrive PE2 and must pass through the MPLS backbone network.By search purposes is the FEC of PE2, obtains to arrive the LSP inlet label 66 of PE2, and writes in the VRF table.This LSP sets up in advance according to Interior Gateway Protocol and LDP, and is irrelevant with the VPN route.
(6) after CE1 obtains the VPN route 10.0.0.0/8 of PE1 by Interior Gateway Protocol or EBGP or static routing, relevant route entry can be installed in the routing table of CE1.
Here, can move Interior Gateway Protocol between CE1 and the far-end PE 1, also can move EBGP even can the configuring static route.Removing a website and promptly belong to the situation of a plurality of VPN, generally all is the corresponding VRF of an interface, after a route is installed among certain compatible VRF of PE1, just can directly determine to announce this route to the website of which interface correspondence like this.
(7) after the CE1 website is installed to the routing table of oneself with VPN route 10.0.0.0/8, other router in the website is learnt these routes by Interior Gateway Protocol, be installed in the routing table of oneself, and next jumping of these routes all is the next-door neighbour's router address to CE1.
(8) set up LSP.Multiple diverse ways can be arranged, as using LDP or RSVP.Just as expected, the foundation of LSP can be independent mutually with the IP-VPN route on upper strata, also can set up LSP after announcement VPN route.Perhaps, setting up LSP in advance before announcement VPN route also can.
The repeating process of service data information is as follows:
(1) packet that a destination address is arranged now is 10.0.0.0/8 sends from website 1 certain main frame, at first mails to the router as its default gateway.If this route has been arranged in this router, find this route by longest prefix match, and be forwarded to next hop router; Through transmitting the last CE1 of arrival step by step.
(2) packet of the route that has had in the routing table of CE1, next is jumped and is by the longest path coupling, to find PE1 this route, and this packet is transmitted to PE1.
(3) because packet is to receive from the interface if2 that PE1 is connected with CE1, so PE1 receives that this bag is afterwards with regard to direct route of searching this destination address in the compatible VRF of input interface if2 correspondence.In RED VRF, find corresponding route, adopt two-layer label mechanism to carry out the encapsulation of MPLS data message, and this packet is forwarded according to outgoing interface if2.
(4) in the SP network, carry out label exchange, the P below the corresponding interface is transmitted to (P2, P3......) according to LSP.Transmit successively, up to the last two jump Pn of PE2 (n=2 here), therefore eject stack top label 77, and be transmitted to PE2 from the corresponding interface at Pn.
(5) after packet arrives PE2, eject the bottom label, be reduced to the IPv4 packet,, therefore need not search VRF in transmitting, directly packet is transmitted to CE4 from output interface because the output interface of label correspondence has been arranged.
(6) after CE4 received packet, the destination address according to this IP bag carried out the longest path matched and searched in local routing table, find corresponding route, and packet is mail to next hop router, finally is forwarded to the destination.
Lift specific embodiment two below and describe technical scheme of the present invention in detail.
In the present embodiment, pe router all disposes dual stack, operation Interior Gateway Protocol such as OSPF, IS-IS, RIP etc. in each user site, the equal configuration of IP v4/v6 dual stack of pe router, operation Interior Gateway Protocol and LDP agreement in the IPv6MPLS backbone network, Interior Gateway Protocol such as OSPFv3, IS-ISv6, RIPng etc.It may be noted that if2, the if4 necessary configuration of IP v4 compatible IPv6 address of PE especially towards the interface such as the PE2 of IPv6 backbone network.
The processing procedure of embodiment two control informations is as follows:
(1) the unified Interior Gateway Protocol of the router of user site 4 inside operation, through the agreement diffusion, user site equipment CE4 will obtain an inner route 10.0.0.0/8.
(2) can move Interior Gateway Protocol between CE4 and the PE2, also can move EBGP even can the configuring static route.CE4 by above-mentioned approach to PE2 distribution site 4 inner IPv4 route 10.0.0.0/8.
(3) when PE2 receives route 10.0.0.0/8 from CE4, this route is stored among the compatible VRF of VPN1 correspondence, next jumping is set to the exit address (IPv4 address) of CE4, is that this VPN routing iinformation is set route target community simultaneously.PE2 is the LSP of VPN website route assignment among this compatibility VRF, and this LSP is corresponding with the input interface of PE2, and revises the MPLS Label Forwarding Information Base.
As shown in table 6, the content among the compatible VRF of the VPN1 correspondence that PE2 preserves is:
Purpose: Next jumping Route Distinguisher Interface Bottom label Top label
10.0.0.0/8 CE4 RED if1 100
Table 6
Ginseng is shown in Table 7, and amended MPLS Label Forwarding Information Base is as follows:
Input interface Go into label Handle Output interface
if2 100 Eject label if1
Table 7
(4) multi-protocols of PE2 BGP in the UPDATE message with VPN routing iinformation and PE2 distributed labels LSP bundled encapsulation can reach in the attribute, send to PE1.The VPN routing iinformation comprises Route Distinguisher RD and route target RT, VPN destination address and next hop address.
Here, because the input interface if4 of PE2 is directly towards the IPv6 backbone network, and be configured the compatible IPv6 of IPv4 address (:: 202.112.146.2), announce to PE1 as next jumping so can utilize the reflection of the compatible IPv6 of the IPv4 address of input interface to penetrate IPv4 address (202.112.146.2).Table 8 shows PE2 can reach attribute to the multi-protocols of this route of 10.0.0.0/8 encapsulation format.
AFI is 2
SAFI was 129 (representing that the routing iinformation that the NLRI field is carried is the IPv6VPN route that has the MPLS label)
Next jumps length (12)
Next jumps (the IPv4 address RD:202.112.146.2 of input interface, RD should zero setting)
SNPA information
Length (13)
The MPLS label
VPN purpose prefix RD:10.0.0.0
Table 8
(5) PE1 can optionally receive the IPv6VPN route from PE2 according to the expansion community attribute based on route target.Input objective attribute target attribute value according to each compatible VRF among export target property value that carries route in the UPDATE message and the PE compares, and will find the export target property value that comprises this route in the input target of a compatible VRF.After this route of 10.0.0.0/8 is deposited among this compatible VRF.If the input target of all compatible VRF does not comprise this value, then this route is abandoned.The process that deposits compatible VRF here in just PE1 can reach from the BGP multi-protocols take out purpose prefix 10.0.0.0 the attribute, next jumps 202.112.146.2 and label 100, and this VPN route is stored among the compatible VRF, and is as follows.
In the RED of PE1 VRF, deposit following routing iinformation in:
Purpose Next jumping Route target Route Distinguisher Interface Bottom label Top label
10.0.0.0/8 PE2 RD-RED RED if2 100 66
Table 9
The adding definite and top label of next jumping here merits attention.Because the next hop address of 10.0.0.0/8 is the IPv4 address, so can't directly obtain to arrive the route of this IPv4 address.Compatible VRF is by being the compatible IPv6 of IPv4 address with next-hop IP v4 map addresses, and this compatible address has spread in backbone network as the IGP route, so PE2 is confirmed as next hop router.And PE2 is non-close router, wants to arrive PE2 and must pass through the MPLS backbone network.By search purposes is the FEC of PE2, obtains to arrive the LSP inlet label 66 of PE2, and writes among the compatible VRF of VPN1 correspondence among the PE1.
(6) after CE1 obtains the VPN route 10.0.0.0/8 of PE1 by Interior Gateway Protocol or EBGP or static routing, relevant route entry can be installed in the routing table of CE1.
Can move Interior Gateway Protocol between CE1 and the far-end PE 1, also can move EBGP even can the configuring static route.And except that a website belongs to the situation of a plurality of VPN, generally all be the corresponding compatible VRF of interface, after a route is installed among certain compatible VRF of PE1, just can directly determine to announce this route like this to the website of which interface correspondence.
(7) other router in the CE1 website is learnt these routes by Interior Gateway Protocol, install in the routing table of oneself, and next jumping of these routes all is the next-door neighbour's router address to CE1.
(8) set up LSP.With step (8) among the embodiment one.
After controlling signaling based on the forwarding shown in the foregoing description two, the data forwarding process that carries out is identical with the step of the forwarding of embodiment one service data information afterwards, repeats no more here.

Claims (8)

1, a kind of method for routing of VPN (virtual private network), be applied in the communication system based on IPv6 backbone network and IPv4 user network, it is characterized in that, the corresponding compatible virtual routing forwarding VRF of each VPN, described compatible VRF supports the compatible IPv6 of IPv4 address, the corresponding route target community of each compatible VRF, this method may further comprise the steps:
In the a.IPv4 user network purpose VPN website to the outlet edge device PE of provider send purpose VPN website, the address is the routing iinformation of IPv4 address format; Outlet PE is converted to the routing iinformation that the address is the compatible IPv6 address format of IPv4 according to the compatible VRF of purpose VPN correspondence with this routing iinformation, and is sent to entry PE by the IPv6 backbone network; Entry PE is according to the compatible VRF of purpose VPN correspondence, is that the routing iinformation of the compatible IPv6 address format of IPv4 is converted to the source VPN website that is sent to behind the routing iinformation that the address is the IPv4 address format in the IPv4 user network with the address that receives;
And between the outlet PE of the entry PE of source VPN website and purpose VPN website, set up the tunnel;
B. VPN website in source utilizes the routing iinformation of purpose VPN website and tunnel to send Business Stream to purpose VPN website.
2, method according to claim 1 is characterized in that, described tunnel is a label switching path LSP.
3, method according to claim 1 and 2 is characterized in that, described tunnel is set up before or after to be described purpose VPN website by the IPv6 backbone network send to Source Site in the IPv4 user network with the VPN routing iinformation of purpose website.
4, method according to claim 2 is characterized in that, described LSP utilizes LDP or RSVP to set up.
5, method according to claim 2 is characterized in that,
Among the step a, the routing iinformation of outlet PE after with the reference address form comprises by the step that the IPv6 backbone network is sent to entry PE:
Destination address is set to the IPv4 address in this routing iinformation among the compatible VRF of a11, this VPN of outlet PE, next hop address is set to purpose VPN website, and for this routing iinformation distributes a LSP, and the MPLS Label Forwarding Information Base that utilizes this LSP modification self to preserve;
A12, outlet PE will comprise that routing iinformation and the VPN routing iinformation of the destination address that purpose VPN sends, the LSP label of outlet PE distribution and the target routing property of setting of the input interface of self send to entry PE;
Among the step a, entry PE comprises the step that the routing iinformation of IPv4 address format is sent to the source VPN website in the IPv4 user network:
A21, entry PE judge target routing property value among the target routing property value received all compatible VRF corresponding with self, if from all compatible VRF of self correspondence, find and the identical value of receiving of target routing property value, then according to from the routing iinformation among the identical compatible VRF of the updating route information route target community value of the VPN of outlet PE;
After the equipment in the VPN website of source is received the VPN routing iinformation of entry PE, relevant route entry is installed in self routing table; Router in the VPN website of source is learnt this routing iinformation.
6, method according to claim 5 is characterized in that, the routing iinformation of input interface is the IPv6 address described in the routing iinformation of VPN described in the step a12, or the compatible IPv6 of the IPv4 address for utilizing input interface;
When the routing iinformation of described input interface was the IPv6 address, to be entry PE can reach purpose prefix in the attribute according to multi-protocols to destination address reflects to penetrate and obtain in the routing iinformation of VPN described in the step a21;
When the routing iinformation of described input interface was the compatible IPv6 of IPv4 address, destination address was directly can reach the compatible IPv6 of IPv4 address in the attribute according to multi-protocols to reflect to penetrate and obtain in the routing iinformation of VPN described in the step a21.
7, method according to claim 5 is characterized in that, sends the routing iinformation of purpose VPN website between described purpose VPN website and the outlet PE by the routing mode of operation Interior Gateway Protocol, EBGP mode or static configuration.
8, method according to claim 2 is characterized in that, step b comprises:
The packet that equipment in b0, the source VPN website will contain destination address is sent in the corresponding gateway router, after this router is received this packet, judge the routing iinformation of self preserving this destination address correspondence, if have, according to this routing iinformation packet is forwarded to next hop router, through transmitting the outlet device in the VPN website of last arrival source step by step;
The routing table that outlet device in b1, the source VPN website self is preserved according to the destination address inquiry of packet obtains the entry PE address, and this packet is transmitted to this entry PE;
After b2, entry PE are received this packet, directly in the compatible VRF of input interface correspondence, find the route of this destination address, and adopt two-layer label mechanism to carry out the encapsulation of MPLS data message, and this packet is forwarded according to the route that finds;
B3, in the SP network, carry out label exchange according to LSP, be transmitted to the router in downstream from the corresponding interface, and transmit successively, up to the last two jump of outlet PE, eject the stack top label in the last two jump of outlet PE, and be transmitted to outlet PE from the corresponding interface;
B4, outlet PE eject the bottom label of this packet, are reduced to destination address and are the IP bag of IPv4 form, directly this IP bag are transmitted to purpose VPN website from output interface according to self MPLS Label Forwarding Information Base;
After equipment in b5, the purpose VPN website was received this packet, the destination address according to this IP bag carried out the longest path matched and searched in local routing table, find corresponding route, and packet is mail to next hop router, finally is forwarded to destination device.
CNB2005101174980A 2005-11-02 2005-11-02 Routing method of virtual special network Expired - Fee Related CN100433691C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB2005101174980A CN100433691C (en) 2005-11-02 2005-11-02 Routing method of virtual special network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB2005101174980A CN100433691C (en) 2005-11-02 2005-11-02 Routing method of virtual special network

Publications (2)

Publication Number Publication Date
CN1852214A CN1852214A (en) 2006-10-25
CN100433691C true CN100433691C (en) 2008-11-12

Family

ID=37133684

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2005101174980A Expired - Fee Related CN100433691C (en) 2005-11-02 2005-11-02 Routing method of virtual special network

Country Status (1)

Country Link
CN (1) CN100433691C (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101834794A (en) * 2010-05-06 2010-09-15 杭州华三通信技术有限公司 Method and device for forwarding message through backbone network
WO2014079369A1 (en) * 2012-11-21 2014-05-30 Hangzhou H3C Technologies Co., Ltd. Forwarding a packet in a network

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101237343B (en) * 2007-02-02 2011-08-10 华为技术有限公司 Method for quick failure switching and quick switching system
CN101296179B (en) * 2007-10-29 2011-01-26 清华大学 Method for IPv6 repeating vector IPv4/6 through inverse path
CN101262407B (en) * 2008-04-14 2011-05-11 中兴通讯股份有限公司 A method for virtual router to establish tunnel
WO2009150490A1 (en) * 2008-06-09 2009-12-17 Nokia Corporation Method, apparatus, and computer program product for communication routing
EP2494747B1 (en) * 2009-10-30 2023-08-16 Transpacific IP Group Limited METHODS AND DEVICES FOR ROUTING DATA PACKETS BETWEEN IPv4 AND IPv6 NETWORKS
CN102137173B (en) 2010-12-27 2014-09-03 华为技术有限公司 Routing information distributing method, equipment, virtual special network system
CN102195871B (en) * 2011-01-07 2014-02-19 北京华为数字技术有限公司 Method for controlling service traffic forwarding path in multi-protocol label switch (MPLS) virtual private network (VPN)
CN102904814B (en) * 2012-10-19 2015-09-16 福建星网锐捷网络有限公司 Data transmission method, source PE, object PE and data transmission system
CN103986654B (en) * 2014-05-05 2017-11-28 新华三技术有限公司 A kind of LSP generation methods and equipment
CN107370675B (en) * 2016-05-13 2021-02-23 华为技术有限公司 Method and node for route dissemination
CN106878137B (en) * 2016-12-29 2020-08-04 新华三技术有限公司 Route learning method and device
CN108768861B (en) * 2018-06-29 2021-01-08 新华三信息安全技术有限公司 Method and device for sending service message
CN111147376B (en) * 2019-12-30 2022-04-26 杭州迪普科技股份有限公司 Route updating method, device, equipment and medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1564542A (en) * 2004-04-20 2005-01-12 清华大学 Tunnel set-up method for carrying out internet of IPV4 network on IPV6 network
CN1571396A (en) * 2003-07-18 2005-01-26 华为技术有限公司 An implementing method for switching ZONET in IPv6 network
US20050025157A1 (en) * 2003-05-26 2005-02-03 Pennec Jean-Francois Le System for converting data based upon IPv4 into data based upon IPv6 to be transmitted over an IP switched network
WO2005025141A1 (en) * 2003-09-05 2005-03-17 Ntt Docomo, Inc. Communication between fixed terminals of an ipv4 private network and an ipv6 global network interconnected through the ipv4-internet

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050025157A1 (en) * 2003-05-26 2005-02-03 Pennec Jean-Francois Le System for converting data based upon IPv4 into data based upon IPv6 to be transmitted over an IP switched network
CN1571396A (en) * 2003-07-18 2005-01-26 华为技术有限公司 An implementing method for switching ZONET in IPv6 network
WO2005025141A1 (en) * 2003-09-05 2005-03-17 Ntt Docomo, Inc. Communication between fixed terminals of an ipv4 private network and an ipv6 global network interconnected through the ipv4-internet
CN1564542A (en) * 2004-04-20 2005-01-12 清华大学 Tunnel set-up method for carrying out internet of IPV4 network on IPV6 network

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101834794A (en) * 2010-05-06 2010-09-15 杭州华三通信技术有限公司 Method and device for forwarding message through backbone network
WO2014079369A1 (en) * 2012-11-21 2014-05-30 Hangzhou H3C Technologies Co., Ltd. Forwarding a packet in a network
US9479420B2 (en) 2012-11-21 2016-10-25 Hewlett Packard Enterprise Development Lp Forwarding a packet in a network

Also Published As

Publication number Publication date
CN1852214A (en) 2006-10-25

Similar Documents

Publication Publication Date Title
CN100433691C (en) Routing method of virtual special network
CN107222449B (en) Communication method, device and system based on flow rule protocol
US9124567B2 (en) Methods and devices for converting routing data from one protocol to another in a virtual private network
US7756998B2 (en) Managing L3 VPN virtual routing tables
US8151000B1 (en) Transparently providing layer two (L2) services across intermediate computer networks
US7688829B2 (en) System and methods for network segmentation
RU2302035C2 (en) 3-level virtual vpn network and method for building the same
US7463597B1 (en) Spanning tree protocol synchronization within virtual private networks
CN100387019C (en) Method for realizing cross-mixed network multi-protocol tag exchange virtual special network
US8879569B2 (en) Virtual network connection method, network system, and network device
US20060182122A1 (en) Inter-autonomous-system virtual private network with autodiscovery and connection signaling
CN102413060B (en) User private line communication method and equipment used in VPLS (Virtual Private LAN (Local Area Network) Service) network
CN100505674C (en) Packet forwarding method, system and verge equipment in virtual private network
CN101106507B (en) A method for realizing hierarchical VLAN
CN105634940A (en) SR information acquisition method and route segment network establishment method
CN100393062C (en) Method for core network access to multi-protocol sign exchange virtual special network
CN100450065C (en) Method for providing communication between virtual special network stations
CN101778035B (en) Virtual private LAN service communication method and device
CN102474451B (en) Connect internal layer and outer MPLS label
WO2013139270A1 (en) Method, device, and system for implementing layer3 virtual private network
CN100559772C (en) Mixed virtual private network system and backbone network edge apparatus and collocation method thereof
CN113904981B (en) Routing information processing method and device, electronic equipment and storage medium
CN100414919C (en) Method for realizing virtual special network of over-muti-autonomous system mixed network
CN100502343C (en) Method of intercommunication of multi-protocol label exchange virtual special network
CN102724126A (en) Method, device and equipment for forwarding Ethernet tree (E-tree) service message

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20171212

Address after: Tiefu iron rich street Pizhou city 221331 Jiangsu city of Xuzhou province (Cultural Center)

Patentee after: Pan Rongqiong

Address before: 510640 Guangdong City, Tianhe District Province, No. five, road, public education building, unit 371-1, unit 2401

Patentee before: GUANGDONG GAOHANG INTELLECTUAL PROPERTY OPERATION Co.,Ltd.

Effective date of registration: 20171212

Address after: 510640 Guangdong City, Tianhe District Province, No. five, road, public education building, unit 371-1, unit 2401

Patentee after: GUANGDONG GAOHANG INTELLECTUAL PROPERTY OPERATION Co.,Ltd.

Address before: 518129 Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen

Patentee before: HUAWEI TECHNOLOGIES Co.,Ltd.

CB03 Change of inventor or designer information
CB03 Change of inventor or designer information

Inventor after: Shang Yutao

Inventor before: Zhang Hongke

Inventor before: Gao Shuai

Inventor before: Li Defeng

Inventor before: Gu Zhihui

Inventor before: Huo Hongwei

TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20180129

Address after: 065000 Langfang City, Hebei province Anci district flourishing street 4 No. 3

Patentee after: Shang Yutao

Address before: Tiefu iron rich street Pizhou city 221331 Jiangsu city of Xuzhou province (Cultural Center)

Patentee before: Pan Rongqiong

TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20181105

Address after: 221300 Liu Gou Village, Zou Zhuang Town, Pizhou City, Xuzhou, Jiangsu

Patentee after: Xuzhou Yong Wei Wood Industry Co.,Ltd.

Address before: 065000 No. 4, Chang Ming Street, Anci District, Langfang, Hebei, 3

Patentee before: Shang Yutao

CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20081112

Termination date: 20181102