CN103780467B - communication connection method, communication device and communication system - Google Patents

communication connection method, communication device and communication system Download PDF

Info

Publication number
CN103780467B
CN103780467B CN201210401104.4A CN201210401104A CN103780467B CN 103780467 B CN103780467 B CN 103780467B CN 201210401104 A CN201210401104 A CN 201210401104A CN 103780467 B CN103780467 B CN 103780467B
Authority
CN
China
Prior art keywords
website
configuration informations
tunnel
vpn
vpn configuration
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201210401104.4A
Other languages
Chinese (zh)
Other versions
CN103780467A (en
Inventor
周天然
曾晴
于德雷
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN201210401104.4A priority Critical patent/CN103780467B/en
Priority to PCT/CN2013/075605 priority patent/WO2014059787A1/en
Publication of CN103780467A publication Critical patent/CN103780467A/en
Application granted granted Critical
Publication of CN103780467B publication Critical patent/CN103780467B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation
    • H04L47/72Admission control; Resource allocation using reservation actions during connection setup
    • H04L47/724Admission control; Resource allocation using reservation actions during connection setup at intermediate nodes, e.g. resource reservation protocol [RSVP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation
    • H04L47/82Miscellaneous aspects
    • H04L47/825Involving tunnels, e.g. MPLS

Abstract

The embodiment of the invention discloses a communication connection method, a communication device and a communication system. The method includes: a first request message sent by a network station point when the load of the network station point is higher than a first load is received, wherein the first request message includes a VPC (Virtual Private Cloud) establishment request, an ID (Identity) of the network station point and first tunnel attribute information; a target VPC is established according to the VPC establishment request; the target VPC and a first PE (Provider Edge) are connected; the ID of the network station point and the first tunnel attribute information are sent to the first PE so that the first PE is enabled to acquire second VPN (Virtual Private Network) configuration information and an address of a second PE according to the ID of the network station point, and determine first VPN configuration information according to the second VPN configuration information and establish VPN connection and channel connection with the second PE according to the first VPN configuration information, the address of the second PE and the first tunnel attribute information so that communication connection between the target VPC and the network station point is realized. The communication connection method, the communication device and the communication system are capable of realizing timely communication connection according to the needs of the network station point so that connection efficiency is improved.

Description

Communication connecting method, communicator and communication system
Technical field
The present invention relates to the communications field, more particularly to a kind of communication connecting method, communicator and communication system.
Background technology
Cloud computing technology is a kind of data that website (such as enterprise computer system) is processed using high in the clouds, will be processed As a result the technology of website is returned to.
During using cloud computing technology, beyond the clouds rental equipment constitutes a virtual private cloud to website(Virtual Private Cloud, VPC).When the data-handling capacity of website can not meet demand, website and VPC are set up and is connected Connect, using VPC data processing is carried out;When the data-handling capacity of website disclosure satisfy that demand, website disconnects with VPC Connection, so as to farthest reduce equipment and maintenance cost.
But, existing method is generally set up with VPC by the manual control realization website of webmaster and is connected, and joint efficiency has Wait to improve.
The content of the invention
The embodiment of the present invention provides a kind of communication connecting method, communicator and communication system, it is possible to increase joint efficiency.
The embodiment of the present invention is adopted the following technical scheme that:
A kind of first aspect, there is provided communication connecting method, including:
The first request message that website sends when the load of the website is higher than the first load is received, it is described First request message includes creating request, the mark of the website of VPC(IDentity, ID)With the first tunnel attribute letter Breath;Target VPC is created according to the request of the establishment VPC;Connect target VPC and the first provider edge equipment (Provider edge, PE);The ID and the first tunnel attribute information of the website are sent to a PE, is made Obtain a PE and the second Virtual Private Network is obtained according to the ID of the website(Virtual Private Network, VPN)The address of configuration information and the 2nd PE, and determined and the 2nd VPN configuration informations according to the 2nd VPN configuration informations The VPN configuration informations for matching, and according to a VPN configuration informations, the address and described first of the 2nd PE Tunnel attribute information, sets up and VPN connections and tunnel connection between the 2nd PE, so as to realize target VPC and institute State the communication connection between website, the 2nd VPN configuration informations are the VPN configuration informations of the 2nd PE, described second PE is the access device of the website.
It is described to connect target VPC and the first operator side in the first possible implementation of first aspect Edge equipment(PE)Including:Create Virtual User edge device corresponding with target VPC(Virtual customer edge, VCE);First PE is connected by the VCE.
With reference to it is described in a first aspect, or the first aspect the first possible implementation, in the first aspect Second possible implementation in, also include:The second request message that the website sends is received, described second please Message is asked to include updating the ID of the request, the second tunnel attribute information and the website that communicate to connect;According to the renewal The request of communication connection determines that the website need to be updated after communication connection, and to a PE the second tunnel category is sent The ID of property information and the website a so that PE is according to the ID of the website, the address of the 2nd PE And the second tunnel attribute information, the tunnel attribute between a PE and the 2nd PE is updated, so as to update the mesh Mark the communication connection attribute of VPC and the website.
Second aspect, there is provided another kind of communication connecting method, including:Target VPC of the connection positioned at high in the clouds;Receive the cloud The ID and the first tunnel attribute information, the ID of the website and the first tunnel attribute information of the website that end sends Sent when the load of the website is higher than the first load by the website;Obtained according to the ID of the website The address of the 2nd VPN configuration informations and the 2nd PE, the 2nd VPN configuration informations are the VPN configuration informations of the 2nd PE, institute State the access device that the 2nd PE is the website;Determined and the 2nd VPN configurations according to the 2nd VPN configuration informations First VPN configuration informations of information match;According to a VPN configuration informations, the address of the 2nd PE and described One tunnel attribute information, set up and the 2nd PE between VPN connection and tunnel connection, so as to realize target VPC with Communication connection between the website.
It is described to obtain second according to the ID of the website in the first possible implementation of second aspect The address of VPN configuration informations and the 2nd PE includes:Using the ID of the network website, configure to the 2nd VPN described in data base querying The address of information and the 2nd PE, the data base prestore the website corresponding 2nd PE of ID address and The corresponding 2nd VPN configuration informations of ID of the website.
With reference to the second aspect, or the first possible realization of the second aspect, the of the second aspect In two kinds of possible implementations, also include:Receive the ID and the second tunnel attribute information of the website that high in the clouds sends; ID, the address of the 2nd PE and the second tunnel attribute information according to the website, update the PE with Tunnel attribute between the 2nd PE, so as to update the communication connection attribute of target VPC and the website.
In the third possible implementation of the second aspect, the connection is located at target VPC in the high in the clouds, Including:Target VPC is connected by the VCE positioned at the high in the clouds.
A kind of third aspect, there is provided high in the clouds device, including:First receiver module, for receiving website in the net The first request message that the load of network website sends when being higher than the first load, first request message includes creating asking for VPC Ask, the ID of the website and the first tunnel attribute information;Creation module, for being created according to the request of the establishment VPC Target VPC;Link block, for connecting target VPC and a PE;First sending module, for sending out to a PE Send the ID and the first tunnel attribute information of the website so that a PE is obtained according to the ID of the website The address of the 2nd VPN configuration informations and the 2nd PE is taken, and is matched somebody with somebody with the 2nd VPN according to the 2nd VPN configuration informations determination A VPN configuration informations of information match are put, and according to a VPN configuration informations, the address of the 2nd PE and institute The first tunnel attribute information is stated, is set up and VPN connections and tunnel connection between the 2nd PE, so as to realize the target Communication connection between VPC and the website, the 2nd VPN configuration informations are the VPN configuration informations of the 2nd PE, institute State the access device that the 2nd PE is the website.
In the first possible implementation of the third aspect, the link block includes:Creating unit, for creating VCE corresponding with target VPC;Connection unit, for connecting a PE by the VCE.
With reference to the third aspect, or the first possible implementation of the third aspect, the of the third aspect In two kinds of possible implementations, also include:Second receiver module, disappears for receiving the second request that the website sends Breath, second request message includes the ID of the request, the second tunnel attribute information and the website for updating communication connection; Second sending module, for determining that the website need to be updated after communication connection according to the request for updating communication connection, The ID of the second tunnel attribute information and the website is sent to a PE so that a PE is according to described The ID of website, the address of the 2nd PE and the second tunnel attribute information, update a PE and described second Tunnel attribute between PE, so as to update the communication connection attribute of target VPC and the website.
A kind of fourth aspect, there is provided communicator, including:First link block, for the target that connection is located at high in the clouds VPC;First receiver module, for receiving the ID and the first tunnel attribute information of the website that the high in the clouds sends, the net The ID of network website and the first tunnel attribute information are negative higher than first in the load of the website by the website Send during lotus;Acquisition module, for obtaining the address of the 2nd VPN configuration informations and the 2nd PE according to the ID of the website, The 2nd VPN configuration informations are the VPN configuration informations of the 2nd PE, and the 2nd PE is that the access of the website sets It is standby;Determining module, for determining match with the 2nd VPN configuration informations first according to the 2nd VPN configuration informations VPN configuration informations;Second link block, for according to a VPN configuration informations, the address of the 2nd PE and described One tunnel attribute information, set up and the 2nd PE between VPN connection and tunnel connection, so as to realize target VPC with Communication connection between the website.
In the first possible implementation of fourth aspect, the acquisition module is specifically for using the network station The ID of point, to the address of the 2nd VPN configuration informations and the 2nd PE described in data base querying, the data base prestores the net The corresponding 2nd VPN configuration informations of the ID of address and the website of corresponding 2nd PE of ID of network website.
With reference to the fourth aspect, or the first possible implementation of the fourth aspect, the of fourth aspect In two kinds of possible implementations, also include:Second receiver module, for receive high in the clouds transmission the website ID and Second tunnel attribute information;3rd link block, for according to the ID of the website, the address of the 2nd PE and described Second tunnel attribute information, updates the tunnel attribute between the PE and the 2nd PE, so as to update target VPC with The communication connection attribute of the website.
In the third possible implementation of fourth aspect, first link block is specifically for by being located at The Virtual User edge device VCE in the high in the clouds connects target VPC.
5th aspect, there is provided provide in a kind of communication system, including the third aspect any one possible implementation The communicator provided in high in the clouds device and fourth aspect any one possible implementation.
Communication connecting method provided in an embodiment of the present invention, communicator and communication system, are existed by receiving website Automatically send after the request message comprising the request, the ID of website and the first tunnel attribute information that create VPC, according to establishment The request of VPC creates target VPC, and a linking objective VPC and PE sends ID and the first tunnel category of website to a PE Property information so that a PE obtains the address of the 2nd VPN configuration informations and the 2nd PE according to the ID of website, and according to second VPN configuration informations obtain the VPN configuration informations for matching, and according to a VPN configuration informations, the address of the 2nd PE and One tunnel attribute information, sets up and VPN connections and tunnel connection between the 2nd PE, realizes between target VPC and website Communication connection.Because request message is sent automatically by website, therefore can realize being built in time according to the needs of website Vertical communication connection such that it is able to improve joint efficiency.
Description of the drawings
Technical scheme in order to be illustrated more clearly that the embodiment of the present invention, below will be to making needed for embodiment description Accompanying drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the present invention, for For those of ordinary skill in the art, on the premise of not paying creative work, can be obtaining other according to these accompanying drawings Accompanying drawing.
Fig. 1 is a kind of flow chart of communication connecting method 100 provided in an embodiment of the present invention;
Fig. 2 is the flow chart of another kind of communication connecting method 100 provided in an embodiment of the present invention;
Fig. 3 is a kind of flow chart of communication connecting method 200 provided in an embodiment of the present invention;
Fig. 4 is the flow chart of another kind of communication connecting method 200 provided in an embodiment of the present invention;
Fig. 5 is a kind of application scenarios schematic diagram of the data transmission method of the embodiment of the present invention;
Fig. 6 is the schematic flow sheet that the embodiment of the present invention realizes communication connection;
Fig. 7 is that the embodiment of the present invention is realized updating the schematic flow sheet of communication connection;
Fig. 8 is a kind of structural representation of high in the clouds device provided in an embodiment of the present invention;
Fig. 9 is the structural representation of another kind of high in the clouds device provided in an embodiment of the present invention;
Figure 10 is the structural representation of another high in the clouds device provided in an embodiment of the present invention;
Figure 11 is a kind of structural representation of communicator provided in an embodiment of the present invention;
Figure 12 is the structural representation of another kind of communicator provided in an embodiment of the present invention;
Figure 13 is a kind of structural representation of communication system provided in an embodiment of the present invention;
Figure 14 is the structural representation of another high in the clouds device provided in an embodiment of the present invention;
Figure 15 is the structural representation of another communicator provided in an embodiment of the present invention.
Specific embodiment
To make the object, technical solutions and advantages of the present invention clearer, below in conjunction with accompanying drawing to embodiment party of the present invention Formula is described in further detail.
In the embodiment of the present invention, website is the website that data processing can be carried out using high in the clouds, for example, the net Network website can be a computer(Such as PC), or a computer system(Such as enterprise computer system).
The embodiment of the present invention provides a kind of communication connecting method 100, as shown in figure 1, method 100 can include:
110th, the first request message that website sends when the load of the website is higher than the first load is received, should First request message includes creating request, the ID of the website and the first tunnel attribute information of VPC.
Wherein, the ID of the website is used to recognize the website that the request for creating VPC can be in the first request message Middle application data section is identified.
Specifically, the website can with real-time detection load, when load is higher than the first load, to high in the clouds send this One solicited message, the i.e. transmission of website Autonomous Control first request message.Wherein, first load can be according to difference Scene, is configured change.In addition, according to different application scenarios, website can be somebody's turn to do with basis to instruction transmission is sent First request message.
120th, target VPC is created according to the request of establishment VPC.
Wherein, target VPC is VPC corresponding with the website.
130th, target VPC and a PE are connected.
140th, the ID and the first tunnel attribute information of the website are sent to a PE so that a PE according to The ID of the website obtains the address of the 2nd VPN configuration informations and the 2nd PE, and according to the 2nd VPN configuration informations determine with The VPN configuration informations that 2nd VPN configuration informations match, and according to a VPN configuration informations, the ground of the 2nd PE Location and the first tunnel attribute information, set up and VPN connections and tunnel connection between the 2nd PE, so as to realize the target Communication connection between VPC and the website, the 2nd VPN configuration informations are the VPN configuration informations of the 2nd PE, the 2nd PE For the access device of the website.
Wherein, VPN configuration informations are related to the type of the VPN to be set up connections.For example, when the VPN to be set up connects It is connected in the VPN based on three layer protocols(Layer 3VPN)When, the 2nd VPN configuration informations can be that the input of the 2nd PE route Target(Route Target,RT)With the output information such as RT;When the type of the VPN to be set up connections is based on two-layer protocol VPN(Layer 2VPN)In virtual leased line(Virtual Leased Line, VLL)When, the 2nd VPN configuration informations can Think virtual circuit(Virtual Circuit, VC)The information such as ID.Wherein, the address of the 2nd PE can be the IP of the 2nd PE Address.
In the embodiment of the present invention, the logical of unidirectional tunnel or bidirectional tunnel can be set up between target VPC and website Letter connection.
An above-mentioned PE and the 2nd PE is divided for ease of distinguishing different PE during statement, is not constituted to of the invention real Apply the restriction of example.An above-mentioned VPN configuration informations and the 2nd VPN configuration informations are configured for ease of distinguishing different VPN during statement Information and divided, do not constitute the restriction to the embodiment of the present invention.
The executive agent of above-mentioned 110-140 can be high in the clouds device, and the high in the clouds device may be located at high in the clouds.In addition, the cloud End device can be divided into different module distributions in multiple equipment, it is also possible among being integrated in same equipment, be also used as One independent equipment.
The communication connecting method 100 of the embodiment of the present invention, by receiving asking for the establishment VPC that website sends automatically Ask, the ID of website and the first tunnel attribute information, target VPC is created according to the request for creating VPC, linking objective VPC and First PE, sends the ID and the first tunnel attribute information of website so that IDs of the PE according to website to a PE The address of the 2nd VPN configuration informations and the 2nd PE is obtained, and the VPN for obtaining matching according to the 2nd VPN configuration informations matches somebody with somebody Confidence ceases, and according to a VPN configuration informations, the address of the 2nd PE and the first tunnel attribute information, sets up and between the 2nd PE VPN connects and tunnel connection, realizes the communication connection between target VPC and website.Because request message is by website Automatically send, therefore can realize setting up communication connection in time according to the needs of website such that it is able to improve joint efficiency.
In the embodiment of the present invention, alternatively, when connecting a VPC and PE in above-mentioned 130, can create and the target The corresponding VCE of VPC, by the VCE PE is connected.
Wherein, the VCE connect a PE refer to setting the VCE so that the VCE can be communicated with a PE. For example, when the communication between the VCE and a PE is based on three-layer routing agreement, the route association of the operation on the VCE is set View so that the route on the VCE can be with the route intercommunication on a PE.Again for example, when operation on the VCE and a PE Routing Protocol be Border Gateway Protocol(Border Gateway Protocol, BGP)When, the bgp peer of the VCE is set It is a PE.Again for example, when the communication between the VCE and a PE is based on two-layer protocol, such as in VLAN (Virtual Local Area Network, VLAN)In the case of, arrange and connect on the VLAN ID and PE on the VCE The VLAN ID for entering the interface of the VCE are identical so that the VCE can with a PE on access the interface of the VCE same In VLAN.
As shown in Fig. 2 in the embodiment of the present invention, alternatively, can also include after above-mentioned 140:
150th, the second request message that the website sends is received, second request message includes updating communication connection The ID of request, the second tunnel attribute information and the website.
Specifically, the website can such as detect current communication link with the transmission of the request message of Autonomous Control second Connect and send when need to update the second request message.In addition, according to different application scenarios, the website can be with according to transmission Instruction sends the second request message.
160th, determine that the website need to be updated after communication connection, to a PE according to the request of the renewal communication connection Send the second tunnel attribute information and the ID of the website so that a PE according to the ID of the website, this second The address of PE and the second tunnel attribute information, update the tunnel attribute between a PE and the 2nd PE, so as to update the mesh The communication connection attribute of mark VPC and the website.
As such, it is possible to the communication connection of real-time adjustment target VPC and website as needed.
In the embodiment of the present invention, the first tunnel attribute information and the second tunnel attribute information can include website and cloud The communication tunnel bandwidth value at end.
The embodiment of the present invention is by receiving the establishment request of VPC, the ID of website that website sends automatically and the One tunnel attribute information, according to the request for creating VPC target VPC is created, and a linking objective VPC and PE sends to a PE The ID of website and the first tunnel attribute information so that a PE obtains the 2nd VPN configuration informations according to the ID of website And the 2nd PE address, and VPN configuration informations for obtaining matching according to the 2nd VPN configuration informations, and according to a VPN Configuration information, the address of the 2nd PE and the first tunnel attribute information, set up and VPN connections and tunnel connection between the 2nd PE, Realize the communication connection between target VPC and website.Because request message is sent automatically by website, therefore can realize Communication connection is set up in time according to the needs of website such that it is able to improve joint efficiency.
Another kind of communication connecting method 200 provided in an embodiment of the present invention, as shown in figure 3, method 200 can include:
210th, target VPC of the connection positioned at high in the clouds.
Wherein, target VPC is created by the high in the clouds.
220th, the ID and the first tunnel attribute information of the website that the high in the clouds sends are received, the ID of the website and should First tunnel attribute information is sent by the website when the load of the website is higher than the first load.
230th, the address of the 2nd VPN configuration informations and the 2nd PE, the 2nd VPN configurations are obtained according to the ID of the website Information is the VPN configuration informations of the 2nd PE, and the 2nd PE is the access device of the website.
Wherein, the access device can be the network equipment with routing function, such as router.
240th, determine that the VPN matched with the 2nd VPN configuration informations matches somebody with somebody confidence according to the 2nd VPN configuration informations Breath.
Wherein, VPN configuration informations are related to the type of the VPN to be set up connections.For example, when the VPN to be set up connects It is connected in the VPN based on three layer protocols(Layer 3VPN)When, the 2nd VPN configuration informations can be the input road of the website By target(Route Target,RT)With the output information such as RT;When the type of the VPN to be set up connections is based on two-layer protocol VPN(Layer 2VPN)In virtual leased line(Virtual Leased Line, VLL)When, the 2nd VPN configuration informations It can be virtual circuit(Virtual Circuit, VC)The information such as ID.Wherein, the address of the 2nd PE can be the 2nd PE's IP address.
250th, according to a VPN configuration informations, the address of the 2nd PE and the first tunnel attribute information, set up and be somebody's turn to do VPN connections and tunnel connection between the 2nd PE, so as to realize the communication connection between target VPC and the website.
In the embodiment of the present invention, the logical of unidirectional tunnel or bidirectional tunnel can be set up between target VPC and website Letter connection.
An above-mentioned VPN configuration informations and the 2nd VPN configuration informations are carried out for ease of distinguishing different VPN configuration informations Divide, do not constitute the restriction to the embodiment of the present invention.The executive agent of above-mentioned 210-250 can be communicator, the communication dress It is set to the network equipment with routing function, such as router.
The communication connecting method 200 of the embodiment of the present invention, by connection positioned at target VPC in high in the clouds, receives the high in the clouds and sends out The ID of the website for sending and the first tunnel attribute information, according to the ID of the website the 2nd VPN configuration informations and the are obtained The address of two PE, and the VPN configuration informations for obtaining matching according to the 2nd VPN configuration informations, and configured according to a VPN Information, the address of the 2nd PE and the first tunnel attribute information, set up and VPN connections and tunnel connection between the 2nd PE, realize Communication connection between target VPC and website.Due to website ID and the first tunnel attribute information by website from It is dynamic to send, therefore can realize setting up communication connection in time according to the needs of website such that it is able to improve joint efficiency.
In the embodiment of the present invention, alternatively, the 2nd VPN configuration informations are obtained according to the ID of the website in above-mentioned 230 And the 2nd PE address when, can apply the network website ID, to the VPN configuration informations of data base querying the 2nd and the 2nd PE Address, the data base prestore the website corresponding 2nd PE of ID address and the website ID it is corresponding should 2nd VPN configuration informations.
In this manner it is achieved that according to the ID of the network website from trend data base obtain the 2nd VPN configuration informations and this second The address of PE, realizes the connection with the 2nd PE and high in the clouds, can improve joint efficiency.
In the embodiment of the present invention, the data base can apply the form shown in table 1 to store the ID of the network website, the 2nd PE Address and the 2nd VPN configuration informations.
Table 1
The ID of website 2nd VPN configuration informations The address of the 2nd PE
In table 1, the address three of the ID of the network website, the 2nd VPN configuration informations and the 2nd PE is corresponding.Wherein, The ID of website is used to identify the website, and the 2nd VPN configuration informations are the VPN configuration informations of the 2nd PE, the 2nd PE's Address can be the IP address of the 2nd PE.
In the embodiment of the present invention, when the 2nd VPN configuration informations are the input RT of the 2nd PE and export RT, above-mentioned 240 During the VPN configuration informations that middle determination matches with the 2nd VPN configuration informations, by the net in the 2nd VPN configuration informations The input RT of network website as a VPN configuration informations output RT, by the website in the 2nd VPN configuration informations Input RTs of the output RT as a VPN configuration informations.When 2nd VPN configuration informations are VC ID, determine in above-mentioned 240 During the VPN configuration informations matched with the 2nd VPN configuration informations, the value of the VC ID in a VPN configuration informations with The value of the VC ID in the 2nd VPN configuration informations is identical.
In the embodiment of the present invention, alternatively, when connection is located at target VPC in the high in the clouds, can be by positioned at the high in the clouds VCE connects target VPC.
For example, when by connecting target VPC positioned at the VCE in the high in the clouds, local parameter can be arranged to realize and position VCE in the high in the clouds connects.The method to set up of local parameter is similar with the method to set up of VCE parameters in above-mentioned 130, refers to.
As shown in figure 4, in the embodiment of the present invention, alternatively, after above-mentioned 250, can also include:
260th, the ID and the second tunnel attribute information of the website that the high in the clouds sends are received.
270th, according to the website ID, the address of the 2nd PE and the second tunnel attribute information, update this first Tunnel attribute between PE and the 2nd PE, so as to update the communication connection attribute of target VPC and the website.
As such, it is possible to the communication connection of real-time adjustment target VPC and website as needed.
Specifically, the second tunnel attribute information can include two-way communication tunnel bandwidth value, equally, communication connection herein Can be the communication connection of unidirectional tunnel or bidirectional tunnel, or the communication connection of bidirectional tunnel.
In the embodiment of the present invention, the first tunnel attribute information and the second tunnel attribute information can include website and cloud The communication tunnel bandwidth value at end.
The embodiment of the present invention, by connection positioned at target VPC in high in the clouds, receives the ID and the of the website that high in the clouds sends One tunnel attribute information, according to the ID of website the address of the 2nd VPN configuration informations and the 2nd PE is obtained, and according to second VPN configuration informations obtain the VPN configuration informations for matching, and according to a VPN configuration informations, the address of the 2nd PE and One tunnel attribute information, sets up and VPN connections and tunnel connection between the 2nd PE, realizes between target VPC and website Communication connection.Because the ID and the first tunnel attribute information of website are sent automatically by website, therefore root can be realized Communication connection is set up in time according to the needs of website such that it is able to improve joint efficiency.
Fig. 5 shows a kind of application scenarios of the communication connecting method of the embodiment of the present invention, in Fig. 5, including website, Carrier network and high in the clouds.Wherein website includes website management module and network site user edge device (customer edge,CE), wherein website management module is used to detect website load, and sends message to high in the clouds; Website CE can be the egress router at web site data center, be connected with website PE.Carrier network includes Website PE, high in the clouds PE and data base.Wherein website PE(2nd PE)For what is provided by carrier network, for should Website is linked into the access device of the upper network of operation(Such as router), website PE one lattice as shown in table 2 of maintenance The contingency table of formula.High in the clouds PE(First PE)For what is provided by carrier network, for high in the clouds to be linked into into connecing for carrier network Enter equipment(Such as router).High in the clouds PE safeguards one such as table 3(It is as described below)The contingency table of shown form.Data base and high in the clouds PE is connected, the information table of the form as shown in table 1 of database purchase one.High in the clouds includes high in the clouds management module, cloud gateway router (cloud gateway router,CGR)And public cloud, wherein CGR can be the egress router in high in the clouds, connect with high in the clouds PE Connect.
Below by taking the application scenarios shown in Fig. 5 as an example, the interaction flow with reference to shown in Fig. 6 describes the embodiment of the present invention in detail Communication connecting method implement process, it will be appreciated that Fig. 5 is only a kind of application scenarios of the embodiment of the present invention, be for Conveniently understand the embodiment of the present invention and make it is exemplary illustrated, be not construed as the restriction to the embodiment of the present invention.Additionally, in Fig. 5 So that VPN is connected as Layer 3VPN connections as an example, but this is not limited to, for example, VPN connections can also connect for Layer 2VPN Connect.
In scene shown in Fig. 5, before realizing that website is communicated to connect with high in the clouds, website is to operator's registered network The ID of website, the ID of website is used to distinguish different websites.A VPN instance, network are set up on website PE Configuration input RT and output RT on website PE(Configuration information), and using the lattice shown in table 1 in the data base of carrier network Formula preserves the input RT and output RT configured on ID, the website PE of website(2nd VPN configuration informations)And network station The address of point PE.The ID of website and corresponding is recorded in the contingency table of the form as shown in table 2 that website PE is safeguarded Website VPN ID, set up Tunnel before tunnel connection(Tunnel)ID is sky, sets up Tunnel ID records after tunnel connection In table 2(Referring to the method for the tunnel ID that reverse tunnel is obtained in following Fig. 6 507).
Table 2
The ID of website Website VPN ID Tunnel ID
In table 2, VPN ID, TunnelID threes are corresponding for the ID of website, website.
The bidirectional tunnel referred in the embodiment of the present invention includes positive tunnel and reverse tunnel, high in the clouds PE(First PE)To net Network website PE(2nd PE)Tunnel be positive tunnel, the tunnel of website PE to high in the clouds PE is reverse tunnel.
Fig. 6 is the information exchange schematic diagram for realizing communicating to connect in Fig. 5 scenes, including:
501st, high in the clouds management module receives the connection request message of website management module transmission(First request disappears Breath), connection request message include create VPC(Target VPC)Request, the ID of website and bidirectional tunnel bandwidth value(First Tunnel attribute information), high in the clouds management module is according to request one VPC of establishment for creating VPC(Target VPC).
For example, an indication field, mark can be added in connection request message to create the request of VPC, indicates high in the clouds Create VPC.
Wherein, connection request message is sent automatically by website when the load of website is higher than the first load, double Include positive tunnel bandwidth value and reverse tunnel bandwidth value to tunnel bandwidth value.
502nd, high in the clouds management module sends the ID and bidirectional tunnel bandwidth value of website to CGR.
503rd, CGR creates VCE corresponding with VPC, and connects high in the clouds PE by VCE.
Now, high in the clouds PE is also connected with VCE.
504th, CGR sends the ID and bidirectional tunnel bandwidth value of website to high in the clouds PE.
Specifically, the ID of website and bidirectional tunnel bandwidth can be carried on extending boundary gateway protocol by CGR (Border Gateway Protocol, BGP)Send to high in the clouds PE in update signaling attributes.
505th, the ID of high in the clouds PE application networks website to data base obtain website PE configuration input RT and output RT, And the address of website PE.
506th, the input RT of high in the clouds PE application networks website PE configurations and output RT(First VPN configuration informations)Set up VPN Example, generates high in the clouds VPN ID, and VCE is docked with the VPN instance, and the contingency table that beyond the clouds PE is safeguarded(As shown in table 3)In The ID and high in the clouds VPN ID of record website, in table 3, Tunnel(Tunnel)ID hurdles are vacant, treat that following 507 determine Tunnel It is stored in table after ID.
Table 3
The ID of website High in the clouds VPN ID Tunnel ID
In table 3, the ID of website, high in the clouds VPN ID, Tunnel ID threes are corresponding.
507th, bidirectional tunnel connection is initiated in the address of high in the clouds PE application networks website PE to website PE, and using two-way Bandwidth value determines two-way bandwidth.
Wherein, bidirectional tunnel includes positive tunnel(High in the clouds PE to website PE)And reverse tunnel(Website PE is extremely High in the clouds PE), correspondingly, bidirectional tunnel bandwidth value includes positive tunnel bandwidth value and reverse tunnel bandwidth value.For example, high in the clouds PE wounds Positive tunnel is built, after positive tunnel is created, the tunnel ID in positive tunnel, the record contingency table that beyond the clouds PE is safeguarded is obtained(Table 3)In the website the corresponding list items of ID in, beyond the clouds PE creates the information in positive tunnel and reaches after website PE, touches Send out website PE and create reverse tunnel, after reverse tunnel is created, website PE obtains the tunnel ID of reverse tunnel, record In the contingency table that website PE is safeguarded(Table 2)In the website the corresponding list items of ID in.
508th, the contingency table that high in the clouds PE is safeguarded according to high in the clouds PE(Table 3)In website ID, by the tunnel in positive tunnel Road ID and high in the clouds VPN ID bindings.
509th, the contingency table that website PE is safeguarded according to website PE(Table 2)In website ID, will be reverse The tunnel ID and website VPN ID bindings in tunnel.
It should be appreciated that the embodiment of the present invention can also initiate unidirectional tunnel connection, concrete methods of realizing can refer to Bidirectional tunnel method of attachment is stated, is repeated no more.
So far, the communication connection of VPC and the data center of website is realized.
In addition in the embodiment of the present invention, after setting up bidirectional tunnel connection between PE and website PE beyond the clouds, can be with According to the request of website, by the bandwidth value of new bidirectional tunnel bidirectional tunnel connection is updated.Fig. 7 is referred to, including:
601st, high in the clouds management module receives the renewal request message of website management module transmission(Second request message), Updating request message includes updating the request of bidirectional tunnel(Update the request of communication connection), website ID and bidirectional tunnel Bandwidth value(Second tunnel attribute information).
For example, an indication field, mark can be added in request message is updated to update the request of bidirectional tunnel, is indicated High in the clouds updates bidirectional tunnel.Update request message and transmission when tunnel bandwidth needs to change is detected by website, or by net Network website sends according to instruction, and bidirectional tunnel bandwidth value can include positive tunnel bandwidth value and reverse tunnel bandwidth value.
After receiving the request of bidirectional tunnel bandwidth, 602 are performed.
602nd, high in the clouds management module sends the ID and bidirectional tunnel bandwidth value of website to CGR.
603rd, CGR sends the ID and bidirectional tunnel bandwidth value of website to high in the clouds PE.
Equally, herein the ID of website and bidirectional tunnel bandwidth value can be carried on extension BGP update letters by CGR Attribute is made to send to high in the clouds PE.
604th, high in the clouds PE according to the ID of website local maintenance contingency table(Table 3)In inquire the website The tunnel ID in the corresponding positive tunnels of ID, by bidirectional tunnel bandwidth value in the positive tunnel of positive tunnel bandwidth value change band It is wide.
605th, the ID of website and reverse tunnel bandwidth value are sent to website PE by high in the clouds PE.
Specifically, high in the clouds PE can pass through extended resources reservation protocol flow engineering(Resource Reservation Protocol-Traffic Engineering, RSVP-TE)Signaling carries the ID and reverse tunnel bandwidth value of website and sends To website PE.
606th, website PE passes through the contingency tables of the ID in local maintenance of website(Table 2)The network of middle inquiry storage The tunnel ID of the corresponding reverse tunnels of ID of website, by reverse tunnel bandwidth value the bandwidth of reverse tunnel is changed.
So far, realize updating the bidirectional tunnel connection between high in the clouds PE and website PE.
The embodiment of the present invention, website sends request, the ID of website and the two-way tunnel for creating VPC from trend high in the clouds Road bandwidth value, high in the clouds creates target VPC according to the request for creating VPC, and linking objective VPC and high in the clouds PE sends net to high in the clouds PE The ID of network website and the first tunnel attribute information, high in the clouds PE obtains the input RT of website PE configurations according to the ID of website With the address of output RT and the 2nd PE, and the input RT according to website PE configurations and output RT set up VPN, and according to VPN, The address of website PE and bidirectional tunnel bandwidth value, set up and VPN connections and tunnel connection between website PE, realize Communication connection between target VPC and website.Because request message is sent automatically by website, therefore basis can be realized The needs of website set up in time communication connection such that it is able to improve joint efficiency.In addition, the embodiment of the present invention can be with root According to the communication connection for needing real-time adjustment target VPC and website.
As shown in figure 8, the embodiment of the present invention provides a kind of high in the clouds device, the device can include:First receiver module 810, creation module 820, link block 830, the first sending module 840, wherein:
First receiver module 810, for receiving what website sent when the load of website is higher than the first load First request message, the first request message includes creating request, the ID of website and the first tunnel attribute information of VPC.
Creation module 820, for creating target VPC according to the request for creating VPC.
Link block 830, for a linking objective VPC and PE.
First sending module 840, for sending the ID and the first tunnel attribute information of website to a PE so that the One PE obtains the address of the 2nd VPN configuration informations and the 2nd PE according to the ID of website, and is obtained according to the 2nd VPN configuration informations To the VPN configuration informations for matching, and believed according to a VPN configuration informations, the address of the 2nd PE and the first tunnel attribute Breath, sets up and VPN connections and tunnel connection between the 2nd PE, so as to realize the communication connection between target VPC and website, 2nd VPN configuration informations are the VPN configuration informations of the 2nd PE, and the 2nd PE is the access device of website.
It is preferred that as shown in figure 9, link block 830 can include:
Creating unit 831, for creating VCE corresponding with target VPC;
Connection unit 832, for connecting a PE by the VCE.
It is preferred that as shown in Figure 10, another kind of high in the clouds device of the embodiment of the present invention can also include:Second receiver module 850th, the second sending module 860, wherein:
Second receiver module 850, for receiving the second request message of website transmission, the second request message is included more The ID of the request, the second tunnel attribute information and website of new traffic connection.
Second sending module 860, for determining that website need to update communication connection according to the request for updating communication connection Afterwards, the ID of the second tunnel attribute information and website is sent to a PE so that a PE according to the ID of website, second The address of PE and the second tunnel attribute information, update the tunnel attribute between a PE and the 2nd PE, so as to more fresh target VPC and net The communication connection attribute of network website.
As such, it is possible to the communication connection of real-time adjustment target VPC and website as needed.
The comprising modules of the high in the clouds device of the embodiment of the present invention can be distributed among different equipment, it is also possible to be integrated in Among same equipment, multiple modules can merge and use, and individual module can also can be realized each using discrete using From function.For example, the first receiver module 810 and creation module 820 can merge into the high in the clouds management module reality in Fig. 5 Existing corresponding function.The function of each module is only briefly described in above-mentioned high in the clouds device, and detailed description refers to above-mentioned communication link The embodiment of method 100 is connect, in addition above-mentioned high in the clouds device can be performed and walked accordingly in the embodiment of above-mentioned communication connecting method 100 Suddenly.
The high in the clouds device of the embodiment of the present invention receives request, the network station comprising establishment VPC that website sends automatically Point ID and the first tunnel attribute information request message, according to create VPC request create target VPC, linking objective VPC and First PE, sends the ID and the first tunnel attribute information of website so that IDs of the PE according to website to a PE The address of the 2nd VPN configuration informations and the 2nd PE is obtained, and the VPN for obtaining matching according to the 2nd VPN configuration informations matches somebody with somebody Confidence ceases, and according to a VPN configuration informations, the address of the 2nd PE and the first tunnel attribute information, sets up and between the 2nd PE VPN connects and tunnel connection, realizes the communication connection between target VPC and website.Because request message is by website Automatically send, therefore can realize setting up communication connection in time according to the needs of website such that it is able to improve joint efficiency.
As shown in figure 11, the embodiment of the present invention provides a kind of communicator, and the device can include:First link block 910, the first receiver module 920, acquisition module 930, determining module 940, the second link block 950, wherein:
First link block 910, for target VPC that connection is located at high in the clouds.
First receiver module 920, for receiving the ID and the first tunnel attribute information of the website of high in the clouds transmission, network The ID of website and the first tunnel attribute information are by website when the load of the data center of website is higher than the first load Send.
Acquisition module 930, can be used for obtaining the ground of the 2nd VPN configuration informations and the 2nd PE according to the ID of website Location, the 2nd VPN configuration informations are the VPN configuration informations of the 2nd PE, and the 2nd PE is the access device of website.
Determining module 940, for determining match with the 2nd VPN configuration informations first according to the 2nd VPN configuration informations VPN configuration informations.
Second link block 950, for being believed according to a VPN configuration informations, the address of the 2nd PE and the first tunnel attribute Breath, sets up and VPN connections and tunnel connection between the 2nd PE, so as to realize the communication connection between target VPC and website.
It is preferred that acquisition module 930 is specifically for using the ID of network website, to the VPN configuration informations of data base querying the 2nd And the 2nd PE address, data base prestore website corresponding 2nd PE of ID address and the ID corresponding of website Two VPN configuration informations.
It is preferred that as shown in figure 12, another kind of high in the clouds device of the embodiment of the present invention can also include:Second receiver module 960th, the 3rd link block 970, wherein:
Second receiver module 960, for receiving the ID and the second tunnel attribute information of the website of high in the clouds transmission.
3rd link block 970, for according to the ID of website, the address of the 2nd PE and the second tunnel attribute information, The tunnel attribute between a PE and the 2nd PE is updated, so as to more fresh target VPC and the communication connection attribute of website.
It is preferred that above-mentioned first receiver module is by the VCE linking objective VPC positioned at high in the clouds.
The communicator of the embodiment of the present invention can be the network equipment with routing function, such as router.In addition, should The comprising modules of communicator can be distributed among different equipment, it is also possible among being integrated in same equipment, multiple modules Can merge and use, individual module can also can realize respective function using discrete using.
The function of each module is only briefly described in above-mentioned communicator, and detailed description refers to above-mentioned communication connecting method 200 embodiment, in addition above-mentioned communicator can perform corresponding step in the embodiment of above-mentioned communication connecting method 200.
The communicator of the embodiment of the present invention, by connection positioned at target VPC in high in the clouds, receives the network station that high in the clouds sends The ID and the first tunnel attribute information of point, according to the ID of website the address of the 2nd VPN configuration informations and the 2nd PE is obtained, and According to the VPN configuration informations that the 2nd VPN configuration informations obtain matching, and according to a VPN configuration informations, the 2nd PE Address and the first tunnel attribute information, set up and VPN connections and tunnel connection between the 2nd PE, realize target VPC and network Communication connection between website.Because the ID and the first tunnel attribute information of website are sent automatically by website, therefore can To realize setting up communication connection in time according to the needs of website such that it is able to improve joint efficiency.
As shown in figure 13, the embodiment of the present invention provides a kind of communication system, including:High in the clouds device S1 and communicator S2, Wherein:
High in the clouds device S1 can be used for, and receive website sends when the load of website is higher than the first load the One request message, the first request message includes creating request, mark ID of website and the first tunnel attribute information of VPC; Request according to VPC is created creates target VPC;A linking objective VPC and PE;The ID and the of website is sent to a PE One tunnel attribute information a so that PE obtains the address of the 2nd VPN configuration informations and the 2nd PE according to the ID of website, and The VPN configuration informations matched with the 2nd VPN configuration informations are determined according to the 2nd VPN configuration informations, and according to a VPN Configuration information, the address of the 2nd PE and the first tunnel attribute information, set up and VPN connections and tunnel connection between the 2nd PE, So as to realize the communication connection between target VPC and website, the 2nd VPN configuration informations are the VPN configuration informations of the 2nd PE, the Two PE are the access device of website.
Communicator S2 can be used for, target VPC of the connection positioned at high in the clouds;Receive high in the clouds send website ID and First tunnel attribute information, the ID of the website and the first tunnel attribute information are by the website in the net Send when the load of network website is higher than the first load;2nd VPN configuration informations and second are obtained according to the ID of the website The address of PE, the 2nd VPN configuration informations are the VPN configuration informations of the 2nd PE, and the 2nd PE is the network station The access device of point;The VPN matched with the 2nd VPN configuration informations is determined according to the 2nd VPN configuration informations Configuration information;According to a VPN configuration informations, the address of the 2nd PE and the first tunnel attribute information, set up It is connected with the VPN between the 2nd PE and tunnel connection, so as to realize the communication between target VPC and the website Connection.
Specifically, the comprising modules of cloud device S1, and the concrete function of each module and the above-mentioned real embodiment of the present invention High in the clouds device it is identical, refer to.The comprising modules of communicator S2, and the concrete function of each module and the above-mentioned real present invention The communicator of embodiment is identical, refers to.
The communication system of the embodiment of the present invention, high in the clouds device receives request, the net of the establishment VPC that website sends automatically The ID of network website and the first tunnel attribute information, according to the request for creating VPC target VPC, linking objective VPC and first are created PE, sends the ID and the first tunnel attribute information of website so that a PE is obtained according to the ID of website to a PE The address of the 2nd VPN configuration informations and the 2nd PE, and the VPN for obtaining matching according to the 2nd VPN configuration informations matches somebody with somebody confidence Breath, and according to a VPN configuration informations, the address of the 2nd PE and the first tunnel attribute information, set up and the VPN between the 2nd PE connects Connect and tunnel connection, realize the communication connection between target VPC and website.Because request message is sent out automatically by website Send, therefore can realize setting up communication connection in time according to the needs of website such that it is able to improve joint efficiency.
As shown in figure 14, the embodiment of the present invention also provides a kind of high in the clouds device, and the device can include:Bus 144 and company Interface 141, processor 142, the memorizer 143 of bus 144 are connected to, wherein:
Interface 141 disappears for receiving the first request that website sends when the load of website is higher than the first load Breath, the first request message includes creating request, the ID of website and the first tunnel attribute information of VPC;
Memorizer 143 is used for store instruction, and processor 142 performs the instruction in memorizer 143 to be used for according to establishment VPC's Request creates target VPC;A linking objective VPC and PE;ID and the first tunnel attribute letter of website is sent to a PE Breath a so that PE obtains the address of the 2nd VPN configuration informations and the 2nd PE according to the ID of website, and according to the 2nd VPN Configuration information determines the VPN configuration informations matched with the 2nd VPN configuration informations, and according to a VPN configuration informations, the The address of two PE and the first tunnel attribute information, set up and VPN connections and tunnel connection between the 2nd PE, so as to realize target Communication connection between VPC and website, the 2nd VPN configuration informations are the VPN configuration informations of the 2nd PE, and the 2nd PE is network station The access device of point.
It is preferred that processor 142 performs the instruction in memorizer 143 including for connecting VPC and a PE:Create and mesh The corresponding VCE of mark VPC;First PE is connected by VCE.
It is preferred that processor 142 performs the instruction in memorizer 143 to be additionally operable to receive the second request that website sends Message, the second request message includes the ID of the request, the second tunnel attribute information and website for updating communication connection;According to more The request of new traffic connection determines that website need to be updated after communication connection, and to a PE the second tunnel attribute information and net are sent The ID of network website a so that PE updates first according to the ID of website, the address of the 2nd PE and the second tunnel attribute information Tunnel attribute between PE and the 2nd PE, so as to more fresh target VPC and the communication connection attribute of website.
The high in the clouds device of the embodiment of the present invention receives request, the network station comprising establishment VPC that website sends automatically Point ID and the first tunnel attribute information request message, according to create VPC request create target VPC, linking objective VPC and First PE, sends the ID and the first tunnel attribute information of website so that IDs of the PE according to website to a PE The address of the 2nd VPN configuration informations and the 2nd PE is obtained, and the VPN for obtaining matching according to the 2nd VPN configuration informations matches somebody with somebody Confidence ceases, and according to a VPN configuration informations, the address of the 2nd PE and the first tunnel attribute information, sets up and between the 2nd PE VPN connects and tunnel connection, realizes the communication connection between target VPC and website.Because request message is by website Automatically send, therefore can realize setting up communication connection in time according to the needs of website such that it is able to improve joint efficiency.
As shown in figure 15, the embodiment of the present invention also provides a kind of communicator, and the device can include:Bus 154 and company Interface 151, processor 152, the memorizer 153 of bus 154 are connected to, wherein:
Interface 151 is used for the ID and the first tunnel attribute information of the website for receiving high in the clouds transmission, the ID of website And first tunnel attribute information by website website load be higher than the first load when send;
Memorizer 153 is used for store instruction, and processor 152 performs the instruction in memorizer 153 is used for connection positioned at high in the clouds Target VPC;The address of the 2nd VPN configuration informations and the 2nd PE is obtained according to the ID of website, the 2nd VPN configuration informations are The VPN configuration informations of the 2nd PE, the 2nd PE is the access device of website;Determined and second according to the 2nd VPN configuration informations The VPN configuration informations that VPN configuration informations match;According to a VPN configuration informations, the address of the 2nd PE and the first tunnel Attribute information, sets up and VPN connections and tunnel connection between the 2nd PE, logical between target VPC and website so as to realize Letter connection.
It is preferred that processor 152 performs the instruction in memorizer 153 to be used to obtain the 2nd VPN according to the ID of website The address of configuration information and the 2nd PE includes:Using the ID of network website, to the VPN configuration informations of data base querying the 2nd and the 2nd PE Address, prestore corresponding 2nd VPN of the ID of address and website of corresponding 2nd PE of ID of website of data base match somebody with somebody Confidence ceases.
It is preferred that processor 152 performs the instruction in memorizer 153 to be additionally operable to receive the ID of the website that high in the clouds sends And the second tunnel attribute information;ID, the address of the 2nd PE and the second tunnel attribute information according to website, updates a PE With the tunnel attribute between the 2nd PE, so as to the communication connection attribute of more fresh target VPC and website.
It is preferred that the instruction that processor 152 is performed in memorizer 153 includes for target VPC that connection is located at high in the clouds:It is logical Cross the VCE linking objective VPC positioned at high in the clouds.
The communicator of the embodiment of the present invention, by connection positioned at target VPC in high in the clouds, receives the network station that high in the clouds sends The ID and the first tunnel attribute information of point, according to the ID of website the address of the 2nd VPN configuration informations and the 2nd PE is obtained, and According to the VPN configuration informations that the 2nd VPN configuration informations obtain matching, and according to a VPN configuration informations, the 2nd PE Address and the first tunnel attribute information, set up and VPN connections and tunnel connection between the 2nd PE, realize target VPC and network Communication connection between website.Because the ID and the first tunnel attribute information of website are sent automatically by website, therefore can To realize setting up communication connection in time according to the needs of website such that it is able to improve joint efficiency.
It should be noted that:Above-described embodiment provide data sending device and data sink, statement when, only with The division of above-mentioned each functional module is illustrated, and in practical application, as desired can distribute above-mentioned functions by not With functional module complete, will the internal structure of equipment be divided into the functional module put through, to complete above-mentioned whole or portion Divide function.In addition, the device that above-described embodiment is provided belongs to same design with corresponding method, it implements the process side of referring to Method embodiment, repeats no more here.
One of ordinary skill in the art will appreciate that realizing all or part of step of above-described embodiment can pass through hardware To complete, it is also possible to which the hardware that correlation is instructed by program is completed, and described program can be stored in a kind of computer-readable In storage medium, storage medium mentioned above can be read only memory, disk or CD etc..
Each embodiment in this specification is described by the way of progressive, and the identical similar part of each embodiment is mutual Referring to what each embodiment was stressed is the difference with other embodiment.Especially for device embodiment For, because it is substantially similar to embodiment of the method, so describe fairly simple, portion of the related part referring to embodiment of the method Defend oneself bright.Device embodiment described above is only schematic, wherein the list as separating component explanation Unit can be or may not be physically separate, can be as the part that unit shows or may not be physics Unit, you can be located at a place, or can also be distributed on multiple NEs.Can select according to the actual needs Some or all of module therein is realizing the purpose of this embodiment scheme.Those of ordinary skill in the art are not paying creation Property work in the case of, you can to understand and implement.
Those of ordinary skill in the art are it is to be appreciated that the list of each example with reference to the embodiments described herein description Unit and algorithm steps, being capable of being implemented in combination in electronic hardware or computer software and electronic hardware.These functions are actually Performed with hardware or software mode, depending on the application-specific and design constraint of technical scheme.Professional and technical personnel Each specific application can be used different methods to realize described function, but this realization it is not considered that exceeding The scope of the present invention.
Those skilled in the art can be understood that, for convenience and simplicity of description, the system of foregoing description, The specific work process of device and unit, may be referred to the corresponding process in preceding method embodiment, will not be described here.
In several embodiments provided herein, it should be understood that disclosed system, apparatus and method, can be with Realize by another way.For example, device embodiment described above is only schematic, for example, the unit Divide, only a kind of division of logic function can have other dividing mode, such as multiple units or component when actually realizing Can with reference to or be desirably integrated into another system, or some features can be ignored, or not perform.It is another, it is shown or The mutual coupling for discussing or direct-coupling or communication connection can be INDIRECT COUPLING by some interfaces, device or unit or Communication connection, can be electrical, mechanical or other forms.
The unit as separating component explanation can be or may not be it is physically separate, it is aobvious as unit The part for showing can be or may not be physical location, you can with positioned at a place, or can also be distributed to multiple On NE.Some or all of unit therein can according to the actual needs be selected to realize the mesh of this embodiment scheme 's.
In addition, each functional unit in each embodiment of the invention can be integrated in a processing unit, it is also possible to It is that unit is individually physically present, it is also possible to which two or more units are integrated in a unit.
If the function is realized and as independent production marketing or when using using in the form of SFU software functional unit, can be with In being stored in a computer read/write memory medium.Based on such understanding, technical scheme is substantially in other words The part contributed to prior art or the part of the technical scheme can be embodied in the form of software product, the meter Calculation machine software product is stored in a storage medium, including some instructions are used so that a computer equipment(Can be individual People's computer, server, or network equipment etc.)Perform all or part of step of each embodiment methods described of the invention. And aforesaid storage medium includes:USB flash disk, portable hard drive, read only memory(ROM, Read-Only Memory), random access memory deposits Reservoir(RAM, Random Access Memory), magnetic disc or CD etc. are various can be with the medium of store program codes.
Through the above description of the embodiments, those skilled in the art can be understood that the present invention can be borrowed Software is helped to add the mode of required common hardware to realize, common hardware includes universal integrated circuit, universal cpu, common store Device, universal elements etc., naturally it is also possible to which special IC, dedicated cpu, private memory, specially are included by specialized hardware Realized with components and parts etc., but in many cases the former is more preferably embodiment.Based on such understanding, the technology of the present invention The part that scheme substantially contributes in other words to prior art can be embodied in the form of software product, the computer Software product is stored in the storage medium that can read, such as the floppy disk of computer, hard disk or CD etc., including some instructions to So that a computer equipment(Can be personal computer, server, or network equipment etc.)Perform each enforcement of the present invention The method of example.
Presently preferred embodiments of the present invention is these are only, it is all in the spirit and principles in the present invention not to limit the present invention Within, any modification, equivalent substitution and improvements made etc. should be included within the scope of the present invention.

Claims (15)

1. a kind of communication connecting method, it is characterised in that include:
The first request message that reception website sends when the load of the website is higher than the first load, described first Request message includes creating request, mark ID of the website and the first tunnel attribute information of virtual private cloud VPC;
Target VPC is created according to the request of the establishment VPC;
Connect target VPC and the first provider edge equipment PE;
Send the ID and the first tunnel attribute information of the website to a PE so that a PE according to The ID of the website obtains the address of the second virtual private network configuration information and the 2nd PE, and according to the 2nd VPN Configuration information determines the VPN configuration informations matched with the 2nd VPN configuration informations, and is matched somebody with somebody according to a VPN Confidence breath, the address of the 2nd PE and the first tunnel attribute information, set up and the VPN connections between the 2nd PE and tunnel Road connects, and so as to realize the communication connection between target VPC and the website, the 2nd VPN configuration informations are institute The VPN configuration informations of the 2nd PE are stated, the 2nd PE is the access device of the website, a VPN configuration informations It is the other VPN configuration informations with the difference of the 2nd VPN configuration informations.
2. method according to claim 1, it is characterised in that connection target VPC and the first Provider Edge Equipment PE includes:
Create Virtual User edge device VCE corresponding with target VPC;
First PE is connected by the VCE.
3. method according to claim 1 and 2, it is characterised in that also include:
The second request message that the website sends is received, second request message includes updating asking for communication connection Ask, the ID of the second tunnel attribute information and the website;
Determine that the website need to be updated after communication connection according to the request for updating communication connection, send out to a PE Send the ID of the second tunnel attribute information and the website so that a PE according to the ID of the website, The address of the 2nd PE and the second tunnel attribute information, update the tunnel category between a PE and the 2nd PE Property, so as to update the communication connection attribute of target VPC and the website.
4. a kind of communication connecting method, it is characterised in that include:
Destination virtual specific cloud VPC of the connection positioned at high in the clouds;
Receive mark ID and the first tunnel attribute information of the website that high in the clouds sends, the ID of the website and described the One tunnel attribute information is sent by the website when the load of the website is higher than the first load;
Second virtual private network configuration information and the second provider edge equipment PE are obtained according to the ID of the website Address, the 2nd VPN configuration informations are the VPN configuration informations of the 2nd PE, and the 2nd PE is the website Access device;
The VPN configuration informations matched with the 2nd VPN configuration informations are determined according to the 2nd VPN configuration informations, The first VPN configuration informations are the other VPN configuration informations with the difference of the 2nd VPN configuration informations;
According to a VPN configuration informations, the address of the 2nd PE and the first tunnel attribute information, set up with it is described VPN connections and tunnel connection between the 2nd PE, so as to realize the communication connection between target VPC and the website.
5. method according to claim 4, it is characterised in that described that 2nd VPN is obtained according to the ID of the website The address of configuration information and the 2nd PE includes:
Using the ID of the website, to the address of the 2nd VPN configuration informations and the 2nd PE described in data base querying, institute State data base prestore the website corresponding 2nd PE of ID the corresponding institutes of the ID of address and the website State the 2nd VPN configuration informations.
6. the method according to claim 4 or 5, it is characterised in that also include:
Receive the ID and the second tunnel attribute information of the website that the high in the clouds sends;
ID, the address of the 2nd PE and the second tunnel attribute information according to the website, update a PE with Tunnel attribute between the 2nd PE, so as to update the communication connection attribute of target VPC and the website.
7. method according to claim 4, it is characterised in that the connection is located at the destination virtual specific cloud in the high in the clouds VPC, including:
Target VPC is connected by the Virtual User edge device VCE positioned at the high in the clouds.
8. a kind of high in the clouds device, it is characterised in that include:
First receiver module, for receiving website sends when the load of the website is higher than the first load first Request message, first request message includes creating the request of virtual private cloud VPC, mark ID of the website and the One tunnel attribute information;
Creation module, for creating target VPC according to the request of the establishment VPC;
Link block, for connecting target VPC and the first provider edge equipment PE;
First sending module, for sending the ID and the first tunnel attribute information of the website to a PE, So that a PE obtains the ground of the second virtual private network configuration information and the 2nd PE according to the ID of the website Location, and the VPN configuration informations matched with the 2nd VPN configuration informations are determined according to the 2nd VPN configuration informations, And according to a VPN configuration informations, the address of the 2nd PE and the first tunnel attribute information, set up and described the VPN connections and tunnel connection between two PE, so as to realize the communication connection between target VPC and the website, institute The VPN configuration informations that the 2nd VPN configuration informations are the 2nd PE are stated, the 2nd PE is that the access of the website sets Standby, a VPN configuration informations are the other VPN configuration informations with the difference of the 2nd VPN configuration informations.
9. device according to claim 8, it is characterised in that the link block includes:
Creating unit, for creating Virtual User edge device VCE corresponding with target VPC;
Connection unit, for connecting a PE by the VCE.
10. device according to claim 8 or claim 9, it is characterised in that also include:
Second receiver module, for receiving the second request message that the website sends, second request message includes Update the ID of the request, the second tunnel attribute information and the website of communication connection;
Second sending module, for determining that the website need to update communication connection according to the request for updating communication connection Afterwards, the ID of the second tunnel attribute information and the website is sent to a PE so that a PE according to The ID of the website, the address of the 2nd PE and the second tunnel attribute information, update the PE with it is described Tunnel attribute between the 2nd PE, so as to update the communication connection attribute of target VPC and the website.
11. a kind of communicators, it is characterised in that include:
First link block, for destination virtual specific cloud VPC that connection is located at high in the clouds;
First receiver module, for receiving mark ID and the first tunnel attribute information of the website that the high in the clouds sends, institute State the ID and the first tunnel attribute information of website by the website the website load higher than the Send during one load;
Acquisition module, for obtaining the second virtual private network configuration information and the second operation according to the ID of the website The address of business edge device PE, the 2nd VPN configuration informations are the VPN configuration informations of the 2nd PE, and the 2nd PE is The access device of the website;
Determining module, for determining match with the 2nd VPN configuration informations first according to the 2nd VPN configuration informations VPN configuration informations, a VPN configuration informations are the other VPN configuration informations with the difference of the 2nd VPN configuration informations;
Second link block, for being belonged to according to a VPN configuration informations, the address of the 2nd PE and first tunnel Property information, set up and the 2nd PE between VPN connection and tunnel connection, so as to realize target VPC with the network Communication connection between website.
12. devices according to claim 11, it is characterised in that the acquisition module is specifically for using the network The ID of website, to the address of the 2nd VPN configuration informations and the 2nd PE described in data base querying, the data base prestores described Corresponding 2nd VPN of the ID of address and the website of corresponding 2nd PE of ID of website match somebody with somebody confidence Breath.
13. devices according to claim 11 or 12, it is characterised in that also include:
Second receiver module, for receiving the ID and the second tunnel attribute information of the website that the high in the clouds sends;
3rd link block, for according to the ID of the website, the address of the 2nd PE and second tunnel attribute Information, updates the tunnel attribute between a PE and the 2nd PE, logical with the website so as to update target VPC Letter connection attribute.
14. devices according to claim 11, it is characterised in that first link block is specifically for by being located at The Virtual User edge device VCE in the high in the clouds connects target VPC.
15. a kind of communication systems, it is characterised in that include the high in the clouds device as any one of claim 8-10 and such as weigh Profit requires the communicator any one of 11-14.
CN201210401104.4A 2012-10-19 2012-10-19 communication connection method, communication device and communication system Active CN103780467B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201210401104.4A CN103780467B (en) 2012-10-19 2012-10-19 communication connection method, communication device and communication system
PCT/CN2013/075605 WO2014059787A1 (en) 2012-10-19 2013-05-14 Communication connection method, communication device and communication system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210401104.4A CN103780467B (en) 2012-10-19 2012-10-19 communication connection method, communication device and communication system

Publications (2)

Publication Number Publication Date
CN103780467A CN103780467A (en) 2014-05-07
CN103780467B true CN103780467B (en) 2017-04-26

Family

ID=50487518

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210401104.4A Active CN103780467B (en) 2012-10-19 2012-10-19 communication connection method, communication device and communication system

Country Status (2)

Country Link
CN (1) CN103780467B (en)
WO (1) WO2014059787A1 (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10116493B2 (en) 2014-11-21 2018-10-30 Cisco Technology, Inc. Recovering from virtual port channel peer failure
CN110474960B (en) * 2014-12-23 2021-07-09 华为技术有限公司 Method and device for service deployment in virtual network
CN104601431B (en) * 2014-12-31 2018-04-20 华为技术有限公司 The cut-in method and the network equipment of a kind of vpn service
CN105721306B (en) * 2016-02-04 2019-03-15 杭州数梦工场科技有限公司 A kind of transmission method and device of configuration information
CN107872542B (en) * 2016-09-27 2021-05-04 阿里巴巴集团控股有限公司 Data transmission method and network equipment
CN108900637A (en) * 2018-08-08 2018-11-27 北京百度网讯科技有限公司 Method for transmitting information and device
CN113098749A (en) * 2020-01-08 2021-07-09 华为技术有限公司 Message sending method, device and storage medium
CN111740893B (en) * 2020-06-30 2022-02-11 成都卫士通信息产业股份有限公司 Method, device, system, medium and equipment for realizing software-defined VPN

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102387061A (en) * 2011-10-21 2012-03-21 华为技术有限公司 Method, device and system for accessing VPC (virtual private cloud) to VPN (virtual private network)

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102137008B (en) * 2011-01-24 2013-08-07 华为技术有限公司 Quality of service (QoS) keeping method, device and system
CN102845123B (en) * 2011-04-19 2015-07-08 华为技术有限公司 Virtual private cloud connection method and tunnel proxy server

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102387061A (en) * 2011-10-21 2012-03-21 华为技术有限公司 Method, device and system for accessing VPC (virtual private cloud) to VPN (virtual private network)

Also Published As

Publication number Publication date
CN103780467A (en) 2014-05-07
WO2014059787A1 (en) 2014-04-24

Similar Documents

Publication Publication Date Title
CN103780467B (en) communication connection method, communication device and communication system
CN111045690B (en) Block chain node service deployment method, device, system, computing equipment and medium
CN103095543B (en) The method and apparatus of VPN (virtual private network) docking between territory
CN105391568B (en) A kind of implementation method, the device and system of software defined network SDN
CN107147509B (en) Virtual private network service implementation method, device and communication system
CN103997414B (en) Generate method and the network control unit of configuration information
CN104350467A (en) Elastic enforcement layer for cloud security using SDN
CN104780088A (en) Service message transmission method and equipment
CN105591955A (en) Message transmission method and device
CN110535627A (en) A kind of data query method and block platform chain
CN104104534A (en) Realization method of virtual network (VN) management and virtual network management system
CN107409066A (en) For automatic detection and the system and method for configuration server uplink network interface
CN104468408B (en) For dynamically adjusting the method and control centre's server of service bandwidth
CN103795530B (en) A kind of method, device and the main frame of cross-domain controller certification
CN103001892B (en) Based on network resource allocation method and the system of cloud computing
CN104753857A (en) Network flow control equipment and security policy configuration method and device thereof
CN107800743A (en) Cloud desktop system, cloud management system and relevant device
CN104184663A (en) Communication method and device based on software-defined network and integrated identification network
EP3229413B1 (en) Cross-domain cooperative method, cooperative device and control device for network as a service business
CN105323310A (en) Network communication method, device and network attached storage device
CN104956629B (en) Event distributing method in software defined network, control device and processor
CN108390774A (en) A kind of wide area network network-building method and system based on software definition
CN107707557A (en) Anonymous access method, apparatus, the network equipment and readable storage medium storing program for executing
CN105939267A (en) Out-of-band management method and device
WO2021037133A1 (en) Network management method and device

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant