CN107872387B - Method and system for transmitting VPN route - Google Patents

Method and system for transmitting VPN route Download PDF

Info

Publication number
CN107872387B
CN107872387B CN201610850707.0A CN201610850707A CN107872387B CN 107872387 B CN107872387 B CN 107872387B CN 201610850707 A CN201610850707 A CN 201610850707A CN 107872387 B CN107872387 B CN 107872387B
Authority
CN
China
Prior art keywords
vpn
information
route
field
logout
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610850707.0A
Other languages
Chinese (zh)
Other versions
CN107872387A (en
Inventor
刘志华
卢泉
贾曼
林同
杨广铭
周煕原
孙嘉琪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Telecom Corp Ltd
Original Assignee
China Telecom Corp Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Telecom Corp Ltd filed Critical China Telecom Corp Ltd
Priority to CN201610850707.0A priority Critical patent/CN107872387B/en
Publication of CN107872387A publication Critical patent/CN107872387A/en
Application granted granted Critical
Publication of CN107872387B publication Critical patent/CN107872387B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/50Routing or path finding of packets in data switching networks using label swapping, e.g. multi-protocol label switch [MPLS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/52Multiprotocol routers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/58Association of routers
    • H04L45/586Association of routers of virtual routers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/74Address processing for routing

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a method and a system for sending a VPN route. The method comprises the following steps: when the VPN opening equipment issues configuration to the PE equipment, collecting an RT field and a PE Loopback IP address of the PE equipment, generating combined information containing the RT field and the PE Loopback IP address, and synchronizing the combined information to VPNRR; after receiving the combination information, the VPN RR generates a route set corresponding to the RT field in the combination information, and sends the VPN route in the route set to the PE device according to the PE Loopback IP address in the combination information. The invention realizes the effect that the VPN RR sends the VPN route as required.

Description

Method and system for transmitting VPN route
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a method and a system for sending a VPN route.
Background
MPLS (Multi-Protocol Label Switching) is a mechanism for fast forwarding packets and routes, and can manage various forms of communication traffic. The service access of two-layer VPN and three-layer VPN and other related value-added services are realized by an operator through the MPLS technology, and the user quantity is huge. MPLS three-layer VPN (Virtual private network) is an important way to provide VPN services using MPLS technology, and it adopts a technology for implementing user VPN routing control based on a multi-Protocol BGP (Border Gateway Protocol, which is MP-BGP) technology. Because the VPN networking mode has the characteristics of flexible networking and good expandability, the MPLS VPN is increasingly applied in operators and bears a large amount of key value-added services of users such as data, voice, images and the like.
In the above-mentioned technology, a BGP route reflector (VPN route reflector, abbreviated as VPN RR) is required to reflect VPN user routes in an operator IP (Internet Protocol) backbone network. The VPN RR is one of important components in the MPLS VPN, and mainly has the main function of reflecting MP-BGP routing to a client, so that IBGP full-mesh connection of full-network PE (Provider Edge) equipment is avoided, service deployment time and PE routing table space are greatly saved, and working efficiency is improved.
In the operator IP backbone, the number of VPN RRs is small and generally fixed. With the increasing number of users, the number of VPN routes rapidly increases, the number of VPN user routes in a large-scale operator network can reach as many as millions, and the defects of the existing reflection mechanism of VPN RR gradually appear. Current VPN RR is typically an unconditional reflection of the full mesh MP-BGP route to all PE devices. Under the existing MPLS VPN RR route distribution mechanism, the VPN RR cannot generally sense the VPN route required by the PE device, and each PE device can only passively receive and process the whole network route reflected by the VPN RR, which leads to the problems of low VPN route distribution efficiency, too long convergence time, etc., and causes unnecessary bandwidth waste and consumption of processing capability of the PE device, affects the service quality and user experience of MPLS VPN, and is not favorable for network and service development.
Disclosure of Invention
The invention needs to solve a technical problem that: a method of on-demand routing of a VPN is provided.
According to a first aspect of the present invention, there is provided a method of transmitting a VPN route, comprising: when the VPN opening equipment issues configuration to PE equipment, collecting a routing target RT field and a PE Loopback IP address of the PE equipment, generating combined information containing the RT field and the PE Loopback IP address, and synchronizing the combined information to VPN RR; and after receiving the combined information, the VPN RR generates a route set corresponding to the RT field in the combined information, and sends the VPN route in the route set to the PE equipment according to the PE Loopback IP address in the combined information.
In one embodiment, the step of generating the route set corresponding to the RT field in the combined information by the VPN RR includes: and the VPN RR acquires a route set corresponding to the RT field from stored VPN route information according to the RT field, and generates a BGP update message corresponding to the PE Loopback IP address according to the route set, wherein the BGP update message comprises VPN routes in the route set.
In one embodiment, the combination information further contains an RT update identification; the RT update identification comprises: the RT full update identification, the RT new addition identification and the RT logout identification.
In an embodiment, in the process that the VPN provisioning device synchronizes the combined information to the VPN RR, when the VPN provisioning device first interfaces the VPN RR, the combined information of the PE device in the whole network is synchronized to the VPN RR in real time in a full-scale updating manner.
In an embodiment, in the process that the VPN provisioning device synchronizes the combination information to the VPN RR, when the VPN provisioning device performs an addition, modification, or cancellation operation of a user VPN service to the PE device, the combination information of the PE device is synchronized to the VPN RR in real time in an incremental updating manner.
In one embodiment, the method further comprises: when the VPN opening device performs a new adding operation of a user VPN service to the PE device, the VPN opening device generates new adding combination information < a PELoopback IP address, an RT field needing to be added newly, and an RT new adding identifier > corresponding to the PE device, and synchronizes the new adding combination information to the VPN RR; after receiving the newly added combination information, the VPN RR increases the correspondence between the PE device and the route set corresponding to the RT field to be newly added according to the RT newly added identifier, and sends a BGP update message to the PE device to notify the PE device of the route information in the newly added route set.
In one embodiment, the method further comprises: when the VPN opening device performs logout operation of user VPN service on the PE device, the VPN opening device generates logout combination information < PELoopback IP address, RT field needing logout, RT logout identification > corresponding to the PE device, and synchronizes the logout combination information to the VPN RR; after receiving the logout combination information, the VPN RR deletes the correspondence between the PE device and the route set corresponding to the RT field to be logout according to the RT logout identifier, and sends a BGP revocation message to the PE device to notify the PE device of the route information in the logout route set.
In one embodiment, the method further comprises: when the VPN opening device modifies the user VPN service of the PE device, the VPN opening device generates two pieces of combined information corresponding to the PE device, namely cancellation combined information < PE Loopback IP address, RT field before modification, RT cancellation mark > and newly added combined information < PELoopback IP address, modified RT field, RT newly added mark >, and synchronizes the two pieces of combined information to the VPN RR; after receiving the two pieces of combined information, the VPN RR deletes the correspondence between the PE device and the route set corresponding to the RT field before modification according to the RT deregistration identifier, increases the correspondence between the PE device and the route set corresponding to the RT field after modification according to the RT addition identifier, and sends a BGP revocation message to the PE device to notify the PE device of the route information in the deregistered route set, and sends a BGP update message to the PE device to notify the PE device of the route information in the added route set.
In an embodiment, in the process that the VPN provisioning device synchronizes the combination information to the VPNRR, when the VPN provisioning device periodically polls the PE device, the combination information of the PE device is periodically synchronized to the VPN RR in a full-scale update manner.
The method of the invention realizes the effect that the VPN RR sends the VPN route as required. This can help the operator to improve the efficiency of route distribution, save the bandwidth of backbone network and CPU resources of the apparatus, develop MPLS VPN business more efficiently.
According to a second aspect of the present invention, there is provided a system for transmitting a VPN route, comprising: the VPN opening device is used for collecting an RT field and a PE Loopback IP address of the PE device when configuration is issued to the PE device, generating combined information containing the RT field and the PE Loopback IP address, and synchronizing the combined information to a VPN route reflector RR; and the VPN RR is used for generating a route set corresponding to the RT field in the combined information after receiving the combined information, and sending the VPN route in the route set to the PE equipment according to the PE Loopback IP address in the combined information.
In an embodiment, the VPN RR obtains a route set corresponding to the RT field from VPN route information stored in the RT field according to the RT field, and generates a BGP update message corresponding to the PE Loopback IP address according to the route set, where the BGP update message includes a VPN route in the route set.
In one embodiment, the combination information further contains an RT update identification; the RT update identification comprises: the RT full update identification, the RT new addition identification and the RT logout identification.
In an embodiment, when the VPN provisioning device first interfaces with the VPN RR, the combined information of the PE devices in the entire network is synchronized to the VPN RR in an instant manner in a full update manner.
In an embodiment, when the VPN provisioning device performs addition, modification, or cancellation operation of a VPN service of a user to the PE device, the combined information of the PE device is synchronized in real time to the VPN RR in an incremental update manner.
In one embodiment, when the VPN provisioning device performs a new addition operation of a VPN service to the PE device, the VPN provisioning device generates new combination information < PE Loopback IP address, RT field to be added, RT new identifier > corresponding to the PE device, and synchronizes the new combination information to the VPN RR; after receiving the newly added combination information, the VPN RR increases the correspondence between the PE device and the route set corresponding to the RT field to be newly added according to the RT newly added identifier, and sends a BGP update message to the PE device to notify the PE device of the route information in the newly added route set.
In one embodiment, when the VPN provisioning device performs a logout operation of a VPN service of a user on the PE device, the VPN provisioning device generates logout combination information < a PE Loopback IP address, an RT field to be logout, an RT logout identifier > corresponding to the PE device, and synchronizes the logout combination information with the VPN RR; after receiving the logout combination information, the VPN RR deletes the correspondence between the PE device and the route set corresponding to the RT field to be logout according to the RT logout identifier, and sends a BGP revocation message to the PE device to notify the PE device of the route information in the logout route set.
In one embodiment, when the VPN provisioning device modifies the VPN service of the PE device, the VPN provisioning device generates two pieces of combined information corresponding to the PE device, where the two pieces of combined information are a cancellation combined information < ploopback IP address, an RT field before modification, an RT cancellation identifier > and an addition combined information < PE Loopback IP address, a modified RT field, and an RT addition identifier >, and synchronizes the two pieces of combined information with the VPN RR; after receiving the two pieces of combined information, the VPN RR deletes the correspondence between the PE device and the route set corresponding to the RT field before modification according to the RT deregistration identifier, increases the correspondence between the PE device and the route set corresponding to the RT field after modification according to the RT addition identifier, and sends a BGP revocation message to the PE device to notify the PE device of the route information in the deregistered route set, and sends a BGP update message to the PE device to notify the PE device of the route information in the added route set.
In an embodiment, when the VPN provisioning device performs periodic polling on the PE device, the combination information of the PE device is periodically synchronized with the VPN RR in a full-volume update manner.
The system of the invention realizes the effect that the VPN RR sends the VPN route as required. This can help the operator to improve the efficiency of route distribution, save the bandwidth of backbone network and CPU resources of the apparatus, develop MPLS VPN business more efficiently.
Other features of the present invention and advantages thereof will become apparent from the following detailed description of exemplary embodiments thereof, which proceeds with reference to the accompanying drawings.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description, serve to explain the principles of the invention.
The invention will be more clearly understood from the following detailed description, taken with reference to the accompanying drawings, in which:
fig. 1 is a flowchart illustrating a method of transmitting a VPN route according to one embodiment of the present invention.
Fig. 2 is a flowchart illustrating a method of transmitting a VPN route according to another embodiment of the present invention.
Fig. 3 is a block diagram schematically illustrating a system for transmitting a VPN route according to one embodiment of the present invention.
Detailed Description
Various exemplary embodiments of the present invention will now be described in detail with reference to the accompanying drawings. It should be noted that: the relative arrangement of the components and steps, the numerical expressions and numerical values set forth in these embodiments do not limit the scope of the present invention unless specifically stated otherwise.
Meanwhile, it should be understood that the sizes of the respective portions shown in the drawings are not drawn in an actual proportional relationship for the convenience of description.
The following description of at least one exemplary embodiment is merely illustrative in nature and is in no way intended to limit the invention, its application, or uses.
Techniques, methods, and apparatus known to those of ordinary skill in the relevant art may not be discussed in detail but are intended to be part of the specification where appropriate.
In all examples shown and discussed herein, any particular value should be construed as merely illustrative, and not limiting. Thus, other examples of the exemplary embodiments may have different values.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, further discussion thereof is not required in subsequent figures.
Fig. 1 is a flowchart illustrating a method of transmitting a VPN route according to one embodiment of the present invention.
In step S101, when issuing configuration to a PE device, a VPN provisioning device (may also be referred to as a VPN service provisioning system) collects an RT (Route Target) field and a PE Loopback IP (internet protocol) address of the PE device, generates combination information including the RT field and the PE Loopback IP address, and synchronizes the combination information with a VPN RR.
In one embodiment, the combination information may be a binary information < PE Loopback IP address, RT field >. For example, the RT field may be a PE VPN traffic route inport RT. For example, an interface mechanism (for example, Restful (representational state transfer) interface) may be added between the VPN RR and the VPN provisioning device, so that after the VPN provisioning device completes the PE user configuration, the interface notifies the VPN RR of the RT information of the VPN route of each PE device, and the two-tuple information < PE loopbacip address, RT field > is synchronized with the VPN RR to control the synchronous update of the VPN RR route. In the above embodiment, an information processing mechanism of the VPN provisioning device is improved, a PE Loopback IP address and a PE RT field in the VPN provisioning device are combined into combined information, and synchronization of the combined information between the VPN provisioning device and the VPN RR is realized through a newly added interface synchronization instruction.
In another embodiment, the combination information may further include an RT update identifier, that is, the combination information may be a triple information < PE Loopback IP address, RT field, RT update identifier >. For example, the RT update identification (represented in the Tag field) may include: the RT full update identifier All, the RT new-adding identifier Add and the RT logout identifier Del.
In step S102, after receiving the combination information, the VPN RR generates a route set corresponding to the RT field in the combination information, and sends the VPN route in the route set to the PE device (i.e., the PE device specified by the PE Loopback IP address) according to the PE Loopback IP address in the combination information.
In one embodiment, the step of generating the route set corresponding to the RT field in the combined information by the VPN RR may include: and the VPN RR acquires a route set corresponding to the RT field from the stored VPN route information according to the RT field, and generates a BGP update message corresponding to the PE Loopback IP address according to the route set, wherein the BGP update message comprises the VPN route in the route set. The VPN RR sends an update message to the corresponding PE device, thereby sending the VPN route to the PE device on demand.
For example, the VPN RR obtains and stores the combination information sent by the VPN provisioning device through interface communication, and for example, the VPN route may be divided into a plurality of route sets according to a plurality of RT identifiers, where each RT identifier corresponds to a corresponding route set (as shown in table 1). For example: the RT value for traffic type 1 route is set to 4809:6500100, specifying the Loopback IP address for PE #1, the RT value for traffic type 2 route is set to 4809:6500200, specifying the Loopback IP address for PE #2, and so on. And then the VPN RR sends the VPN route conforming to the RT to the PE equipment appointed in the combined information according to the PE Loopback IP address pointed by the combined information, thereby realizing the effect that the VPN RR sends the VPN user route according to the requirement of a specific PE.
Table 1 VPN routing information table stored by VPN RR
Figure GDA0002614783570000081
Figure GDA0002614783570000091
In the above embodiment, through a mechanism of cooperation between the VPN provisioning device and the VPN RR, the VPN RR may obtain corresponding routing information according to the RT, and send the routing information to the specified PE device according to the Loopback IP address of the target PE device, thereby achieving the purpose that the VPN RR sends a VPN route to the PE device as needed.
In an MPLS three-tier VPN, a PE device receives a user route identified by an extended community (extensedcommunity) attribute RT of the VPN. When the user-configured RT on the PE device matches the route advertised by the VPN RR, the route is received.
In the embodiment of the invention, the existing VPN RR and a VPN opening system are combined through a Restful interface, and the on-demand sending of the VPN service route is realized through an improved VPN RR processing mechanism flow. The invention distributes the route updating of a specific type according to the requirement through the VPN RR, improves the route distribution efficiency, saves the bandwidth of the backbone network, can quicken the route convergence time of the PE equipment according to the newly-added combination information, saves the resources of the backbone network equipment and improves the operation efficiency. The invention can change the VPN RR router device software, adds a storage mechanism and a processing mechanism of the router to the newly added combined information, introduces a cooperative mechanism of a VPN opening system and the VPN RR, does not need to change hardware, has low changing difficulty, can help an operator to save the bandwidth of a backbone Network and the CPU resource of the device, and is more beneficial to the development of services such as MPLS VPN NNI (Network to Network Interface, Network side Interface) interconnection and butt joint with overseas operators.
In an embodiment of the present invention, the combination information synchronization may include instantaneous synchronization and periodic synchronization. The synchronization mode can comprise a full-quantity updating mode and an incremental updating mode. For example, the full update may be to synchronize all of the original VPN information (e.g., including RT and PE Loopback IP addresses, etc.) and the changed VPN information of the associated PE device to the VPN RR, and the incremental update may be to synchronize the changed VPN information of the associated PE device to the VPN RR.
In one embodiment, in the process that the VPN provisioning device synchronizes the combination information to the VPNRR, when the VPN provisioning device first connects to the VPN RR, the combination information of the PE device in the whole network is synchronized to the VPN RR in real time in a full-scale update manner.
In an embodiment, in the process that the VPN provisioning device synchronizes the combination information to the VPNRR, when the VPN provisioning device performs an addition, modification, or cancellation operation of a user VPN service to the PE device, the combination information of the PE device is synchronized to the VPN RR in real time in an incremental updating manner.
In one embodiment, in the process that the VPN provisioning device synchronizes the combination information to the VPNRR, when the VPN provisioning device periodically polls the PE device, the combination information of the PE device is periodically synchronized to the VPN RR in a full-scale update manner.
In the embodiment of the invention, VPN routing combination information is defined by newly adding a VPN RR and a configuration interface, a VPN opening device and a VPN RR cooperation mechanism are introduced, a mechanism for storing and processing MP-BGP routing by the VPN RR is improved, and the VPN RR is used for sending service routing to PE devices as required. The implementation process is as follows:
for example, when the VPN provisioning device is first started and periodically polls the network-wide PE, taking PE #1 and PE #2 as an example, the following parameters are collected:
1) PE #1 Loopback IP address: 202.45.10.1, respectively;
PE #2 Loopback IP address: 202.45.20.1, respectively;
2) PE #1 VPN service RT: 4809:6500100, 4809: 6500200;
PE #2 VPN service RT: 4809:6500200.
The VPN provisioning device generates the combined information (here, the triplet information is taken as an example) according to the above parameters:
<202.45.10.1,4809:6500100,All>
<202.45.10.1,4809:6500200,All>
<202.45.20.1,4809:6500200,All>
and meanwhile, synchronizing the combined information to the VPN RR through the interface. The combined information synchronization can be divided into instant synchronization and periodic synchronization, and comprises two modes of full update and incremental update:
1) when the VPN opening equipment is firstly connected with the VPN RR, the VPN RR is immediately synchronized with the whole network VPN routing combination information, and the process is total updating;
2) when the VPN opening device performs the operations of adding, modifying or canceling the user VPN service to the PE, the VPN opening device synchronizes the combined information to the VPN RR in time, and the process is incremental updating;
3) the VPN opening device periodically polls the PE device combination information and periodically (for example, every 30 minutes) synchronizes the combination information to the VPN RR, and the process is full-quantity updating so as to ensure that VPN routing control information is synchronized in time.
After receiving the combined information, the VPN RR first divides the VPN route into a plurality of route sets according to the RT in the combined information:
route set 1: route with RT value 4809: 6500100;
route set 2: RT value 4809: 6500200.
Then, the VPN RR establishes a corresponding relationship list between the whole network PE and the route set according to the combined information:
list 1: 202.45.10.1-route set 1, route set 2;
list 2: 202.45.20.1-route set 2.
Finally, the VPN RR checks the Tag field (i.e. RT update flag) of the combination, and All indicates full update, so the VPN RR needs to overlay the newly generated correspondence list on the original list, notify the PE #1 of the routes in the sets 1 and 2, and notify the PE #2 of the routes in the set 2, thereby implementing on-demand transmission of the VPN service route.
In an embodiment, the method for sending a VPN route may further include: when VPN opens the apparatus and carries on the newly-increased operation of user VPN business to PE apparatus, the VPN opens the apparatus and produces the newly-increased combined information corresponding to the PE apparatus < PELoopback IP address, needs newly-increased RT field, RT newly-increased label > (for example the newly-increased combined information can be a kind of combined information), and synchronize the newly-increased combined information to VPN RR; after receiving the newly added combination information, the VPN RR increases the correspondence between the PE device and the route set corresponding to the RT field to be newly added according to the RT newly added identifier, and sends a BGP update message to the PE device to notify the PE device of the route information in the newly added route set.
For example, when a VPN provisioning device adds a new VPN service (e.g., Route Target: 4809:6500100) to PE #2, the VPN provisioning device generates new combination information (where the new combination information is triple information) <202.45.20.1, 4809:6500100, Add >, and after receiving the new combination information, the VPN RR adds a corresponding relationship between PE #2 and a Route set 1, and then sends a BGP update message to PE #2 to notify the Route information in the new set.
In an embodiment, the method for sending a VPN route may further include: when a VPN (virtual private network) opening device performs logout operation of a user VPN service on a PE (provider edge) device, the VPN opening device generates logout combination information < a PELoopback IP address, an RT field needing logout, an RT logout identifier > (for example, the logout combination information can be one type of combination information) corresponding to the PE device, and synchronizes the logout combination information to a VPN RR; after receiving the logout combination information, the VPN RR deletes the correspondence between the PE device and the route set corresponding to the RT field to be logout according to the RT logout identifier, and sends a BGP revocation message to the PE device to notify the PE device of the route information in the logout route set.
For example, when the VPN provisioning device deregisters a VPN service (e.g., Route Target: 4809:6500200) to PE #2, the VPN provisioning device generates deregistration combination information (here, the deregistration combination information is triple information) <202.45.20.1, 4809:6500200, Del >, and after receiving the deregistration combination information, the VPN RR deletes the correspondence between PE #2 and the Route set 2, and then sends a BGP Route (revocation) message to PE #2 to revoke the Route information in the Route set 2 advertised to PE # 2.
In an embodiment, the method for sending a VPN route may further include: when VPN opening equipment modifies the user VPN service to PE equipment, the VPN opening equipment generates two pieces of combined information corresponding to the PE equipment, namely cancellation combined information < PE Loopback IP address, RT field before modification, RT cancellation mark > and newly added combined information < PE Loopback IP address, modified RT field and RT newly added mark >, and synchronizes the two pieces of combined information to VPN RR; after receiving the two pieces of combined information, the VPN RR deletes the correspondence between the PE device and the route set corresponding to the RT field before modification according to the RT logout identifier, increases the correspondence between the PE device and the route set corresponding to the RT field after modification according to the RT added identifier, and sends a BGP revocation message to the PE device to notify the PE device of the route information in the logout route set, and sends a BGP update message to the PE device to notify the PE device of the route information in the added route set.
For example, when the VPN provisioning system modifies the VPN service configuration for PE #2, such as changing the service of Route Target 4809:6500200 to the service of Route Target 4809:6500100, the VPN provisioning device generates two pieces of combined information: logout combination information <202.45.20.1, 4809:6500200, Del > and newly added combination information <202.45.20.1, 4809:6500100, Add >, after receiving the two combination information, the VPN RR deletes the corresponding relation between PE #2 and the route set 2, adds the corresponding relation between PE #2 and the route set 1, then sends BGP withdraw message to PE #2 first, cancels the route in the route set 2 announced to PE #2, and sends BGP update message to PE #2, and announces the route in the route set 1.
Fig. 2 is a flowchart illustrating a method of transmitting a VPN route according to another embodiment of the present invention. In this embodiment, the aforementioned combination information is triple information.
In step S201, the VPN provisioning device collects VPN information of the PE devices in the entire network. For example, after the VPN opens the device and starts, collect the RT field and the PE Loopback IP address of the PE device over the entire network.
In step S202, the VPN provisioning device generates full triplet information.
In step S203, the VPN provisioning apparatus synchronizes the triplet information to the VPN RR in full.
Here, steps S201 to S203 realize that when the VPN provisioning device first interfaces with the VPN RR, the combined information of the PE devices in the entire network is synchronized to the VPN RR in real time in a manner of full update.
In step S204, the VPN RR reads the triplet information.
In step S205, the VPN RR generates a corresponding VPN route set according to the RT field in the triplet information.
In step S206, the VPN RR sends the VPN route in the route set to the specified PE device according to the PE Loopback IP address in the triplet information.
In step S207, it is determined whether or not the last synchronization is a predetermined period (for example, 30 minutes) or more. If so, the process returns to the step S201, so that the VPN opening device periodically polls the PE device; otherwise the process proceeds to step S208.
In step S208, it is determined whether the VPN provisioning device is newly added with the PE device RT. If so, the process advances to step S211; otherwise the process advances to step S209.
In step S209, it is determined whether the VPN provisioning device modifies the PE device RT. If so, the process advances to step S211; otherwise the process proceeds to step S210.
In step S210, it is determined whether the VPN provisioning device deregisters the PE device RT. If so, the process advances to step S211; otherwise the process returns to step S207.
In step S211, the VPN provisioning device generates incremental triplet information.
In step S212, the VPN provisioning apparatus synchronizes the triplet information to the VPN RR increment.
Here, steps S208, S209, S210, S211, and S212 implement that when the VPN provisioning device performs an addition, modification, or logout operation on the user VPN service to the PE device, the combined information of the PE device is instantly synchronized to the VPN RR in an incremental update manner.
In step S213, the VPN RR reads the incremental triplet information.
At step S214, VPN RR modifies the route set.
At step S215, the VPN RR incrementally updates routing information to the designated PE device. After step S215, the process returns to step S207.
The above-described embodiment implements a method of transmitting a VPN route according to another embodiment of the present invention. The method can improve the route distribution efficiency, save the bandwidth of the backbone network, and can accelerate the route convergence time of the PE equipment, save the resources of the backbone network equipment and improve the operation efficiency according to the newly-added combination information.
Fig. 3 is a block diagram schematically illustrating a system for transmitting a VPN route according to one embodiment of the present invention.
As shown in fig. 3, a system 300 for sending routing information may include a VPN provisioning device 301 and a VPN RR 302.
The VPN provisioning device 301 is configured to, when issuing configuration to a PE device (for example, PE device 1, 2, or 3), collect an RT field and a PE Loopback IP address of the PE device, generate combination information including the RT field and the PE Loopback IP address, and synchronize the combination information with a VPN route reflector RR.
After receiving the combination information, the VPN RR302 is configured to generate a route set corresponding to the RT field in the combination information, and send a VPN route in the route set to a PE device (i.e., a designated PE device corresponding to the PE Loopback IP address) according to the PE Loopback IP address in the combination information.
The system of the invention realizes the effect that the VPN RR sends the VPN service route to the PE equipment as required, which can help the operator to improve the route distribution efficiency, save the bandwidth of a backbone network and the CPU resource of the equipment, and develop the MPLSVPN service more efficiently.
It should be noted that, as shown in fig. 3, an arrow pointing from the VPN provisioning device to the PE device indicates that configuration is issued to the PE device, an arrow pointing from the VPN provisioning device to the VPN RR indicates that the combination information is synchronized to the VPNRR, an arrow pointing from the VPN RR to the PE device indicates that the routing information is sent as needed, and an arrow pointing from the PE device to the VPN RR indicates MP-BGP update.
In an embodiment, the VPN RR302 obtains, according to the RT field, a route set corresponding to the RT field from the stored VPN route information, and generates, according to the route set, a BGP update message corresponding to the PE Loopback IP address, where the BGP update message includes a VPN route in the route set. The VPN RR302 sends an update message to the corresponding PE device, thereby sending a VPN route to the PE device on demand.
In one embodiment, the combined information may also contain an RT update identification. For example, the RT update identification may include: the RT full update identification, the RT new addition identification and the RT logout identification.
In an embodiment, when the VPN provisioning device 301 first interfaces with the VPN RR302, the combined information of the PE devices in the entire network is synchronized to the VPN RR302 in an instant manner by a full update method.
In an embodiment, when the VPN provisioning device 301 performs an addition, modification, or cancellation operation of the user VPN service to the PE device, the combined information of the PE device is synchronized to the VPN RR302 in an incremental updating manner in real time.
In one embodiment, when the VPN provisioning device 301 periodically polls the PE devices, the combination information of the PE devices is periodically synchronized to the VPN RR302 by means of a full amount update.
In an embodiment, when the VPN provisioning device 301 performs an addition operation of the user VPN service to the PE device, the VPN provisioning device 301 generates addition combination information < PE Loopback IP address, RT field to be added, RT addition identifier > corresponding to the PE device, and synchronizes the addition combination information to the VPN RR 302. After receiving the newly added combination information, the VPN RR302 adds, according to the RT newly added identifier, a correspondence between the PE device and the route set corresponding to the RT field to be newly added, and sends a BGP update message to the PE device to notify the PE device of the route information in the newly added route set.
In an embodiment, when the VPN provisioning device 301 performs a logout operation of a VPN service of a user on a PE device, the VPN provisioning device 301 generates logout combination information < PE Loopback IP address, RT field to be logout, RT logout identifier > corresponding to the PE device, and synchronizes the logout combination information with the VPN RR 302. After receiving the logout combination information, the VPN RR302 deletes the correspondence between the PE device and the route set corresponding to the RT field to be logout according to the RT logout identifier, and sends a BGP revocation message to the PE device to notify the PE device of the route information in the logout route set.
In an embodiment, when the VPN provisioning device 301 modifies the VPN service of the PE device, the VPN provisioning device 301 generates two pieces of combined information corresponding to the PE device, where the two pieces of combined information are the logout combined information < PE Loopback IP address, RT field before modification, RT logout identifier > and newly added combined information < PE Loopback IP address, modified RT field, and RT newly added identifier >, and synchronizes the two pieces of combined information with the VPN RR 302. After receiving the two pieces of combined information, the VPN RR302 deletes the correspondence between the PE device and the route set corresponding to the RT field before modification according to the RT logout identifier, adds the correspondence between the PE device and the route set corresponding to the RT field after modification according to the RT added identifier, and sends a BGP revocation message to the PE device to notify the PE device of the route information in the logout route set, and sends a BGP update message to the PE device to notify the PE device of the route information in the added route set.
In the invention, the VPN routing combination information is defined by newly adding an interface between VPN opening equipment and VPN RR, a VPN opening equipment and VPN RR cooperation mechanism is introduced, a mechanism for storing and processing MP-BGP routing by VPN RR is improved, and VPN RR is realized to send VPN routing to PE as required. The invention can help the operator to improve the efficiency of route distribution, save the bandwidth of the backbone network and the CPU resource of the equipment, and more efficiently develop MPLS VPN service.
Thus far, the present invention has been described in detail. Some details well known in the art have not been described in order to avoid obscuring the concepts of the present invention. It will be fully apparent to those skilled in the art from the foregoing description how to practice the presently disclosed embodiments.
The method and system of the present invention may be implemented in a number of ways. For example, the methods and systems of the present invention may be implemented in software, hardware, firmware, or any combination of software, hardware, and firmware. The above-described order for the steps of the method is for illustrative purposes only, and the steps of the method of the present invention are not limited to the order specifically described above unless specifically indicated otherwise. Furthermore, in some embodiments, the present invention may also be embodied as a program recorded in a recording medium, the program including machine-readable instructions for implementing a method according to the present invention. Thus, the present invention also covers a recording medium storing a program for executing the method according to the present invention.
Although some specific embodiments of the present invention have been described in detail by way of illustration, it should be understood by those skilled in the art that the above illustration is only for the purpose of illustration and is not intended to limit the scope of the invention. It will be appreciated by those skilled in the art that modifications may be made to the above embodiments without departing from the scope and spirit of the invention. The scope of the invention is defined by the appended claims.

Claims (16)

1. A method of transmitting a VPN route, comprising:
when the virtual private network VPN opening device issues configuration to a network side edge PE device, a routing target RT field of the PE device and a PE loopback Internet protocol Loopback IP address are collected, combination information comprising the RT field and the PE Loopback IP address is generated, and the combination information is synchronized to a VPN route reflector RR, wherein the combination information further comprises an RT updating identifier, and the RT updating identifier comprises: the RT full updating mark, the RT adding mark and the RT canceling mark; and
after receiving the combined information, the VPN RR generates a route set corresponding to the RT field in the combined information, and sends a VPN route in the route set to a PE device according to a PE Loopback IP address in the combined information.
2. The method of claim 1, wherein the step of generating the set of routes corresponding to the RT field in the combined information by the VPN RR comprises:
and the VPN RR acquires a route set corresponding to the RT field from stored VPN route information according to the RT field, and generates a Border Gateway Protocol (BGP) update message corresponding to the PE LoopbackIP address according to the route set, wherein the BGP update message comprises VPN routes in the route set.
3. The method of claim 1, wherein during the synchronization of the VPN provisioning device to VPNRR of the combined information,
and when the VPN opening equipment is firstly connected with the VPN RR, the combined information of the PE equipment in the whole network is instantly synchronized to the VPN RR in a full-quantity updating mode.
4. The method of claim 1, wherein during the synchronization of the VPN provisioning device to VPNRR of the combined information,
and when the VPN opening device adds, modifies or cancels the user VPN service to the PE device, the VPN opening device synchronizes the combined information of the PE device to the VPN RR in real time in an incremental updating mode.
5. The method of claim 1, further comprising:
when the VPN opening device performs a new adding operation of a user VPN service to the PE device, the VPN opening device generates new adding combination information < PE Loopback IP address, RT field needing to be added newly, and RT new adding identification > corresponding to the PE device, and synchronizes the new adding combination information to the VPN RR;
after receiving the newly added combination information, the VPN RR increases the correspondence between the PE device and the route set corresponding to the RT field to be newly added according to the RT newly added identifier, and sends a BGP update message to the PE device to notify the PE device of the route information in the newly added route set.
6. The method of claim 1, further comprising:
when the VPN opening device performs logout operation of user VPN service on the PE device, the VPN opening device generates logout combination information < PE Loopback IP address, RT field needing logout, RT logout identification > corresponding to the PE device, and synchronizes the logout combination information to the VPN RR;
after receiving the logout combination information, the VPN RR deletes the correspondence between the PE device and the route set corresponding to the RT field to be logout according to the RT logout identifier, and sends a BGP revocation message to the PE device to notify the PE device of the route information in the logout route set.
7. The method of claim 1, further comprising:
when the VPN opening device modifies the user VPN service of the PE device, the VPN opening device generates two pieces of combined information corresponding to the PE device, namely cancellation combined information < PE Loopback IP address, RT field before modification, RT cancellation mark > and newly added combined information < PE Loopback IP address, modified RT field, RT newly added mark >, and synchronizes the two pieces of combined information to the VPN RR;
after receiving the two pieces of combined information, the VPN RR deletes the correspondence between the PE device and the route set corresponding to the RT field before modification according to the RT deregistration identifier, increases the correspondence between the PE device and the route set corresponding to the RT field after modification according to the RT addition identifier, and sends a BGP revocation message to the PE device to notify the PE device of the route information in the deregistered route set, and sends a BGP update message to the PE device to notify the PE device of the route information in the added route set.
8. The method of claim 1, wherein during the synchronization of the VPN provisioning device to VPNRR of the combined information,
and when the VPN opening equipment periodically polls the PE equipment, periodically synchronizing the combined information of the PE equipment to the VPNRR in a full-quantity updating mode.
9. A system for transmitting a VPN route, comprising:
the VPN opening device is used for collecting an RT field and a PELoopback IP address of the PE device when configuration is issued to the PE device, generating combined information containing the RT field and the PE Loopback IP address, and synchronizing the combined information to a VPN RR, wherein the combined information further contains an RT updating identifier, and the RT updating identifier comprises: the RT full updating mark, the RT adding mark and the RT canceling mark; and
and the VPN RR is used for generating a route set corresponding to the RT field in the combined information after receiving the combined information, and sending the VPN route in the route set to the PE equipment according to the PE Loopback IP address in the combined information.
10. The system of claim 9,
and the VPN RR acquires a route set corresponding to the RT field from stored VPN route information according to the RT field, and generates a BGP update message corresponding to the PE LoopbackIP address according to the route set, wherein the BGP update message comprises VPN routes in the route set.
11. The system of claim 9,
and when the VPN opening equipment is firstly connected with the VPN RR, the combined information of the PE equipment in the whole network is instantly synchronized to the VPN RR in a full-quantity updating mode.
12. The system of claim 9,
and when the VPN opening device adds, modifies or cancels the user VPN service to the PE device, the VPN opening device synchronizes the combined information of the PE device to the VPN RR in real time in an incremental updating mode.
13. The system of claim 9,
when the VPN opening device performs a new adding operation of a user VPN service to the PE device, the VPN opening device generates new adding combination information < PE Loopback IP address, RT field needing to be added newly, and RT new adding identification > corresponding to the PE device, and synchronizes the new adding combination information to the VPN RR;
after receiving the newly added combination information, the VPN RR increases the correspondence between the PE device and the route set corresponding to the RT field to be newly added according to the RT newly added identifier, and sends a BGP update message to the PE device to notify the PE device of the route information in the newly added route set.
14. The system of claim 9,
when the VPN opening device performs logout operation of user VPN service on the PE device, the VPN opening device generates logout combination information < PE Loopback IP address, RT field needing logout, RT logout identification > corresponding to the PE device, and synchronizes the logout combination information to the VPN RR;
after receiving the logout combination information, the VPN RR deletes the correspondence between the PE device and the route set corresponding to the RT field to be logout according to the RT logout identifier, and sends a BGP revocation message to the PE device to notify the PE device of the route information in the logout route set.
15. The system of claim 9,
when the VPN opening device modifies the user VPN service of the PE device, the VPN opening device generates two pieces of combined information corresponding to the PE device, namely cancellation combined information < PE Loopback IP address, RT field before modification, RT cancellation mark > and newly added combined information < PE Loopback IP address, modified RT field, RT newly added mark >, and synchronizes the two pieces of combined information to the VPN RR;
after receiving the two pieces of combined information, the VPN RR deletes the correspondence between the PE device and the route set corresponding to the RT field before modification according to the RT deregistration identifier, increases the correspondence between the PE device and the route set corresponding to the RT field after modification according to the RT addition identifier, and sends a BGP revocation message to the PE device to notify the PE device of the route information in the deregistered route set, and sends a BGP update message to the PE device to notify the PE device of the route information in the added route set.
16. The system of claim 9,
and when the VPN opening equipment periodically polls the PE equipment, periodically synchronizing the combined information of the PE equipment to the VPNRR in a full-quantity updating mode.
CN201610850707.0A 2016-09-26 2016-09-26 Method and system for transmitting VPN route Active CN107872387B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610850707.0A CN107872387B (en) 2016-09-26 2016-09-26 Method and system for transmitting VPN route

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610850707.0A CN107872387B (en) 2016-09-26 2016-09-26 Method and system for transmitting VPN route

Publications (2)

Publication Number Publication Date
CN107872387A CN107872387A (en) 2018-04-03
CN107872387B true CN107872387B (en) 2020-10-13

Family

ID=61751326

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610850707.0A Active CN107872387B (en) 2016-09-26 2016-09-26 Method and system for transmitting VPN route

Country Status (1)

Country Link
CN (1) CN107872387B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111371665B (en) * 2018-12-25 2022-05-13 华为技术有限公司 Routing restriction method and network equipment
CN111181830B (en) * 2020-01-03 2021-11-16 烽火通信科技股份有限公司 TX increment calculation method and system based on network management L3vpn service
CN113595900B (en) * 2020-04-30 2022-09-23 中国电信股份有限公司 Routing control method, device and system and border gateway protocol peer

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101605087A (en) * 2008-06-12 2009-12-16 中国电信股份有限公司 Flow information extraction method, equipment and system
CN103259724A (en) * 2012-02-15 2013-08-21 中兴通讯股份有限公司 Method, system and client edge device for implementing MPLS VPN
CN104219147A (en) * 2013-06-05 2014-12-17 中兴通讯股份有限公司 Implementation method and device of VPN (virtual private network) for edge equipment
CN104468348A (en) * 2014-12-22 2015-03-25 迈普通信技术股份有限公司 Service provider boundary routers, system and method for achieving fast VPN rerouting
EP2983331A1 (en) * 2012-02-21 2016-02-10 Huawei Technologies Co., Ltd. Method and device for storing and sending mac address entry

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101605087A (en) * 2008-06-12 2009-12-16 中国电信股份有限公司 Flow information extraction method, equipment and system
CN103259724A (en) * 2012-02-15 2013-08-21 中兴通讯股份有限公司 Method, system and client edge device for implementing MPLS VPN
EP2983331A1 (en) * 2012-02-21 2016-02-10 Huawei Technologies Co., Ltd. Method and device for storing and sending mac address entry
CN104219147A (en) * 2013-06-05 2014-12-17 中兴通讯股份有限公司 Implementation method and device of VPN (virtual private network) for edge equipment
CN104468348A (en) * 2014-12-22 2015-03-25 迈普通信技术股份有限公司 Service provider boundary routers, system and method for achieving fast VPN rerouting

Also Published As

Publication number Publication date
CN107872387A (en) 2018-04-03

Similar Documents

Publication Publication Date Title
US10284466B2 (en) Service processing method, device, and system
CN108964940B (en) Message sending method and device and storage medium
US20120297087A1 (en) Method And Apparatus For Message Distribution In A Device Management System
CN107181812B (en) Acceleration agent device, acceleration agent method and content management system
US8964749B2 (en) Method, device and system for establishing a pseudo wire
CN107872387B (en) Method and system for transmitting VPN route
CN108632147B (en) Message multicast processing method and device
CN109076019A (en) Addressing for customer rs premise LAN extension
US20230308391A1 (en) Communication of policy changes in lisp-based software defined networks
JP2019519146A (en) Routing establishment, packet transmission
CN113904981B (en) Routing information processing method and device, electronic equipment and storage medium
CN107888501B (en) Routing update message sending method, routing update (RR), network equipment and network system
EP4142227A1 (en) Method and apparatus for sending multicast message
CN111277501B (en) Method, equipment and system for controlling downlink data network selection
CN109309619A (en) The implementation method and device of two-dimentional Routing Protocol between a kind of domain
CN112054962B (en) Method and device for realizing multicast
CN114124802A (en) Cross-domain black hole route centralized management and control method and device
CN106878051B (en) Multi-machine backup implementation method and device
CN114422415A (en) Egress node processing flows in segmented routing
CN113612812B (en) Implementation of distributed group server and data synchronization method thereof
CN108512762B (en) Multicast implementation method and device
CN116319514B (en) Data processing method and related device
US9525615B2 (en) Systems and methods for implementing multiple ISIS routing instances on a network element
CN108243080B (en) Intelligent method and device for optical network unit
CN114374643A (en) Communication method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant