CN113746715B - Method and device for realizing cross-three-layer transmission of two-layer message - Google Patents

Method and device for realizing cross-three-layer transmission of two-layer message Download PDF

Info

Publication number
CN113746715B
CN113746715B CN202110803995.5A CN202110803995A CN113746715B CN 113746715 B CN113746715 B CN 113746715B CN 202110803995 A CN202110803995 A CN 202110803995A CN 113746715 B CN113746715 B CN 113746715B
Authority
CN
China
Prior art keywords
tunnel
eogre
network device
network
message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110803995.5A
Other languages
Chinese (zh)
Other versions
CN113746715A (en
Inventor
徐晓娟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing H3C Technologies Co Ltd
Original Assignee
Beijing H3C Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing H3C Technologies Co Ltd filed Critical Beijing H3C Technologies Co Ltd
Priority to CN202110803995.5A priority Critical patent/CN113746715B/en
Publication of CN113746715A publication Critical patent/CN113746715A/en
Application granted granted Critical
Publication of CN113746715B publication Critical patent/CN113746715B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • H04L12/4645Details on frame tagging
    • H04L12/465Details on frame tagging wherein a single frame includes a plurality of VLAN tags

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The application provides a method and a device for realizing cross-three-layer transmission of a two-layer message, wherein the method is applied to first network equipment and comprises the following steps: sending a first ICMP request message to the second network equipment through the EoGRE tunnel; when the first ICMP response message sent by the second network equipment is not received within the preset time, determining that the EoGRE tunnel is unreachable, and setting the state of the EoGRE tunnel to be a down state; obtaining a VLAN identifier to which a two-layer virtual Ethernet port mapped in the first network equipment by the EoGRE tunnel belongs; and sending a first notification message to the user terminal in the VLAN indicated by the VLAN identifier according to the VLAN identifier, so that the user terminal does not select the first network device as an access device for accessing the network according to the first notification message.

Description

Method and device for realizing cross-three-layer transmission of two-layer message
Technical Field
The present application relates to the field of communications technologies, and in particular, to a method and an apparatus for implementing a two-layer packet transmission across three layers.
Background
At present, virtual eXtensible Local Area Network (VXLAN) technology can provide Network interworking between tenants of different sites. VXLAN technology uses the existing three-layer physical network as the Underlay (Underlay) network. A virtual two-layer network, namely an upper layer (Overlay) network, is constructed on the Underlay network. The Overlay network encapsulates the two-layer message by an encapsulation technology, and forwards the encapsulated two-layer message by using a three-layer forwarding path provided by the Underlay network. Therefore, network intercommunication among tenants of different sites is realized.
In the process of realizing network intercommunication among tenants of different sites by using the VXLAN technology, certain requirements are also put forward on network equipment, namely the interconnected network equipment is required to support the VXLAN technology, otherwise, the network equipment cannot realize transmission of two-layer messages of the tenants across a three-layer network; in addition, although the network device supports the VXLAN technology, it cannot know the state of the established VXLAN tunnel, and if the VXLAN tunnel is in a down (down) state at this time, the network device discards the two-layer message of the tenant in an undefined VXLAN tunnel state.
Disclosure of Invention
In view of this, the present application provides a method and an apparatus for implementing cross-three-layer transmission of a two-layer message, so as to solve the problem that in the process of implementing network interworking between tenants of different sites by using a VXLAN technology, network devices all need to support the VXLAN technology and cannot know the state of a VXLAN tunnel, thereby discarding the two-layer message of a tenant.
In a first aspect, the present application provides a method for implementing a two-layer packet cross-three-layer transmission, where the method is applied to a first network device, and the first network device interacts a data packet with a second network device through an established EoGRE tunnel, and the method includes:
sending a first ICMP request message to the second network equipment through the EoGRE tunnel;
when the first ICMP response message sent by the second network equipment is not received within the preset time, determining that the EoGRE tunnel is unreachable, and setting the state of the EoGRE tunnel to be a down state;
obtaining a VLAN identifier to which a two-layer virtual Ethernet port mapped in the first network equipment by the EoGRE tunnel belongs;
and sending a first notification message to the user terminal in the VLAN indicated by the VLAN identifier according to the VLAN identifier, so that the user terminal does not select the first network device as an access device for accessing the network according to the first notification message.
In a second aspect, the present application provides an apparatus for implementing two-layer packet transmission across three layers, where the apparatus is applied to a first network device, and the first network device interacts a data packet with a second network device through an established EoGRE tunnel, and the apparatus includes:
a sending unit, configured to send a first ICMP request packet to the second network device through the EoGRE tunnel;
a setting unit, configured to determine that the EoGRE tunnel is unreachable and set a state of the EoGRE tunnel to a down state when the first ICMP response packet sent by the second network device is not received within a preset time;
an obtaining unit, configured to obtain a VLAN identifier to which a layer two virtual ethernet port mapped in the first network device by the EoGRE tunnel belongs;
the sending unit is further configured to send a first notification message to the user terminal in the VLAN indicated by the VLAN identifier according to the VLAN identifier, so that the user terminal does not select the first network device as an access device accessing the network according to the first notification message.
In a third aspect, the present application provides a network device comprising a processor and a machine-readable storage medium storing machine-executable instructions executable by the processor, the processor being caused by the machine-executable instructions to perform the method provided by the first aspect of the present application.
Therefore, by applying the method and the device for realizing the three-layer-crossing transmission of the two-layer message, the first network device sends the first ICMP request message to the second network device through the EoGRE tunnel; when a first ICMP response message sent by second network equipment is not received within preset time, the first network equipment determines that an EoGRE tunnel is unreachable and sets the state of the EoGRE tunnel to be a down state; acquiring a VLAN (virtual local area network) identifier to which a two-layer virtual Ethernet port mapped in first network equipment by an EoGRE (Ethernet over GRE) tunnel belongs; according to the VLAN identification, the first network equipment sends a first notification message to the user terminal in the VLAN indicated by the VLAN identification, so that the user terminal does not select the first network equipment as the access equipment for accessing the network according to the first notification message.
Therefore, the first network device and the second network device can detect the state of the EoGRE tunnel by mutually sending ICMP messages, and the first network device and the second network device do not need to support the VXLAN technology, so that the problem that in the process of realizing network intercommunication among tenants of different sites by using the VXLAN technology, the network devices all need to support the VXLAN technology and cannot know the state of the VXLAN tunnel, and the two-layer message of the tenant is discarded is solved. And realizing the transmission of the two-layer Ethernet message across the three-layer IP network through the EoGRE tunnel.
Drawings
Fig. 1 is a flowchart of a method for implementing a two-layer packet transmission across three layers according to an embodiment of the present application;
fig. 2 is a structural diagram of a device for implementing three-layer packet transmission in an embodiment of the present application;
fig. 3 is a hardware structure of a network device according to an embodiment of the present disclosure.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the exemplary embodiments below do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the application, as detailed in the appended claims.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this application and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the corresponding listed items.
It should be understood that although the terms first, second, third, etc. may be used herein to describe various information, such information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present application. The word "if" as used herein may be interpreted as "at" \8230; "or" when 8230; \8230; "or" in response to a determination ", depending on the context.
The method for implementing the transmission of the two-layer packet across three layers provided in the embodiment of the present application is described in detail below. Referring to fig. 1, fig. 1 is a flowchart of a method for implementing cross-three layer transmission of a two-layer message according to an embodiment of the present disclosure. The method is applied to a first network device, where the network device may be specifically a device for supporting Media Access Control Address (MAC) forwarding, for example, an AP, a switch, a router, and the like.
Step 110, sending a first ICMP request message to the second network device through the EoGRE tunnel.
Specifically, the first network device transmits an Ethernet over GRE (EoGRE for short) tunnel through the established generic routing encapsulation to interact with the second network device. That is, one end of the EoGRE tunnel is a first network device, and the other end is a second network device.
The first Network device enables a keep-alive (keep) function to the EoGRE tunnel portal, and creates a Network Quality Analysis (NQA) detection instance at the EoGRE tunnel portal.
In the NQA detection example, according to the source address and the destination address of the EoGRE tunnel, the first network device generates a first network Control Message Protocol (ICMP) request Message.
After generating the first ICMP request message, the first network device sends the first ICMP request message to the second network device through the EoGRE tunnel.
And step 120, when the first ICMP response packet sent by the second network device is not received within a preset time, determining that the EoGRE tunnel is not reachable, and setting the state of the EoGRE tunnel to a down state.
Specifically, after the first network device sends the first ICMP request message, a timer is started. And the first network equipment judges whether a first ICMP response message sent by the second network equipment is received or not within the time set by the timer.
And after receiving the first ICMP request message, the second network equipment determines that the second network equipment is the first ICMP request message sent by the first network equipment. The second network equipment generates a first ICMP response message and sends the first ICMP response message to the first network equipment through the EoGRE tunnel.
If the first ICMP response message sent by the second network device is not received within the preset time, the first network device determines that the EoGRE tunnel is not reachable, and sets the state of the EoGRE tunnel to a down state.
It should be noted that the timer configured in the first network device may be specifically set to 3s. The first network device may send a first ICMP request message to the second network device every other timing period, and when the first ICMP response message is not received in both consecutive timing periods, the first network device determines that the EoGRE tunnel is unreachable, and sets the state of the EoGRE tunnel to a down state.
For example, after sending the first ICMP request message, the first network device waits for 3s, and determines whether the first ICMP response message is received during the process of waiting for 3s. If the first network device does not receive the first ICMP response message in the process of waiting for 3s, the first network device sends the first ICMP to the second network device again after 3s, waits for 3s, and judges whether the first ICMP response message is received or not in the process of waiting for 3s. If the first network device does not receive the first ICMP response message in the process of waiting for 3s, the first network device determines that the EoGRE tunnel is unreachable, and sets the state of the EoGRE tunnel to a down state.
Step 130, obtaining the VLAN id of the second layer virtual ethernet port mapped in the first network device by the EoGRE tunnel.
Specifically, according to the description in step 120, after the first network device determines that the EoGRE tunnel is unreachable and sets the state of the EoGRE tunnel to a down state, the first network device determines the tunnel portal identifier of the EoGRE tunnel according to the source address and the destination address of the EoGRE tunnel.
According to the tunnel port identifier, the first Network device obtains, from the Local interface mapping table, a two-layer Virtual ethernet port identifier mapped to the tunnel port indicated by the EoGRE tunnel port identifier, and a Virtual Local Area Network (VLAN) identifier to which the two-layer Virtual ethernet port indicated by the two-layer Virtual ethernet port identifier belongs.
Step 140, according to the VLAN identifier, sending a first notification message to the user terminal in the VLAN indicated by the VLAN identifier, so that the user terminal no longer selects the first network device as an access device for accessing the network according to the first notification message.
Specifically, according to the description in step 130, after the first network device obtains the VLAN identifier to which the layer two virtual ethernet port belongs, the first network device generates a first notification message, where the first notification message hides the identifier of the first network device.
And according to the VLAN identification, the first network equipment sends a first notification message to the user terminal in the VLAN indicated by the VLAN identification. After the user terminal receives the first notification message, the user terminal does not select the first network device as the access device for accessing the network because the identifier of the first network device cannot be obtained.
Therefore, by applying the method and the device for realizing the three-layer-crossing transmission of the two-layer message, the first network device sends the first ICMP request message to the second network device through the EoGRE tunnel; when the first ICMP response message sent by the second network equipment is not received within the preset time, the first network equipment determines that the EoGRE tunnel is unreachable and sets the state of the EoGRE tunnel to be a down state; acquiring a VLAN (virtual local area network) identifier to which a two-layer virtual Ethernet port mapped in first network equipment by an EoGRE (Ethernet over GRE) tunnel belongs; according to the VLAN identification, the first network device sends a first notification message to the user terminal in the VLAN indicated by the VLAN identification, so that the user terminal does not select the first network device as an access device for accessing the network according to the first notification message.
Therefore, the first network device and the second network device can detect the state of the EoGRE tunnel by mutually sending ICMP messages, and the first network device and the second network device do not need to support the VXLAN technology, so that the problem that in the process of realizing network intercommunication among tenants of different sites by using the VXLAN technology, the network devices all need to support the VXLAN technology and cannot know the state of the VXLAN tunnel, and the two-layer message of the tenant is discarded is solved. And realizing the transmission of the two-layer Ethernet message across the three-layer IP network through the EoGRE tunnel.
Optionally, in this embodiment of the present application, the method further includes a process that the first network device receives the first ICMP response message within a preset time.
Specifically, when receiving a first ICMP response packet sent by the second network device within a preset time, the first network device determines that the EoGRE tunnel is reachable, and sets the state of the EoGRE tunnel to an online (up) state.
Optionally, in this embodiment of the present application, the method further includes a process that after the EoGRE tunnel is changed from the down state to the up state, the first network device sends a second notification message to the user terminal.
Specifically, according to the foregoing steps, it can be seen that the EoGRE tunnel is currently in a down state, and the first network device may generate the second ICPM request packet again, and send the second ICMP request packet to the second network device through the EoGRE tunnel.
It is understood that a timer may also be started after the first network device sends the second ICMP request message. And the first network equipment judges whether a second ICMP response message sent by the second network equipment is received or not within the time set by the timer.
And after receiving the second ICMP request message, the second network equipment determines that the second ICMP request message is sent by the first network equipment. And the second network equipment generates a second ICMP response message and sends the second ICMP response message to the first network equipment through the EoGRE tunnel.
If the second ICMP response message sent by the second network equipment is received within the preset time, the first network equipment determines that the EoGRE tunnel is accessible and is changed from the down state to the up state. The first network device sets the state of the EoGRE tunnel to the up state.
It should be noted that the timer configured in the first network device may be specifically set to 3s. The first network device may send a second ICMP request message to the second network device every other timing period.
And in a timing period, the first network equipment receives the second ICMP response message, determines that the EoGRE tunnel is accessible and is converted from the down state to the up state. The first network device sets the state of the EoGRE tunnel to the up state.
Or, when receiving the second ICMP response message in two consecutive timing periods, the first network device determines that the EoGRE tunnel is reachable and has been changed from the down state to the up state. The first network device sets the state of the EoGRE tunnel to the up state.
And after the first network equipment determines that the EoGRE tunnel is reachable and sets the state of the EoGRE tunnel to be the up state, the first network equipment determines the tunnel port identification of the EoGRE tunnel according to the source address and the destination address of the EoGRE tunnel.
According to the tunnel port identifier, the first network device obtains, from the local interface mapping table, a identifier of a second layer virtual ethernet port mapped to the tunnel port indicated by the EoGRE tunnel port identifier, and a VLAN identifier to which the second layer virtual ethernet port indicated by the second layer virtual ethernet port identifier belongs.
After the first network device obtains the identifier of the VLAN to which the second layer virtual ethernet port belongs, the first network device generates a second notification message, where the second notification message includes the identifier of the first network device.
And according to the VLAN identification, the first network equipment sends a second notification message to the user terminal in the VLAN indicated by the VLAN identification. After receiving the second notification message, the user terminal acquires the identifier of the first network device from the second notification message, so that the user terminal can select the first network device as an access device for accessing the network.
Optionally, in this embodiment of the present application, a process in which the first network device and the second network device interact data packets through an EoGRE tunnel is further included.
Specifically, the first network device receives an original data packet sent by the first user terminal, where the original data packet includes a destination MAC address. And according to the destination MAC address, the first network equipment acquires the identifier of the two-layer virtual Ethernet matched with the destination MAC address from the local MAC address table.
According to the identifier of the two-layer virtual Ethernet, the first network device obtains a tunnel port identifier matched with the identifier of the two-layer virtual Ethernet from a local interface mapping table, and the tunnel port indicated by the tunnel port identifier supports an EoGRE mode.
The first network equipment carries out tunnel encapsulation processing on the original data message to obtain a first data message, wherein the first data message comprises an outer layer IP head, and the outer layer IP head comprises a destination IP address.
It should be noted that, according to the actual networking situation, two encapsulation methods exist in the process of the first network device performing tunnel encapsulation processing on the original data packet:
the first packaging mode is as follows: when no Network Address Translation (NAT) device exists in the Network, i.e. the EoGRE tunnel does not need to pass through the NAT device, a Generic Routing Encapsulation (GRE) header is encapsulated at the outer layer of the original data packet, and then an outer IP header is encapsulated to obtain the first data packet.
The second packaging method is as follows: when the NAT device exists in the networking, that is, the EoGRE tunnel needs to pass through the NAT device, the GRE header is encapsulated on the outer layer of the original data packet, then the User Datagram Protocol (UDP) header is encapsulated, and finally the outer IP header is encapsulated to obtain the first data packet.
According to the destination IP address, the first network equipment acquires a first interface matched with the destination IP address from a local routing table, wherein the first interface is a physical port corresponding to the tunnel port.
Through the first interface, the first network device sends a first data message to the second network device by using the EoGRE tunnel.
Further, after receiving the first data packet, the second network device obtains a destination IP address included in the outer IP header, and determines that the destination IP address is a local IP address. According to the destination IP address, the second network device obtains the tunnel portal matched with the destination IP address from the state table of the local tunnel up. In this manner, the second network device may determine that the first data packet was sent by the first network device through the EoGRE tunnel. And when the subsequent second network equipment sends the data message to the first network equipment, selecting the tunnel port and sending the data message through the EoGRE tunnel.
Meanwhile, according to the value of the protocol number field included in the outer IP header being 6558, the second network device determines that the first data packet is a two-layer data packet. And the second network equipment de-encapsulates the first data message to obtain an original data message, wherein the original data message comprises a destination MAC address.
It should be noted that, according to the actual networking situation, in the process of performing tunnel decapsulation processing on the first data packet, the second network device has two decapsulation modes:
the first decapsulation method comprises: when the NAT equipment does not exist in the network group, namely the EoGRE tunnel does not need to penetrate through the NAT equipment, the outer layer IP head of the first data message is stripped, and then the GRE head is stripped to obtain the original data message.
The second decapsulation mode: when the NAT device exists in the networking, that is, the EoGRE tunnel needs to pass through the NAT device, the outer IP header of the first data packet is stripped, then the UDP header is stripped, and finally the GRE header is stripped to obtain the original data packet.
And according to the destination MAC address included in the original data, the second network equipment acquires the outgoing interface matched with the destination MAC address from the local MAC address table. And through the output interface, the second network equipment forwards the original data message to the accessed second user terminal.
Furthermore, the second user terminal may also send a data packet to the first user terminal. And the second network equipment generates and sends a second data message to the first network equipment through the EoGRE tunnel. It is understood that the second network device may also generate the second data packet according to the aforementioned manner in which the first network device generates the first data packet, and the description thereof is not repeated here
Similarly, after receiving the second data packet, the first network device may also process the second data packet according to the manner in which the second network device processes the first data packet, which is not repeated here.
Based on the same inventive concept, the embodiment of the application also provides a device for realizing the transmission of the two-layer message across three layers, which corresponds to the method for realizing the transmission of the two-layer message across three layers. Referring to fig. 2, fig. 2 is a structural diagram of an apparatus for implementing two-layer packet transmission across three layers according to an embodiment of the present disclosure. The device is applied to a first network device, the first network device interacts data messages with a second network device through an established EoGRE tunnel, and the device comprises:
a sending unit 210, configured to send a first ICMP request message to the second network device through the EoGRE tunnel;
a setting unit 220, configured to determine that the EoGRE tunnel is unreachable when the first ICMP response packet sent by the second network device is not received within a preset time, and set a state of the EoGRE tunnel to a down state;
an obtaining unit 230, configured to obtain a VLAN identifier to which a layer two virtual ethernet port mapped in the first network device by the EoGRE tunnel belongs;
the sending unit 210 is further configured to send a first notification message to the user terminal in the VLAN indicated by the VLAN identifier according to the VLAN identifier, so that the user terminal does not select the first network device as an access device accessing the network according to the first notification message.
Optionally, the setting unit 220 is further configured to determine that the EoGRE tunnel is reachable when the first ICMP response packet sent by the second network device is received within a preset time, and set the state of the EoGRE tunnel to an up state.
Optionally, the sending unit 210 is further configured to send a second ICMP request packet to the second network device through the EoGRE tunnel;
the setting unit 220 is further configured to determine that the EoGRE tunnel is reachable when receiving a second ICMP response packet sent by the second network device within a preset time, and set the state of the EoGRE tunnel to an up state;
the sending unit 210 is further configured to send a second notification message to the user terminal in the VLAN indicated by the VLAN identifier according to the VLAN identifier, so that the user terminal selects the first network device as an access device accessing the network according to the second notification message.
Optionally, the apparatus further comprises: a receiving unit (not shown in the figure) for receiving an original data packet sent by a user terminal, wherein the original data packet includes a destination MAC address;
the obtaining unit 230 is further configured to obtain, according to the destination MAC address, a second-layer virtual ethernet port identifier matching the destination MAC address from a local MAC address table;
acquiring a tunnel portal identifier matched with the two-layer virtual Ethernet identifier from a local interface mapping table according to the two-layer virtual Ethernet identifier, wherein the tunnel portal indicated by the tunnel portal identifier supports an EoGRE mode;
the device further comprises: an encapsulating unit (not shown in the figure), configured to perform tunnel encapsulation processing on the original data packet to obtain a first data packet, where the first data packet includes an outer IP header, and the outer IP header includes a destination IP address;
the obtaining unit 230 is further configured to obtain, according to the destination IP address, a first interface matched with the destination IP address in a local routing table, where the first interface is a physical port corresponding to the tunnel port;
the sending unit 210 is further configured to send the first data packet to the second network device through the first interface by using the EoGRE tunnel.
Optionally, the receiving unit (not shown in the figure) is further configured to receive a second data message sent by the second network device, where the second data message includes an outer IP header, and the outer IP header includes a destination IP address;
the device further comprises: a decapsulating unit (not shown in the figure), configured to decapsulate the second data packet to obtain an original data packet when the destination IP address is a local IP address of the first network device, where the original data packet includes a destination MAC address;
the obtaining unit 230 is further configured to obtain, according to the destination MAC address, an outgoing interface matched with the destination MAC address from a local MAC address table;
the sending unit 210 is further configured to forward the original data packet to the user terminal through the output interface.
Therefore, by applying the method and the device for realizing the cross-three-layer transmission of the two-layer message, the first network device sends the first ICMP request message to the second network device through the EoGRE tunnel; when the first ICMP response message sent by the second network equipment is not received within the preset time, the first network equipment determines that the EoGRE tunnel is unreachable and sets the state of the EoGRE tunnel to be a down state; acquiring a VLAN (virtual local area network) identifier to which a two-layer virtual Ethernet port mapped in first network equipment by an EoGRE (Ethernet over GRE) tunnel belongs; according to the VLAN identification, the first network device sends a first notification message to the user terminal in the VLAN indicated by the VLAN identification, so that the user terminal does not select the first network device as an access device for accessing the network according to the first notification message.
Therefore, the first network device and the second network device can detect the state of the EoGRE tunnel by mutually sending ICMP messages, and the first network device and the second network device do not need to support the VXLAN technology, so that the problem that in the process of realizing network intercommunication among tenants of different sites by using the VXLAN technology, the network devices all need to support the VXLAN technology and cannot know the state of the VXLAN tunnel, and the two-layer message of the tenant is discarded is solved. And realizing the transmission of the two-layer Ethernet message across the three-layer IP network through the EoGRE tunnel.
Based on the same inventive concept, the present application further provides a network device, as shown in fig. 3, including a processor 310, a transceiver 320, and a machine-readable storage medium 330, where the machine-readable storage medium 330 stores machine-executable instructions capable of being executed by the processor 310, and the processor 310 is caused by the machine-executable instructions to perform the method for implementing transmission of a two-layer packet across three layers, which is provided by the present application. The apparatus for implementing the transmission of the two-layer packet across three layers shown in fig. 2 may be implemented by using a hardware structure of a network device shown in fig. 3.
The computer-readable storage medium 330 may include a Random Access Memory (RAM) or a Non-volatile Memory (NVM), such as at least one disk Memory. Optionally, the computer-readable storage medium 330 may also be at least one memory device located remotely from the processor 310.
The Processor 310 may be a general-purpose Processor, and includes a Central Processing Unit (CPU), a Network Processor (NP), and the like; the Integrated Circuit can also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA), or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components.
In this embodiment, the processor 310, by reading the machine executable instructions stored in the machine-readable storage medium 330, is caused by the machine executable instructions to implement the processor 310 itself and to invoke the transceiver 320 to execute the method for implementing the transmission of the two-layer message across three layers described in this embodiment of the present application.
In addition, the embodiment of the present application provides a machine-readable storage medium 330, where the machine-readable storage medium 330 stores machine executable instructions, and when the machine executable instructions are called and executed by the processor 310, the machine executable instructions cause the processor 310 itself and the calling transceiver 320 to perform the method for implementing the transmission of the two-layer message across three layers described in the foregoing embodiment of the present application.
The implementation process of the functions and actions of each unit in the above device is specifically described in the implementation process of the corresponding step in the above method, and is not described herein again.
For the device embodiments, since they substantially correspond to the method embodiments, reference may be made to the partial description of the method embodiments for relevant points. The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one position, or may be distributed on multiple network units. Some or all of the modules can be selected according to actual needs to achieve the purpose of the scheme of the application. One of ordinary skill in the art can understand and implement it without inventive effort.
For the device and machine-readable storage medium embodiments for implementing the transmission of the two-layer message across three layers, the content of the related method is basically similar to that of the foregoing method embodiments, so that the description is relatively simple, and for relevant points, reference may be made to part of the description of the method embodiments.
The above description is only a preferred embodiment of the present application and should not be taken as limiting the present application, and any modifications, equivalents, improvements and the like made within the spirit and principle of the present application should be included in the protection scope of the present application.

Claims (10)

1. A method for realizing the transmission of two-layer messages across three layers is characterized in that the method is applied to a first network device, the first network device interacts data messages with a second network device through an established EoGRE tunnel, and the method comprises the following steps:
sending a first ICMP request message to the second network equipment through the EoGRE tunnel;
when the first ICMP response message sent by the second network equipment is not received within the preset time, determining that the EoGRE tunnel is unreachable, and setting the state of the EoGRE tunnel to be a down state;
obtaining a VLAN identifier to which a two-layer virtual Ethernet port mapped in the first network equipment by the EoGRE tunnel belongs;
and sending a first notification message to the user terminal in the VLAN indicated by the VLAN identification according to the VLAN identification, so that the user terminal does not select the first network device as an access device for accessing the network according to the first notification message.
2. The method of claim 1, further comprising:
and when receiving a first ICMP response message sent by the second network equipment within preset time, determining that the EoGRE tunnel is accessible, and setting the state of the EoGRE tunnel to be in an up state.
3. The method of claim 1, further comprising:
sending a second ICMP request message to the second network equipment through the EoGRE tunnel;
when a second ICMP response message sent by the second network equipment is received within preset time, determining that the EoGRE tunnel is reachable, and setting the state of the EoGRE tunnel to be an up state;
and sending a second notification message to the user terminal in the VLAN indicated by the VLAN identifier according to the VLAN identifier, so that the user terminal selects the first network device as an access device for accessing the network according to the second notification message.
4. The method of claim 1, further comprising:
receiving an original data message sent by a user terminal, wherein the original data message comprises a destination MAC address;
according to the destination MAC address, acquiring a two-layer virtual Ethernet identifier matched with the destination MAC address from a local MAC address table;
according to the identifier of the two-layer virtual Ethernet, acquiring a tunnel port identifier matched with the identifier of the two-layer virtual Ethernet from a local interface mapping table, wherein the tunnel port indicated by the tunnel port identifier supports an EoGRE mode;
performing tunnel encapsulation processing on the original data message to obtain a first data message, wherein the first data message comprises an outer IP head, and the outer IP head comprises a destination IP address;
according to the destination IP address, a first interface matched with the destination IP address is obtained in a local routing table, and the first interface is a physical port corresponding to the tunnel port;
and sending the first data message to the second network equipment by using the EoGRE tunnel through the first interface.
5. The method of claim 1, further comprising:
receiving a second data message sent by the second network device, wherein the second data message comprises an outer layer IP header, and the outer layer IP header comprises a destination IP address;
when the destination IP address is the local IP address of the first network equipment, decapsulating the second data message to obtain an original data message, wherein the original data message comprises a destination MAC address;
according to the target MAC address, an output interface matched with the target MAC address is obtained from a local MAC address table;
and forwarding the original data message to the user terminal through the output interface.
6. An apparatus for implementing two-layer packet cross-three-layer transmission, wherein the apparatus is applied to a first network device, and the first network device interacts a data packet with a second network device through an established EoGRE tunnel, and the apparatus comprises:
a sending unit, configured to send a first ICMP request packet to the second network device through the EoGRE tunnel;
a setting unit, configured to determine that the EoGRE tunnel is unreachable and set a state of the EoGRE tunnel to a down state when the first ICMP response packet sent by the second network device is not received within a preset time;
an obtaining unit, configured to obtain a VLAN identifier to which a layer two virtual ethernet port mapped in the first network device by the EoGRE tunnel belongs;
the sending unit is further configured to send a first notification message to the user terminal in the VLAN indicated by the VLAN identifier according to the VLAN identifier, so that the user terminal does not select the first network device as an access device accessing the network according to the first notification message.
7. The apparatus of claim 6, wherein the setting unit is further configured to determine that the EoGRE tunnel is reachable when receiving a first ICMP response packet sent by the second network device within a preset time, and set the status of the EoGRE tunnel to up status.
8. The apparatus of claim 6, wherein the sending unit is further configured to send a second ICMP request message to the second network device through the EoGRE tunnel;
the setting unit is further configured to determine that the EoGRE tunnel is reachable when receiving a second ICMP response packet sent by the second network device within a preset time, and set the state of the EoGRE tunnel to an up state;
the sending unit is further configured to send a second notification message to the user terminal in the VLAN indicated by the VLAN identifier according to the VLAN identifier, so that the user terminal selects the first network device as an access device accessing the network according to the second notification message.
9. The apparatus of claim 6, further comprising:
a receiving unit, configured to receive an original data packet sent by a user terminal, where the original data packet includes a destination MAC address;
the obtaining unit is further configured to obtain, according to the destination MAC address, a two-layer virtual ethernet port identifier that matches the destination MAC address from a local MAC address table;
according to the identifier of the two-layer virtual Ethernet, acquiring a tunnel port identifier matched with the identifier of the two-layer virtual Ethernet from a local interface mapping table, wherein the tunnel port indicated by the tunnel port identifier supports an EoGRE mode;
the device further comprises: an encapsulating unit, configured to perform tunnel encapsulation processing on the original data packet to obtain a first data packet, where the first data packet includes an outer IP header, and the outer IP header includes a destination IP address;
the obtaining unit is further configured to obtain, according to the destination IP address, a first interface that matches the destination IP address in a local routing table, where the first interface is a physical port corresponding to the tunnel portal;
the sending unit is further configured to send the first data packet to the second network device through the first interface by using the EoGRE tunnel.
10. The apparatus according to claim 9, wherein the receiving unit is further configured to receive a second data message sent by the second network device, and the second data message includes an outer IP header, and the outer IP header includes a destination IP address;
the device further comprises: a decapsulation unit, configured to decapsulate the second data packet to obtain an original data packet when the destination IP address is a local IP address of the first network device, where the original data packet includes a destination MAC address;
the obtaining unit is further configured to obtain, according to the destination MAC address, an outgoing interface matched with the destination MAC address from a local MAC address table;
the sending unit is further configured to forward the original data packet to the user terminal through the outgoing interface.
CN202110803995.5A 2021-07-16 2021-07-16 Method and device for realizing cross-three-layer transmission of two-layer message Active CN113746715B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110803995.5A CN113746715B (en) 2021-07-16 2021-07-16 Method and device for realizing cross-three-layer transmission of two-layer message

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110803995.5A CN113746715B (en) 2021-07-16 2021-07-16 Method and device for realizing cross-three-layer transmission of two-layer message

Publications (2)

Publication Number Publication Date
CN113746715A CN113746715A (en) 2021-12-03
CN113746715B true CN113746715B (en) 2023-03-31

Family

ID=78728662

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110803995.5A Active CN113746715B (en) 2021-07-16 2021-07-16 Method and device for realizing cross-three-layer transmission of two-layer message

Country Status (1)

Country Link
CN (1) CN113746715B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117478763B (en) * 2023-12-28 2024-04-05 广州通则康威科技股份有限公司 ICMP agent UDP data transmission method, system and device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013139159A1 (en) * 2012-03-22 2013-09-26 华为技术有限公司 Method for forwarding packet in network and provider edge device
CN105591982A (en) * 2015-07-24 2016-05-18 杭州华三通信技术有限公司 Message transmission method and device
CN112583690A (en) * 2019-09-27 2021-03-30 华为技术有限公司 Tunnel configuration method, device, system, equipment and storage medium

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040160895A1 (en) * 2003-02-14 2004-08-19 At&T Corp. Failure notification method and system in an ethernet domain
US8964698B2 (en) * 2012-04-09 2015-02-24 Telefonaktiebolaget L M Ericsson (Publ) Link failure detection and interworking system relocation in circuit switched fallback
CN105490884B (en) * 2015-12-14 2019-04-02 迈普通信技术股份有限公司 A kind of VXLAN tunnel detection method and device
WO2018109536A1 (en) * 2016-12-17 2018-06-21 Telefonaktiebolaget Lm Ericsson (Publ) Method and apparatus for monitoring virtual extensible local area network (vxlan) tunnel with border gateway protocol (bgp)-ethernet virtual private network (evpn) infrastructure
CN108259301B (en) * 2017-08-16 2020-09-25 新华三技术有限公司 Tunnel online method and device
US10382319B2 (en) * 2017-10-30 2019-08-13 Dell Products Lp Multiple VXLAN tunnel reachability
US10383037B1 (en) * 2018-04-27 2019-08-13 Hewlett Packard Enterprise Development Lp Transmitting traffic from bluetooth low energy clients associated with different universally unique identifiers
CN110875855A (en) * 2018-08-30 2020-03-10 北京华为数字技术有限公司 Method for detecting network link state and network equipment

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013139159A1 (en) * 2012-03-22 2013-09-26 华为技术有限公司 Method for forwarding packet in network and provider edge device
CN105591982A (en) * 2015-07-24 2016-05-18 杭州华三通信技术有限公司 Message transmission method and device
CN112583690A (en) * 2019-09-27 2021-03-30 华为技术有限公司 Tunnel configuration method, device, system, equipment and storage medium

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
VXLAN技术在数据中心的应用;刘圣;《金融科技时代》;20181110(第11期);全文 *
基于VXLAN的云计算下船舶数据中心建设的探究;姚金玲等;《网络安全技术与应用》;20200715(第07期);全文 *

Also Published As

Publication number Publication date
CN113746715A (en) 2021-12-03

Similar Documents

Publication Publication Date Title
US10764086B2 (en) Packet processing method, related apparatus, and NVO3 network system
US10050877B2 (en) Packet forwarding method and apparatus
EP3544240B1 (en) Data processing
US9832165B2 (en) Using a virtual internet protocol address to represent dually connected hosts in an internet protocol overlay network
AU2013303200B2 (en) Method and system for virtual and physical network integration
EP2891277B1 (en) Overlay virtual gateway for overlay networks
EP2966815A1 (en) Packet forwarding method and vxlan gateway
EP3331205B1 (en) Data packet transmission method utilized in ipv6 network and device utilizing same
CN104935516A (en) Communication system based on software defined network and communication method
CN107770072B (en) Method and equipment for sending and receiving message
CN106330605B (en) Message processing method and device
WO2022042503A1 (en) Message transmission method, apparatus, and system
WO2020107871A1 (en) Working mode selection method, customer premise equipment and storage medium
CN106878259B (en) Message forwarding method and device
EP4057576A1 (en) Packet encapsulating method and apparatus, and packet decapsulating method and apparatus
JP6629681B2 (en) Switch device and relay system
CN113746715B (en) Method and device for realizing cross-three-layer transmission of two-layer message
CN109246016B (en) Cross-VXLAN message processing method and device
US9893907B2 (en) Managing multiple virtual area network memberships
JP7348403B2 (en) Method for sending reply packets, method for sending route advertisement messages, network device, and computer program
CN113923076A (en) SD-WAN-based Ethernet two-layer data exchange method
CN105939296A (en) Method and device for processing message
CN109120526A (en) The method and the network equipment of point-to-point transmitting message
CN107547691B (en) Address resolution protocol message proxy method and device
CN110768905A (en) Route tracking method and equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant