Connect public, paid and private patent data with Google Patents Public Datasets

Method for realizing address synchronization in independant virtual LAN learning mode

Info

Publication number
CN100334849C
CN100334849C CN 03144082 CN03144082A CN100334849C CN 100334849 C CN100334849 C CN 100334849C CN 03144082 CN03144082 CN 03144082 CN 03144082 A CN03144082 A CN 03144082A CN 100334849 C CN100334849 C CN 100334849C
Authority
CN
Grant status
Grant
Patent type
Prior art keywords
lan
realizing
address
mode
synchronization
Prior art date
Application number
CN 03144082
Other languages
Chinese (zh)
Other versions
CN1581819A (en )
Inventor
晋兆琼
刘建锋
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Grant date

Links

Abstract

本发明涉及一种独立VLAN学习方式下实现地址同步的方法。 The present invention relates to a method of synchronizing a VLAN implement address learning independently lower. 该方法包括:当增加或删除独立VLAN(虚拟局域网)中接入地址时,同时在接入地址默认的VLAN的地址表,以及共享该接入地址的VLAN的地址表中进行该接入地址的增加或删除操作。 The method comprising: independently when adding or deleting a VLAN (Virtual Local Area Network) access in the address, and the address for the access address in the access address of the default VLAN table, a VLAN table and the address of the shared access in the address add or delete operations. 本发明的实现避免了在网络中出现大量的广播报文,节省了有限的通信网络资源,从而使通信网络可以为用户提供更大的带宽资源;同时,本发明的实现还提高了网络通信的安全性能。 Implementation of the invention avoids a large number of broadcast packets in the network, saving the limited resources of the communication network, so that the communication network may provide greater bandwidth for the user; the same time, implementation of the present invention also improves the communication network safety performance. 另外,本发明的实现还大大提高了IVL方式下查找MAC地址表的效率,从而提高了通信网络转发报文的性能。 Further, the present invention also achieved significantly improved in the MAC address table lookup mode IVL efficiency, thereby improving the communication network, packet forwarding performance.

Description

独立虚拟局域网学习方式下实现地址同步的方法 Address synchronization method achieved under separate virtual local area network learning

技术领域 FIELD

本发明涉及网络通信技术领域,尤其涉及一种独立VLAN(虚拟局域网)学习方式下实现地址同步的方法。 The present invention relates to network communication technologies, and in particular to realize the synchronization method of the address, to a separate VLAN (Virtual Local Area Network) learning.

背景技术 Background technique

在网络通信中,为了便于通信网络的管理,保证网络通信的安全,通常需要对于以太网交换机等网络接入设备的应用进行隔离,所采用的方法是为每个需要隔离的网络接入设备分配一个VLAN ID(虚拟局域网标识),本VLAN内的用户与外界的通信均需要通过该网络接入设备实现。 In network communication, in order to manage the communication network, to ensure the security of communication networks, generally need to be isolated for use Ethernet switches and other network access device, the method used is assigned to each network access device need to be isolated a VLAN ID (VID), the user within the outside world according to the VLAN communication network access device are achieved need. 但是,随着网络通信的日益发展,网络组网的日益庞大,组网所需要的VLAN ID也越来越多,而可以分配的VLAN ID资源又是有限的,因此当网络规模较大时,可以提供的VLAN ID数目将无法满足组网的需要。 However, with the increasing development of network communications, networking is an increasingly large network VLAN ID required more and more, and VLAN ID resources that can be allocated is limited, so when a large-scale network, the VLAN ID number that can be provided will be unable to meet the networking requirements.

为了解决上述问题,在通信网络中引入了Private VLAN(PVLAN,私有虚拟局域网)技术,该技术是目前应用的一种具有二层隔离功能的VLAN管理方法,该方法提供了一种在较低层次(二层)可以聚合VLAN的手段,在PVLAN中包括:一个primary VLAN(上层VLAN)和一个或多个secondary VLAN(二层VLAN)。 In order to solve the above problem, introduced in the communication network of the Private VLAN (PVLAN, private virtual local area network) technology, which is VLAN management method with two-story isolation of the current application, which provides a lower level (Layer) means VLAN can be polymerized in the PVLAN comprising: a Primary VLAN (VLAN upper layer) and one or more Secondary VLAN (VLAN Layer).

如图1所示,二层交换机Quidway S2403和Quidway S3026分别通过上行端口5、6连接至三层交换机Quidway S3526的端口7、8;在QuidwayS3526上,认为Quidway S2403接入的所有用户都在VLAN 5中,而Quidway S3026接入的所有用户都在VLAN 6中;这样,在QuidwayS3526上,只需要为VLAN 5和VLAN 6配置相应的IP(互联网协议)网段即可。 1, the switcher Quidway Quidway S3026 and S2403, respectively connected to the three switches through the uplink port Quidway 5,6 7,8 S3526 of ports; on QuidwayS3526, Quidway S2403, all users that have access to the VLAN 5 , and all users have access Quidway S3026 in the VLAN 6; Thus, in QuidwayS3526, only the VLAN to VLAN 5 and 6 configure the IP (Internet protocol) network to. 所述的VLAN 5和VLAN 6分别是标识两台二层交换机QuidwayS2403和Quidway S3026的Primary VLAN;而VLAN 1和VLAN 2是VLAN5的Secondary VLAN,VLAN 3和VLAN 4是VLAN 6的Secondary VLAN,每个端口的用户都被Secondary VLAN在二层隔离,三层报文的互通需要通过上接的三层交换机Quidway S3526来转发。 Said VLAN 5, and VLAN 6 are two identification switcher QuidwayS2403 Quidway S3026 and the Primary VLAN; VLAN 1 and VLAN 2 and is VLAN5 of Secondary VLAN, VLAN 3 and VLAN 4 VLAN Secondary VLAN 6 are each port users are Secondary VLAN isolation at Layer 3 packets need to be forwarded by the exchange on the next three switches Quidway S3526.

由上述描述可以看出,PVLAN的实质是通过划分多个VLAN,VLAN之间相互配合的方法来实现的。 As it can be seen from the above description, the essence PVLAN by dividing a plurality of VLAN, the VLAN method between cooperating achieved. 其中,secondary VLAN主要实现上行的功能,每个secondary VLAN都包含了至少一个用户接入端口和一个上行端口,保证用户的报文能够上行,同时上行报文不能到达别的用户。 Wherein, the main secondary VLAN to realize the function of the uplink, each secondary VLAN contains at least one of a user access port and the upstream port, packets can ensure that the user uplink, while an uplink packet can not reach other users. primary VLAN则主要实现了下行的功能,primary VLAN要包括PVLAN内的所有端口,每个从上行端口下来的报文进入交换机以后,都被当做是primary VLAN内的报文来处理,因此下行报文可以到达VLAN内的任意一个用户。 primary VLAN downlink achieved mainly functions, primary VLAN to include all the Application of PVLAN ports, each port after down from the upstream packet enters the switch, are as a packet processed in a primary VLAN, so the downlink packet you can reach any user in the VLAN. 即用户的数据在secondary VLAN内上行,又通过primaryVLAN下行。 I.e., the user data in the secondary VLAN uplink, downlink primaryVLAN passed. 因此,PVLAN的建立既实现了在二层隔离用户的目的,又节约了三层交换机上的VLAN ID资源,同时还节约了IP网段。 Therefore, PVLAN established not only to achieve the purpose of the second floor to isolate users, but also saves VLAN ID resources on the three switches, but also saves the IP network segment.

基于上述PVLAN的组网形式,目前交换机等网络接入设备采用的地址组织模式通过包括以下两种:IVL(independent VLAN learning,独立VLAN学习)方式和SVL(shared VLAN learning,共享式VLAN学习)方式;所述的IVL方式为每个VLAN内部都有自己的MAC地址表,相同的MAC地址可以学习到不同的VLAN中去,所述的SVL方式所有VLAN共享MAC地址表,表项中不会存在多个相同的MAC地址。 Based on the above network forms PVLAN, address switches and other organizational models currently used by the network access device includes the following two: IVL (independent VLAN learning, learning separate VLAN) mode and SVL (shared VLAN learning, learning shared VLAN) mode ; IVL according to each way has its own internal VLAN MAC address table, the same MAC address may be learned to a different VLAN, the VLAN SVL manner all share MAC address table entry does not exist a plurality of the same MAC address.

SVL工作方式下的交换机由于所有的VLAN可以共享一个MAC地址表,因此占用的资源比较少;另外查地址表的时候不管VLAN信息,只要根据MAC地址查找到对应的端口信息即可。 SVL switches in the VLAN mode of operation since all can share a MAC address table, thus occupying less resources; further check the address table regardless of VLAN information when, just find the MAC address corresponding to the port information. 但是SVL方式也有一个难以克服的缺点:在组播方式下,相同目的的转发表项在不同VLAN的转发目的端口是不同的,所以限制了组播方式的应用。 But there is a drawback SVL way too difficult to overcome: in multicast mode, turn out the same purposes of entry in the forwarding destination port different VLAN is different, so limit the application of multicast mode. 而IVL方式虽然资源占用较多,但由于每个VLAN都有自己单独的转发表,所以对组播的支持是没有问题的,这就使得IVL方式的工作模式有了较多的应用。 The IVL approach, while more resources occupied, but because each has its own separate VLAN forwarding, so support for multicast is not a problem, which makes the operating mode IVL way with more applications.

在IVL方式下,使用MAC地址和VLAN ID为索引来查找某个转发表项,比如要在VLAN1中查找MAC1,而MAC1存在于VLAN2中,不存在于VLAN1中,此时的查表结果是未能命中,因此IVL方式的查表效率相对SVL方式来说要低很多。 In IVL mode, using the MAC address and VLAN ID for the index to find a forwarding entry, such as to find MAC1 in VLAN1, whereas MAC1 exist in VLAN2, does not exist in VLAN1, in which case the result is not the look-up table to hit, so the look-up table is relatively efficient way IVL SVL way is much lower.

而且,当使用IVL方式来实现PVLAN时,假设用户B的地址是从VLAN2上来,属于VLAN2,用户A的地址是从VLAN1进入的,属于VLAN1。 Further, when implemented using PVLAN IVL embodiment, it is assumed that the address of the user B from VLAN2 up, VLAN2 belongs, from the address of the user A enters the VLAN1, are VLAN1. 用户A和B通信就会出现一个问题,由A到B和由B到A的报文在交换机中是当做广播来处理的,如果在VLAN2内还有别的用户,那么由B到A的报文会被另外一个用户收到,从B到A的报文更是会被所有的接入用户接受到。 Communications users A and B will be a problem, from A to B and from B to A in the packet switch as a broadcast is handled, in VLAN2 if there are other users, the message from B to A Also described is a user receives, from B to a packet is received will be access to all users. 因此,这种IVL方式的应用产生两个问题:一个是网络设备的带宽浪费的问题,所有的报文都是在作广播,没有利用交换机的优势;第二个是网络安全的问题,一个用户的报文可以被其它用户收到,安全上无法得到保证。 Therefore, the application of this approach IVL two problems: one is the waste of bandwidth of network equipment problems, all packets are in for broadcasting, not to take advantage of the switch; the second is the network security problem, a user the message can be received by other users, security can not be guaranteed.

发明内容 SUMMARY

本发明的目的是提供一种独立VLAN学习方式下实现地址同步的方法,从而提高IVL方式下查找地址表的效率,防止网络中产生大量的广播报文,同时还可以提高了网络通信的安全性能。 Object of the present invention is a method for synchronizing the address VLAN implementation provides an independent learning, the address lookup table to improve the efficiency IVL mode, to prevent a large amount of network broadcast packets, but also can improve the safety performance of the communications network .

本发明的目的是这样实现的:一种独立VLAN学习方式下实现地址同步的方法,包括:增加独立VLAN(虚拟局域网)中接入地址的地址同步处理过程:将接入地址添加至其接入端口默认的VLAN中,同时将所述的接入地址添加至共享该接入地址的VLAN中,并将为该地址设置的地址标志位置位,表示该接入地址接入的端口默认的VLAN不是共享该接入地址的VLAN;删除独立VLAN中接入地址的地址同步处理过程:将接入地址从其接入端口默认的VLAN(虚拟局域网)的网络接入设备中删除,同时将该接入地址从共享该接入地址的VLAN中删除。 Object of the present invention is implemented as follows: a method to achieve synchronization of the address of an independent VLAN learning, comprising: add a separate VLAN (Virtual Local Area Network) access address in the address synchronization process: adding access to its access address default VLAN ports while adding access to the shared address of the access address in the VLAN, and a port on the default VLAN is not the access address of the access address for the address flag is set the shared access VLAN address; delete access independence address VLAN address synchronization process: the access port access address deleted from the default VLAN (virtual Local Area network) network access device while the access address deleted from the shared access address VLAN.

所述的接入地址为MAC(介质访问控制)地址,且所述的MAC地址以MAC地址表的形式存放于网络接入设备中。 The access address is a MAC (Media Access Control) address, and the MAC address stored in the network access device in the form of the MAC address table.

所述的增加独立VLAN中接入地址的地址同步处理过程还包括:将加入共享该接入地址的VLAN中的接入地址的老化时间设置为不老化。 The increase in independent VLAN access addresses for address synchronization process further comprises: sharing the added VLAN aging time of the access address in the access address is set to non-aging.

本发明中,当加入接入端口默认VLAN中的接入地址的老化时间设置为不老化时,所述的删除独立VLAN中接入地址的地址同步处理过程由用户通过命令行执行。 In the present invention, when the access address of the default VLAN ports are added to the access time of the aging aging, the deletion of the address of the access independent VLAN address synchronization process performed by the user through the command line.

所述的独立VLAN学习方式下实现地址同步的方法,还包括:加入接入端口默认VLAN中的接入地址的老化时间设置为可老化时,所述的删除独立VLAN中接入地址的地址同步处理过程由该接入地址的老化定时器触发执行或由用户通过命令行执行。 A method to achieve synchronization of the address in the independent VLAN learning, further comprising: adding access port default VLAN aging time in the access address is set to be aged, delete the address of the access address in VLAN independent synchronization trigger processing is performed by the access address aging timer or by the user through command line execution.

所述的将该接入地址从共享该接入地址的VLAN中删除进一步包括:确定共享该接入地址的VLAN;从所述确定共享该接入地址的VLAN的地址表中查找该接入地址;根据该接入地址的地址标志位判断是否为共享的接入地址,如果是,则删除该接入地址,否则,不作处理。 The access of the address from the shared address VLAN access further comprises: determining that access shared VLAN address; shared access the address from the address table to determine the VLAN find the access address ; address flag to determine whether the access address for shared access address, and if so, according to the access address to delete, otherwise, not be processed.

所述的独立VLAN包括:PVLAN(私有虚拟局域网)中的Primary VLAN(上层VLAN)和Secondary VLAN(二层VLAN)。 The Independent VLAN include: PVLAN (Private Virtual Local Area Network) in the Primary VLAN (VLAN upper) and Secondary VLAN (Layer VLAN).

该方法还包括PVLAN建立时的地址同步过程:遍历Primary VLAN中的MAC地址表,并将其中老化时间为可老化的MAC地址删除,将不可老化的MAC地址添加到Secondary VLAN的MAC地址表中,老化时间仍设置为不老化,同时将其地址标志位置位;遍历Secondary VLAN的MAC地址表,将其中老化时间为可老化的MAC地址删除,将老化时间为不可老化且地址标志位未置位的MAC地址添加到PrimaryVLAN的MAC地址表中,同时将其地址标志位置位。 The method further includes the address of the synchronization procedure when establishing PVLAN: traversing the MAC address table in Primary VLAN, and wherein the aging time of MAC address aging may be deleted, added to the non-aging Secondary VLAN MAC address of the MAC address table, the aging time is still set to aging, while its address flag bit; traversing the MAC address table Secondary VLAN, and in which the aging time to delete the MAC addresses of aging, the aging time is not the aging and the address flag is not set in PrimaryVLAN MAC address to the MAC address table, and its address bit flag.

所述的增加独立VLAN(虚拟局域网)中接入地址的地址同步处理过程包括: The increase in independent VLAN (Virtual Local Area Network) access addresses for address synchronization process includes:

确定需要增加的MAC地址默认的VLAN是Primary VLAN或SecondaryVLAN,并获取所述需要增加的MAC地址默认的VLAN对应的Secondary VLAN或Primary VLAN;判断对应的Secondary VLAN或Primary VLAN中是否存在需要增加的MAC地址;如果不存在,则在所述Secondary VLAN或Primary VLAN中添加该需要增加的MAC地址,且将地址标志位置位;如果存在,则判断存在的该需要增加的MAC地址的老化时间是否为不老化;如果为不老化,则进一步判断对应的VLAN是Secondary VLAN还是Primary VLAN;如果对应的VLAN是Secondary VLAN,则继续判断其他与该Secondary VLAN所属的Primary VLAN对应的Secondary VLAN中是否存在需要增加的MAC地址,若不存在,则在所述其他与该Secondary VLAN所属的Primary VLAN对应的Secondary VLAN中添加该需要增加的MAC地址,若存在且为可老化,则删除在其他与该Secondary VLAN所属的Primary VLAN对应的Secondary VLAN中存在的MAC地 Determining the need to increase the MAC address is the default VLAN Primary VLAN or SecondaryVLAN, and acquiring the MAC address is necessary to increase the default VLAN or Secondary VLAN corresponding Primary VLAN; determining whether there is a need to increase the Secondary VLAN corresponding to the Primary VLAN or MAC address; if not, then add the MAC address needs to be increased in the Primary VLAN or Secondary VLAN, the address and the flag bit; aging time if the MAC address needs to be increased, if present, is determined not to exist aging; if no aging, it is further determined the corresponding VLAN is Secondary VLAN or Primary VLAN; if the corresponding VLAN is Secondary VLAN, then continues to determine other Primary VLAN belonging to the Secondary VLAN Secondary VLAN corresponding to whether there is need to increase MAC address, if not, then add the MAC address needs to be increased in the other Secondary VLAN Primary VLAN belongs to the corresponding Secondary VLAN, and if there is to be aged, then deleting the relevant other of the Secondary VLAN Primary VLAN Secondary VLAN corresponding to the presence of the MAC ,并在其他与该Secondary VLAN所属的Primary VLAN对应的Secondary VLAN中添加该需要增加的MAC地址,若存在且为不老化,则不做处理,直到与本Primary VLAN对应的所有Secondary VLAN均被执行完毕;如果对应的VLAN是Primary VLAN,则过程结束;如果是可老化,则删除在所述Secondary VLAN或Primary VLAN中存在的MAC地址,并在所述Secondary VLAN或Primary VLAN中添加该需要增加的MAC地址,且将该MAC地址标志位置位。 And add the MAC address needs to be increased in other Secondary VLAN Primary VLAN belongs to the corresponding Secondary VLAN, and if there is not worn, the process is not, until all Secondary VLAN Primary VLAN corresponding to this are performed complete; if the corresponding VLAN is the Primary VLAN, the process ends; if the aging is, MAC address is present in the Primary VLAN or Secondary VLAN is deleted, and in the need to add the Secondary VLAN or increased Primary VLAN MAC address, the MAC address and flag bits.

所述的删除独立VLAN中接入地址的地址同步处理过程包括:确定需要删除的MAC地址默认的VLAN是Primary VLAN或SecondaryVLAN,并获取所述需要删除的MAC地址默认的VLAN对应的Secondary VLAN或Primary VLAN;判断对应的Secondary VLAN或Primary VLAN中是否存在需要删除的MAC地址;如果存在,则获取该MAC地址的地址标志位和老化时间,如果老化时间是不可老化,且地址标志位置位,则删除对应的Secondary VLAN或PrimaryVLAN中存在的需要删除的MAC地址,否则,按不存在该MAC地址处理;如果不存在,则进一步判断对应的VLAN是Secondary VLAN还是PrimaryVLAN;如果对应的VLAN是Secondary VLAN,则继续判断其他与该Secondary VLAN所属的Primary VLAN对应的Secondary VLAN中是否存在需要删除的MAC地址,若存在,则删除该需要删除的MAC地址,直到与本Primary VLAN对应的所有Secondary VLAN均被执行完毕;如果对应的VLAN是Primary Remove the VLAN according to the independent access addresses for address synchronization process comprising: determining the need to delete the MAC address of the default VLAN is the VLAN Primary or SecondaryVLAN, and acquiring the MAC address to be deleted default VLAN. Primary or Secondary VLAN the VLAN; Analyzing Secondary VLAN corresponding or whether there is a MAC address to be deleted Primary VLAN; if present, is acquired address flag and the aging time of the MAC address, if the aging time is not aging, and the address flag is set, then the deleted Secondary VLAN corresponding or PrimaryVLAN present in the MAC address to be deleted, or, by not the MAC address processing exists; if not, it is further determined the corresponding VLAN is Secondary VLAN or PrimaryVLAN; if the corresponding VLAN is the Secondary VLAN, the continues to determine whether there is a MAC address to be deleted Secondary VLAN Primary VLAN other belongs to the corresponding Secondary VLAN, if present, the MAC address to be deleted is deleted until all the Primary VLAN Secondary VLAN corresponding to this are finished ; if the corresponding VLAN is Primary VLAN,则过程结束。 VLAN, then the process ends.

该方法还包括解除PVLAN中Primary VLAN与Secondary VLAN对应关系时,地址标志位置位的MAC地址的删除过程:获取需要解除PVLAN中Primary VLAN与Secondary VLAN对应关系的Primary VLAN及其对应的所有Secondary VLAN;遍历Primary VLAN及其对应的所有Secondary VLAN的MAC地址表,将老化时间为不可老化,且地址标志位置位的MAC地址从MAC地址表中删除。 The method further includes releasing the PVLAN Primary VLAN correspondence relation when the Secondary VLAN, MAC address, the address of the delete flag bit: access to the need to lift the PVLAN Primary VLAN and Secondary VLAN Primary VLAN correspondence relationship and all corresponding Secondary VLAN; Primary VLAN and traversing all the MAC address corresponding to the Secondary VLAN, the aging time is not aged, and the address flag bit MAC address from the MAC address table.

所述的独立VLAN学习方式下实现地址同步的方法,还包括: Address of the synchronization method implemented in the independent VLAN learning, further comprising:

所述的增加独立VLAN中接入地址的地址同步处理过程,是在增加接入地址的同时进行;所述的删除独立VLAN中接入地址的地址同步处理过程是在删除接入地址的同时进行。 The increase in the access independent address VLAN address synchronous processing is carried out while increasing the access address; deleting the address in the access address VLAN separate synchronization process is carried out at the same time deleting the access address .

所述的增加独立VLAN中接入地址的地址同步处理过程和删除独立VLAN中接入地址的地址同步处理过程为周期进行,即周期性的确定PVLAN的Primary VLAN和Secondary VLAN中增加或删除的接入地址,并在Primary VLAN与Secondary VLAN间进行接入地址的同步处理。 The increase in the VLAN independent access addresses for address synchronization process in the access independent address and remove the VLAN address of the synchronization process cycle, i.e. to add or remove a VLAN PVLAN periodically determining the access Secondary and Primary VLAN the address and the access address sync between the Primary VLAN and Secondary VLAN.

由上述技术方案可以看出,本发明的实现保证了独立VLAN学习方式下地址表中记录的地址的同步性,即实现了在PVLAN中各个VLAN间MAC地址表的同步,避免了在网络中出现大量的广播报文,节省了有限的通信网络资源,从而使通信网络可以为用户提供更大的带宽资源;同时,本发明的实现还提高了网络通信的安全性能。 As can be seen from the above technical solutions, the implementation of the present invention ensures the synchronization of separate VLAN address table addresses recorded in learning mode, i.e. realized in the PVLAN table between each VLAN MAC address synchronization to avoid the occurrence of the network a large number of broadcast packets, saving the limited resources of the communication network, so that the communication network may provide greater bandwidth for the user; the same time, implementation of the present invention also improves the security of network communications. 另外,本发明的实现还大大提高了IVL方式下查找MAC地址表的效率,从而提高了通信网络转发报文的性能。 Further, the present invention also achieved significantly improved in the MAC address table lookup mode IVL efficiency, thereby improving the communication network, packet forwarding performance.

附图说明 BRIEF DESCRIPTION

图1为PVLAN的组网结构示意图;图2为PVLAN中VLAN的管理示意图;图3为本发明建立PVLAN时的MAC地址同步操作过程;图4为本发明中增加MAC地址的同步操作过程;图5为本发明中删除MAC地址的同步操作过程; FIG 1 is a schematic diagram of network structure PVLAN; FIG. 2 is a schematic view of the management of the VLAN PVLAN; synchronization process MAC address when establishing the present invention. FIG. 3 PVLAN; FIG. 4 of the present invention is added during a synchronization operation MAC address; FIG. 5 of the present invention to delete the MAC address of the synchronization process;

图6为本发明中解除或改变PVLAN时的操作过程。 6 during operation of the present invention, release or change PVLAN.

具体实施方式 detailed description

本发明的内容前面已有叙述,现以PVLAN为例对本发明的具体实施方式作进一步说明。 Foregoing the present invention has been described, is an example PVLAN to specific embodiments of the present invention will be further described. 在IVL(独立VLAN学习)模式下,PVAN的SecondaryVLAN中的主机与Primary VLAN中的服务器之间由于MAC地址的不共享,所以只能通过广播的方式实现相互间的信息交换,网络中大量的广播报文必然影响网络的性能显然。 In the IVL (Independent VLAN Learning) mode, PVAN between the host and the SecondaryVLAN Primary VLAN servers since the MAC address is not shared, so that only the information exchange between each other by way of broadcasting, a broadcasting network, a large number of the message will inevitably affect the performance of the network is clear. 为此,本发明需要解决的问题是在IVL模式下实现Secondary VLAN与Primary VLAN之间MAC地址的共享,即保证同一个MAC地址同时在Secondary VLAN和Primary VLAN中存在,也就是说一个用户的MAC地址在添加到所在端口默认VLAN中的同时必须添加到需要共享该MAC地址的其他VLAN中,我们可以将其他VLAN中存在的该MAC地址称为“影子地址”,以方便下面的叙述。 To this end, the present invention needs to solve the problem is shared between the MAC address and the Primary VLAN Secondary VLAN in IVL mode, i.e., to ensure that the same MAC address simultaneously present in the Primary VLAN and Secondary VLAN, that is a user's MAC address where the port is added to the default VLAN at the same time must be added to other VLAN need to share the MAC address, we can be present in the other VLAN MAC address is called "shadow address" to facilitate the following description. 如图2所示,对于局域网交换机LanSwitch的下行端口,1个MAC地址有1个影子地址;对于交换机LanSwitch的上行端口,1个MAC地址有n个影子地址,其中n为PrimaryVLAN包含的Secondary VLAN的个数,本发明就是要使在IVL下的PVLAN中各个VLAN的MAC地址表实现同步,即所述的MAC地址与其影子地址在各VLAN中同时增加或删除。 As shown, for LanSwitch downlink port LAN switch, a MAC address of a shadow has two addresses; LanSwitch to switch upstream port, a MAC address has n addresses shadow, Secondary VLAN where n is included PrimaryVLAN number, the present invention is to make synchronized, i.e. the MAC address of shadows simultaneously add or delete addresses in the MAC address table VLAN in VLAN PVLAN respective under IVL.

对MAC地址表中MAC地址的操作可以分为两类:静态配置和动态维护。 Operation on the MAC address of the MAC address table may be divided into two categories: static and dynamic configuration maintenance. 静态配置是用户自动对MAC地址表进行添加、删除和修改的操作。 Static configuration is automatically user MAC address table to add, delete, and modify operations. 动态维护则是交换机根据端口状态和接收到报文的情况自动进行地址学习、老化和删除的操作。 Maintenance is a dynamic address learning switches according to port status and message is received automatically, aging, and delete operations. MAC地址表中的MAC地址根据老化时间还可以分为两大类:可老化的和不可老化的。 MAC addresses in the table according to the aging time can also be divided into two categories: non-aged and aged. 对于不可老化的地址,通常是通过用户配置来维护的;可老化的地址则既可以由用户配置也可以动态维护,如果这个地址在设定的时间间隔里一直没有发送报文就会被交换机自动删除掉。 Aging for the address is not usually maintained by the user configuration; aging may be either the address may be dynamically maintained by the user configuration, if this address has not been transmitted packets in the time interval will be set to automatically switch deleted.

参照上述现有交换机中MAC地表的维护方式,本发明考虑从不可老化的MAC地址的同步处理和可老化的MAC地址的同步处理两个方面解决IVL方式下PVLAN中的地址同步问题。 Referring to the existing exchange in a manner to maintain the surface of the MAC, the present invention contemplates to solve the PVLAN IVL address synchronization mode sync from sync MAC address and MAC address aging can not aged two aspects. 其中不可老化的MAC地址的添加和删除都是由用户配置触发的,所以对于不可老化的MAC地址只要在用户操作的时间点上进行各VLAN的MAC地址表同步维护就可以了。 Add and delete the MAC address aging is not triggered by the user configuration, the non-aged for as long as the MAC address of each VLAN MAC address table at the time point of the user's operation of the synchronization can be maintained. 如图2中的用户B,可以通过用户配置将它的MAC地址添加到Primary VLAN和Secondary VLAN1中,地址状态都设为不可老化,这样在管理员删除它们之前,用户B都可以很好的开展网络业务。 User B in Figure 2 can be added by the user to configure its MAC address to the Primary VLAN and Secondary VLAN1, the address states are set to not aging, so remove them before the administrator, the user B can be well carried out network business. 即:在Primary VLAN中添加、删除地址,则在所有的Secondary VLAN中添加、删除影子地址;在Secondary VLAN中添加、删除地址,则在Primary VLAN中添加、删除影子地址。 Namely: Primary VLAN add, delete address, add in all of the Secondary VLAN and delete the shadow address; add in Secondary VLAN and delete the address, add in Primary VLAN, delete the shadow address. 同时,为了将一个VLAN中用户配置的不可老化地址与影子地址区分开来,需要给每个地址增加一个地址标志位,提高MAC地址表维护的有效性。 Meanwhile, in order not to address aging and address the shadow area in a user-configured VLAN to separately address the need to add a flag to each address, MAC address table to improve the effectiveness of maintenance. 而对于可老化MAC地址,由于受系统动态维护的影响,所以仅通过用户配置操作无法实现各VLAN的MAC地址表的同步,而需要参考不可老化的MAC地址的处理过程,将影子地址的老化时间设置为不可老化,并在添加或删除MAC地址时触发影子地址的相应处理过程。 For can be aged MAC address, due to the influence by the system dynamically maintained, can not be achieved only by the user to configure operation of the synchronization MAC address table for each VLAN, and the need to refer to the process MAC address is not aging, the aging time shadow address aging can not be set, and triggers a corresponding shadow process addresses when you add or delete MAC address.

下面结合附图本发明的具体实现过程作进一步说明: The following specific implementation process of the drawings of the present invention will be further described in conjunction with:

在PVLAN建立的时候,为提高处理效率,考虑到现有动态MAC地址可以通过报文重新学习到,所以可以先清除Primary VLAN及SecondaryVLAN中的所有可老化地址,仅保留涉其中由用户配置的不可老化地址,并进行地址同步操作;而且为避免影子地址再生成影子地址的情况,采用了首先将Primary VLAN中的不可老化的MAC地址同步到SecondaryVLAN,当Secondary VLAN中的MAC地址同步到Primary VLAN时则检查并排除MAC地址表中的影子地址,判断MAC地址是否为影子地址的依据是该MAC地址的地址标志位是否被置位,如果被置位,则确定为影子地址;现结合图3对建立PVLAN时的各VLAN的MAC地址同步过程进行详细说明:步骤301:在通信网络中根据需要建立PVLAN,确定PVLAN包含的Primary VLAN和Secondary VLAN,同时确定所述各VLAN的MAC地址表索引;步骤302:根据Primary VLAN的MAC地址表索引遍历PrimaryVLAN的MAC地址表 When PVLAN established to improve processing efficiency, taking into account the existing dynamic MAC addresses can be relearned by the message that it is possible to clear all addresses aging and SecondaryVLAN in Primary VLAN, retaining only involved which can not be configured by the user aging address, and the address synchronous operation; and in order to avoid shadow address where regenerated shadow address, using a first MAC address is not aged Primary VLAN synchronized to SecondaryVLAN, when the MAC address in Secondary VLAN synchronized to the Primary VLAN check and eliminate the shadow address in the MAC address table, based on determining whether the MAC address of the shadow address whether the address flag of the MAC address is set, if it is set, it is determined as a shadow address; is combined with FIG. 3 establishing a VLAN for each MAC address of the PVLAN synchronization process is described in detail: step 301: establishing in a communication network required PVLAN, Secondary and Primary VLAN determined VLAN PVLAN included, while the MAC address table to determine an index of a VLAN; step 302: traversing PrimaryVLAN MAC address MAC address table index of Primary VLAN ,获取MAC地址的老化状态,即老化时间;步骤303:判断MAC地址的老化时间是否为不可老化,如果是,执行步骤304,否则,执行步骤305,以清除MAC地址表中老化时间为可老化的MAC地址;步骤304:将不可老化的MAC地址添加到Primary VLAN下的所有Secondary VLAN的MAC地址表,且将地址标志位置位,表示该MAC地址为影子地址,并执行步骤306; Obtaining a MAC address aging state, i.e., aging time; Step 303: determining whether the aging time of the MAC whether the non-aging, if yes, step 304 is performed, otherwise, step 305 is executed to clear the MAC address table aging time can be aged MAC address; step 304: the MAC address aging is not added to all the MAC address under the Secondary VLAN Primary VLAN, the address and the flag bit indicates that the MAC address of the shadow address, and performs step 306;

该步骤的目的是将Primary VLAN中的不可老化的MAC地址同步到与其对应的所有Secondary VLAN中,同时为对增加和删除MAC地址的有效管理,还将同步过去的MAC地址作了标记,标记为影子地址;步骤305:删除该可老化的MAC地址,并执行步骤6,因为可老化的MAC地址可以在地址学习过程中学习到,并在学习到时执行相应的同步操作过程,所以此处将其删除;步骤306:判断Primary VLAN中的MAC地址表是否遍历完毕,如果是,则执行步骤307,否则,执行步骤302,继续遍历该MAC地址表,获取地址表中的下一个MAC地址;步骤307:从Primary VLAN下的各个Secondary VLAN中依次确定本次需要遍历的Secondary VLAN的MAC地址表;在PVLAN中一个Primary VLAN中通常包含多个Secondary VLAN,因此,首先需要确定需要遍历的一个Secondary VLAN的MAC地址表索引;步骤308:根据确定的MAC地址表索引遍历该MAC地址表,获 The purpose of this step is the MAC address aging Primary VLAN can not be synchronized to all Secondary VLAN corresponding thereto, as well as the effective management of adding and deleting MAC address, MAC address will be synchronized in the past it has been marked, labeled shadow address; step 305: delete the MAC address can be aged, and the step 6, since the MAC address aging can be learned in a learning process the address, and performs a corresponding operation of the synchronization process of the learned, so here the remove; step 306: Analyzing Primary VLAN in the MAC address table whether the traversal is complete, if yes, perform step 307, otherwise, perform step 302, continue to traverse the MAC address table, acquires the next MAC address in the address table; step 307: determining from the respective Primary VLAN secondary VLAN in the MAC address table sequentially according to the time required secondary VLAN traversal; a Primary VLAN PVLAN usually contained in a plurality of secondary VLAN, therefore, needs to traverse the first need to determine a secondary VLAN MAC address table index; step 308: according to the determined MAC address of the MAC address table index table traverse, is eligible 取MAC地址的老化时间和地址标志位;步骤309:判断MAC地址的老化时间是否为不可老化,如果是,执行步骤311,否则,执行步骤310;步骤310:删除该可老化的MAC地址,并执行步骤313;步骤311:判断该不可老化的MAC地址的地址标志位是否被置位,即是否是影子地址,如果是,执行步骤313,否则,执行步骤312;该步骤避免了影子地址再次生成新的影子地址; Aging time taken MAC address and the address flag; Step 309: Determine MAC address aging time is not aging, if yes, perform step 311, otherwise, perform step 310; step 310: removing the MAC address to age, and performing step 313; step 311: determining the MAC address of the non-aged address flag whether the location, i.e. whether it is a shadow address, if yes, perform step 313, otherwise, perform step 312; step avoids the shadow address generator again new shadow address;

步骤312:将该不可老化的MAC地址添加到Primary VLAN的MAC地址表中,且将其地址标志位置位,表示该MAC地址为影子地址;步骤313:判断是否遍历完毕该Secondary VLAN的MAC地址表,如果是,执行步骤314,否则,执行步骤308;步骤314:判断是否遍历完该Primary VLAN下所有的SecondaryVLAN的MAC地址表,如果是,PVLAN建立时的地址同步过程结束,否则继续执行步骤7。 Step 312: The MAC address is not added to the aging Primary VLAN MAC address table, the address and the flag bit which indicates that the MAC address of the shadow address; Step 313: determining whether the MAC address table traversal completion of Secondary VLAN if yes, perform step 314, otherwise, perform step 308; step 314: determining whether been traversed all SecondaryVLAN MAC address under the Primary VLAN, if so, the address synchronization process at the PVLAN establishing ends, otherwise proceed to step 7 .

建立PVLAN时的地址同步过程完成后,则需要确定建立后的PVLAN的Primary VLAN及Secondary VLAN中的MAC地址表的同步维持过程,本发明中PVLAN建立完成后,是根据用户配置和动态维护实现各个VLAN的MAC地址表的同步,而且无论是用户配置还是动态维护均为根据需要操作的地址信息实现对该地址的增加或删除,并结合PVLAN的配置情况对各个VLAN的MAC地址进行同步,需要操作的地址信息包括:所属的VLAN、MAC地址、老化时间、地址标志位、使用的端口等。 After the address of the synchronization procedure when establishing PVLAN completed, it is necessary to determine PVLAN after establishing synchronization maintenance procedure Primary VLAN and MAC address table in a Secondary VLAN after the present invention PVLAN created, to achieve each user configuration and dynamic maintenance VLAN MAC address table synchronization, and whether it is user-configured or dynamically maintains address information are implemented to be operated to add or remove the address, and the combined configuration of PVLAN MAC address of each VLAN according to the synchronization necessary to operate address information purpose: VLAN belongs, MAC address aging time, the address flag, such as the use of the port. 建立后的PVLAN的地址同步维持过程实际上包括:添加MAC地址时的同步处理过程和删除MAC地址时的同步处理过程。 PVLAN address after the establishment of the synchronization maintenance process actually consists of: the synchronization process and the synchronization process when removing the MAC address of the MAC address is added.

所述的增加MAC地址时PVLAN的地址同步过程操作参见图4,添加MAC地址可以是用户进行的地址添加操作,也可以是学习到新的MAC地址导致的地址添加操作,具体包括以下步骤: Said increasing the MAC address of the address synchronous operation PVLAN Referring to Figure 4, add the MAC address may be an address adding operation performed by the user, or may be learned MAC address of the new address result in the add operation, includes the following steps:

步骤401:确定需要添加的MAC地址信息,包括需要添加的MAC地址的默认的VLAN、MAC地址值、接入端口、地址标志位、地址的老化时间等;步骤402:根据需要添加的MAC地址的接入端口信息判断添加的MAC地址默认的VLAN是否为PVLAN中的Primary VLAN,如果是,执行步骤404,否则,执行步骤403;步骤403:根据需要添加的MAC地址的端口信息判断该MAC地址默认的VLAN是否为PVLAN中的Secondary VLAN,如果是,执行步骤410,否则,过程结束;即如果需要添加的MAC地址默认的VLAN既不是Primary VLAN也不是Secondary VLAN,则本次添加MAC地址的同步过程结束;步骤404:从该Primary VLAN对应的所有Secondary VLAN中依次确定本次需要遍历的Secondary VLAN的MAC地址表,并获取该MAC地址表的索引;步骤405:根据MAC地址索引遍历该MAC地址表中的MAC地址,并判断需要添加的MAC地址是否存在于该MAC地址表中,如果存 Step 401: determining the MAC address information need to be added, including the VLAN default, the MAC address value of the MAC address to be added, an access port, the address flag, the aging time address; Step 402: MAC address to be added to MAC address of the default VLAN access port information to determine whether to add the PVLAN Primary VLAN, if yes, perform step 404, otherwise, perform step 403; step 403: determining whether the MAC address of the default port information according to the MAC address needs to be added the VLAN whether PVLAN the secondary VLAN, if yes, perform step 410, otherwise, the process ends; that is, if the MAC address to be added default VLAN neither Primary VLAN nor secondary VLAN, then this add synchronization MAC address end; step 404: determining from all the secondary VLAN the Primary VLAN corresponding to sequentially MAC address table secondary VLAN of this need to be traversed and acquires the index of the MAC address table; step 405: the MAC address indexing through the MAC address table the MAC address, and determines whether or not to add the MAC address exists in the MAC address table, if present, 在,执行步骤406,否则,执行步骤408;步骤406:判断存在于该MAC地址表中的需要添加的MAC地址的老化时间是否为不可老化,如果是,则执行步骤409,否则,执行步骤407;步骤407:将需要添加的MAC地址从该MAC地址表中删除,并执行步骤408; In performing step 406, otherwise, perform step 408; Step 406: Analyzing present in the MAC address table of the aging time of the MAC address to be added whether or not the aging, if yes, step 409 is performed, otherwise, step 407 is executed ; step 407: the MAC address is deleted from the need to add the MAC address table, and performs step 408;

该步骤也可以直接将该MAC地址的老化时间设置为不可老化,为其设置地址标志位,并置位,执行步骤409;步骤408:将需要添加的MAC地址添加到本次遍历的SecondaryVLAN的MAC地址表中,将其老化时间设置为不可老化,地址标志位置位,表示该地址为影子地址,并执行步骤409;步骤409:判断Primary VLAN下的所有Secondary VLAN的MAC地址表是否均已遍历完毕,如果是,则结束过程,否则,继续执行步骤404;步骤410:获取该Secondary VLAN对应的Primary VLAN;步骤411:判断该Primary VLAN的MAC地址表中是否存在该需要添加的MAC地址,如果是,则执行步骤412,否则,执行步骤414;步骤412:判断该存在的MAC地址的地址老化时间是否为不可老化,如果是,结束过程,否则,执行步骤413;步骤413:删除存在于Primary VLAN的MAC地址表中的该MAC地址,执行步骤414;该步骤也可以直接将该MAC地址 This step may be directly the aging time is not set to the MAC address aging, to set the address flag, and set, step 409; Step 408: add the MAC address to be added to a MAC SecondaryVLAN in the traversal of address table, which sets the aging time is not aging, the address flag is set, indicating that the address is a shadow address, and performs step 409; step 409: determining whether all Secondary VLAN MAC address table in the traversal been completed Primary VLAN If yes, then the process ends, otherwise, proceed to step 404; step 410: obtain the Secondary VLAN corresponding to Primary VLAN; step 411: determining whether the MAC address of the need to add the presence of the Primary VLAN MAC address table, if perform step 412, otherwise, perform step 414; step 412: address MAC address determines the presence of the aging if the time is not aging, if it is, the process ends, otherwise, perform step 413; step 413: remove present in Primary VLAN the MAC address is a MAC address table, step 414; this step may be the MAC address directly 老化时间设置为不可老化,为其设置地址标志位,并置位,并结束地址同步过程;步骤414:将需要添加的MAC地址添加到Primary VLAN的MAC地址表中,将其地址老化时间设置为不可老化,地址标志位置位,表示该地址为影子地址。 Aging aging time is not set, to set the address flag, and set, the end address and the synchronization process; Step 414: add the MAC address to be added to the Primary VLAN MAC address table, which is set to address aging time not aging, addresses a flag which indicates that the address is a shadow address.

所述的删除MAC地址时PVLAN的地址同步过程操作参见图5,删除MAC地址可以是用户进行的地址删除操作,也可以是系统中老化定时器超时时地址被老化掉导致的地址删除操作,具体包括以下步骤:步骤501:确定需要删除的MAC地址信息,包括需要删除的MAC地址的默认的VLAN、MAC地址值、接入端口、地址标志位、地址的老化时间等;步骤502:判断的需要删除的MAC地址默认的VLAN是否为PVLAN中的Primary VLAN,如果是,执行步骤504,否则,执行步骤503;步骤503:判断需要删除的MAC地址默认的VLAN是否为PVLAN中的Secondary VLAN,如果是,执行步骤509,否则,过程结束;步骤504:从该Primary VLAN对应的所有Secondary VLAN中依次确定本次需要遍历的Secondary VLAN的MAC地址表,并获取该MAC地址表的索引;步骤505:根据MAC地址索引遍历该MAC地址表中的MAC地址,并判断需要删除的MAC地址是否存 Remove the MAC address when the address synchronous operation of PVLAN Referring to Figure 5, remove the MAC address may be an address delete operation performed by the user, the system may also be a timer expires when the address is aged out address results in deletion, particularly comprising the following steps: step 501: determining the MAC address information to be deleted, including the default MAC address of the VLAN to be deleted, the value of the MAC address, the access port, the address flag, the aging time address; step 502: determining the required MAC address to remove the default VLAN whether the PVLAN in the Primary VLAN, and if so, step 504 is executed, otherwise, step 503; step 503: determine the need to delete the MAC address of the default VLAN whether the PVLAN in the Secondary VLAN, if it is , step 509, otherwise, the process ends; step 504: sequentially determines the MAC address secondary VLAN of this need to be traversed from all secondary VLAN the Primary VLAN corresponding to, and to obtain the index of the MAC address table; step 505: the indexing through MAC address MAC address of the MAC address table, and determines whether the MAC address need to remove the deposit 在于该MAC地址表中,如果存在,执行步骤506,否则,执行步骤508;步骤506:判断存在于该MAC地址表中的需要删除的MAC地址是否为老化时间设置为不可老化,且地址标志位被置位(该MAC地址为影子地址),如果是,则执行步骤507,否则,执行步骤508;步骤507:将需要删除的MAC地址从该MAC地址表中删除,并执行步骤508; In that the MAC address table, if present, step 506, otherwise, perform step 508; Step 506: Analyzing present in the deleted MAC address is set to non-aging of the aging time of the MAC address table required, and the address flag it is set (the MAC address of the shadow address), if yes, perform step 507, otherwise, perform step 508; step 507: the need to remove the MAC address from the MAC address table, and performs step 508;

步骤508:判断Primary VLAN下的所有Secondary VLAN的MAC地址表是否均已遍历完毕,如果是,则结束过程,否则,继续执行步骤504;步骤509:获取该Secondary VLAN对应的Primary VLAN;步骤510:判断该Primary VLAN的MAC地址表中是否存在该需要删除的MAC地址,如果是,则执行步骤511,否则,过程结束;步骤511:判断该存在的MAC地址是否为老化时间设置为不可老化,且地址标志位被置位,如果不是,结束过程,否则,执行步骤512;步骤512:删除存在于Primary VLAN的MAC地址表中的该MAC地址,过程结束。 Step 508: determining whether all the Primary VLAN Secondary VLAN MAC address table traversal have been completed, if so, then the process ends, otherwise, proceed to Step 504; Step 509: obtain the corresponding Secondary VLAN Primary VLAN; Step 510: determining whether there is a MAC address of the need to remove the Primary VLAN MAC address table, if yes, perform step 511, otherwise, the process ends; step 511: determining whether the presence of the MAC address is set to non-aging of the aging time, and flag bit is set, and if not, the process ends, otherwise, perform step 512; step 512: remove Primary VLAN exists in the MAC address in the MAC address table, the process ends.

总之,在向PVLAN中添加MAC地址时,如果添加的MAC地址为Primary VLAN中的地址,则在其对应的每个Secondary VLAN中增加该MAC地址的影子地址;如果是Secondary VLAN中的地址,则在其对应的Primary VLAN中增加该MAC地址的影子地址;在删除PVLAN中的MAC地址时,如果删除的MAC地址为Primary VLAN中的地址,则在其对应的每个Secondary VLAN中删除该MAC地址的影子地址;如果是SecondaryVLAN中的地址,则在其对应的Primary VLAN中删除该MAC地址的影子地址。 In short, the PVLAN to add a MAC address, if the address is the MAC address added in Primary VLAN, MAC address of the shadow is increased in each address corresponding in Secondary VLAN; Secondary VLAN if the address is increasing shadow address of the MAC address in its corresponding Primary VLAN; and, if the MAC address is deleted in the Primary VLAN address, the MAC address is deleted at each Secondary VLAN corresponding MAC address is deleted at the time of PVLAN shadow address; SecondaryVLAN if the address, deleting the MAC address in its corresponding shadow Primary VLAN address.

本发明的实现还包括解除或改变PVLAN中Primary VLAN和SecondaryVLAN映射关系时,对Primary VLAN和Secondary VLAN的MAC地址表中影子地址的删除操作,具体具体实现流程参见图6,包括以下步骤: Implementation of the invention further comprises releasing or changing the PVLAN and SecondaryVLAN Primary VLAN mapping relationship, the delete operation on Primary VLAN Secondary VLAN and MAC address table in the shadow of the address, the specific implementation process specific reference to Figure 6, comprising the steps of:

步骤601:确定需要解除的PVLAN中Primary VLAN和SecondaryVLAN;步骤602:依次遍历PVLAN中各个VLAN的MAC地址表,获取各个MAC地址的老化时间和地址标志位;步骤603:判断该MAC地址是否为老化时间为不可老化,且地址标志位被置位,如果是,则执行步骤604,否则,执行步骤605;步骤604:删除该MAC地址,并执行步骤605;步骤605:判断当前遍历的MAC地址表是否遍历完毕,如果是,过程结束,否则,执行步骤606;步骤606:获取MAC地址表中的下一个MAC地址的老化时间和地址标志位,并执行步骤603。 Step 601: determining the required release PVLAN in Primary VLAN and SecondaryVLAN; Step 602: sequentially traversing the MAC address table PVLAN in each VLAN acquires the aging time of each MAC address and the address flag; Step 603: determining whether the MAC address is the aging time is non-aging, and the address flag is set, if yes, perform step 604, otherwise, perform step 605; step 604: delete the MAC address, and performs step 605; step 605: determining the MAC address table of the current traversal whether the traversal is complete, if so, the process ends, otherwise, perform step 606; step 606: acquiring the address flag and the aging time of the next MAC address in the MAC address table, and step 603 is executed.

经过上述过程的描述,实现了当解除改变PVLAN包含的VLAN时,影子地址可以被有效地清除,以便于建立新的PVLAN,开始新的地址同步过程。 After the above described process, to achieve a change when released VLAN PVLAN contained shadow address can be effectively removed, in order to establish a new Application of PVLAN, the start address of the new synchronization process.

Claims (13)

1.一种独立VLAN学习方式下实现地址同步的方法,其特征在于包括:增加独立VLAN中接入地址的地址同步处理过程:将接入地址添加至其接入端口默认的VLAN中,同时将所述的接入地址添加至共享该接入地址的VLAN中,并将为该地址设置的地址标志位置位,通过该地址标志位表示该接入地址接入的端口默认的VLAN不是共享该接入地址的VLAN;删除独立VLAN中接入地址的地址同步处理过程:将接入地址从其接入端口默认的VLAN的网络接入设备中删除,同时将该接入地址从共享该接入地址的VLAN中删除。 A method to achieve synchronization of the address An independent VLAN learning, characterized by comprising: increasing the address in the access address VLAN separate synchronization processes: adding an address to access the default VLAN access port thereof while the the access address is added to the shared access address in the VLAN, and, as the destination address of the access flag indicates that the default VLAN access port is not connected to the shared address flag for address bit set incoming VLAN address; delete the VLAN independent access addresses for address synchronization process: the access address deleted from the default VLAN access port of the network access device while the access to the access address from the shared address the VLAN is deleted.
2.根据权利要求1所述的独立VLAN学习方式下实现地址同步的方法,其特征在于所述的接入地址为介质访问控制MAC地址,且所述的MAC地址以MAC地址表的形式存放于网络接入设备中。 2. The method to achieve synchronization of the independent address VLAN learning according to claim 1, wherein said address access media access control (MAC) address, and the MAC address stored in the MAC address table in the form of network access equipment.
3.根据权利要求1或2所述的独立VLAN学习方式下实现地址同步的方法,其特征在于所述的增加独立VLAN中接入地址的地址同步处理过程还包括:将加入共享该接入地址的VLAN中的接入地址的老化时间设置为不老化。 The method according to the independent address achieve synchronization VLAN learning claim 1 or claim 2, wherein the increase in the access independent address VLAN address synchronization process further comprises: access to the shared address added VLAN aging time of an access to the address non-aging.
4.根据权利要求3所述的独立VLAN学习方式下实现地址同步的方法,其特征在于:当加入接入端口默认VLAN中的接入地址的老化时间设置为不老化时,所述的删除独立VLAN中接入地址的地址同步处理过程由用户通过命令行执行。 The method to achieve synchronization of the independent address VLAN learning according to claim 3, wherein: when the aging time is added to the access port of the access address of the default VLAN is set to aging, according to remove unattached VLAN address in the access address synchronization process performed by the user through the command line.
5.根据权利要求3所述的独立VLAN学习方式下实现地址同步的方法,其特征在于:加入接入端口默认VLAN中的接入地址的老化时间设置为可老化时,所述的删除独立VLAN中接入地址的地址同步处理过程由该接入地址的老化定时器触发执行或由用户通过命令行执行。 The method to achieve synchronization of the address learning standalone VLAN according to claim 3, wherein: added default deletion access port VLAN aging time of an access address is set to be aged, according to independent VLAN address in the access address of the synchronization process by the access address aging timer to trigger execution by the user or the command line execution.
6.根据权利要求1或2所述的独立VLAN学习方式下实现地址同步的方法,其特征在于所述的将该接入地址从共享该接入地址的VLAN中删除进一步包括:确定共享该接入地址的VLAN;从所述确定共享该接入地址的VLAN的地址表中查找该接入地址;根据该接入地址的地址标志位判断是否为共享的接入地址,如果是,则删除该接入地址,否则,不作处理。 The method to achieve synchronization of the address, wherein said access to the shared address from the access address further includes a separate VLAN VLAN learning claim 1 or claim 2, wherein: determining that the shared access incoming VLAN address; shared access the address from the address table to determine the VLAN find the access address; the address of the access address flag determines whether the access address is shared, if yes, delete the access address, otherwise, not be processed.
7.根据权利要求1所述的独立VLAN学习方式下实现地址同步的方法,其特征在于所述的独立VLAN包括:私有虚拟局域网PVLAN中的上层VLANPrimary VLAN和二层VLAN Secondary VLAN。 The method to achieve synchronization of the address VLAN Learning standalone mode according to claim 1, wherein said separate VLAN comprising: an upper VLANPrimary VLAN private virtual local area network and the PVLAN Layer VLAN Secondary VLAN.
8.根据权利要求7所述的独立VLAN学习方式下实现地址同步的方法,其特征在于该方法还包括PVLAN建立时的地址同步过程:遍历Primary VLAN中的MAC地址表,并将其中老化时间为可老化的MAC地址删除,将不可老化的MAC地址添加到Secondary VLAN的MAC地址表中,老化时间仍设置为不老化,同时将其地址标志位置位;遍历Secondary VLAN的MAC地址表,将其中老化时间为可老化的MAC地址删除,将老化时间为不可老化且地址标志位未置位的MAC地址添加到Primary VLAN的MAC地址表中,同时将其地址标志位置位。 Independent VLAN Learning embodiment according to the method of claim 7, wherein the address of the synchronization achieved, characterized in that the method further comprises the address of the synchronization procedure when establishing PVLAN: traversing the MAC address table in Primary VLAN, and wherein the aging time is can be aged MAC address delete, add non-aging MAC address to the Secondary VLAN MAC address table, the aging time is still set to aging, while its address flag bit; traversing the MAC address table Secondary VLAN, and in which the aging MAC address aging time can be deleted, the aging time and aging is not the address flag is not set to add the MAC address of the Primary VLAN MAC address table, while its address flags.
9.根据权利要求7所述的独立VLAN学习方式下实现地址同步的方法,其特征在于,所述的增加独立VLAN中接入地址的地址同步处理过程包括:确定需要增加的MAC地址默认的VLAN是Primary VLAN或SecondaryVLAN,并获取所述需要增加的MAC地址默认的VLAN对应的Secondary VLAN或Primary VLAN;判断对应的Secondary VLAN或Primary VLAN中是否存在需要增加的MAC地址;如果不存在,则在所述Secondary VLAN或Primary VLAN中添加该需要增加的MAC地址,且将地址标志位置位;如果存在,则判断存在的该需要增加的MAC地址的老化时间是否为不老化;如果为不老化,则进一步判断对应的VLAN是Secondary VLAN还是Primary VLAN;如果对应的VLAN是Secondary VLAN,则继续判断其他与该Secondary VLAN所属的Primary VLAN对应的Secondary VLAN中是否存在需要增加的MAC地址,若不存在,则在所述其他与该Secondary VLAN所属的Primary VLAN对应的Se A method to achieve synchronization of the independent address VLAN learning according to claim 7, wherein said increased address in the access address VLAN separate synchronization process includes: determining a need to increase the MAC address of the default VLAN Primary VLAN or is SecondaryVLAN, and acquiring the MAC address is necessary to increase the default VLAN or Secondary VLAN corresponding Primary VLAN; whether there is need to increase the determined MAC address or Secondary VLAN corresponding Primary VLAN; if not present, then the said Secondary VLAN or Primary VLAN added to the need to increase the MAC address, and the address flag bit; if if present, determining the presence of the need to increase the aging time of the MAC address is not aging; if it is non-aging, it is further is determined corresponding VLAN or Secondary VLAN Primary VLAN; if the corresponding VLAN Secondary VLAN is, then determine if the MAC address is necessary to increase the presence of other Primary VLAN Secondary VLAN belongs to the corresponding Secondary VLAN and, if not, then the other belongs to the Primary VLAN Secondary VLAN corresponding Se condary VLAN中添加该需要增加的MAC地址,若存在且为可老化,则删除在所述其他与该Secondary VLAN所属的Primary VLAN对应的SecondaryVLAN中存在的MAC地址,并在所述其他与该Secondary VLAN所属的Primary VLAN对应的Secondary VLAN中添加该需要增加的MAC地址,若存在且为不老化,则不做处理,直到与本PrimaryVLAN对应的所有Secondary VLAN均被执行完毕;如果对应的VLAN是Primary VLAN,则过程结束;如果是可老化,则删除所述Secondary VLAN或Primary VLAN中存在的MAC地址,并在所述Secondary VLAN或Primary VLAN中添加该需要增加的MAC地址,且将该MAC地址标志位置位。 Condary VLAN added in the MAC address needs to be increased, and if present, to be aged, the MAC address is present in the other belongs to the Primary VLAN Secondary VLAN corresponding to the delete SecondaryVLAN, and the other to the Secondary VLAN adding Primary VLAN belongs in Secondary VLAN corresponding to the MAC address needs to be increased, and if there is no aging, then no processing until all Secondary VLAN corresponding to the present PrimaryVLAN are finished; if the corresponding VLAN is the Primary VLAN , the process ends; if is aged, then deleting the MAC address or Secondary VLAN Primary VLAN present, and added in the need to increase the Secondary VLAN Primary VLAN or MAC address, the MAC address and the flag bit.
10.根据权利要求7所述的独立VLAN学习方式下实现地址同步的方法,其特征在于,所述的删除独立VLAN中接入地址的地址同步处理过程包括:确定需要删除的MAC地址默认的VLAN是Primary VLAN或SecondaryVLAN,并获取所述需要删除的MAC地址默认的VLAN对应的Secondary VLAN或Primary VLAN;判断对应的Secondary VLAN或Primary VLAN中是否存在需要删除的MAC地址;如果存在,则获取该MAC地址的地址标志位和老化时间,如果老化时间是不可老化,且地址标志位置位,则删除对应的Secondary VLAN或Primary VLAN中存在的需要删除的MAC地址,否则,按不存在该MAC地址处理;如果不存在,则进一步判断对应的VLAN是Secondary VLAN还是Primary VLAN;如果对应的VLAN是Secondary VLAN,则继续判断其他与该Secondary VLAN所属的Primary VLAN对应的Secondary VLAN中是否存在需要删除的MAC地址,若存在,则删除该需要删除的MAC地址 A method to achieve synchronization of the independent address VLAN learning according to claim 7, characterized in that said address deleting a VLAN access independent address synchronization process comprising: determining the need to delete the MAC address of the default VLAN Primary VLAN or is SecondaryVLAN, and acquiring the MAC address to be deleted default VLAN or Secondary VLAN corresponding Primary VLAN; whether there is a MAC address to be deleted or the determination Secondary VLAN corresponding Primary VLAN; and if there is, obtains the MAC address flag and the aging time of the address, if the aging time is not aging, and the address flag is set, it is necessary to delete the MAC address of the Secondary VLAN or Primary VLAN occurring counterpart is deleted, otherwise, the MAC address is treated as not present; If not, it is further determined the corresponding VLAN is Secondary VLAN or Primary VLAN; if the corresponding VLAN is Secondary VLAN, then determine if the presence of the MAC address to be deleted other Primary VLAN belonging to the Secondary VLAN corresponding Secondary VLAN and If present, the need to remove the MAC address is deleted ,直到与本Primary VLAN对应的所有Secondary VLAN均被执行完毕;如果对应的VLAN是Primary VLAN,则过程结束。 , Until all Secondary VLAN Primary VLAN corresponding to the present are finished; if the VLAN corresponding to the end Primary VLAN, then the process.
11.根据权利要求7所述的独立VLAN学习方式下实现地址同步的方法,其特征在于该方法还包括解除PVLAN中Primary VLAN与SecondaryVLAN对应关系时,地址标志位置位的MAC地址的删除过程:获取需要解除PVLAN中Primary VLAN与Secondary VLAN对应关系的Primary VLAN及其对应的所有Secondary VLAN;遍历Primary VLAN及其对应的所有Secondary VLAN的MAC地址表,将老化时间为不可老化,且地址标志位置位的MAC地址从MAC地址表中删除。 A method to achieve synchronization of the independent address VLAN learning according to claim 7, characterized in that the method further comprises releasing the PVLAN when the Primary VLAN SecondaryVLAN correspondence between MAC address, the address delete flag bit position: Get the need to lift the PVLAN Primary VLAN and Secondary VLAN Primary VLAN correspondence relationship and all corresponding Secondary VLAN; Primary VLAN and traversing all the MAC address corresponding to the Secondary VLAN, the aging time is not aged, and the address flag bits MAC address is deleted from the MAC address table.
12.根据权利要求1或7所述的独立VLAN学习方式下实现地址同步的方法,其特征在于:所述的增加独立VLAN中接入地址的地址同步处理过程,是在增加接入地址的同时进行;所述的删除独立VLAN中接入地址的地址同步处理过程是在删除接入地址的同时进行。 12. The method to achieve synchronization of the address learning mode or standalone VLAN according to claim 17, wherein: the increase in the access independent address VLAN address synchronization process, the access address is increased at the same time performed; deleting the address in the access address VLAN separate synchronization process is carried out at the same time deleting the access address.
13.根据权利要求1或7所述的独立VLAN学习方式下实现地址同步的方法,其特征在于:所述的增加独立VLAN中接入地址的地址同步处理过程和删除独立VLAN中接入地址的地址同步处理过程为周期进行,即周期性的确定PVLAN的Primary VLAN和Secondary VLAN中增加或删除的接入地址,并在Primary VLAN与Secondary VLAN间进行接入地址的同步处理。 13. The method to achieve synchronization of the address, wherein said separate VLAN Learning mode 1 or in claim 7, wherein: said increased address in the access address VLAN separate synchronization processes and delete access address in separate VLAN the synchronization process of the address cycle, i.e. periodically determining the PVLAN Primary VLAN and Secondary VLAN and add or delete the access address and the access address sync between the Primary VLAN and Secondary VLAN.
CN 03144082 2003-07-31 2003-07-31 Method for realizing address synchronization in independant virtual LAN learning mode CN100334849C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 03144082 CN100334849C (en) 2003-07-31 2003-07-31 Method for realizing address synchronization in independant virtual LAN learning mode

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 03144082 CN100334849C (en) 2003-07-31 2003-07-31 Method for realizing address synchronization in independant virtual LAN learning mode

Publications (2)

Publication Number Publication Date
CN1581819A true CN1581819A (en) 2005-02-16
CN100334849C true CN100334849C (en) 2007-08-29

Family

ID=34579583

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 03144082 CN100334849C (en) 2003-07-31 2003-07-31 Method for realizing address synchronization in independant virtual LAN learning mode

Country Status (1)

Country Link
CN (1) CN100334849C (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103414801A (en) * 2013-08-12 2013-11-27 杭州华三通信技术有限公司 Method and device for synchronizing medium access control addresses in stacking system

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100435528C (en) 2005-08-29 2008-11-19 杭州华三通信技术有限公司 Method for reducing learning of media accessing control address in network
CN100544322C (en) 2007-02-15 2009-09-23 杭州华三通信技术有限公司 Method and switch for transmitting packet and establishing media access control address table
CN101505282B (en) 2009-03-31 2013-01-16 杭州华三通信技术有限公司 Method and equipment for deleting VLAN information
CN101572668B (en) 2009-05-21 2012-10-10 中兴通讯股份有限公司 Method for deleting MAC addresses and device therefor
CN103227757B (en) 2012-08-31 2016-12-28 杭州华三通信技术有限公司 OSPF packets forwarding method and apparatus

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6111874A (en) * 1997-02-14 2000-08-29 Advanced Micro Devices, Inc. Shared address table with source and destination two-pass algorithm
US6188694B1 (en) * 1997-12-23 2001-02-13 Cisco Technology, Inc. Shared spanning tree protocol
CN1411213A (en) * 2002-11-14 2003-04-16 烽火通信科技股份有限公司 Ethernet switch in net virtual local network switch in technique
CN1426199A (en) * 2001-12-13 2003-06-25 华为技术有限公司 Method for managing users in wide hand city network

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6111874A (en) * 1997-02-14 2000-08-29 Advanced Micro Devices, Inc. Shared address table with source and destination two-pass algorithm
US6188694B1 (en) * 1997-12-23 2001-02-13 Cisco Technology, Inc. Shared spanning tree protocol
CN1426199A (en) * 2001-12-13 2003-06-25 华为技术有限公司 Method for managing users in wide hand city network
CN1411213A (en) * 2002-11-14 2003-04-16 烽火通信科技股份有限公司 Ethernet switch in net virtual local network switch in technique

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103414801A (en) * 2013-08-12 2013-11-27 杭州华三通信技术有限公司 Method and device for synchronizing medium access control addresses in stacking system
CN103414801B (en) * 2013-08-12 2016-08-17 杭州华三通信技术有限公司 A stacked system media access control address of the synchronization method and apparatus

Also Published As

Publication number Publication date Type
CN1581819A (en) 2005-02-16 application

Similar Documents

Publication Publication Date Title
US6298061B1 (en) Port aggregation protocol
US6147995A (en) Method for establishing restricted broadcast groups in a switched network
US20110075664A1 (en) Private Allocated Networks Over Shared Communications Infrastructure
US20130136123A1 (en) Method and apparatus for implementing a flexible virtual local area network
US6747979B1 (en) Method and apparatus for bridging between networks
US6167052A (en) Establishing connectivity in networks
US20060274744A1 (en) Dynamic VLAN ID assignment and packet transfer apparatus
US20090049191A1 (en) Automatic route setup via snooping dynamic addresses
US20030147405A1 (en) Protecting the filtering database in virtual bridges
US20050089034A1 (en) Network switching apparatus, route management server, network interface apparatus, control method therefor, computer program for route management server, and computer-readable storage medium
JP2011070549A (en) Computer system and migration method of virtual machine
CN101459618A (en) Data packet forwarding method and device for virtual machine network
CN101616014A (en) Method for realizing cross-virtual private local area network multicast
CN1533108A (en) Method for realizing dynamic gateway load sharing and backup
JP2011210032A (en) Method and system for migration of virtual machine
CN101409685A (en) Forwarding method based on virtual LAN mapping and access equipment
CN101257447A (en) Method, system and routing apparatus of load sharing
US20130315252A1 (en) IMPLEMENTING PVLANs IN A LARGE-SCALE DISTRIBUTED VIRTUAL SWITCH
CN101820435A (en) Synchronization method and device for MAC (Media Access Control) address table information of distributed network processing system
CN101022394A (en) Method for realizing virtual local network aggregating method and converging exchanger
CN101442484A (en) Method, system and equipment for detecting stacking multi-Active
CN1457178A (en) Communication method for sharing one subnet section of protocol between network by multiple virtual local networks
CN1543132A (en) Method for implementing multicast spanning VLAN
CN1411214A (en) Network equipment management method based on ethernet technology
CN1735050A (en) Method for managing multicast service in access device

Legal Events

Date Code Title Description
C06 Publication
C10 Entry into substantive examination
C14 Grant of patent or utility model
EXPY Termination of patent right or utility model