CN100559772C - Mixed virtual private network system and backbone network edge apparatus and collocation method thereof - Google Patents

Mixed virtual private network system and backbone network edge apparatus and collocation method thereof Download PDF

Info

Publication number
CN100559772C
CN100559772C CNB2006101603533A CN200610160353A CN100559772C CN 100559772 C CN100559772 C CN 100559772C CN B2006101603533 A CNB2006101603533 A CN B2006101603533A CN 200610160353 A CN200610160353 A CN 200610160353A CN 100559772 C CN100559772 C CN 100559772C
Authority
CN
China
Prior art keywords
virtual private
private network
message
straton
access interface
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CNB2006101603533A
Other languages
Chinese (zh)
Other versions
CN1980176A (en
Inventor
王�锋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
New H3C Technologies Co Ltd
Original Assignee
Hangzhou H3C Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou H3C Technologies Co Ltd filed Critical Hangzhou H3C Technologies Co Ltd
Priority to CNB2006101603533A priority Critical patent/CN100559772C/en
Publication of CN1980176A publication Critical patent/CN1980176A/en
Application granted granted Critical
Publication of CN100559772C publication Critical patent/CN100559772C/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Abstract

A kind of mixed type VPN based on MPLS comprises separate n three straton VPN of configuration and m two straton VPN, n and m all be not less than 0 and both be not 0 simultaneously; Wherein the public network access interface of PE equipment has enabled the MPLS function, and each three layers/two straton VPN disposes unique label corresponding with it respectively; 1 private network access interface of described PE equipment enables and can only enable at most simultaneously 1 three straton VPN and 1 two straton VPN.A kind of PE equipment includes private network access interface, public network access interface and mixed type VPN unit; Judge module is determined under the message behind the two layers/three-layer VPN in this mixed type VPN unit, carries out message by corresponding two layers/three-layer VPN unit wherein and transmits; And the collocation method of this PE equipment.But by the own VPN of user's flexible configuration of the present invention, both can carry out Layer 2 data and transmit, and also can carry out three layer data and transmit.

Description

Mixed virtual private network system and backbone network edge apparatus and collocation method thereof
Technical field
The present invention relates to network field, particularly VPN (Virtual Private Network, virtual private networks) field; More particularly, the present invention relates to (Multi-ProtocolLabel Switching based on MPLS, multiprotocol label switching) VPN, relate in particular to mixed type VPN and the adoptable backbone network edge apparatus of this mixed type of networking VPN based on MPLS, and the collocation method of this backbone network edge apparatus.
Background technology
In carrier network, MPLS VPN (based on the virtual private networks of multiprotocol label switching) uses more and more widely at present; It mainly is by increasing the MPLS label to discern different VPN in message, transmitting the MPLS message in the backbone network of support MPLS function, thereby realize the function of VPN between distinct device.Roughly, the MPLS VPN that uses mainly contains two classes at present: a class is MPLS L3VPN (based on the three layer virtual private network of multiprotocol label switching), its representative has MPLS/BGP VPN scheme, and wherein BGP is the abbreviation of Border Gateway Protocol (BorderGateway Protocol); Another kind of is MPLS L2VPN (based on the virtual private network in second layer network of multiprotocol label switching), and its representative has drafts such as Matini and Kompella.
As shown in Figure 1, in MPLS L2VPN networking plan: CE (the Customer Edge that is in same virtual private networks L2VPN#A, the user network edge device) (CE1, CE2, CE3 and CE4), be connected to different PE (Provider Edge, backbone network edge apparatus) (PE1, PE2, PE3 and PE4); The IP of above-mentioned PE and CE (Internet Protocol, Internet Protocol) address must be disposed in the same network segment, and constitutes a broadcast domain mutually; And wherein establish MAC (Medium Access Control on the PE, the medium access control) address table, after it receives the message that described CE sends, search on it address table according to this message target MAC (Media Access Control) address and transmit, then do not broadcast when not having this message destination address.That is to say, MPLS L2VPN is equivalent to put forward similar virtual layer 2-switched function to the user in essence, its MPLS L2VPN is equivalent to put forward similar virtual layer 2-switched function to the user in essence, it is only according to two layers of transparent transmission user data of destination address of message, and the type of message that encapsulates in this message is not known; The shortcoming of this VPN networking plan is, might cause broadcast storm for multicast and unknown unicast between CE, so that waste bandwidth.
Yet, as shown in Figure 2, in MPLS L3VPN networking plan: be in CE2, CE4 and the CE5 of same virtual private networks L3VPN#A, be connected on PE2, PE4 and the PE1; This makes and must dispose different network segment addresses between the different described CE, but coupled respectively again PE is in the same network segment; Set up VRF (VPN Routing andForwarding table on the described PE simultaneously, the VPN route table), after it receives the message that described CE sends, if the purpose MAC of message is the virtual MAC of PE equipment, then the purpose IP address search of carrying according to this message on it VPN route table transmit, then carry out packet loss when not having this message purpose IP address; If the MAC of message is not the virtual MAC of PE equipment, then can only with the local same VPN that links to each other of this PE in transmit, and can not the striding equipment forwarding.That is to say that MPLS L3VPN is equivalent to put forward the function of similar virtual router to the user in essence, it can only carry out three layers of forwarding according to the purpose IP address of message, and can't carry out two layers of forwarding to message.
If CE equipment thinks to carry out simultaneously MPLS L2VPN and MPLS L3VPN transmits, must link to each other by different private network interfaces with PE equipment so, dispose MPLSL2VPN on the interface, configuration MPLS L3VPN on the interface.The problem that causes like this is not only to have wasted a large amount of interface resources, and the data interaction between MPLS L2VPN and the MPLS L3VPN simultaneously can only be finished at the CE user network, causes very big inconvenience for the networking configuration of VPN.
Summary of the invention
Shortcoming at above-mentioned prior art, the object of the invention is to provide a kind of mixed virtual private network system based on multiprotocol label switching, this mixed virtual private network system essence is equivalent to put forward the function of similar virtual three-tier switch to the user, thereby make that the user can be by planning networking plan flexibly, the virtual private networks of own actual demand can maximum be satisfied in configuration.
Another purpose of the present invention is to provide a kind of backbone network edge apparatus and collocation method thereof that can be used for the above-mentioned mixed virtual private network system of networking, this backbone network edge apparatus both can carry out two layers of MPIS VPN data forwarding, also can carry out three layers of MPLS VPN data forwarding.
For achieving the above object, the invention provides a kind of mixed virtual private network system (MPLS mixed type VPN) based on multiprotocol label switching; This mixed virtual private network system includes separate n three straton virtual private networks (SubL3VPN) of configuration and the individual two straton virtual private networks (SubL2VPN) of m, and wherein: n and m are and are not less than 0 integer and n and m is not 0 simultaneously; When n equaled 0, this mixed virtual private network was degenerated to the set of MPLS L2VPN; When m equaled 0, this mixed virtual private network was degenerated to the set of MPLS L3VPN; And when n, m are all non-vanishing, this mixed virtual private network is created at least one MPLS mixed type VPN instance, and the interface of binding the backbone network edge apparatus of described MPLS mixed type VPN instance allows to bind simultaneously 1 described SubL3VPN and 1 described SubL2VPN, and promptly at least 1 private network access interface of backbone network edge apparatus has enabled 1 described SubL3VPN and 1 described SubL2VPN simultaneously in this network system; The private network access interface that wherein enables described three straton virtual private networks disposes IP (Internet Protocol, Internet Protocol) address and/or virtual MAC (Medium Access Control, the medium access control) address, and enable IP address configuration with three straton virtual networks of the corresponding private network access interface of 1 described two straton virtual private networks in the same network segment, and 2 described private network access interfaces among 1 MPLS mixed type VPN, can not both belong to wherein same 1 MPLSSubL2VPN, belong to again with 1 MPLS SubL3VPN.And, the public network access interface of backbone network edge apparatus has enabled the multiprotocol label switching (mpls) function in this network system, and each described three layers/two straton virtual private networks (SubL3VPN/SubL2VPN) disposes at least 1 unique label corresponding with it respectively.
For above-mentioned mixed virtual private network system based on multiprotocol label switching, when described backbone network edge apparatus after private network access interface is received message on it, according to the situation that enables of described two layers/three straton virtual private networks of this private network access interface, determine two layers/three straton virtual private networks under this message; If do not dispose the virtual MAC address on this private network access interface, then directly carry out two layers of MPLS VPN message and transmit; Perhaps, if dispose the virtual MAC address on this private network access interface, whether the target MAC (Media Access Control) address of then judging this message is the virtual MAC address of this private network access interface, be then to search on it VPN route table to carry out three layers of MPLS VPN (based on the privately owned switching network of the L 3 virtual of multiprotocol label switching) message and transmit, mac address table carries out the forwarding of two layers of MPLS VPN (based on the privately owned switching network of the two-layer virtual of multiprotocol label switching) message it on otherwise search.
For above-mentioned mixed virtual private network system based on multiprotocol label switching, when described backbone network edge apparatus after its public network access interface is received message, according to the label that this message carries, determine two layers/three straton virtual private networks that this message is affiliated; If three straton virtual private networks under this message then carry out three layers of MPLS VPN (based on the three layer virtual private network of multiprotocol label switching) message and transmit; If this message belongs to two straton virtual private networks, then carry out two layers of MPLS VPN (based on the virtual private network in second layer network of multiprotocol label switching) message and transmit.
For above-mentioned mixed virtual private network system based on multiprotocol label switching, because different backbone network edge apparatus may be in same SubL2VPN (the virtual privately owned switching network of two stratons), the different private network access interfaces that belong to this SubL2VPN so will inevitably be configured in the same network segment; Just be necessary to keep the K bar route table items that reaches same destination network segment on the described like this backbone network edge apparatus, wherein K is not less than 1 integer; After this backbone network edge apparatus is determined its purpose IP address that sends message, select the highest VPN route of priority to carry out message in the most described K bar route table items of long coupling with this destination address from it and transmit; If there is equal-cost route in the highest VPN route of described priority, then selects one of described equal-cost route to carry out message and transmit according to the equal-cost route algorithm; Wherein, described equal-cost route is arrive the equal L bar VPN route of described K bar route table items medium priority of same destination network segment, and L to be not less than 2 integer; In addition,, that is to say that selected VPN route does not exist,, and reselect VPN route and carry out the message forwarding then with this VPN route deletion if the VPN route that is using is cancelled.
In order to reach above-mentioned another goal of the invention, the invention provides a kind of backbone network edge apparatus, it can be used for the above-mentioned mixed virtual private network system based on multiprotocol label switching of networking.This backbone network edge apparatus includes private network access interface and public network access interface, and described public network access interface has enabled the multiprotocol label switching function; At least 1 described private network access interface enables 1 two straton virtual private networks and 1 three straton virtual private networks simultaneously; The private network access interface that wherein enables described three straton virtual private networks disposes IP address and/or virtual MAC address, and enable IP address configuration with the described private network access interface of 1 described two straton virtual private networks in the same network segment, and 2 described private network access interfaces among 1 MPLS mixed type VPN, can not both belong to wherein same 1 MPLS SubL2VPN, belong to again with 1 MPLSSubL3VPN.
For above-mentioned backbone network edge apparatus, preferably, this backbone network edge apparatus also includes the mixed virtual private network unit that is used to handle above-mentioned mixed virtual private network data based on multiprotocol label switching, described mixed virtual private network unit links to each other with described public network access interface with described private network access interface, includes judge module, virtual private network in second layer network unit and three layer virtual private network unit.Wherein, described mixed virtual private network unit receives behind the message of described private network access interface input, if do not dispose the virtual MAC address on the private network access interface of described incoming message, the virtual private network in second layer network unit of then this message being transferred to the two straton virtual private networks correspondences that this private network access interface enables carries out transmitting based on the virtual private network in second layer network message of multiprotocol label switching; If dispose the virtual MAC address on the private network access interface of described incoming message, then at first judge by described judge module whether the target MAC (Media Access Control) address of this message is the virtual MAC address of this private network access interface, be that the three layer virtual private network unit of then this message being transferred to the three straton virtual private networks correspondences that this private network access interface enables carries out transmitting based on the three layer virtual private network message of multiprotocol label switching, otherwise the virtual private network in second layer network unit that this message is transferred to the two straton virtual private networks correspondences that this private network access interface enables is carried out transmitting based on the virtual private network in second layer network message of multiprotocol label switching.Perhaps, described mixed virtual private network unit receives behind the message of described public network access interface input, at first the label that is carried according to this message by described judge module is determined two layers/three straton virtual private networks under this message, this message is transferred to the described two layer/three layer virtual private network unit corresponding with this two layers/three straton virtual private networks again and is carried out transmitting based on the two layers/three layer virtual private network message of multiprotocol label switching.
For above-mentioned backbone network edge apparatus, preferably, described three layer virtual private network unit remains with the K bar route table items that arrives same IP network section, and wherein K is the integer more than or equal to 1; After its destination address that sends message is determined in described three layer virtual private network unit, with this destination address in the most described K bar route table items of long coupling, select the highest VPN route of priority to carry out message and transmit from it.If there is equal-cost route in the highest VPN route of described priority, then selects one of described equal-cost route to carry out message and transmit according to the equal-cost route algorithm.In addition, if the VPN route that is using is cancelled,, and reselect VPN route and carry out the message forwarding then with this VPN route deletion.
Simultaneously, the present invention also provides a kind of collocation method of backbone network edge apparatus, is applied to above-mentioned backbone network edge apparatus, and this method includes the following step:
Step 1 is created the mixed virtual private network unit in described backbone network edge apparatus;
Step 2 disposes the public network access interface of described backbone network edge apparatus, makes this public network access interface enable the multiprotocol label switching function;
Step 3, the virtual private networks that disposes at least 1 private network access interface of described backbone network edge apparatus enables situation, make this private network access interface enable 1 two straton virtual private networks and 1 three straton virtual private networks that described mixed virtual private network unit covers simultaneously, perhaps only enabled in described two straton virtual private networks and the described three straton virtual private networks any one; The private network access interface that wherein enables described three straton virtual private networks disposes IP address and/or virtual MAC address, and enable IP address configuration with three straton virtual networks of the corresponding private network access interface of 1 described two straton virtual private networks in the same network segment, and 2 described private network access interfaces among 1 MPLS mixed type VPN, can not both belong to wherein same 1 MPLS SubL2VPN, belong to again with 1 MPLS SubL3VPN.
For the collocation method of above-mentioned backbone network edge apparatus, wherein:
Described step 3 is specially step 31, by configuration order described private network access interface is tied to 1 described two straton virtual private networks, makes this private network access interface enable 1 described two straton virtual private networks;
Perhaps described step 3 is specially step 32, by configuration order described private network access interface is tied to 1 described three straton virtual private networks, and be this private network access interface configuration of IP address and/or virtual MAC address, make this private network access interface enable 1 described three straton virtual private networks;
Perhaps described step 3 is specially step 33, by configuration order described private network access interface is tied to 1 described three straton virtual private networks and 1 described two straton virtual private networks simultaneously, and in determining described two straton virtual private networks behind other private network access interfaces network segment of living in, for this private network access interface disposes IP address and/or the virtual MAC address that is in this network segment, make this private network access interface enable 1 described two straton virtual private networks and 1 described three straton virtual private networks simultaneously.
The invention has the advantages that: the mixed virtual private network system based on multiprotocol label switching provided by the invention, the fictitious plan private network that includes MPLS L2VPN (based on the virtual private network in second layer network of multiprotocol label switching) and two kinds of forms of MPLS L3VPN (based on the three layer virtual private network of multiprotocol label switching), between the feasible user who is in this mixed virtual private network system, both can carry out two layers of MPLS VPN data forwarding, also can carry out three layers of MPLS VPN data forwarding; Its essence is equivalent to provide the function of similar virtual three-tier switch to the user, and then makes the user to configure the virtual private networks that can maximum satisfy own actual demand by planning networking plan flexibly; And, use the described mixed virtual private network system of backbone network edge apparatus networking provided by the invention based on multiprotocol label switching, realize easily because of design complexities is low.
Another advantage of the present invention is: technical solution of the present invention realizes protocol interaction by its described MPLSL2VPN that comprises and MPLS L3VPN, therefore its fully compatibility known at present/the various MPLS L2VPN of future development and type and the agreement of MPLS L3VPN, make it have autgmentability well.
Further advantage of the present invention is: the mixed virtual private network system based on multiprotocol label switching provided by the invention, by reasonable disposition the MPLS L2VPN that it comprises is divided into a plurality of broadcast domains, each broadcast domain interior mac address table of its broadcast domain of independent study separately carries out two layers of MPLS VPN data forwarding; Simultaneously, its MPLS L3VPN that comprises by reasonable disposition realizes three layers of MPLS VPN data forwarding between broadcast domain; Like this,, both guaranteed the privacy and the fail safe of described broadcast domain, and can guarantee that again the normal IP communication between the user was interference-free in this mixed virtual private network system by reducing the scope of MPLS L2VPN.
In a word, use technical scheme provided by the invention, provide the multiple business function that comprises two layers and three layers by just can be the user with a kind of virtual private networks access way, thereby enrich the product pattern of Virtual network operator, and and then improve its user satisfaction.
Description of drawings
Fig. 1: the networking plan schematic diagram of MPLS L2VPN in the prior art;
Fig. 2: the networking plan schematic diagram of MPLS L3VPN in the prior art;
Fig. 3: the networking plan schematic diagram of MPLS mixed type VPN of the present invention;
Fig. 4: the group-network construction figure of MPLS mixed type VPN embodiment one of the present invention;
Fig. 5: the process chart of backbone network edge apparatus after the private network access interface is received message among the MPLS mixed type VPN of the present invention;
Fig. 6: the process chart of backbone network edge apparatus after the public network access interface is received message among the MPLS mixed type VPN of the present invention;
Fig. 7: the schematic block diagram of backbone network edge apparatus of the present invention;
Fig. 8: the flow chart of the collocation method of backbone network edge apparatus of the present invention.
Embodiment
As mentioned above, the present invention mainly provides the networking plan of a kind of novel MPLS VPN (based on the virtual private networks of multiprotocol label switching), i.e. MPLS mixed type VPN (based on the mixed virtual private network system of multiprotocol label switching).The invention original intention of described MPLS mixed type VPN is: realize being between the user of a described mixed virtual private network system, both can carry out two layers of MPLS VPN data forwarding, also can carry out three layers of MPLS VPN data forwarding.And the implementation of described MPLS mixed type VPN is: 1, can enable and can only enable at most simultaneously 1 MPLS L2VPN and 1 MPLS L3VPN by the private network access interface that allows backbone network edge apparatus PE in this virtual privately owned exchanging network system, the private network access interface of described backbone network edge apparatus is improved to mixed type private network access interface.For described mixed type private network access interface, the mixed type private network access interface that enables 1 described MPLS L3VPN disposes IP address and/or virtual MAC address.Simultaneously, for the mixed type private network access interface that enables with 1 described MPLS L2VPN, if wherein there is the mixed type private network access interface also enable described MPLS L3VPN simultaneously, then all these IP addresses that also enable the mixed type private network access interface of described MPLS L3VPN simultaneously all are disposed in the network segment.2, the public network access interface with described PE has enabled multiprotocol label switching MPLS function, the MPLS L2VPN/MPLS L3VPN that is enabled by described mixed type private network access interface is regarded as the fictitious plan private network MPLS SubL2VPN/MPLS SubL3VPN that this MPLS mixed type VPN comprises, be the different label of each fictitious plan private network configuration.
The MPLS mixed type VPN that provides for the invention described above, it learns and manages the VPN route Table V RF that is used for three layers of MPLS VPN data forwarding according to each three straton virtual private networks MPLS SubL3VPN that it comprises, and learns and manage the address table that is used for two layers of MPLS VPN data forwarding on it according to its each two straton virtual private networks MPLSSubL2VPN that comprises; Simultaneously, wherein each fictitious plan private network MPLS SubL2VPN/MPLS SubL3VPN disposes independence mutually, two layers/three layers MPLS VPN data forwarding in separately the fictitious plan private network of being independent of each other; And, because this MPLS mixed type VPN is improved to be the network architecture of MPLS VPN, and unmodified its agreement realizes, make this MPLS mixed type VPN can adopt present known any MPLS L2VPN/MPLS L3VPN execution mode to realize each the fictitious plan private network MPLS SubL2VPN/MPLS SubL3VPN that wherein comprises, also can support any future development to go out MPLS L2VPN/MPLS L3VPN execution mode certainly.
But, the MPLS mixed type VPN that provides for the invention described above is though 1 private network access interface of described backbone network edge apparatus PE allows to enable simultaneously 1 MPLS SubL2VPN and 1 MPLS SubL3VPN; But what need restriction is: 1 private network access interface that has enabled the backbone network edge apparatus PE of MPLS SubL3VPN must dispose private network IP address, and the IP address that is in the private network access interface of the described backbone network edge apparatus PE of 1 MPLS SubL2VPN must be configured in the same network segment; In addition, 2 described private network access interfaces among 1 MPLS mixed type VPN can not both belong to wherein 1 MPLS SubL2VPN together, belonged to again with 1 MPLS SubL3VPN; Such as, the private network access interface (I#2) of the private network access interface (I#1) of one of the backbone network edge apparatus among the MPLS mixed type VPN (VPN#A) (PE#1) and two (PE#2) of backbone network edge apparatus, do not allow them both to enable simultaneously to enable simultaneously again with 1 MPLS SubL3VPN (SubL3VPN#1) with 1 MPLSSubL2VPN (SubL2VPN#1).
Below will be at first with reference to Fig. 3 and Fig. 4, provide the group-network construction of MPLS mixed type VPN to make an explanation to the invention described above in conjunction with example.
As shown in Figure 4: be in user network edge device CE1, CE2, CE3 and CE4 among the MPLS mixed type VPN (VPN#A) together, via interface 1 (I#1), interface 2 (I#2), interface 3 (I#3) and interface 4 (I#4), be connected to backbone network edge apparatus PE1, PE2, PE3 and PE4 respectively; And, interface 1 (I#1), interface 2 (I#2), interface 3 (I#3), be above-mentioned mixed type private network access interface with interface 4 (I#4), wherein interface 1 (I#1) has enabled virtual privately owned switching network SubL2VPN#1 of two stratons and the virtual privately owned switching network SubL3VPN#1 of three stratons, interface 2 (I#2) has enabled virtual privately owned switching network SubL2VPN#1 of two stratons and the virtual privately owned switching network SubL3VPN#2 of three stratons, interface 3 (I#3) has enabled virtual privately owned switching network SubL2VPN#2 of two stratons and the virtual privately owned switching network SubL3VPN#1 of three stratons, and interface 4 (I#4) has enabled virtual privately owned switching network SubL2VPN#2 of two stratons and the virtual privately owned switching network SubL3VPN#2 of three stratons.
After the privately owned switching network of above-mentioned each fictitious plan (SubL2VPN#1, SubL2VPN#2, SubL3VPN#1, SubL3VPN#2) all enables successfully, its networking each other concerns then as shown in Figure 3: CE1 and CE2 are in SubL2VPN#1 together, the interface 1 (I#1) of CE1, CE2, PE1, and the interface 2 (I#2) of PE2 dispose respectively and belong to the same network segment (such as, IP address 10.0.0.0/24); CE3 and CE4 are in SubL2VPN#2 together, the interface 3 (I#3) of CE3, CE4, PE3, and the interface 4 (I#4) of PE4 dispose the IP address that belongs to another same network segment (such as 11.0.0.0/24) respectively; In addition, CE1 and CE3 are in SubL3VPN#1 together, and CE2 and CE4 are in SubL3VPN#2 together.Like this, between CE1 and the CE3 and between CE2 and the CE4, all can carry out three layers of MPLS VPN data forwarding respectively; And form a broadcast domain between CE1 and the CE2 and between CE3 and the CE4 respectively, all can carry out two layers of MPLS VPN data forwarding.
Subsequently with reference to Fig. 5 and Fig. 6, introduce the handling process that the invention provides after backbone network edge apparatus PE among the MPLS mixed type VPN receives message.
As shown in Figure 5, described backbone network edge apparatus PE includes following step to the message processing procedure from private network side:
Step S1, this PE private network access interface on it receives message;
Step S2 is according to the MPLS SubL2VPN/MPLS SubL3VPN under definite this message of private network access interface configuration that receives this message;
Step S3 judges whether the target MAC (Media Access Control) address of this message is the virtual MAC address of this private network access interface, is that then execution in step S4Y is carrying out three layers of MPLS VPN data forwarding, otherwise execution in step S4N is to carry out two layers of MPLS VPN data forwarding; And when this private network access interface does not dispose the virtual MAC address, then also execution in step S4N to carry out two layers of MPLS VPN data forwarding.
Wherein, described step S4Y needs to carry out following concrete operations again:
Step S4Y1, this PE is according to this message purpose IP address search VPN route Table V RF of MPLSSubL3VPN under this message on it;
Step S4Y2 judges whether to have the route that arrives this message purpose IP address, is then to carry out following step S4Y3Y, otherwise carries out following step S4Y3N;
Step S4Y3N will not exist route to arrive the packet loss of its purpose IP address;
Step S4Y3Y, whether the route of judging this message purpose of described arrival IP address is the route of learning from far-end, be then this message to be encapsulated under it behind MPLS SubL3VPN label it to be forwarded from the public network side, otherwise this message is directly forwarded for three layers from private network side.
Wherein, described step S4N needs to carry out following concrete operations again:
Step S4N1, this PE searches on it mac address table of MPLS SubL2VPN under this message according to this message target MAC (Media Access Control) address;
Step S4N2 judges whether to exist this message target MAC (Media Access Control) address, is then to carry out following step S4N3Y, otherwise carries out following step S4N3N;
Step S4N3N will not exist the message of its target MAC (Media Access Control) address to broadcast in the described MPLSSubL2VPN of this message;
Step S4N3Y, judge whether described message target MAC (Media Access Control) address is the MAC Address of learning from far-end, be then this message to be encapsulated under it behind MPLS SubL2VPN label it to be forwarded from the public network side, otherwise this message is directly forwarded for two layers from private network side.
As shown in Figure 6, described backbone network edge apparatus PE includes following step to the message processing procedure from the public network side:
Step G1, this PE public network access interface on it receives message;
Step G2, the MPLS label that carries according to this message is determined the MPLSSubL2VPN/MPLS SubL3VPN under this message;
Step G3 belongs to MPLS SubL3VPN if described step G2 determines this message, then at first the MPLS label in this message is peeled off, and then according to the user's message execution in step G4Y of label inside to carry out three layers of MPLS VPN data forwarding; If described step G2 determines this message and belongs to MPLS SubL3VPN, the same, still at first the MPLS label in this message is peeled off, and then according to the user's message execution in step G4N of label inside to carry out two layers of MPLS VPN data forwarding.
Wherein, the concrete operations of the required execution of described step G4Y and step G4N and above-mentioned steps S4Y and step S4N are similar, so do not repeat them here both identical points, the distinctive points that only highlights both is: among the step S4N3N shown in Figure 5, the scope of carrying out described message broadcasting is the whole described MPLS SubL2VPN under this message; And among the step G4N3N shown in Figure 6, the scope of carrying out described message broadcasting only is the local user network edge device CE that is connected to this backbone network edge apparatus PE among the described MPLS SubL2VPN.
Those skilled in the art are by reading above-mentioned literal, should learn in conjunction with self professional general knowledge, the invention provides MPLS mixed type VPN and be equivalent to three-tier switch in essence, and its protocol interaction is realized by its MPLS SubL3VPN that comprises and MPLS SubL2VPN fully; Therefore as previously mentioned, the agreement of the MPLS SubL3VPN/MPLSSubL2VPN that comprises among the MPLS mixed type VPN realizes with the realization of at present common MPLS L3VPN/MPLS L2VPN in full accord, and separate between each described MPLS SubL3VPN/MPLS SubL2VPN; Thereby make described MPLS mixed type VPN can at present all common MPLS L3VPN/MPLS L2VPN type and the agreements of compatibility realize fully, need not make any modification basically.
But unique it should be noted that, owing to can comprising MPLS SubL2VPN by this MPLS mixed type VPN, different backbone network edge apparatus PE among the described MPLS mixed type VPN disposes the IP address that belongs to the same network segment, this just makes described PE will learn to arrive many VPN routes of same destination network segment from other different PE, and described PE is necessary to keep described many route table items that reach same destination network segment; After described backbone network edge apparatus PE determines its purpose IP address that sends message, select the highest VPN route of priority to carry out message in the most described many route table items of long coupling with this destination address from it and transmit.If there is equal-cost route in the highest VPN route of described priority, then selects one of described equal-cost route to carry out message and transmit according to the equal-cost route algorithm; Wherein, described equal-cost route is, arrive in described many route table items of same destination network segment, and the L bar VPN route that priority equates, and L is not less than 2 integer.And, if the VPN route that is using is cancelled, that is to say that selected VPN route does not exist, then with this VPN route deletion, and reselect VPN route and carry out the message forwarding.
To explain in detail how the invention provides MPLS mixed type VPN carries out message to transmit, to help further to understand technical solution of the present invention embodiment illustrated in fig. 3 one to be example at last.
1), suppose that CE1 shown in Figure 3 will communicate with CE2 shown in Figure 3 because CE1 disposes the IP address that belongs to the same network segment with CE2, so CE1 will at first send the MAC Address of an ARP request message acquisition request CE2; After the PE1 that links to each other with CE1 shown in Figure 3 receives this ARP request message, determine that according to its private network access interface that receives this message this message belongs to VPN#A, and know that CE1 and CE2 are in the SubL2VPN#1 that this VPN#A comprises together; So, PE1 with this ARP request message as the Ethernet message to its encapsulated tags, and send it to the PE2 that links to each other with CE2 shown in Figure 3; And after PE2 ejects label, this ARP request message is forwarded to CE2 for direct two layers.
After above-mentioned CE2 receives above-mentioned ARP request message, generate corresponding arp response message and send it to PE2; PE2 then is sent to PE1 according to the purpose MAC of this arp response message after with its encapsulated tags, and PE1 is sent to CE1 with this arp response message after label is ejected.
Since then, CE1 and CE2 know side mac address mutually, thereby can directly carry out data forwarding.Communication process between the above-mentioned ce1 and ce2, similar with common MPLS L2VPN.
2), suppose that CE1 will carry out three layers of IP communication with CE3 shown in Figure 3, because CE1 disposes the IP address that does not belong to the same network segment with CE3, and CE1 finds that its route to the CE3 network segment learns from PE1, thus CE1 will to send a target MAC (Media Access Control) address be that PE1, purpose IP address are that the message of CE3 is to PE1; After PE1 receives this message, determine that according to its private network access interface that receives this message this message belongs to VPN#A, and judge that this message target MAC (Media Access Control) address is its virtual MAC address; So, PE1 searches selected 1 VPN route of VPN route table of the affiliated MPLS SubL3VPN#1 of this message, and this message encapsulation respective labels made it to become the PE3 that sends it to above-mentioned selected VPN route appointment behind the MPLS message, and PE3 links to each other with CE3 as shown in Figure 3.
Above-mentioned PE3 receives above-mentioned MPLS message, label is ejected the back send it to CE3 according to label (perhaps by searching VPN route table on it).
Since then, CE1 has just finished to the one-way communication of CE3.And if CE3 wants loopback information to give CE1, it is similar that its handling process is caught up with the communication process of stating from CE1 to CE3, so do not repeat them here.
3), suppose that CE1 will carry out three layers of IP communication with CE4 shown in Figure 3, it is same because CE1 disposes the IP address that does not belong to the same network segment with CE4, and CE1 finds that its route to the CE4 network segment learns from PE 1, thus CE1 will to send a target MAC (Media Access Control) address be that PE1, purpose IP address are that the message of CE4 is to PE1; After PE1 receives this message, determine that according to its private network access interface that receives this message this message belongs to VPN#A, and judge that this message target MAC (Media Access Control) address is its virtual MAC address; So PE1 searches selected 1 VPN route of VPN route table of the described MPLS SubL3VPN#1 of this message, and this message encapsulation respective labels made it to become the PE3 that sends it to above-mentioned selected VPN route appointment behind the MPLS message.
Above-mentioned PE3 receives above-mentioned MPLS message, label is ejected the back find that this message purpose IP address is the main frame route of learning from PE4 shown in Figure 3, and PE4 and PE3 is in the MPLS SubL2VPN#2 that VPN#A comprises together; So PE3 will carry out two layers of forwarding to this message, after this message encapsulated tags again made it to become the MPLS message once more, send it to PE4; And PE ejects label after receiving this MPLS message, and sends it to CE4 according to this message target MAC (Media Access Control) address.
Since then, finish the one-way communication of CE1 to CE4.And, those skilled in the art should learn by learning the aforementioned explanation literal of handling about equal-cost route, realize the one-way communication of CE1 to CE4, except that VPN route via above-mentioned " CE1-->PE1-->PE3-->PE4-->CE4 ", also can be via the VPN route of another " CE1-->PE1-->PE2-->PE4-->CE4 ", these both equal-cost routes each other; And can handle the equal-cost route that arrives same purpose IP address owing to the invention provides MPLS mixed type VPN, therefore when PE1 finds that in repeating process there is VPN route of equal value in its transmission message purpose IP address, to determine a VPN route of equal value according to routing algorithm of equal value on it (select or select at random) according to priority, message is sent to after the message encapsulated tags one of opposite equip. of equal-cost route, carries out quadratic search by this opposite equip. and determine real recipient.
In addition, the present invention also provides a kind of backbone network edge apparatus, when it is used for networking the invention described above mixed virtual private network system based on multiprotocol label switching is provided, easily realizes because of design complexities is low.
As shown in Figure 7, this backbone network edge apparatus includes private network access interface (110) and public network access interface (120), also includes the mixed virtual private network unit (200) that is used to handle described mixed virtual private network data based on multiprotocol label switching.
Wherein said public network access interface (120) has enabled the multiprotocol label switching function.Simultaneously, at least 1 described private network access interface (110) enables 1 two straton virtual private networks and 1 three straton virtual private networks simultaneously, and the private network access interface that enables described three straton virtual private networks disposes IP address and/or virtual MAC address.And, for the private network access interface that enables with 1 described two straton virtual private networks, if wherein there is the private network access interface that also enables described three straton virtual private networks simultaneously, then these IP addresses that also enable the private network access interface of described three straton virtual private networks simultaneously all are disposed in the same network segment.
In addition, described mixed virtual private network unit (200) further comprises judge module (210), virtual private network in second layer network unit (220) and three layer virtual private network unit (230).Because the corresponding the invention described above in a described mixed virtual private network unit (200) provides the mixed virtual private network system based on multiprotocol label switching, therefore a mixed virtual private network unit (200) includes configuration separate n virtual private network in second layer network unit (220) and m three layer virtual private network unit (230), wherein n and m are and are not less than 0 integer, and n and m are not 0 simultaneously.And general backbone network edge apparatus all includes the private network access interface (110) that is no less than 2, so this backbone network edge apparatus may be configured networking in k above-mentioned mixed virtual private network system based on multiprotocol label switching; Like this, this backbone network edge apparatus correspondingly has k mixed virtual private network unit (200) as shown in Figure 7, and wherein k is the integer more than or equal to 1.
For backbone network edge apparatus shown in Figure 7, correspondingly, the present invention also provides a kind of collocation method of backbone network edge apparatus, and Fig. 8 shows the concrete operations flow process of the collocation method of this backbone network edge apparatus.
As shown in Figure 8, this method mainly includes the following step:
Step 1 is created mixed virtual private network unit (among Fig. 7 200) in backbone network edge apparatus shown in Figure 7;
Step 2 disposes the public network access interface (among Fig. 7 120) of this backbone network edge apparatus, makes this public network access interface (among Fig. 7 120) enable the multiprotocol label switching function;
Step 3, the fictitious plan private network that disposes at least 1 private network access interface (among Fig. 7 110) of this backbone network edge apparatus enables situation, make this private network access interface (among Fig. 7 110) enable 1 two straton virtual private networks and 1 three straton virtual private networks that described mixed virtual private network unit covers simultaneously, perhaps only enabled in described two straton virtual private networks and the described three straton virtual private networks any one.
Wherein, enable the situation difference according to the actual required fictitious plan private network of described private network access interface (among Fig. 7 110), described step 3 may be specially respectively again step 31 or step 32 and or step 33, introduce it below one by one in detail:
When the actual required fictitious plan private network situation that enables of this private network access interface (among Fig. 7 110) only is 1 described two straton virtual private networks, then carry out step 31 shown in Figure 8, by configuration order this private network access interface (among Fig. 7 110) is tied to this two stratons virtual private networks, makes this private network access interface (among Fig. 7 110) enable this two stratons virtual private networks.
When the actual required fictitious plan private network situation that enables of this private network access interface (among Fig. 7 110) only is 1 described three straton virtual private networks, then at first carry out step 32-1 shown in Figure 8, this private network access interface (among Fig. 7 110) is tied to this three stratons virtual private networks by configuration order; And then carry out step 32-2 shown in Figure 8, and be this private network access interface (among Fig. 7 110) configuration of IP address and/or virtual MAC address, make this private network access interface (among Fig. 7 110) enable this two stratons virtual private networks; And the described step 32 of the common formation of described step 32-1 and step 32-2.
When the actual required fictitious plan private network situation that enables of this private network access interface (among Fig. 7 110) is the described two straton virtual private networks of 1 described three straton virtual private networks and 1 simultaneously, then at first carry out step 33-1 shown in Figure 8, this private network access interface (among Fig. 7 110) is tied to this three stratons virtual private networks and this two stratons virtual private networks respectively by configuration order; And then carry out step 33-2 shown in Figure 8, determine other private network access interfaces in this two stratons virtual private networks (among Fig. 7 110) network segment of living in; Carry out step 33-3 shown in Figure 8 at last, for this private network access interface (among Fig. 7 110) configuration is in the IP address and/or the virtual MAC address of this network segment, make this private network access interface (among Fig. 7 110) enable this two stratons virtual private networks and three straton virtual private networks simultaneously; And the described step 33 of the common formation of described step 33-1, step 33-2 and step 33-3.
The collocation method of using backbone network edge apparatus shown in Figure 8 carries out corresponding configuration to backbone network edge apparatus shown in Figure 7, make networking when the mixed virtual private network system based on multiprotocol label switching provided by the present invention, this backbone network edge apparatus can be handled simultaneously based on the virtual private network in second layer network of multiprotocol label switching and the message data of three layer virtual private network.The concrete message processing procedure of sketching backbone network edge apparatus shown in Figure 7 is as follows:
Described mixed virtual private network unit (200) receives behind the message of described private network access interface (110) input, wherein judge module (210) judges whether the target MAC (Media Access Control) address of this message is the virtual MAC address of this private network access interface (110), be that the three layer virtual private network unit (220) of then transferring to the three straton virtual private networks correspondences that this private network access interface (110) enables carries out transmitting based on the three layer virtual private network message of multiprotocol label switching, otherwise the virtual private network in second layer network unit (230) of transferring to the two straton virtual private networks correspondences that this private network access interface (110) enables carry out transmitting based on the virtual private network in second layer network message of multiprotocol label switching; Simultaneously, preferably, if do not dispose the virtual MAC address on this private network access interface (110), the virtual private network in second layer network unit (220) of then transferring to the two straton virtual private networks correspondences that this private network access interface (110) enables carries out transmitting based on the virtual private network in second layer network message of multiprotocol label switching.
Described mixed virtual private network unit (200) receives behind the message of described public network access interface (120) input, wherein the label that carries according to this message of judge module (210) is determined two layers/three straton virtual private networks under this message, transfers to the described two layer/three layer virtual private network unit (220/230) corresponding with this two layers/three straton virtual private networks and carries out transmitting based on the two layers/three layer virtual private network message of multiprotocol label switching.
Wherein, described three layer virtual private network unit remains with the K bar route table items that arrives same IP network section, and wherein K is the integer more than or equal to 1; After its destination address that sends message is determined in described three layer virtual private network unit, with this destination address in the most described K bar route table items of long coupling, select the highest VPN route of priority to carry out message and transmit from it.If there is equal-cost route in the highest VPN route of described priority, then selects one of described equal-cost route to carry out message and transmit according to the equal-cost route algorithm; In addition, if the VPN route that is using is cancelled,, and reselect VPN route and carry out the message forwarding then with this VPN route deletion.
What need statement is that foregoing invention content and embodiment are intended to prove the practical application of technical scheme provided by the present invention, should not be construed as the qualification to protection range of the present invention.Those skilled in the art are in spirit of the present invention and principle, when doing various modifications, being equal to and replacing or improve.Protection scope of the present invention is as the criterion with appended claims.

Claims (13)

1. mixed virtual private network system based on multiprotocol label switching is characterized in that: this network system includes the separate n of configuration three a straton virtual private networks and m two straton virtual private networks; Wherein n and m are and are not less than 0 integer, and n and m are not zero simultaneously;
The public network access interface of backbone network edge apparatus has enabled the multiprotocol label switching function in this network system, and each described three layers/two straton virtual private networks disposes at least 1 unique label corresponding with it respectively;
At least 1 private network access interface of described backbone network edge apparatus has enabled 1 described three straton virtual private networks and 1 described two straton virtual private networks simultaneously; Wherein
The private network access interface that enables described three straton virtual private networks disposes IP address and/or virtual MAC address, and enable IP address configuration with three straton virtual networks of the corresponding private network access interface of 1 described two straton virtual private networks in the same network segment, and 1 based on 2 described private network access interfaces in the mixed virtual private network system of multiprotocol label switching, can not both belong to 1 two straton virtual private networks, belong to again with 1 three straton virtual private networks based on multiprotocol label switching based on multiprotocol label switching.
2. according to claim 1 based on the mixed virtual private network system of multiprotocol label switching, it is characterized in that:
Described backbone network edge apparatus according to the situation that enables of described two layers/three straton virtual private networks of this private network access interface, is determined two layers/three straton virtual private networks under this message after private network access interface is received message on it;
If do not dispose the virtual MAC address on the described private network access interface of receiving message, then carry out transmitting based on the virtual private network in second layer network message of multiprotocol label switching; Perhaps
If dispose the virtual MAC address on the described private network access interface of receiving message, whether the target MAC (Media Access Control) address of then judging this message is the virtual MAC address of this private network access interface, be then to search VPN route table on it to carry out transmitting, carry out virtual private network in second layer network message forwarding based on multiprotocol label switching otherwise search mac address table it on based on the three layer virtual private network message of multiprotocol label switching.
3. according to claim 1 based on the mixed virtual private network system of multiprotocol label switching, it is characterized in that:
Described backbone network edge apparatus according to the label that this message carries, is determined two layers/three straton virtual private networks that this message is affiliated after its public network access interface is received message;
If this message belongs to three straton virtual private networks, then carry out transmitting based on the three layer virtual private network message of multiprotocol label switching; If this message belongs to two straton virtual private networks, then carry out transmitting based on the virtual private network in second layer network message of multiprotocol label switching.
As described in claim 1 or 2 or 3 based on the mixed virtual private network system of multiprotocol label switching, it is characterized in that: remain with the K bar route table items that arrives same IP network section on the described backbone network edge apparatus, wherein K is the integer more than or equal to 1;
After described backbone network edge apparatus is determined its destination address that sends message, with this destination address in the most described K bar route table items of long coupling, select the highest VPN route of priority to carry out message and transmit from it.
As described in the claim 4 based on the mixed virtual private network system of multiprotocol label switching, it is characterized in that:, then select one of described equal-cost route to carry out message and transmit according to the equal-cost route algorithm if there is equal-cost route in the highest VPN route of described priority.
As described in the claim 4 based on the mixed virtual private network system of multiprotocol label switching, it is characterized in that:,, and reselect VPN route and carry out message and transmit then with this VPN route deletion if the VPN route that is using is cancelled.
7. a backbone network edge apparatus includes private network access interface and public network access interface; It is characterized in that: described public network access interface has enabled the multiprotocol label switching function; At least 1 described private network access interface has enabled 1 two straton virtual private networks and 1 three straton virtual private networks simultaneously; The private network access interface that wherein enables described three straton virtual private networks disposes IP address and/or virtual MAC address, and enable IP address configuration with three straton virtual networks of the corresponding private network access interface of 1 described two straton virtual private networks in the same network segment, and 1 based on 2 described private network access interfaces in the mixed virtual private network system of multiprotocol label switching, can not both belong to 1 two straton virtual private networks, belong to again with 1 three straton virtual private networks based on multiprotocol label switching based on multiprotocol label switching.
8. backbone network edge apparatus as claimed in claim 7 is characterized in that this backbone network edge apparatus also includes the mixed virtual private network unit, is used to handle the mixed virtual private network data based on multiprotocol label switching;
Described mixed virtual private network unit links to each other with described public network access interface with described private network access interface, includes judge module, virtual private network in second layer network unit and three layer virtual private network unit; Described mixed virtual private network unit receives behind the message of described private network access interface input, if do not dispose the virtual MAC address on the private network access interface of described incoming message, the virtual private network in second layer network unit of then this message being transferred to the two straton virtual private networks correspondences that this private network access interface enables carries out transmitting based on the virtual private network in second layer network message of multiprotocol label switching; If perhaps dispose the virtual MAC address on the private network access interface of described incoming message, then at first judge by described judge module whether the target MAC (Media Access Control) address of this message is the virtual MAC address of this private network access interface, be that the three layer virtual private network unit of then this message being transferred to the three straton virtual private networks correspondences that this private network access interface enables carries out transmitting based on the three layer virtual private network message of multiprotocol label switching, otherwise the virtual private network in second layer network unit that this message is transferred to the two straton virtual private networks correspondences that this private network access interface enables is carried out transmitting based on the virtual private network in second layer network message of multiprotocol label switching; And
Described mixed virtual private network unit receives behind the message of described public network access interface input, at first the label that is carried according to this message by described judge module is determined two layers/three straton virtual private networks under this message, this message is transferred to the described two layer/three layer virtual private network unit corresponding with this two layers/three straton virtual private networks again and is carried out transmitting based on the two layers/three layer virtual private network message of multiprotocol label switching.
9. as backbone network edge apparatus as described in the claim 8, it is characterized in that: described three layer virtual private network unit remains with the K bar route table items that arrives same IP network section, and wherein K is the integer more than or equal to 1;
After its destination address that sends message is determined in described three layer virtual private network unit, with this destination address in the most described K bar route table items of long coupling, select the highest VPN route of priority to carry out message and transmit from it.
10. as backbone network edge apparatus as described in the claim 9, it is characterized in that:, then select one of described equal-cost route to carry out message and transmit according to the equal-cost route algorithm if there is equal-cost route in the highest VPN route of described priority.
11., it is characterized in that:,, and reselect VPN route and carry out message and transmit then with this VPN route deletion if the VPN route that is using is cancelled as backbone network edge apparatus as described in the claim 9.
12. the collocation method of a backbone network edge apparatus is applied to backbone network edge apparatus as claimed in claim 9, it is characterized in that, this method includes the following step:
Step 1 is created the mixed virtual private network unit in described backbone network edge apparatus;
Step 2 disposes the public network access interface of described backbone network edge apparatus, makes this public network access interface enable the multiprotocol label switching function;
Step 3, the virtual private networks that disposes at least 1 private network access interface of described backbone network edge apparatus enables situation, make this private network access interface enable 1 two straton virtual private networks and 1 three straton virtual private networks that described mixed virtual private network unit covers simultaneously, perhaps only enabled in described two straton virtual private networks and the described three straton virtual private networks any one; The private network access interface that wherein enables described three straton virtual private networks disposes IP address and/or virtual MAC address, and enable IP address configuration with three straton virtual networks of the corresponding private network access interface of 1 described two straton virtual private networks in the same network segment, and 1 based on 2 described private network access interfaces in the mixed virtual private network system of multiprotocol label switching, can not both belong to 1 two straton virtual private networks, belong to again with 1 three straton virtual private networks based on multiprotocol label switching based on multiprotocol label switching.
13. the collocation method as backbone network edge apparatus as described in the claim 12 is characterized in that:
Described step 3 is specially step 31, by configuration order described private network access interface is tied to 1 described two straton virtual private networks;
Perhaps described step 3 is specially step 32, by configuration order described private network access interface is tied to 1 described three straton virtual private networks, and is this private network access interface configuration of IP address and/or virtual MAC address;
Perhaps described step 3 is specially step 33, by configuration order described private network access interface is tied to 1 described three straton virtual private networks and 1 described two straton virtual private networks simultaneously, and in determining described two straton virtual private networks, behind other private network access interfaces network segment of living in, be in the IP address and/or the virtual MAC address of this network segment for this private network access interface configuration.
CNB2006101603533A 2006-11-15 2006-11-15 Mixed virtual private network system and backbone network edge apparatus and collocation method thereof Active CN100559772C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB2006101603533A CN100559772C (en) 2006-11-15 2006-11-15 Mixed virtual private network system and backbone network edge apparatus and collocation method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB2006101603533A CN100559772C (en) 2006-11-15 2006-11-15 Mixed virtual private network system and backbone network edge apparatus and collocation method thereof

Publications (2)

Publication Number Publication Date
CN1980176A CN1980176A (en) 2007-06-13
CN100559772C true CN100559772C (en) 2009-11-11

Family

ID=38131189

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2006101603533A Active CN100559772C (en) 2006-11-15 2006-11-15 Mixed virtual private network system and backbone network edge apparatus and collocation method thereof

Country Status (1)

Country Link
CN (1) CN100559772C (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102195933B (en) * 2010-03-05 2013-11-06 杭州华三通信技术有限公司 Method for realizing call between isolated Internet protocol (IP) sub-networks and communication unit
CN101848161A (en) * 2010-05-31 2010-09-29 杭州华三通信技术有限公司 Communication method and equipment of MPLS L2VPN (Multiple protocol Label Switching Layer 2 Virtual Private Network) and MPLS L3VPN (Multiple protocol Label Switching Layer 3 Virtual Private Network)
CN101902397B (en) * 2010-06-23 2015-06-10 中兴通讯股份有限公司 Message forwarding method and switching chip
CN102739501B (en) * 2011-04-01 2017-12-12 中兴通讯股份有限公司 Message forwarding method and system in two three layer virtual private networks
CN105323750A (en) * 2014-07-02 2016-02-10 上海新联纬讯科技发展有限公司 Wireless router access point service isolation configuration method
CN109743370B (en) * 2018-12-24 2021-06-04 上海游驰网络技术有限公司 SD-WAN-based hybrid cloud connection method and system
CN111131541B (en) * 2019-12-25 2023-02-03 深圳市共进电子股份有限公司 Network communication method, device, electronic equipment and storage medium
CN111541610A (en) * 2020-04-21 2020-08-14 北京天融信网络安全技术有限公司 Communication method, communication device, network equipment and computer readable storage medium

Also Published As

Publication number Publication date
CN1980176A (en) 2007-06-13

Similar Documents

Publication Publication Date Title
CN100559772C (en) Mixed virtual private network system and backbone network edge apparatus and collocation method thereof
JP3868815B2 (en) Communications system
US8867555B2 (en) Method and system for transparent LAN services in a packet network
CN1866919B (en) Service switching method based on VLAN stack
CN100442772C (en) Bridge-connection transmitting method
CN101808042B (en) Access method and device of multiprotocol label switching double-layer virtual private network
CN102413060B (en) User private line communication method and equipment used in VPLS (Virtual Private LAN (Local Area Network) Service) network
CN100442770C (en) Method for realizing muti-casting in BGP/MPLS VPN
CN101442467B (en) Method for providing multipoint to multipoint connection in network based on operator backbone network transmission
CN101052022B (en) System and method for virtual special net user to access public net
CN102739501B (en) Message forwarding method and system in two three layer virtual private networks
CN107135133A (en) Horizontal segmentation packet forwarding in many family PBB EVPN networks
CN101110745A (en) Method, device and system for engaging second layer network and third layer network
WO2009033428A1 (en) Method, system and device for removing media access control address
CN102347889B (en) Message forwarding method, system and device in H-VPLS (Hierarchical Virtual Private local area network service)
CN102801625A (en) Method and device for double layered mutual communication in heterogeneous network
CN101345715A (en) MAC address learning method and system based on VPLS dual-homing network
CN101778035B (en) Virtual private LAN service communication method and device
CN103326940A (en) Method for forwarding message in network and edge device of operator
CN100450065C (en) Method for providing communication between virtual special network stations
CN101299723B (en) Method and apparatus for managing label switching route tunnel information
CN100518128C (en) Multi-point to multi-point VPN interconnecting method, system and device in PBT network
WO2005125103A1 (en) A virtual private network system of hybrid site and hybrid backbone network and its realizing method
CN112822097A (en) Message forwarding method, first network device and first device group
CN102724126A (en) Method, device and equipment for forwarding Ethernet tree (E-tree) service message

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CP03 Change of name, title or address

Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No.

Patentee after: Xinhua three Technology Co., Ltd.

Address before: 310053 Hangzhou hi tech Industrial Development Zone, Zhejiang province science and Technology Industrial Park, No. 310 and No. six road, HUAWEI, Hangzhou production base

Patentee before: Huasan Communication Technology Co., Ltd.

CP03 Change of name, title or address