CN101005439B - Mutual access system and its method between VPN in VPLS network - Google Patents
Mutual access system and its method between VPN in VPLS network Download PDFInfo
- Publication number
- CN101005439B CN101005439B CN2006100112093A CN200610011209A CN101005439B CN 101005439 B CN101005439 B CN 101005439B CN 2006100112093 A CN2006100112093 A CN 2006100112093A CN 200610011209 A CN200610011209 A CN 200610011209A CN 101005439 B CN101005439 B CN 101005439B
- Authority
- CN
- China
- Prior art keywords
- vpn
- mac
- equipment
- vpn1
- vpn3
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention is for use in VPLS network system comprising a first PE device and a second PE device, both are respectively connected to the VPN1, VPN2 and VPN3. The system thereof comprises: a command configuring module used for making command configuration for the visits between VPNs; a MAC learning module used in learning strategy for modifying MAC address according to said command in order to implement mutual visit between VPNs; and a relay module used for relaying message according to the MAC address obtained from MAC learning module.
Description
Technical field
The present invention relates in the VPLS network between VPN visit field mutually, particularly relate to a kind of in the VPLS network environment, under the situation that does not increase any two layers or three-layer equipment and under the prerequisite of administrator configurations mandate, realize between a plurality of VPN a kind of System and method for of visit mutually.
Background technology
At present, along with the large scale deployment of MPLS (Multi-Protocol Label Switching, multiprotocol label switching), MPLS VPN (Virtual Private Network, Virtual Private Network) technology just is widely used.Particularly MPLS L2 (Layer 2, and is two-layer) VPN (VPLS) are because it is disposed conveniently, and management is simple, the routing iinformation of well having isolated public network and private network, reduce the influence of user network to carrier network, thus more and more be subjected to the welcome of operator, and disposed, use by large-scale.But, because VPLS (Virtual Private LAN Service, VPLS) deployment time is shorter, corresponding standard is also not definite fully, some common application are not defined yet, and when this just causes the actual networking of VPLS, may not satisfy some networking demands, maybe need network organization is done too much restriction, brought certain obstacle for the large scale deployment of VPLS technology and extensive utilization.
Summary of the invention
Technical problem to be solved by this invention is to provide the system and the method thereof of visiting mutually between VPN in a kind of VPLS network, is used to improve the ability that each VPN can't visit mutually.
To achieve these goals, the invention provides the system that visits mutually between VPN in a kind of VPLS network, be applied to comprise the VPLS network system of a PE equipment, the 2nd PE equipment, a described PE equipment, the 2nd PE equipment connect VPN1, VPN2 and VPN3 respectively, it is characterized in that, comprising:
One command configuration module is used for carrying out command configuration to exchanging visits between the described VPN;
One mac learning module is used for revising according to described command configuration the learning strategy of MAC Address, exchanges visits between the described VPN realizing; And
One forwarding module is used for E-Packeting according to the mac address table that described mac learning module obtains.
The system that visits mutually between VPN in the described VPLS network, wherein, described forwarding module adds tag processes by searching described mac address table to message, and by the label exchange of outer layer label data flow is mail to purpose PE, mails to purpose VPN by vpn label again.
To achieve these goals, the present invention also provides a kind of method of utilizing described system to realize and visiting mutually between VPN in the VPLS network, it is characterized in that, comprising:
Step 31, described command configuration module is carried out command configuration to exchanging visits between the described VPN;
Step 32, described mac learning module is revised the learning strategy of MAC Address according to described command configuration, exchanges visits between the described VPN realizing; And
Step 33, described forwarding module E-Packets according to the mac address table that described mac learning module obtains.
The method of visiting mutually between VPN in the described VPLS network wherein, before the described step 31, also comprises between a described PE equipment, the 2nd PE equipment and sets up the virtual circuit step of connecting.
The method of visiting mutually between VPN in the described VPLS network wherein, in the described step 31, comprises that also described command configuration module is respectively in the step of exchanging visits between configuration described VPN1, the VPN3 on a described PE equipment, the 2nd PE equipment.
The method of visiting mutually between VPN in the described VPLS network, wherein, in the described step 32, also be included in when not having MAC Address on the described PE equipment, a described PE learning equipment source MAC is to the step of the local mac table of the local mac table of described VPN1 and described VPN3.
The mutual method of visit between VPN in the described VPLS network wherein, in the described step 32, comprises that also a described PE equipment carries out the step that message broadcasting is handled in described VPN1, in the described VPN3.
The method of mutual visit between VPN in the described VPLS network wherein, in the described step 32, comprises that also the interior message of broadcasting of described VPN1 of described the 2nd PE equipment interconnection receipts and the message of the interior broadcasting of described VPN3 carry out the step that source MAC is learnt respectively.
The mutual method of visit between VPN in the described VPLS network wherein, in the described step 32, comprises that also described the 2nd PE equipment carries out the step that the message spot broadcasting is handled in described VPN1, in the described VPN3.
The method of visiting mutually between VPN in the described VPLS network wherein, in the described step 32, also comprises the step that described the 2nd PE equipment is received the message that contains source MAC, target MAC (Media Access Control) address and carried out source MAC study.
The method of visiting mutually between VPN in the described VPLS network wherein, in the described step 32, also comprises the step that a described PE equipment is received the message that contains source MAC, target MAC (Media Access Control) address and carried out source MAC study.
The method of visiting mutually between VPN in the described VPLS network, wherein, in the described step 32, if have identical MAC Address among described VPN1, the described VPN3, then the priority of MAC Address among the described VPN1 or the MAC Address among the described VPN3 is set to height on a described PE equipment/the 2nd PE equipment.
Technique effect of the present invention is:
With existing VPLS technology contrast, the overlapping method of VPN of in the VPLS network, supporting provided by the invention, solve the defective that each VPN can't visit mutually in the existing VPLS network, realize the mutual visit between each VPN in the VPLS network, thereby realize the topology utilization of central server formula flexibly; Function gap between L2 (Layer 2, and is two-layer) MPLS VPN and L3 (3, three layers of Layer) the MPLS VPN is further dwindled, improved the networking capability of VPLS in practice; Bring business model more flexibly to the user; Widened the utilization scope of VPLS.
Describe the present invention below in conjunction with the drawings and specific embodiments, but not as a limitation of the invention.
Description of drawings
Fig. 1 is a system construction drawing of the present invention;
Fig. 2 is the network topology schematic diagram;
Fig. 3 is the exchanging visit graph of a relation between the VPN of the present invention;
Fig. 4 is the flow chart of visiting mutually between VPN in the VPLS network of the present invention.
Embodiment
In a kind of VPLS network that the present invention is proposed below in conjunction with accompanying drawing between VPN mutually the enforcement of the system and method for visit be described in further detail.
See also shown in Figure 1ly, be system construction drawing of the present invention.This system configuration is the system configuration of visiting mutually between VPN in the VPLS network of the present invention, mainly form: command configuration module 110, MAC (Media Access Control, medium access control) study module 120 and forwarding module 130 by following several modules.Wherein
Mac learning module 120 is to realize between the VPN key modules of visit mutually, and the present invention need revise the strategy of mac learning, reaching the purpose of sharing MAC between VPN, thereby realizes the exchanging visit between the VPN.
The present invention just can finish the exchanging visit of main frame through the acting in conjunction of command configuration module 110, mac learning module 120 and 130 3 modules of forwarding module between the VPN of configuration.
See also shown in Figure 2ly, be the network topology schematic diagram, Fig. 3 is the exchanging visit graph of a relation between the VPN of the present invention.In the VPLS network in Fig. 2, indicate two PE equipment of PE1201, PE2202, connected 3 VPN respectively; Be connected VPN1, VPN2 and VPN3 respectively under PE1201 and the PE2202.Now, under current network environment, need finish following business model: if, in VPN3 one group of VoIP (Voice over Internet Protocol, internet audio protocols) gateway, be used to user among the VPN1 that VoIP is provided service, so, require user among the VPN1 can visit website among the VPN3; But the user among VPN1 and the VPN2 isolates mutually, can not visit mutually, and the visit relation between VPN1, VPN2 and the VPN3 can be referring to shown in Figure 3.
In order to realize the networking requirement under the above-mentioned situation, at first, need on 202 two PE equipment of PE1 201, PE2, carry out necessary configuration, on PE1 201 and PE2 202, the present invention will dispose between VPN1 and the VPN3 and can exchange visits, and all can not exchange visits between VPN2 and VPN3, the VPN1.Like this, PE1 201 and PE2 202 just can correctly learn and message is correctly transmitted MAC according to configuration.
Shown in Fig. 2,3, further describe the message forwarding flow process of VPN1 below to VPN3:
At first, in the incipient stage, set up VC (VirtualCircuit, virtual circuit) between PE1201 and the PE2202 and connected.Suppose at this moment, between each VPN also without any communication, so, also do not learn any MAC Address on PE1201 and the PE2202.At this moment, a main frame on the VPN1 (supposing that its MAC Address is MAC1) will conduct interviews to a main frame among the VPN3 (supposing that its MAC Address is MAC2).So, with MAC2 is purpose MAC, MAC1 is that the data message of source MAC at first can be sent on the PE1 201, because this moment, on the PE1 201 also without any MAC Address, so, PE1 201 will carry out address learning earlier, needs to exchange visits because disposed between VPN1 and the VPN3, so, MAC Address not only needs to learn in the local mac table of VPN1, also will learn in the local mac table of VPN3, certainly, the interface of learning the MAC Address among the VPN3 still is the interface of VPN1, through mac learning, the mac address table among the PE1 201 is shown in following table 1-1:
Table 1-1
| PE1 | VPN1 | VPN3 |
| Local | MAC1 | MAC1 |
| Far-end | Do not have | Do not have |
Owing to just learn a MAC1 on the PE1 201, the clauses and subclauses that do not have destination address MAC2, so, need broadcast processing to this message, still, it should be noted, can visit mutually because disposed VPN1 and VPN3, and PE1 201 and do not know MAC2 on earth in which VPN, so, message not only need be broadcasted in VPN1, also need broadcast in VPN3.So, on PE2 202, receive two messages, the label difference of these two messages is (when when PE2 goes up, only remaining one deck label, outer layer label PHP has ejected), but message content but is identical, then, PE2 202 carries out the source mac learning to these two messages respectively, and MAC1 is learnt among VPN1 and the VPN3 (certain respectively, when VPN1 and VPN3 learn MAC, because disposed the mutual visit between VPN, thus also need to duplicate mutually, but the result who duplicates does not influence the result of MAC table).Like this, through source address study, the MAC table among the PE2 is table 1-2:
Table 1-2
| PE2 | VPN1 | VPN3 |
| Local | Do not have | Do not have |
| Far-end | MAC1 | MAC1 |
Because on the PE2 202, do not have the clauses and subclauses of MAC2 in the MAC table, at this moment so message carries out spot broadcasting respectively at two VPN yet.
Certainly, have only the main frame among the VPN3 can respond this message, it is MAC1 that main frame sends a destination address, and source address is the message of MAC2.PE2 202 will at first receive this message, because there are not the clauses and subclauses of MAC2 among the MAC of PE2 202, so, need carry out source study, can exchange visits because disposed VPN1 and VPN3, so when PE2 carries out mac learning, need copy to this MAC Address among the VPN1, then this moment, the mac address table of PE2 202 is table 1-3:
Table 1-3
| PE2 | VPN1 | VPN3 |
| Local | MAC2 | MAC2 |
| Far-end | MAC1 | MAC1 |
Because in the MAC of the VPN3 table, the clauses and subclauses that MAC1 has been arranged, message is sent to PE1 201, on PE1 201, at first carry out source study, MAC2 can be learnt, because disposed the intercommunication between VPN1 and the VPN3, so the MAC2 that learns among the VPN3 also will copy among the VPN1, so the MAC table of PE1 201 is shown in following table 1-4:
Table 1-4
| PE1 | VPN1 | VPN3 |
| Local | MAC1 | MAC1 |
| Far-end | MAC2 | MAC2 |
Because the clauses and subclauses of MAC1 are arranged among the VPN3, and its port is the port that points to main frame among the VPN1, so though the message inquiry be the MAC table of VPN3,, in fact mail to the port of VPN1, thereby correctly accepted by the main frame among the VPN1.
Thereafter message is because two VPN that can exchange visits on PE1 201 and the PE2 202 have learnt the MAC Address of two main frames, and later message is directly transmitted by the MAC table and got final product.
And aging for MAC Address, no matter the MAC address aging among which VPN all will be notified among the VPN that can exchange visits, to reach on a PE, the MAC Address among the VPN that can exchange visits is synchronous.
Shown in Fig. 2,3, further describe overlapping about MAC Address below:
Because MAC Address is the notion of a part, only need be unique in a local area network (LAN), so, in VPN1 and VPN3, may have identical MAC Address.In this case, many communications may cause unpredictable influence.In order to reduce this influence and to make the influence precognition, under situations about importing more, the present invention can be configured on PE1 201, PE2 202, with the strategy of determining that MAC Address imports, such as, on PE1 201, be provided with the MAC Address priority height among the VPN1, if then run into VPN1 and the identical situation of MAC Address among the VPN3, then be as the criterion with the MAC Address among the VPN1, MAC Address identical among the VPN3 then can not be carried out communication.
Control for complicated mac learning strategy:
Because all forwarding of data in the VPLS network all depend on the study of MAC Address.So, if desired some forwardings are compared accurate control, just need be, import the control that carry out on some strategies to the study of MAC Address, and these controls generally can only depend on to be configured on PE and finish.And do not have ready-made signaling protocol at present and transmit these control informations, so, need on all relevant PE, carry out the policy-related (noun) configuration.
Configuration about order line:
The purpose of configuration of order is the strategy of the study MAC of annunciator, and as whether importing the MAC Address of other VPN, as the part of patent protection, the designer can not determine the form of order line to its configuration order itself voluntarily.Only provide a kind of possible order line collocation form below:
<config>vfi vpn1
<config-vfi>import-mac vpn3
See also shown in Figure 4ly, be in the VPLS network of the present invention between VPN the flow chart of visit mutually, this flow process mainly comprises the steps:
Step 430 according to the MAC clauses and subclauses of study, is carried out message and is transmitted.
In sum, the system and method for visiting mutually between VPN in the VPLS network that use the present invention proposes, can effectively expand the scope of business of VPLS, eliminate VPLS technology some limitation aspect the networking utilization, make VPLS can adapt to the utilization of diverse network better.
The present invention has overcome the defective that can't visit mutually between each VPN in the original VPLS network, solved in the existing VPLS network defective on the function, can realize the mutual visit between each VPN in the VPLS network by this technology, thereby realize the topology utilization of central server formula flexibly.
Certainly; the present invention also can have other various embodiments; under the situation that does not deviate from spirit of the present invention and essence thereof; those of ordinary skill in the art work as can make various corresponding changes and distortion according to the present invention, but these corresponding changes and distortion all should belong to the protection range of the appended claim of the present invention.
Claims (12)
1. the system of visit mutually between VPN in the VPLS network is applied to comprise the VPLS network system of a PE equipment, the 2nd PE equipment, and a described PE equipment, the 2nd PE equipment connect VPN1, VPN2 and VPN3 respectively, it is characterized in that, comprising:
One command configuration module is used for carrying out command configuration to exchanging visits between the described VPN;
One mac learning module is used for revising the mode of the learning strategy of MAC Address for study and broadcasting according to described command configuration, exchanges visits between the described VPN realizing; And
One forwarding module is used for E-Packeting according to the mac address table that described mac learning module obtains.
2. the system that visits mutually between VPN in the VPLS network according to claim 1, it is characterized in that, described forwarding module adds tag processes by searching described mac address table to message, and the exchange of the label by outer layer label mails to purpose PE to data flow, mails to purpose VPN by vpn label again.
3. one kind is utilized the described system of claim 1 to realize the method for visiting mutually between VPN in the VPLS network, it is characterized in that, comprising:
Step 31, described command configuration module is carried out command configuration to exchanging visits between the described VPN;
Step 32, described mac learning module are revised the mode of the learning strategy of MAC Address for study and broadcasting according to described command configuration, exchange visits between the described VPN realizing; And
Step 33, described forwarding module E-Packets according to the mac address table that described mac learning module obtains.
4. the method for visiting mutually between VPN in the VPLS network according to claim 3 is characterized in that, before the described step 31, also comprises between a described PE equipment, the 2nd PE equipment and sets up the virtual circuit step of connecting.
5. the method for visiting mutually between VPN in the VPLS network according to claim 3, it is characterized in that, in the described step 31, comprise that also described command configuration module is respectively in the step of exchanging visits between configuration described VPN1, the VPN3 on a described PE equipment, the 2nd PE equipment.
6. the method for visiting mutually between VPN in the VPLS network according to claim 5, it is characterized in that, in the described step 32, also be included in when not having MAC Address on the described PE equipment, a described PE learning equipment source MAC is to the step of the local mac table of the local mac table of described VPN1 and described VPN3.
7. the mutual method of visit between VPN is characterized in that in the VPLS network according to claim 6, in the described step 32, comprises that also a described PE equipment carries out the step that message broadcasting is handled in described VPN1, in the described VPN3.
8. the method for visiting mutually between VPN in the VPLS network according to claim 7, it is characterized in that, in the described step 32, also comprise the message of the interior broadcasting of described VPN1 that described the 2nd PE equipment interconnection is received and the step that the interior message of broadcasting of described VPN3 carries out source MAC study respectively.
9. the mutual method of visit between VPN is characterized in that in the VPLS network according to claim 8, in the described step 32, comprises that also described the 2nd PE equipment carries out the step that the message spot broadcasting is handled in described VPN1, in the described VPN3.
10. the method for visiting mutually between VPN in the VPLS network according to claim 9 is characterized in that, in the described step 32, also comprises the step that described the 2nd PE equipment is received the message that contains source MAC, target MAC (Media Access Control) address and carried out source MAC study.
11. the method for visiting mutually between VPN in the VPLS network according to claim 10, it is characterized in that, in the described step 32, also comprise the step that a described PE equipment is received the message that contains source MAC, target MAC (Media Access Control) address and carried out source MAC study.
12. according to the method for visiting mutually between VPN in the arbitrary described VPLS network of claim 3 to 11, it is characterized in that, in the described step 32, if have identical MAC Address among described VPN1, the described VPN3, then the priority of MAC Address among the described VPN1 or the MAC Address among the described VPN3 is set to height on a described PE equipment/the 2nd PE equipment.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2006100112093A CN101005439B (en) | 2006-01-17 | 2006-01-17 | Mutual access system and its method between VPN in VPLS network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2006100112093A CN101005439B (en) | 2006-01-17 | 2006-01-17 | Mutual access system and its method between VPN in VPLS network |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101005439A CN101005439A (en) | 2007-07-25 |
| CN101005439B true CN101005439B (en) | 2010-06-23 |
Family
ID=38704314
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2006100112093A Active CN101005439B (en) | 2006-01-17 | 2006-01-17 | Mutual access system and its method between VPN in VPLS network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101005439B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101304390B (en) * | 2008-07-07 | 2011-04-13 | 杭州华三通信技术有限公司 | Method for distributing MPLS label as well as method and apparatus for mapping VPLS messages |
| CN101801051B (en) * | 2010-03-04 | 2013-03-20 | 杭州华三通信技术有限公司 | Method and equipment for selecting access points (APs) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1538682A (en) * | 2003-04-17 | 2004-10-20 | 刘军民 | Method for establishing virtual circuit |
| CN1551577A (en) * | 2003-04-28 | 2004-12-01 | Ip | Injecting addresses to enable oam functions |
| EP1538786A2 (en) * | 2003-12-02 | 2005-06-08 | Alcatel | Hybrid virtual private LAN extensions |
-
2006
- 2006-01-17 CN CN2006100112093A patent/CN101005439B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1538682A (en) * | 2003-04-17 | 2004-10-20 | 刘军民 | Method for establishing virtual circuit |
| CN1551577A (en) * | 2003-04-28 | 2004-12-01 | Ip | Injecting addresses to enable oam functions |
| EP1538786A2 (en) * | 2003-12-02 | 2005-06-08 | Alcatel | Hybrid virtual private LAN extensions |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101005439A (en) | 2007-07-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102801625B (en) | A kind of method of heterogeneous network double layer intercommunication and equipment | |
| US7787480B1 (en) | Routing frames in a trill network using service VLAN identifiers | |
| CN100563190C (en) | Realize the method and system of hierarchical virtual private switch service | |
| CN100531138C (en) | Operator's boundary notes, virtual special LAN service communication method and system | |
| CN101160850B (en) | Method and device for forwarding packet | |
| CN103944826B (en) | List item polymerization and equipment in SPBM network | |
| CN101616014B (en) | Method for realizing cross-virtual private local area network multicast | |
| CN101166137B (en) | Method for separating different virtual LAN services | |
| WO2009150656A1 (en) | Method and system for transparent lan services in a packet network | |
| CN103259721B (en) | Message forwarding method in SPBM network and device | |
| CN101808042A (en) | Access method and device of multiprotocol label switching double-layer virtual private network | |
| CN102098202B (en) | Virtual private topology control method, device and system | |
| CN103944828A (en) | Method and equipment for transmitting protocol messages | |
| CN100358322C (en) | Method of multilayer VLAN switching | |
| CN102932499A (en) | Method and device for learning media access control (MAC) addresses in virtual private lan service (VPLS) networks | |
| CN101110764A (en) | Method for Ethernet switchboard data frame partitioning virtual local area network and transmitting | |
| CN103326918A (en) | Message forwarding method and message forwarding equipment | |
| CN103227745A (en) | Intercommunication method of shortest path bridging network and Layer 3 virtual private network and common edge equipment | |
| CN102055647A (en) | Three-layer virtual private network (VPN) access method and system | |
| CN100563205C (en) | The implementation method of user-isolated virtual local area network (LAN) and the network equipment of application thereof | |
| CN109639552A (en) | A kind of three-layer forwarding method and device | |
| CN102404179A (en) | Method and device for processing message | |
| CN102064999B (en) | Method and equipment for forwarding multicast message | |
| CN100518128C (en) | Multi-point to multi-point VPN interconnecting method, system and device in PBT network | |
| CN103200107B (en) | Message transmitting method and message transmitting equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |