CN101304337A - Method and apparatus for generating access topology of service VPN - Google Patents
Method and apparatus for generating access topology of service VPN Download PDFInfo
- Publication number
- CN101304337A CN101304337A CNA2008101163918A CN200810116391A CN101304337A CN 101304337 A CN101304337 A CN 101304337A CN A2008101163918 A CNA2008101163918 A CN A2008101163918A CN 200810116391 A CN200810116391 A CN 200810116391A CN 101304337 A CN101304337 A CN 101304337A
- Authority
- CN
- China
- Prior art keywords
- topology
- vpn
- collection
- access link
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention discloses a method for generating business VPN accessing topologies, which includes the following steps: firstly, generating a corresponding SC set for every accessing link in the MPLSL3VPN whole network topology; then, separating the accessing topologies of all the businesses VPN from the whole network topology of the MPLS L3VPN according to the characteristic that a correlation exists between the accessing links which belong to the same business VPN. The invention also discloses a device for generating business VPN accessing topologies. The technical proposal of the method for generating business VPN accessing topologies has the advantages of providing convenience for the management, monitoring and maintenance of the business VPN.
Description
Technical field
The present invention relates to the network management technology field, refer to a kind of method and apparatus that generates the access topology of service VPN especially.
Background technology
Along with all trades and professions improving constantly to the informationization requirement, the pace of construction of diverse networks such as enterprise network, campus network, garden net is also constantly accelerated, therefore how for a large amount of network equipment in the network provides efficiently, network management easily is the problem that network manager is badly in need of consideration.
At present, virtual private networks (VPN, Virtual Private Network) has won the favor of more and more enterprises with its exclusive advantage.VPN is the privately owned dedicated network that utilizes public network to make up.
MPLS L3VPN is based on a kind of virtual private networks of multiprotocol label switching (MPLS, Multi Protocol LabelSwitching) technology and three-layer network agreement.
Fig. 1 is the networking schematic diagram of existing MPLS L3VPN.As shown in Figure 1, MPLS L3VPN network is made up of the MPLS backbone network of operator and each website (Site) of user.So-called VPN is exactly the division to Website Hosting, the corresponding set of being made up of some websites of VPN.For example, in Fig. 1, VPN1 is made up of website 1 and website 4, and VPN2 is made up of website 2, website 3 and website 5.
Referring to Fig. 1, comprise following assembly at MPLS L3VPN network:
PE: Provider Edge (Provider Edge) router is the edge device of service provider MPLS backbone network, is responsible for the access of vpn service;
CE: customer network edge (Customer Edge) equipment is the equipment that has interface directly to link to each other with PE in the service provider network in the user network, and CE can be router or switch, also can be a main frame;
P: service provider (Provider) core router is the non-edge device in the service provider network, is responsible for MPLS and transmits, and does not directly link to each other with CE.
MPLS L3VPN uses Border Gateway Protocol (BGP, Border Gateway Protocol) distributing routing information between pe router, uses the MPLS technology to transmit data between each website of same VPN, thereby is called BGP/MPLS L3VPN again.
Route in MPLS L3VPN network between the different VPN is isolated by VPN instance (VPN-instance) realization.PE sets up for each direct-connected website and safeguards independently VPN instance, and PE goes up and an interface and the VPN instance binding of setting up for this website that website is direct-connected.
The many examples of operation VPN on the CE of local area network (LAN) equipment, can realize a physical router is divided into a plurality of virtual routers, finish the function of a plurality of conventional routers by a router, thereby, the problem that the local area network (LAN) interior business is separated, guaranteed service security solved.The CE equipment that has moved the many examples of VPN is called many examples CE (MCE, Multi-VPN-Instance CE).
Fig. 2 utilizes MCE to realize a professional networking schematic diagram of isolating in the prior art.As shown in Figure 2, disposed VPN instance 1 and VPN instance 2 on the MCE, corresponded respectively to the website 1 of VPN1 and the website 2 of VPN2, and VPN instance 1 and VPN instance 2 are bound interface 1 and the interface 2 of MCE respectively.The message that receives and send from interface 1 is the message that belongs to VPN1, and the message that receives and send from interface 2 is the message that belongs to VPN2.So just, MCE can be considered as is two virtual routers, thereby isolates the business of VPN1 and VPN2.Simultaneously for distinguishing the different VPN message between MCE and the PE, MCE adopts three layers of ethernet sub-interface to solve this problem, promptly on a physical interface, create a plurality of sub-interfaces, each sub-interface and different VPN instance bindings, making only needs a physical link between CE and the PE, just can transmit and distinguish the message of different VPN.Therefore, for each VPN instance on the MCE, two interfaces and its binding are arranged all.
MPLS L3VPN use BGP extended community attribute---VPN destination parameter (VPN Target is also referred to as Route Target) is controlled the issue of VPN routing iinformation.VPN Target has overall uniqueness, and same VPN Target can only be used by a VPN.VPN instance on the PE equipment has two class VPN Target attributes:
Export Target attribute: will be from before VPN-IPv4 route that the own Site that directly links to each other acquires is distributed to other PE, for these routes are provided with Export Target attribute at local PE;
Import Target attribute: PE is when receiving the VPN-IPv4 route of other PE equipment issue, check its Export Target attribute, have only when this attribute and PE go up the Import Target attributes match of VPN instance, just route is joined in the corresponding VPN routing table.
That is to say, VPN Target attribute definition a VPN-IPv4 route can be received by which Site, PE equipment can receive the route which Site sends, thereby forms different VPN, realizes exchanging visit and the isolation of VPN.By the reasonable disposition to Import RT and Export RT, operator can make up the VPN of different topology type.
The value of VPN Target has two kinds of forms at present:
1) numbering of autonomous system (AS): the User Defined numeral, for example, 100:1;
2) IPv4 address: the User Defined numeral, for example, 172.1.1.1:1.
MPLS L3VPN technology has been improved the defective of traditional IP greatly, can provide simultaneously the fail safe the same with the frame relay/atm network to guarantee again, is one of telecommunication service of new generation of tool potentiality.Therefore how managing MPLS L3VPN has effectively proposed new requirement to network manager.
The topology that can generate in the network management side at present all is the full mesh topology of MPLS L3VPN, and promptly the topology of all the different VPN business among the whole M PLS L3VPN all merges.This is unfavorable for different business VPN is managed, monitors and safeguards.
But, in network management system, also do not have a kind of scheme that generates independent topology for different business VPN respectively at present.
Summary of the invention
The invention provides a kind of method that generates business VPN accessing topologies, this method can generate independent access topology respectively for each business VPN among the MPLSL3VPN.
The present invention also provides a kind of device that generates business VPN accessing topologies, and this device can generate independent access topology respectively for each business VPN among the MPLS L3VPN.
For achieving the above object, technical scheme of the present invention specifically is achieved in that
The invention discloses a kind of method that generates business VPN accessing topologies, this method comprises:
Serve the SC of group collection accordingly for generating based on every access link in the three layer virtual private network MPLS L3VPN full mesh topology of multiprotocol label switching; Wherein, described access link comprises: link between service provider edge router PE and the user network boundary device CE and the link between MCE and the CE; It is a SC that each value of VPN destination V parameter PN target all is defined as;
Select an access link, the equipment of this access link together with its two ends is joined in the newly-established business VPN topology;
Afterwards, never select an access link in the access link of selected mistake, the SC collection of each access link in the business VPN topology that SC collection and each of this access link have been set up compares; If the SC collection of the arbitrary access link in the SC collection of this access link and the business VPN topology of having set up has common factor, then the equipment of this access link together with its two ends is joined in this business VPN topology of having set up; Otherwise,, then the equipment of this access link together with its two ends is joined in the another newly-established business VPN topology if the SC collection of all access link in the SC collection of this access link and the business VPN topology that all have been set up does not all have to occur simultaneously; So once, and be added in the corresponding business VPN topology until all selected mistake of each access link;
At last, according to described each business VPN topology of access link and relevant device and the full mesh topology of described MPLS L3VPN of having added, for each business VPN generates its access topology.
The invention also discloses a kind of device that generates business VPN accessing topologies, this device comprises: SC collection generation module, business VPN topology separation module and access topology generation module, wherein,
SC collection generation module is used to every access link in the MPLS L3VPN full mesh topology to generate corresponding SC set, and the result who is generated is sent to business VPN topology separation module; Wherein, described access link comprises: the link between link between PE and the CE and MCE and the CE; It is a SC that each value of VPN destination V parameter PN target all is defined as;
Business VPN topology separation module is used to select an access link, and the equipment of this access link together with its two ends is joined in the newly-established business VPN topology; Afterwards, never select an access link in the access link of selected mistake, the SC collection of each access link in the business VPN topology that SC collection and each of this access link have been set up compares; If the SC collection of the arbitrary access link in the SC collection of this access link and the business VPN topology of having set up has common factor, then the equipment of this access link together with its two ends is joined in this business VPN topology of having set up; Otherwise,, then the equipment of this access link together with its two ends is joined in the another newly-established business VPN topology if the SC collection of all access link in the SC collection of this access link and the business VPN topology that all have been set up does not all have to occur simultaneously; So once, and be added in the corresponding business VPN topology, and each business VPN topology information that will add access link and relevant device sends to the access topology generation module until all selected mistake of each access link;
The access topology generation module is used for according to described each business VPN topology of access link and relevant device and the full mesh topology of described MPLS L3VPN of having added, for each business VPN generates its access topology.
As seen from the above technical solution, the present invention is this serves the SC of group collection accordingly for every access link in the MPLS L3VPN full mesh topology generates; Have these characteristics of correlation are isolated each business VPN from the full mesh topology of MPLS L3VPN access topology according to belonging between the access link of same business VPN then, thereby provide convenience for management, monitoring and maintenance service VPN.
Description of drawings
Fig. 1 is the networking schematic diagram of existing MPLS L3VPN;
Fig. 2 utilizes MCE to realize a professional networking schematic diagram of isolating in the prior art;
Fig. 3 is a kind of flow chart that generates the method for business VPN accessing topologies of the embodiment of the invention;
Fig. 4 is the full mesh topology schematic diagram of the MPLS L3VPN in the embodiment of the invention;
Fig. 5 be in the embodiment of the invention from MPLS L3VPN full mesh topology shown in Figure 4 the schematic diagram of the access topology of isolated first business VPN;
Fig. 6 be in the embodiment of the invention from MPLS L3VPN full mesh topology shown in Figure 4 the schematic diagram of the access topology of isolated second business VPN;
Fig. 7 is the flow chart of the method for the embodiment of the invention service topology that generates business VPN;
Fig. 8 is the schematic diagram of the service topology that generates for VPN2 in the invention process;
Fig. 9 is a kind of structured flowchart that generates the device of business VPN accessing topologies of the embodiment of the invention.
Embodiment
Core concept of the present invention is: on the basis of the full mesh topology of MPLS L3VPN, VPN Target attribute according to same business VPN has these characteristics of correlation, isolates the pairing access topology of each business VPN from the full mesh topology of MPLS L3VPN.Specifically can be by realizing according to the designed network management software of this thought.
At first concentrate and introduce some notions and definition related in the technical scheme of the present invention:
1, serve group (SC, Service Community): it is a SC that each value of the VPN target among the MPLS L3VPN all is defined as, and does not distinguish Import Target or ExportTarget here.
2, the link that will connect CE among the access link SC:MPLS L3VPN is called access link, specifically comprises: the link between link between PE and the CE and MCE and the CE.Access link SC is meant the SC relevant with access link, is specially: for the link between PE and the CE (PE-CE link), link SC is the SC that interface institute VPN embodiment bound that PE is connected with CE is comprised; For the link between MCE and the CE (MCE-CE) link, link SC is the SC that interface institute VPN embodiment bound that MCE is connected with CE equipment is comprised.
Fig. 3 is a kind of flow chart that generates the method for business VPN accessing topologies of the embodiment of the invention.As shown in Figure 3, this method may further comprise the steps:
In this step, access link comprises: PE-CE link and MCE-CE link.
" common factor is arranged " in the above-mentioned steps and be meant that occuring simultaneously is nonempty set.
For making purpose of the present invention, technical scheme and advantage clear, enumerate specific embodiment below technical scheme of the present invention is further described in detail.
Fig. 4 is the full mesh topology schematic diagram of the MPLS L3VPN in the embodiment of the invention.Referring to Fig. 4, MPLS L3VPN network is made up of MPLS backbone network and 5 user site, and website 1 and 4 belongs to VPN1, and website 2,3 and 5 belongs to VPN2.In Fig. 4, also identified the related equipment interface numbering of explanation technical solution of the present invention.
In networking shown in Figure 4, VNP example 1 to 5 is corresponding with website 1 to 5 respectively, and the configuring condition of the VPN Target parameter in the VPN instance on PE equipment and the MCE equipment and each VPN instance is as follows:
On PE1, comprise parameter in the VPN instance 1 of binding interface 1: Import Target=100:1 and Export Target=100:2; Comprise parameter: ImportTarget=100:3 and Export Target=100:3 in the VPN instance 5 of binding interface 2.
On PE2, comprise parameter: ImportTarget=100:2 and Export Target=100:1 in the VPN instance 4 of the sub-interface 1 on the binding interface 3, comprise parameter in the VPN instance 2 of the sub-interface 2 on the binding interface 3: Import Target=100:3 and Export Target=100:3.
Here, in order between MCE and PE2, to distinguish the message of VPN1 and VPN2, on the physical interface 4 of the physical interface 3 of PE2 and MCE, set up sub-interface 1 and sub-interface 2 (sub-interface does not draw among Fig. 4) respectively.
On MCE, comprise parameter in the VPN instance 4 of the sub-interface 1 on binding interface 3 and the interface 4: Import Target=100:2 and Export Target=100:1 comprise parameter: Import Target=100:3 and ExportTarget=100:3 in the VPN instance 2 of the sub-interface 2 on binding interface 6 and the interface 4.
On PE3, comprise parameter in the VPN instance 3 of binding interface 7: Import Target=100:3 and Export Target=100:3.
Based on above-mentioned parameter configuration, be that each business VPN (being VPN1 and VPN2) in the MPLS L3VPN full mesh topology shown in Figure 4 generates its access topology and may further comprise the steps according to method shown in Figure 3:
1, be that every PE-CE link and MCE-CE link in the MPLS L3VPN full mesh topology shown in Figure 4 generates corresponding SC set.
5 access link are arranged in Fig. 4, wherein, for the PE1-CE1 link, 1 VPN embodiment bound 1 of the interface that PE1 is connected with CE1 comprises parameter: Import Target=100:1 and ExportTarget=100:2, then according to the definition of SC, the SC collection that can obtain the PE1-CE1 link is { 100:1,100:2};
In like manner, the SC collection of PE1-CE5 link is { 100:3};
The SC collection of MCE-CE2 link is { 100:3};
The SC collection of MCE-CE4 link is { 100:1,100:2};
The SC collection of PE3-CE3 link is { 100:3}.
2, from above-mentioned 5 access link, select the PE1-CE1 link, PE1-CE1 link and PE1 and CE1 are added in the newly-established business VPN topology, be called the first business VPN topology in the present embodiment.
3, select the PE1-CE5 link, the SC collection of PE1-CE5 link and the SC collection of PE1-CE1 link are compared, find not have occur simultaneously, then PE1-CE5 link and PE1 and CE5 are added in the another newly-established business VPN topology, be called the second business VPN topology in the present embodiment.
4, select the MCE-CE2 link, with the SC collection of MCE-CE2 link respectively with the first business VPN topological sum, the second business VPN topology in the SC collection of access link compare; Find that the SC collection of MCE-CE2 link and the SC collection of the access link in the second business VPN topology have common factor, then MCE-CE2 link and MCE and CE2 are joined in the second business VPN topology.
5, select the MCE-CE4 link, with the SC collection of MCE-CE4 link respectively with the first business VPN topological sum, the second business VPN topology in the SC collection of access link compare; Find that the SC collection of MCE-CE4 link and the SC collection of the access link in the first business VPN topology have common factor, then MCE-CE4 link and MCE and CE4 are joined in the first business VPN topology.
6, select PE3-CE3, with the SC collection of PE3-CE3 link respectively with the first business VPN topological sum, the second business VPN topology in the SC collection of access link compare; Find that the SC collection of PE3-CE3 link and the SC collection of the access link in the second business VPN topology have common factor, then PE3-CE3 link and PE3 and CE3 are joined in the second business VPN topology.
7, according to the full mesh topology of the above-mentioned first business VPN topology that has added access link and relevant device, second business VPN topology and MPLS L3VPN shown in Figure 4, be first business VPN and second professional its access topology that generates, respectively as shown in Figure 5 and Figure 6.
Fig. 5 be in the embodiment of the invention from MPLS L3VPN full mesh topology shown in Figure 4 the schematic diagram of the access topology of isolated first business VPN.As shown in Figure 5, each access link has clearly been described in the access topology of first business VPN.In addition, from MPLS L3VPN network shown in Figure 4 as can be known MCE be connected with PE3, therefore the PE3 that therefore also drawn in Fig. 5, but key part the present invention of MPLS and being indifferent to replace with the MPLS backbone network.
Fig. 6 be in the embodiment of the invention from MPLS L3VPN full mesh topology shown in Figure 4 the schematic diagram of the access topology of isolated second business VPN.Equally, as shown in Figure 6, each access link has been described clearly in the access topology of second business VPN.In addition, from MPLS L3VPN network shown in Figure 4 as can be known MCE be connected with PE3, therefore the PE3 that therefore also drawn in Fig. 6, but key part the present invention of MPLS and being indifferent to replace with the MPLS backbone network.
From Fig. 5 and Fig. 6 as can be seen, the isolated first business VPN topology is the topology corresponding to the VPN1 among Fig. 4, and the isolated second business VPN topology is the topology corresponding to the VPN2 among Fig. 4.After the access topology of VPN1 shown in Figure 5 has been arranged, can make things convenient for the network manager that VPN1 is managed, monitors and safeguards.After the access topology of VPN2 shown in Figure 6 has been arranged equally, can make things convenient for the network manager that VPN2 is managed, monitors and safeguards.
Based on the access topology of above-mentioned generation business VPN, the present invention gives the scheme of the service topology that generates business VPN.Here service topology mainly reflects the intercommunication situation between the CE in the business VPN.
Fig. 7 is the flow chart of the method for the embodiment of the invention service topology that generates business VPN.As shown in Figure 7, this method may further comprise the steps:
In this step, the discrepancy attribute of SC is meant the set of the attribute of the VPN target that the value with this SC in the affiliated VPN instance of this SC is identical.For example, for the value SC that is 100:1, if comprise parameter in the VPN instance under this SC: Import target=100:1, then the attribute of this SC is " going into ", is divided into the collection into SC; If comprise parameter in the VPN instance under this SC: Export target=100:1, then the attribute of this SC is " going out ", is divided into out the SC collection; If comprise parameter in the VPN instance under this SC: Export target=100:1 and Import target=100:1, then the attribute of this SC is " Chu ﹠amp; Go into ", be divided into into SC collection when being divided into out the SC collection.
Can be by scheme shown in Figure 7 further for business VPN generate its service topology, thus further provide convenience for management, monitoring and maintenance service VPN.
Access topology with VPN2 shown in Figure 6 is an example below, for VPN2 generates its service topology, may further comprise the steps:
1, in the access topology of VPN2 shown in Figure 6, comprises 3 access link that are connected with CE, be respectively: PE1-CE5, PE3-CE3 and MCE-CE2.The going out the SC collection and go into the SC collection and be respectively of this 3 access link that are connected with CE then:
PE1-CE5: go out SC collection={ 100:3}; Go into SC collection={ 100:3};
PE3-CE3: go out SC collection={ 100:3}; Go into SC collection={ 100:3};
MCE-CE2: go out SC collection={ 100:3}; Go into SC collection={ 100:3}.
2, for PE1-CE5 and PE3-CE3 link, one of them go out the SC collection equal another each go into the SC collection, therefore, CE5 is linked to each other with CE3.
3, for PE1-CE5 and MCE-CE2 link, one of them go out the SC collection equal another each go into the SC collection, therefore, CE5 is linked to each other with CE2.
4, for PE3-CE3 and MCE-CE2 link, one of them go out the SC collection equal another each go into the SC collection, therefore, CE3 is linked to each other with CE2.
5, the annexation between the CE equipment that obtains according to above-mentioned steps finally obtain VPN2 service topology as shown in Figure 8.Fig. 8 is the schematic diagram of the service topology that generates for VPN2 in the invention process.
Fig. 9 is a kind of structured flowchart that generates the device of business VPN accessing topologies of the embodiment of the invention.As shown in Figure 9, this device comprises: SC collection generation module 901, business VPN topology separation module 902 and access topology generation module 903, wherein:
SC collection generation module 901 is used to every access link in the MPLS L3VPN full mesh topology to generate corresponding SC set, and the result who is generated is sent to business VPN topology separation module 902; Wherein, described access link comprises: the link between link between PE and the CE and MCE and the CE; It is a SC that each value of VPN destination V parameter PN target all is defined as;
Business VPN topology separation module 902 is used to select an access link, and the equipment of this access link together with its two ends is joined in the newly-established business VPN topology; Afterwards, never select an access link in the access link of selected mistake, the SC collection of each access link in the business VPN topology that SC collection and each of this access link have been set up compares; If the SC collection of the arbitrary access link in the SC collection of this access link and the business VPN topology of having set up has common factor, then the equipment of this access link together with its two ends is joined in this business VPN topology of having set up; Otherwise,, then the equipment of this access link together with its two ends is joined in the another newly-established business VPN topology if the SC collection of all access link in the SC collection of this access link and the business VPN topology that all have been set up does not all have to occur simultaneously; So once, and be added in the corresponding business VPN topology, and each business VPN topology information that will add access link and relevant device sends to access topology generation module 903 until all selected mistake of each access link;
Access topology generation module 903 is used for according to described each business VPN topology of access link and relevant device and the full mesh topology of described MPLS L3VPN of having added, for each business VPN generates its access topology.
In Fig. 9, SC collection generation module 901 is used for generating the SC collection of the link between corresponding PE and the CE by finding out the SC that interface institute VPN embodiment bound that PE is connected with CE is comprised; By finding out the SC that is comprised in the interface institute VPN embodiment bound that MCE is connected with CE, generate the SC collection of the link between corresponding MCE and the CE.
The device of generation business VPN accessing topologies as shown in Figure 9 further comprises: the SC collection is divided module 904 and service topology generation module 905, wherein:
The SC collection is divided module 904, the access topology of each business VPN that access topology generation module 903 is generated, be used for the SC collection for each access link of this business VPN accessing topologies, the discrepancy attribute according to this SC concentrates each SC is divided into out this SC collection the SC collection and goes into the SC collection; To divide the result and send to service topology generation module 905;
Service topology generation module 905, the access topology of each business VPN that access topology generation module 903 is generated, be used for any two access link for this business VPN accessing topologies, whether the SC collection of going into of all judging one of them access link has common factor with the SC collection that goes out of another access link, be that these two CE that access link connected are directly linked to each other, finally generate the service topology of this business VPN.
In Fig. 9, the SC collection is divided module 905, the access topology of each business VPN that the access topology generation module is generated, be used for SC collection for each access link of this business VPN accessing topologies, set according to this SC concentrates the attribute of the VPNtarget that the value with this SC in the VPN instance is identical under each SC is divided into out this SC collection the SC collection and goes into the SC collection.
As seen from the above technical solution, the present invention is this serves the SC of group collection accordingly for every access link in the MPLS L3VPN full mesh topology generates; Correlation according to each access link SC collection will generate the technical scheme of its access topology for each business VPN then, on the basis of the full mesh topology of MPLS L3VPN, VPN Target attribute according to same business VPN has these characteristics of correlation, from the full mesh topology of MPLS L3VPN, isolated the pairing access topology of each business VPN, thereby provided convenience for management, monitoring and maintenance service VPN.In addition, access topology based on vpn service, generate the scheme of the service topology of business VPN according to the correlation of SC attribute, can further clear and definite business VPN in link relation between each CE equipment, thereby provide further facility for management, monitoring and maintenance service VPN.
The above is preferred embodiment of the present invention only, is not to be used to limit protection scope of the present invention, all any modifications of being made within the spirit and principles in the present invention, is equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (8)
1, a kind of method that generates service VPN VPN access topology is characterized in that, this method comprises:
Serve the SC of group collection accordingly for generating based on every access link in the three layer virtual private network MPLS L3VPN full mesh topology of multiprotocol label switching; Wherein, described access link comprises: link between service provider edge router PE and the user network boundary device CE and the link between multiple-instance user network edge device MCE and the CE; It is a SC that each value of VPN destination V parameter PN target all is defined as;
Select an access link, the equipment of this access link together with its two ends is joined in the newly-established business VPN topology;
Afterwards, never select an access link in the access link of selected mistake, the SC collection of each access link in the business VPN topology that SC collection and each of this access link have been set up compares; If the SC collection of the arbitrary access link in the SC collection of this access link and the business VPN topology of having set up has common factor, then the equipment of this access link together with its two ends is joined in this business VPN topology of having set up; Otherwise,, then the equipment of this access link together with its two ends is joined in the another newly-established business VPN topology if the SC collection of all access link in the SC collection of this access link and the business VPN topology that all have been set up does not all have to occur simultaneously; So once, and be added in the corresponding business VPN topology until all selected mistake of each access link;
At last, according to described each business VPN topology of access link and relevant device and the full mesh topology of described MPLS L3VPN of having added, for each business VPN generates its access topology.
2, the method for claim 1 is characterized in that,
For the link between PE and the CE, the SC collection that generates this link comprises: find out the SC that is comprised in the interface institute VPN embodiment bound that PE is connected with CE;
For the link between MCE and the CE, the SC collection that generates this link comprises: find out the SC that is comprised in the interface institute VPN embodiment bound that MCE is connected with CE.
3, method as claimed in claim 1 or 2 is characterized in that, for the access topology of described each business VPN, this method is also carried out following steps:
For the SC collection of each access link in this business VPN accessing topologies, the discrepancy attribute according to this SC concentrates each SC is divided into out this SC collection the SC collection and goes into the SC collection;
For any two access link in this business VPN accessing topologies, whether the SC collection of going into of all judging one of them access link has common factor with the SC collection that goes out of another access link, be that these two CE that access link connected are directly linked to each other, finally generate the service topology of this business VPN.
4, method as claimed in claim 3 is characterized in that, the discrepancy attribute of described SC is the set of the attribute of the VPN target that the value with this SC in the VPN instance is identical under the SC.
5, a kind of device that generates business VPN accessing topologies is characterized in that, this device comprises: SC collection generation module, business VPN topology separation module and access topology generation module, wherein,
SC collection generation module is used to every access link in the MPLS L3VPN full mesh topology to generate corresponding SC set, and the result who is generated is sent to business VPN topology separation module; Wherein, described access link comprises: the link between link between PE and the CE and MCE and the CE; It is a SC that each value of VPN destination V parameter PN target all is defined as;
Business VPN topology separation module is selected an access link, and the equipment of this access link together with its two ends is joined in the newly-established business VPN topology; Afterwards, never select an access link in the access link of selected mistake, the SC collection of each access link in the business VPN topology that SC collection and each of this access link have been set up compares; If the SC collection of the arbitrary access link in the SC collection of this access link and the business VPN topology of having set up has common factor, then the equipment of this access link together with its two ends is joined in this business VPN topology of having set up; Otherwise,, then the equipment of this access link together with its two ends is joined in the another newly-established business VPN topology if the SC collection of all access link in the SC collection of this access link and the business VPN topology that all have been set up does not all have to occur simultaneously; So once, and be added in the corresponding business VPN topology, and each business VPN topology information that will add access link and relevant device sends to the access topology generation module until all selected mistake of each access link;
The access topology generation module is used for according to described each business VPN topology of access link and relevant device and the full mesh topology of described MPLS L3VPN of having added, for each business VPN generates its access topology.
6, device as claimed in claim 5 is characterized in that, described SC collection generation module is used for generating the SC collection of the link between corresponding PE and the CE by finding out the SC that interface institute VPN embodiment bound that PE is connected with CE is comprised; By finding out the SC that is comprised in the interface institute VPN embodiment bound that MCE is connected with CE, generate the SC collection of the link between corresponding MCE and the CE.
7, as claim 5 or 6 described devices, it is characterized in that this device further comprises: the SC collection is divided module and service topology generation module, wherein,
The SC collection is divided module, the access topology of each business VPN that the access topology generation module is generated, be used for the SC collection for each access link of this business VPN accessing topologies, the discrepancy attribute according to this SC concentrates each SC is divided into out this SC collection the SC collection and goes into the SC collection; To divide the result and send to the service topology generation module;
The service topology generation module, the access topology of each business VPN that the access topology generation module is generated, be used for any two access link for this business VPN accessing topologies, whether the SC collection of going into of all judging one of them access link has common factor with the SC collection that goes out of another access link, be that these two CE that access link connected are directly linked to each other, finally generate the service topology of this business VPN.
8, device as claimed in claim 7, it is characterized in that, described SC collection is divided module, the access topology of each business VPN that the access topology generation module is generated, be used for SC collection for each access link of this business VPN accessing topologies, set according to this SC concentrates the attribute of the VPN target that the value with this SC in the VPN instance is identical under each SC is divided into out this SC collection the SC collection and goes into the SC collection.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2008101163918A CN101304337A (en) | 2008-07-09 | 2008-07-09 | Method and apparatus for generating access topology of service VPN |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2008101163918A CN101304337A (en) | 2008-07-09 | 2008-07-09 | Method and apparatus for generating access topology of service VPN |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101304337A true CN101304337A (en) | 2008-11-12 |
Family
ID=40114062
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2008101163918A Pending CN101304337A (en) | 2008-07-09 | 2008-07-09 | Method and apparatus for generating access topology of service VPN |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101304337A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102932231A (en) * | 2012-11-28 | 2013-02-13 | 杭州华三通信技术有限公司 | Method for reducing update messages and service provider network edge device |
| WO2013078683A1 (en) * | 2011-12-02 | 2013-06-06 | 中兴通讯股份有限公司 | A method and apparatus for forming l3vpn peer-to-peer service |
| CN103532746A (en) * | 2013-09-30 | 2014-01-22 | 广东电网公司电力调度控制中心 | Method and system for generating business topology of industrial system |
| CN108462587A (en) * | 2017-02-20 | 2018-08-28 | 中兴通讯股份有限公司 | A kind of network topology treating method and apparatus |
| CN110380902A (en) * | 2019-07-19 | 2019-10-25 | 腾讯科技(深圳)有限公司 | Topology generation method, apparatus, electronic equipment and storage medium |
| CN111953812A (en) * | 2020-08-19 | 2020-11-17 | 国家海洋信息中心 | Interconnection and intercommunication method for new and old IP addresses of ocean information communication network |
-
2008
- 2008-07-09 CN CNA2008101163918A patent/CN101304337A/en active Pending
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2013078683A1 (en) * | 2011-12-02 | 2013-06-06 | 中兴通讯股份有限公司 | A method and apparatus for forming l3vpn peer-to-peer service |
| CN102932231A (en) * | 2012-11-28 | 2013-02-13 | 杭州华三通信技术有限公司 | Method for reducing update messages and service provider network edge device |
| CN102932231B (en) * | 2012-11-28 | 2015-05-20 | 杭州华三通信技术有限公司 | Method for reducing update messages and service provider network edge device |
| CN103532746A (en) * | 2013-09-30 | 2014-01-22 | 广东电网公司电力调度控制中心 | Method and system for generating business topology of industrial system |
| CN108462587A (en) * | 2017-02-20 | 2018-08-28 | 中兴通讯股份有限公司 | A kind of network topology treating method and apparatus |
| CN110380902A (en) * | 2019-07-19 | 2019-10-25 | 腾讯科技(深圳)有限公司 | Topology generation method, apparatus, electronic equipment and storage medium |
| CN110380902B (en) * | 2019-07-19 | 2022-02-15 | 腾讯科技(深圳)有限公司 | Topological relation generation method and device, electronic equipment and storage medium |
| CN111953812A (en) * | 2020-08-19 | 2020-11-17 | 国家海洋信息中心 | Interconnection and intercommunication method for new and old IP addresses of ocean information communication network |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP2995067B1 (en) | A direct connect virtual private interface for a one to many connection with multiple virtual private clouds | |
| CN100372336C (en) | MPLS VPN and its control and forwarding method | |
| CN106936777A (en) | Cloud computing distributed network implementation method based on OpenFlow, system | |
| US20070253432A1 (en) | Network device providing access to both layer 2 and layer 3 services on a single physical interface | |
| CN102739501B (en) | Message forwarding method and system in two three layer virtual private networks | |
| CN101616014B (en) | Method for realizing cross-virtual private local area network multicast | |
| EP1811728B1 (en) | Method, system and device of traffic management in a multi-protocol label switching network | |
| CN101572669A (en) | Transmitting method of VPN message as well as allocating and deleting method of the router marks thereof | |
| CN101599901A (en) | The method of remotely accessing MPLS VPN, system and gateway | |
| CN111130980B (en) | Method and apparatus for implementing a combined virtual private network VPN | |
| CN101304337A (en) | Method and apparatus for generating access topology of service VPN | |
| CN108141392A (en) | The method and apparatus that pseudowire load is shared | |
| CN100358322C (en) | Method of multilayer VLAN switching | |
| CN1697408B (en) | Method for managing routes in virtual private network based on IPv6 | |
| CN107579898A (en) | The method and its device of interconnected communication between one kind of multiple containers | |
| CN100364292C (en) | Virtual special network system of mixed station mixed skeleton network and its realizing method | |
| CN102394804A (en) | VPN system building method and VPN system | |
| WO2004071009A1 (en) | A method for determining relation between client edge router and virtual private network | |
| CN102377645B (en) | Exchange chip and realization method thereof | |
| CN101719857B (en) | Asymmetric PW-based VPLS network access method and asymmetric PW-based VPLS network access system | |
| CN101304338B (en) | Method and apparatus for discovering equipment in multi-protocol label switching three-layer VPN | |
| CN100563182C (en) | A kind of method that in the multilayer labels switching network, realizes virtual private network service | |
| CN101316239B (en) | Method for controlling access and forwarding in virtual special LAN service network | |
| WO2017017971A1 (en) | Data center linking system and method therefor | |
| CN101136832A (en) | Multi-protocol label switching virtual dedicated network and its control and forwarding method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20081112 |