CN101631089A - Flow calculating method, flow calculating device and flow calculating system based on private network VPN - Google Patents
Flow calculating method, flow calculating device and flow calculating system based on private network VPN Download PDFInfo
- Publication number
- CN101631089A CN101631089A CN200910169601A CN200910169601A CN101631089A CN 101631089 A CN101631089 A CN 101631089A CN 200910169601 A CN200910169601 A CN 200910169601A CN 200910169601 A CN200910169601 A CN 200910169601A CN 101631089 A CN101631089 A CN 101631089A
- Authority
- CN
- China
- Prior art keywords
- equipment
- private network
- vpn
- flow
- analysis servers
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses a flow calculating method, a flow calculating device and a flow calculating system based on a private network VPN. On the basis of private VPN information, the flow is calculated and analyzed on a device of a service provider of an MPLS LSVPN network, so the invention solves the original problem of relying on administrator to manually deduct and calculate the flow, and enables the flow analysis to automatically complete by matching a flow analyzing server with the device, thereby enhancing the efficiency of the flow calculation, and lowering the labor cost.
Description
Technical field
The present invention relates to communication technical field, particularly a kind of flow statistical method, equipment and system based on private network VPN.
Background technology
Multi-protocol label switching three-layer VPN (Multiprotocol Label Switching L3 VirtualPrivate Networks, MPLS L3 VPN) be a kind of in service provider's vpn solution based on service provider edge router (Provider Edge, PE) L3VPN technology, it uses Border Gateway Protocol (Border Gateway Protocol, BGP) issue VPN route on service provider backbone uses MPLS to transmit the VPN message on service provider backbone.
MPLS L3VPN networking mode is flexible, extensibility good, and can support easily that (Quality of Service, QoS) (Traffic Engineering TE), therefore, is more and more used MPLS service quality with the MPLS traffic engineering.
The network traffics analytical system can provide network traffic information statistics and analysis function for diverse network, can allow the client in time understand diverse network and use the network bandwidth that takies, the source of TopN flow in Internet resources that miscellaneous service consumes and the network application, can help the network manager in time to find network bottleneck, the attack of guarding network virus.Help the client to make objective and accurate decision-making at aspects such as the network planning, network monitoring, the network optimization, failure diagnosises.
In MPLS L3VPN network, the relevant informations such as route, label of local VPN are arranged on the PE equipment, so can be at an easy rate on PE equipment according to the private network tags statistics based on information such as the flow of local VPN, application, sessions.But, in a catenet, only check on every PE equipment that local VPN flow information is the O﹠M that can't satisfy network, regulatory requirement, the keeper need understand the traffic statistics information of each node of the whole network, link in fault location, the network planning.Realization mechanism based on MPLS, service provider equipment (Provider equipment, P equipment) just transmit according to outer layer label with local significance, and, usually hierarchical service provides program (Layered Service Provider, LSP) label adopts automatic ways of distribution, does not have the information of private network VPN on P equipment, so also can't carry out automatic flow statistics, analytic function based on VPN at present on P equipment.
In the prior art, in order to realize the traffic statistics on the P equipment, the keeper is at first very familiar to technology such as the basic principle of network condition, MPLS VPN, label distribution rules.The data flow of P device forwards has multilayer labels usually.When the keeper will check the flow information of privately owned VPN on the P equipment, can be earlier according to the innermost layer label of message, utilize prior art that the flow information based on the innermost layer private network tags is come out, check which floor label information of outside of message correspondence by the device label stack, again according to the attaching relation of source PE equipment, purpose PE equipment and the VPN of analysis stream such as the distribution mechanisms of label, routing iinformation, network connection situation, can infer that like this, just the statistical information based on vpn label is corresponding which VPN on the P equipment.
In realizing process of the present invention, the applicant finds that there is following problem at least in prior art:
The technical scheme of prior art needs the keeper that existing network is connected situation, the basic principle of MPLS VPN, the label distribution rule, relevant knowledges such as route have very deep understanding, this can't satisfy most O﹠M personnel, like this P equipment just there is not practical significance based on the flow information that label comes out, because can't continue corresponding relation by manual analysis local label and the privately owned VPN of far-end, can't know abnormal flow or attack corresponding VPN user, and it is bigger in network size, when the table of equipment number is more, the method of this manual analysis is particularly loaded down with trivial details, is difficult to practical.
Summary of the invention
The invention provides a kind of flow statistical method, equipment and system, solved on service provider equipment because can't perception private network VPN information based on private network VPN, thus the problem that can't carry out traffic statistics based on private network VPN.
For achieving the above object, one aspect of the present invention provides a kind of flow statistical method based on the private network virtual private network VPN, be applied to comprise in the system of a plurality of service provider equipments, Provider Edge PE equipment, customer edge CE equipment and flow analysis servers, wherein, every corresponding private network tags of VPN that data flow is added and described data flow is affiliated that PE equipment is its forwarding, at least store the identification information of the pairing private network VPN of all PE equipment in the described system and the corresponding relation of private network tags in the described flow analysis servers, described method comprises:
Described flow analysis servers receives the traffic statistics data according to different private network tags generations that each described service provider equipment reports;
Described flow analysis servers according to described corresponding relation, generates the traffic statistics data based on private network VPN according to the private network tags of described traffic statistics data.
Preferably, each equipment in the described system has different equipment identities sign ID respectively, institute's stored relation in the described flow analysis servers, the concrete device id that also comprises all PE equipment in the described system, institute's stored relation specifically generates by following steps in the described flow analysis servers:
Described flow analysis servers is respectively the different available private network tags of each PE devices allocation;
Described flow analysis servers obtains the device id of all PE equipment in the described system, the pairing private network tags of determined each the private network VPN of each PE equipment in the identification information of the pairing private network VPN of all PE equipment and the described system in the described system;
Described flow analysis servers generates and preserves the device id of all PE equipment in the described system, the identification information of private network VPN and the corresponding relation of private network tags.
Preferably, before the traffic statistics data that generate according to different private network tags that described flow analysis servers receives that each described service provider equipment reports, also comprise:
Each described service provider equipment carries out traffic statistics to the data flow of being transmitted, and according to the private network tags that is comprised in the data flow of being transmitted, generates corresponding traffic statistics data;
Each described service provider equipment reports described flow analysis servers with the data based default form of described traffic statistics.
Preferably, each described service provider equipment reports described flow analysis servers with the data based default form of described traffic statistics, is specially:
Each described service provider equipment reports described flow analysis servers with the form of data based Netstream of described traffic statistics or Netflow V9.
On the other hand, the present invention also provides a kind of flow analysis servers, be applied to comprise in the system of a plurality of service provider equipments, Provider Edge PE equipment, customer edge CE equipment and flow analysis servers, wherein, every corresponding private network tags of VPN that data flow is added and described data flow is affiliated that PE equipment is its forwarding specifically comprises:
Memory module is used for the identification information of the pairing private network VPN of all PE equipment of the described system of store storage and the corresponding relation of private network tags;
Communication module is used to receive the traffic statistics data according to different private network tags generations that each described service provider equipment reports;
Statistical module is connected with described communication module with described memory module, is used for the private network tags of the traffic statistics data that receive according to described communication module, according to described memory module institute stored relation, generates the traffic statistics data based on private network VPN.
Preferably, described flow analysis servers also comprises:
Distribution module is used to be respectively the different available private network tags of each PE devices allocation.
Preferably, each equipment in the described system has different equipment identities sign ID respectively,
Content in the described memory module institute stored relation also comprises the device id of all PE equipment in the described system;
Wherein, described communication module, be connected with described memory module, also be used for obtaining the device id of all PE equipment of described system, the pairing private network tags of determined each the private network VPN of each PE equipment in the identification information of the pairing private network VPN of all PE equipment and the described system generates institute's stored relation in the described memory module in the described system.
On the other hand, the present invention also provides a kind of network equipment, be applied to comprise in the system of a plurality of service provider equipments, Provider Edge PE equipment, customer edge CE equipment and flow analysis servers as service provider equipment, wherein, every corresponding private network tags of VPN that data flow is added and described data flow is affiliated that PE equipment is its forwarding specifically comprises:
Communication module is used to receive the data flow that other network equipments send, and is forwarded to the corresponding target address, also is used for reporting the traffic statistics data that generate according to different private network tags to described flow analysis servers;
Statistical module is connected with described communication module, is used for generating corresponding traffic statistics data according to the different private network tags that data flow comprised that described communication module is transmitted, and reports to described flow analysis servers by described communication module.
On the other hand, the present invention also provides a kind of network system, comprises a plurality of service provider equipments, PE equipment, CE equipment and flow analysis servers, is specially:
Described PE equipment, be used for transmitting the data flow that sends by the pairing CE equipment of the source node of data flow to service provider equipment, and in described data flow, add with described data flow under the corresponding private network tags of VPN, the data flow that is used for that also described service provider equipment is sent is transmitted to the pairing CE equipment of the pairing destination node of described data flow, wherein, each the PE equipment in the described network system can be the data flow interpolation of its forwarding and the corresponding private network tags of VPN under each data flow;
Service provider equipment, be connected with described flow analysis servers with described PE equipment, be used for the pairing network equipment of data flow corresponding target node that receives is transmitted, and generate corresponding traffic statistics data, and report described flow analysis servers according to the different private network tags that is comprised in the described data flow;
Flow analysis servers, be connected with described service provider equipment with described PE equipment, store the identification information that comprises the pairing private network VPN of all PE equipment in the current system at least and the corresponding relation of private network tags, be used to receive the traffic statistics data that each described service provider equipment reports according to different private network tags generations, private network tags according to described traffic statistics data, according to described corresponding relation, generate traffic statistics data based on private network VPN.
Preferably, in the corresponding relation of the scope of the private network tags that the identification information that comprises the pairing private network VPN of all PE equipment in the current system at least that described flow analysis servers is stored and each PE equipment can distribute, the device id that also comprises all PE equipment in the described network system, described flow analysis servers also is used for obtaining corresponding apparatus ID to all PE equipment of described network system, the pairing private network tags of determined each the private network VPN of the identification information of corresponding private network VPN and described PE equipment.
Compared with prior art, the present invention has the following advantages:
By using technical scheme of the present invention, can be on the P equipment of MPLS L3VPN network, carry out the statistics and analysis of flow based on privately owned VPN information, thereby, solved and to have relied on the keeper manually to go the problem of inferring and calculating originally, flow analysis can be finished by flow analysis servers and cooperating automatically of equipment, improved the efficient of traffic statistics, reduced the hand labor cost.
Description of drawings
The schematic flow sheet of a kind of flow statistical method based on private network VPN that Fig. 1 proposes for the present invention;
Fig. 2 is the schematic flow sheet of a kind of flow statistical method based on private network VPN under the concrete application scenarios proposed by the invention;
Fig. 3 is the structural representation of the typical networking of MPLS L3VPN;
Fig. 4 is the schematic diagram of a kind of table of comparisons proposed by the invention;
Fig. 5 is the structural representation of a kind of flow analysis servers provided by the present invention;
Fig. 6 is the structural representation of a kind of network equipment provided by the present invention;
Fig. 7 is the structural representation of a kind of network system provided by the present invention.
Embodiment
As stated in the Background Art, traffic statistics scheme having relatively high expectations for P equipment of the prior art to operating personnel, the relevant knowledges such as basic principle, label distribution rule, route that need relevant operating personnel existing network to be connected situation, MPLS VPN have very deep understanding, improved personnel's input cost, and corresponding operating process is also very loaded down with trivial details, be unfavorable for popularizing and promoting of associative operation flow process, also increased operation easier.
In order to address the above problem, the present invention proposes a kind of flow statistical method based on private network VPN, be applied to comprise in the system of a plurality of service provider equipments, PE equipment, CE equipment and flow analysis servers.
Wherein, every PE equipment can be the corresponding interior private network tags with the VPN under this data flow of the data flow interpolation of its forwarding, and storage comprises the identification information of the pairing private network VPN of all PE equipment in the current system and the corresponding relation of private network tags at least in the flow analysis servers.
As shown in Figure 1, based on the schematic flow sheet of the flow statistical method of private network VPN, specifically may further comprise the steps on a kind of service provider equipment that proposes for the present invention:
Step S101, flow analysis servers receive the traffic statistics data according to different private network tags generations that each service provider equipment reports.
In concrete application scenarios, for marking equipment more accurately, each equipment in the current system has different device ids respectively.
Accordingly, institute's stored relation specifically also comprises the device id of all PE equipment in the current system in the flow analysis servers.
Based on above-mentioned technological thought, in concrete application scenarios, institute's stored relation specifically generates by following steps in the flow analysis servers:
At first, flow analysis servers is respectively the different available private network tags of each PE devices allocation.
Then, flow analysis servers obtains the device id of all PE equipment in the current system, the pairing private network tags of determined each the private network VPN of each PE equipment in the identification information of the pairing private network VPN of all PE equipment and the described system in the current system.
At last, flow analysis servers generates and preserves the device id of all PE equipment in the described system, the identification information of private network VPN and the corresponding relation of private network tags.
It is to be noted, flow analysis servers is distributed to the private network tags of each PE equipment can be for a plurality of, owing to the quantity of the pairing VPN of PE equipment may change along with the variation of concrete application scenarios, so, PE equipment can distribute corresponding private network sign according to the situation of current VPN, if distributed the VPN of private network sign to be cancelled, then this private network that has distributed sign can be retracted, and distribute to new VPN and use, but, what need assurance is in current existing VPN, can not use identical private network sign.
On the other hand, in concrete application scenarios, before the traffic statistics data that generate according to different private network tags that flow analysis servers receives that each service provider equipment reports, also comprise:
Each service provider equipment carries out traffic statistics to the data flow of being transmitted, and according to the private network tags that is comprised in the data flow of being transmitted, generates corresponding traffic statistics data;
Each service provider equipment reports flow analysis servers with the data based default form of traffic statistics.
Wherein, each service provider equipment reports flow analysis servers with the data based default form of traffic statistics, and the form that is specially according to Netstream or Netflow V9 reports.
Step S102, flow analysis servers according to corresponding relation, generate the traffic statistics data based on private network VPN according to the private network tags of traffic statistics data.
Owing to stored the device id of all PE equipment in the current system in the corresponding relation in advance, the identification information of pairing private network VPN (VPN ID) and the pairing private network tags of determining of each private network VPN, so, according to the pairing private network tags of traffic statistics data that each service provider equipment reported, directly can find corresponding PE equipment, thereby, determine to send the PE equipment of each data flow, and the pairing private network VPN of this PE equipment, therefore, can further generate traffic statistics data by identification and statistic of classification based on private network VPN
Compared with prior art, the present invention has the following advantages:
By using technical scheme of the present invention, can be on the P equipment of MPLS L3VPN network, carry out the statistics and analysis of flow based on privately owned VPN information, thereby, solved and to have relied on the keeper manually to go the problem of inferring and calculating originally, flow analysis can be finished by flow analysis servers and cooperating automatically of equipment, improved the efficient of traffic statistics, reduced the hand labor cost.
Below, further combined with concrete application scenarios, technical scheme of the present invention is further specified.
As shown in Figure 2, be the schematic flow sheet of a kind of flow statistical method based on private network VPN under the concrete application scenarios proposed by the invention.
In the present embodiment, be the concrete manifestation form of above-mentioned corresponding relation with the table of comparisons, therefore, technical scheme proposed by the invention specifically may further comprise the steps:
Step S201, dispose the private network tags that each PE equipment can use.
The structural representation of the typical networking of MPLS L3VPN as shown in Figure 3, the message of private network VPN can encapsulate inside and outside two-layer label when PE transmits.The network based outer public network label of MPLS is transmitted, and vpn label is the private network tags of VPN, the VPN instance routing table that the decision message is transmitted when arriving opposite end PE2 equipment.
When doing the whole network configuration, at first, dispose non-overlapping device id respectively for each equipment in the system, as CE1, CE2, PE1 etc.Then, manual or the distribution scope (i.e. the spendable private network tags of this PE equipment) by flow analysis servers configuration private network tags on every PE equipment, for example, the private network tags that can distribute use on the configuration PE1 is 10~49, the private network tags that configuration can be distributed use on the PE2 is 50~99, and by that analogy, and the private network tags range of distribution of all PE equipment in the system is sorted, thereby avoiding PE equipment different in the system is that the private network tags that message distributed occurs overlapping.
Step S202, flow analysis servers obtain the relevant information of all PE equipment in the system, generate the table of comparisons.
All PE equipment in the network, this device id, local VPN configuration information, all be reported on the unified flow analysis servers with the distribution corresponding relation of private network tags etc., on this flow analysis servers, form a form that comprises private network tags and VPN corresponding relation, wherein, the private network tags of each PE devices allocation is nonoverlapping, and the schematic diagram of this table of comparisons as shown in Figure 4.
Need further be pointed out that, in the present embodiment, the device id that only comprises each PE equipment in the table of comparisons, the identification information of the pairing private network VPN of each PE equipment, be VPN ID, and the scope of the private network sign that can distribute of each PE equipment, the preferred embodiment that this just provides for convenience of description based on concrete application scenarios, in actual application, if also need to carry out the coupling of other information, then can in the table of comparisons, further add other information table, and obtain to corresponding apparatus by flow analysis servers.
Under the prerequisite that can reach the corresponding techniques effect, the variation of specifying information classification does not influence protection scope of the present invention.
Step S203, each P equipment carry out the traffic statistics of data flow based on the private network sign, and the traffic statistics data that generate are reported flow analysis servers.
On P equipment, carry out in the traffic statistics analysis, at first to finish statistics based on the various traffic characteristics of innermost layer label, P equipment reports flow analysis servers according to Netstream/Netflow v9 form, thereby, form statistics based on private network tags.
Step S204, flow analysis servers be according to the corresponding relation of being preserved in the table of comparisons, according to each P equipment reported based on the traffic statistics data that private network tags generated, generate corresponding traffic statistics data based on private network VPN.
Flow analysis servers forms the traffic statistics information data that comprises device id, VPN ID according to the corresponding relation of private network tags in the table of comparisons and device id, VPN ID.
By such processing, just can on P equipment, finish traffic statistics analytic function automatically based on private network VPN.
Compared with prior art, the present invention has the following advantages:
By using technical scheme of the present invention, can be on the P equipment of MPLS L3VPN network, carry out the statistics and analysis of flow based on privately owned VPN information, thereby, solved and to have relied on the keeper manually to go the problem of inferring and calculating originally, flow analysis can be finished by flow analysis servers and cooperating automatically of equipment, improved the efficient of traffic statistics, reduced the hand labor cost.
In order to realize above-mentioned technical scheme, the present invention also provides a kind of flow analysis servers, be applied to comprise in the system of a plurality of service provider equipments, Provider Edge PE equipment, customer edge CE equipment and flow analysis servers, wherein, every corresponding private network tags of VPN that data flow is added and this data flow is affiliated that PE equipment is its forwarding.
As shown in Figure 5, be the structural representation of a kind of flow analysis servers provided by the present invention, this flow analysis servers specifically comprises:
In concrete application scenarios, each equipment in the current system has different equipment identities sign ID respectively, and therefore, the content in the table of comparisons that memory module 51 is stored also comprises the device id of all PE equipment in the current system.
In concrete application scenarios, communication module 52 is connected with memory module 51, also be used for obtaining the device id of all PE equipment of current system, the pairing private network tags of determined each the private network VPN of each PE equipment in the identification information of the pairing private network VPN of all PE equipment and the current system in the current system generates the table of comparisons of being stored in the memory module 51.
In concrete application scenarios, this flow analysis servers also comprises distribution module 54, is used to be respectively the different available private network tags of each PE devices allocation.
On the other hand, the present invention also provides a kind of network equipment, be applied to comprise in the system of a plurality of service provider equipments, Provider Edge PE equipment, customer edge CE equipment and flow analysis servers as service provider equipment, wherein, every corresponding private network tags of VPN that data flow is added and this data flow is affiliated that PE equipment is its forwarding.
As shown in Figure 6, the network equipment proposed by the invention specifically comprises:
Further again, the present invention also provides a kind of network system, and its structural representation comprises a plurality of service provider equipments 71, PE equipment 72, CE equipment 73 and flow analysis servers 74 as shown in Figure 7, is specially:
PE equipment 72, be used for transmitting the data flow that sends by the pairing CE equipment 73 of the source node of data flow to service provider equipment 71, and in data flow, add with this data flow under the corresponding private network tags of VPN, also be used for the data flow that service provider equipment 71 is sent is transmitted to the pairing CE equipment 73 of the pairing destination node of data flow, wherein, each the PE equipment 72 in the network system can be the data flow interpolation of its forwarding and the corresponding private network tags of VPN under each data flow.
Service provider equipment 71, be connected with flow analysis servers 74 with PE equipment 72, be used for the pairing network equipment of data flow corresponding target node (comprising other service provider equipments 71 or PE equipment 72) that receives is transmitted, and generate corresponding traffic statistics data, and report flow analysis servers 74 according to the different private network tags that is comprised in the data flow;
Flow analysis servers 74, be connected with service provider equipment 71 with PE equipment 72, store the identification information that comprises all PE equipment 72 pairing private network VPN in the current system at least and the corresponding relation (table of comparisons) of private network tags, be used to receive the traffic statistics data that each service provider equipment 71 reports according to different private network tags generations, private network tags according to the traffic statistics data, according to the corresponding relation in the table of comparisons, generate traffic statistics data based on private network VPN.
In concrete application scenarios, in the table of comparisons of the corresponding relation of the scope of the identification information that comprises all PE equipment 72 pairing private network VPN in the current system at least that flow analysis servers 74 is stored and 72 private network tags that can distribute of each PE equipment, the device id that also comprises all PE equipment 72 in the network system, flow analysis servers 74 also is used for obtaining corresponding apparatus ID to all PE equipment 72 of network system, the identification information of corresponding private network VPN and the pairing private network tags of PE equipment 72 determined each private network VPN.
Compared with prior art, the present invention has the following advantages:
By using technical scheme of the present invention, can be on the P equipment of MPLS L3VPN network, carry out the statistics and analysis of flow based on privately owned VPN information, thereby, solved and to have relied on the keeper manually to go the problem of inferring and calculating originally, flow analysis can be finished by flow analysis servers and cooperating automatically of equipment, improved the efficient of traffic statistics, reduced the hand labor cost.
Through the above description of the embodiments, those skilled in the art can be well understood to the present invention and can realize by hardware, also can realize by the mode that software adds necessary general hardware platform.Based on such understanding, technical scheme of the present invention can embody with the form of software product, it (can be CD-ROM that this software product can be stored in a non-volatile memory medium, USB flash disk, portable hard drive etc.) in, comprise some instructions with so that computer equipment (can be personal computer, server, the perhaps network equipment etc.) each implements the described method of scene to carry out the present invention.
It will be appreciated by those skilled in the art that accompanying drawing is a preferred schematic diagram of implementing scene, module in the accompanying drawing or flow process might not be that enforcement the present invention is necessary.
It will be appreciated by those skilled in the art that the module in the device of implementing in the scene can be distributed in the device of implementing scene according to implementing scene description, also can carry out respective change and be arranged in the one or more devices that are different from this enforcement scene.The module of above-mentioned enforcement scene can be merged into a module, also can further split into a plurality of submodules.
The invention described above sequence number is not represented the quality of implementing scene just to description.
More than disclosed only be several concrete enforcement scene of the present invention, still, the present invention is not limited thereto, any those skilled in the art can think variation all should fall into protection scope of the present invention.
Claims (10)
1, a kind of flow statistical method based on the private network virtual private network VPN, it is characterized in that, be applied to comprise in the system of a plurality of service provider equipments, Provider Edge PE equipment, customer edge CE equipment and flow analysis servers, wherein, every corresponding private network tags of VPN that data flow is added and described data flow is affiliated that PE equipment is its forwarding, at least store the identification information of the pairing private network VPN of all PE equipment in the described system and the corresponding relation of private network tags in the described flow analysis servers, described method comprises:
Described flow analysis servers receives the traffic statistics data according to different private network tags generations that each described service provider equipment reports;
Described flow analysis servers according to described corresponding relation, generates the traffic statistics data based on private network VPN according to the private network tags of described traffic statistics data.
2, the method for claim 1, it is characterized in that, each equipment in the described system has different equipment identities sign ID respectively, institute's stored relation specifically also comprises the device id of all PE equipment in the described system in the described flow analysis servers, and institute's stored relation specifically generates by following steps in the described flow analysis servers:
Described flow analysis servers is respectively the different available private network tags of each PE devices allocation;
Described flow analysis servers obtains the device id of all PE equipment in the described system, the pairing private network tags of determined each the private network VPN of each PE equipment in the identification information of the pairing private network VPN of all PE equipment and the described system in the described system;
Described flow analysis servers is stored the device id of all PE equipment in the described system, the identification information of private network VPN and the corresponding relation of private network tags.
3, the method for claim 1 is characterized in that, before the traffic statistics data that generate according to different private network tags that described flow analysis servers receives that each described service provider equipment reports, also comprises:
Each described service provider equipment carries out traffic statistics to the data flow of being transmitted, and according to the private network tags that is comprised in the data flow of being transmitted, generates corresponding traffic statistics data;
Each described service provider equipment reports described flow analysis servers with the data based default form of described traffic statistics.
4, method as claimed in claim 3 is characterized in that, each described service provider equipment reports described flow analysis servers with the data based default form of described traffic statistics, is specially:
Each described service provider equipment reports described flow analysis servers with the form of data based Netstream of described traffic statistics or Netfiow V9.
5, a kind of flow analysis servers, it is characterized in that, be applied to comprise in the system of a plurality of service provider equipments, Provider Edge PE equipment, customer edge CE equipment and flow analysis servers, wherein, every corresponding private network tags of VPN that data flow is added and described data flow is affiliated that PE equipment is its forwarding specifically comprises:
Memory module is used for storing at least the identification information of the pairing private network VPN of all PE equipment of described system and the corresponding relation of private network tags;
Communication module is used to receive the traffic statistics data according to different private network tags generations that each described service provider equipment reports;
Statistical module is connected with described communication module with described memory module, is used for the private network tags of the traffic statistics data that receive according to described communication module, according to described memory module institute stored relation, generates the traffic statistics data based on private network VPN.
6, flow analysis servers as claimed in claim 5 is characterized in that, also comprises:
Distribution module is used to be respectively the different available private network tags of each PE devices allocation.
7, flow analysis servers as claimed in claim 5 is characterized in that,
Each equipment in the described system has different equipment identities sign ID respectively, and the content in the described memory module institute stored relation also comprises the device id of all PE equipment in the described system;
Wherein, described communication module, be connected with described memory module, also be used for obtaining the device id of all PE equipment of described system, the pairing private network tags of determined each the private network VPN of each PE equipment in the identification information of the pairing private network VPN of all PE equipment and the described system generates institute's stored relation in the described memory module in the described system.
8, a kind of network equipment, it is characterized in that, be applied to comprise in the system of a plurality of service provider equipments, Provider Edge PE equipment, customer edge CE equipment and flow analysis servers as service provider equipment, wherein, every corresponding private network tags of VPN that data flow is added and described data flow is affiliated that PE equipment is its forwarding specifically comprises:
Communication module is used to receive the data flow that other network equipments send, and is forwarded to the corresponding target address, also is used for reporting the traffic statistics data that generate according to different private network tags to described flow analysis servers;
Statistical module is connected with described communication module, is used for generating corresponding traffic statistics data according to the different private network tags that data flow comprised that described communication module is transmitted, and reports to described flow analysis servers by described communication module.
9, a kind of network system is characterized in that, comprises a plurality of service provider equipments, PE equipment, CE equipment and flow analysis servers, is specially:
Described PE equipment, be used for transmitting the data flow that sends by the pairing CE equipment of the source node of data flow to service provider equipment, and in described data flow, add with described data flow under the corresponding private network tags of VPN, the data flow that is used for that also described service provider equipment is sent is transmitted to the pairing CE equipment of the pairing destination node of described data flow, wherein, each the PE equipment in the described network system can be the data flow interpolation of its forwarding and the corresponding private network tags of VPN under each data flow;
Service provider equipment, be connected with described flow analysis servers with described PE equipment, be used for the pairing network equipment of data flow corresponding target node that receives is transmitted, and generate corresponding traffic statistics data, and report described flow analysis servers according to the different private network tags that is comprised in the described data flow;
Flow analysis servers, be connected with described service provider equipment with described PE equipment, store the identification information that comprises the pairing private network VPN of all PE equipment in the current system at least and the corresponding relation of private network tags, be used to receive the traffic statistics data that each described service provider equipment reports according to different private network tags generations, private network tags according to described traffic statistics data, according to described corresponding relation, generate traffic statistics data based on private network VPN.
10, network system as claimed in claim 9, it is characterized in that, in the corresponding relation of the scope of the private network tags that the identification information that comprises the pairing private network VPN of all PE equipment in the current system at least that described flow analysis servers is stored and each PE equipment can distribute, the device id that also comprises all PE equipment in the described network system, described flow analysis servers also is used for obtaining corresponding apparatus ID to all PE equipment of described network system, the pairing private network tags of determined each the private network VPN of the identification information of corresponding private network VPN and described PE equipment.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009101696014A CN101631089B (en) | 2009-08-27 | 2009-08-27 | Flow calculating method, flow calculating device and flow calculating system based on private network VPN |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009101696014A CN101631089B (en) | 2009-08-27 | 2009-08-27 | Flow calculating method, flow calculating device and flow calculating system based on private network VPN |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101631089A true CN101631089A (en) | 2010-01-20 |
| CN101631089B CN101631089B (en) | 2012-04-18 |
Family
ID=41576040
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2009101696014A Active CN101631089B (en) | 2009-08-27 | 2009-08-27 | Flow calculating method, flow calculating device and flow calculating system based on private network VPN |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101631089B (en) |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101834793A (en) * | 2010-04-29 | 2010-09-15 | 电子科技大学 | Virtual private network implementation method based on MPLS/OPS |
| CN102224709A (en) * | 2011-04-20 | 2011-10-19 | 华为技术有限公司 | Method and apparatus of monitoring on ip bearing net performance |
| CN103052088A (en) * | 2011-10-13 | 2013-04-17 | 风网科技(北京)有限公司 | Flow calculating system and method |
| CN104734981A (en) * | 2015-04-11 | 2015-06-24 | 广州咨元信息科技有限公司 | Device interconnectional relation-based method of precisely recognizing service traffic of MPLS VPN (multi-protocol label switching virtual private network) |
| CN106059887A (en) * | 2016-06-30 | 2016-10-26 | 杭州华三通信技术有限公司 | Method and device for traffic monitoring of VPN (Virtual Private Network) |
| CN107085523A (en) * | 2017-05-15 | 2017-08-22 | 深圳市伊特利网络科技有限公司 | The realization method and system that terminal app attends to anything else |
| CN109088769A (en) * | 2018-08-18 | 2018-12-25 | 国网山西省电力公司信息通信分公司 | A kind of device diagnosing MPLS-VPN data message |
| CN110703817A (en) * | 2016-03-29 | 2020-01-17 | 华为技术有限公司 | Control method, device and system for statistical flow |
| CN110868352A (en) * | 2019-11-14 | 2020-03-06 | 迈普通信技术股份有限公司 | Private network application identification system and method, SDN controller and P device |
| CN114554538A (en) * | 2022-03-22 | 2022-05-27 | 中国电信股份有限公司 | Flow statistical method and device, electronic equipment and storage medium |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101431440B (en) * | 2008-11-28 | 2010-10-27 | 杭州华三通信技术有限公司 | Flux monitoring method and apparatus |
| CN101488925B (en) * | 2009-03-03 | 2011-08-24 | 中兴通讯股份有限公司 | Method for collecting and designing VPN flow by using Netflow |
-
2009
- 2009-08-27 CN CN2009101696014A patent/CN101631089B/en active Active
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101834793A (en) * | 2010-04-29 | 2010-09-15 | 电子科技大学 | Virtual private network implementation method based on MPLS/OPS |
| CN102224709A (en) * | 2011-04-20 | 2011-10-19 | 华为技术有限公司 | Method and apparatus of monitoring on ip bearing net performance |
| CN103052088A (en) * | 2011-10-13 | 2013-04-17 | 风网科技(北京)有限公司 | Flow calculating system and method |
| CN103052088B (en) * | 2011-10-13 | 2016-06-29 | 风网科技(北京)有限公司 | Flow rate calculation system and method |
| CN104734981B (en) * | 2015-04-11 | 2017-10-27 | 广州咨元信息科技有限公司 | A kind of method that MPLS VPN service traffics are accurately recognized based on equipment interconnecting relation |
| CN104734981A (en) * | 2015-04-11 | 2015-06-24 | 广州咨元信息科技有限公司 | Device interconnectional relation-based method of precisely recognizing service traffic of MPLS VPN (multi-protocol label switching virtual private network) |
| CN110703817B (en) * | 2016-03-29 | 2022-04-05 | 华为技术有限公司 | Control method, device and system for statistical flow |
| CN110703817A (en) * | 2016-03-29 | 2020-01-17 | 华为技术有限公司 | Control method, device and system for statistical flow |
| US11381480B2 (en) | 2016-03-29 | 2022-07-05 | Huawei Technologies Co., Ltd. | Control method, apparatus, and system for collecting traffic statistics |
| US11716262B2 (en) | 2016-03-29 | 2023-08-01 | Huawei Technologies Co., Ltd. | Control method, apparatus, and system for collecting traffic statistics |
| CN106059887A (en) * | 2016-06-30 | 2016-10-26 | 杭州华三通信技术有限公司 | Method and device for traffic monitoring of VPN (Virtual Private Network) |
| CN107085523A (en) * | 2017-05-15 | 2017-08-22 | 深圳市伊特利网络科技有限公司 | The realization method and system that terminal app attends to anything else |
| CN109088769A (en) * | 2018-08-18 | 2018-12-25 | 国网山西省电力公司信息通信分公司 | A kind of device diagnosing MPLS-VPN data message |
| CN109088769B (en) * | 2018-08-18 | 2021-05-07 | 国网山西省电力公司信息通信分公司 | Device for diagnosing MPLS-VPN data message |
| CN110868352A (en) * | 2019-11-14 | 2020-03-06 | 迈普通信技术股份有限公司 | Private network application identification system and method, SDN controller and P device |
| CN110868352B (en) * | 2019-11-14 | 2022-04-15 | 迈普通信技术股份有限公司 | Private network application identification system and method, SDN controller and P device |
| CN114554538A (en) * | 2022-03-22 | 2022-05-27 | 中国电信股份有限公司 | Flow statistical method and device, electronic equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101631089B (en) | 2012-04-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101631089B (en) | Flow calculating method, flow calculating device and flow calculating system based on private network VPN | |
| US9225624B2 (en) | Systems and methods for topology discovery and application in a border gateway protocol based data center | |
| US10700958B2 (en) | Network management system with traffic engineering for a software defined network | |
| US11178594B2 (en) | Systems and methods for routing data | |
| US8856386B2 (en) | Cloud resource placement using placement pivot in physical topology | |
| CN102301663B (en) | Message processing method and associated devices | |
| CN105594167B (en) | Method, controller, forwarding device and the network system to E-Packet | |
| CN105765946A (en) | A method and system of supporting service chaining in a data network | |
| CN105227341A (en) | For the system and method by content center network management devices | |
| CN111585780B (en) | Supporting multiple virtual networks through underlying network topology | |
| US7936668B2 (en) | Methods and apparatus for distributing label information | |
| CN110868352B (en) | Private network application identification system and method, SDN controller and P device | |
| CN102833109A (en) | Positional information processing method and equipment of fault point | |
| US11477100B2 (en) | Residence time measurement for traffic engineered network | |
| US20140369238A1 (en) | System and method for identifying an ingress router of a flow when no ip address is associated with the interface from which the flow was received | |
| CN114884873A (en) | Method and device for determining forwarding path | |
| US8553539B2 (en) | Method and system for packet traffic congestion management | |
| Bidkar et al. | A scalable framework for segment routing in service provider networks: The omnipresent Ethernet approach | |
| CN108924011A (en) | Monitoring system, relevant device, method and medium for OSPF+ Routing Protocol | |
| CN110380966A (en) | A kind of method and its relevant device finding forward-path | |
| CN102394828A (en) | Message transmission method and device during cross-VPN (virtual private network) visit | |
| EP3624406B1 (en) | Packet forwarding in mpls network | |
| Litkowski et al. | Operational Management of Loop-Free Alternates | |
| CN106169969A (en) | Set up Virtual Private Network tag changeable path routing method, relevant device and system | |
| CN110838965B (en) | Tunnel establishment method and receiving node |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address |
Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No. Patentee after: Xinhua three Technology Co., Ltd. Address before: 310053 Hangzhou hi tech Industrial Development Zone, Zhejiang province science and Technology Industrial Park, No. 310 and No. six road, HUAWEI, Hangzhou production base Patentee before: Huasan Communication Technology Co., Ltd. |