CN102377835B - Communication method and device for network element group network - Google Patents
Communication method and device for network element group network Download PDFInfo
- Publication number
- CN102377835B CN102377835B CN201010259655.2A CN201010259655A CN102377835B CN 102377835 B CN102377835 B CN 102377835B CN 201010259655 A CN201010259655 A CN 201010259655A CN 102377835 B CN102377835 B CN 102377835B
- Authority
- CN
- China
- Prior art keywords
- address
- data message
- nat
- list item
- switch
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The invention provides a communication method and a communication device for a network element group network. The method comprises that: a command switch in the network element group network informs member switches added into the network element group network of enabling an Internet protocol version 6 (IPv6) stateless automatic configuration function, and generates and maintains IPv6 addresses comprising the media access control (MAC) address information of the member switches for the member switches; each member switch in the network element group network communicates with the other member switches or with the command switch by the IPv6 address; and the command switch realizes communication between the member switches and an external network by performing network address translation (NAT) on an IPv4 public network address of the network element group network and the IPv6 address of the member switches. By the method and the device, management over a network element group can be simplified.
Description
Technical field
The present invention relates to network communications technology field, particularly a kind of communication means of network element group network, system and device.
Background technology
Network element management and group is the special proprietary protocol group to one group of same configuration of Ethernet product, maintenance and management that, IP serious waste of resources large for large number quipments configuring maintenance amount, open not good etc. problem propose.When a large amount of switches are managed, in order to save IP address and convenient management, introduced network element group management function.
As shown in Figure 1, the switch in a network element group can be exchanged visits, and each switch is mainly divided into two roles: command switch and member switch.Wherein on command switch, dispose IPv4 public network address, and realize configuration and the management to each member switch by command switch.A key property of network element management and group is exactly plug and play, and candidate switch is without realizing configuration, just access network element group automatically after access network element group network.
At present, in a network element group network, exchanging visit between member switch adopts IPv4 private net address, be that command switch is to the member switch configuration of IP v4 private net address newly adding, the IPv4 private net address of different member switch configurations is different, and this IPv4 private net address effectively, can not be exposed to external network in network element group network.In addition, for the security feature that guarantees network element group prevents address conflict, in network element group network, can not enable address resolution protocol (ARP), command switch need to be safeguarded the mapping relations between IPv4 private net address and the MAC Address of each member switch so.Exchanging visit between member switch and external network realizes by command switch, and the message repeating between member switch and external network need to carry out network address translation (NAT) on command switch.
Can find out, in the prior art, command switch need to distribute different IPv4 private net addresses for the each member switch in network element group network, and command switch need to be safeguarded the mapping relations between IPv4 private net address and the MAC Address of each member switch in network element group network, obviously the management of network element group is very complicated.
Summary of the invention
The invention provides a kind of communication means for network element group network and device, so that simplify the management of network element group.
For a communication means for network element group network, the method comprises:
Command switch in network element group network notice adds the member switch of described network element group network to enable the automatic configuration feature of IPv6 stateless, for described member switch generate and maintenance package containing the IPv6 address of the mac address information of this member switch;
Between each member switch in described network element group network or between member switch and command switch, by described IPv6 address, communicate;
Described command switch is realized communicating by letter of member switch and external network by the IPv4 public network address of described network element group network and the described IPv6 address of member switch being carried out to network address translation NAT.
A command switch in network element group network, this command switch comprises:
Configuration distributing unit, adds the member switch of described network element group network to enable the automatic configuration feature of IPv6 stateless for notifying;
Address-generation unit, for for described member switch, generate and maintenance package containing the IPv6 address of the mac address information of this member switch;
Net in communication unit, for and described member switch between by described IPv6 address, communicate;
Internetwork communication unit, for realizing communicating by letter of member switch and external network by the IPv4 public network address of described group network and the described IPv6 address of member switch being carried out to network address translation NAT.
A member switch for network element group network, this member switch comprises:
Configuration receiving element, when receiving the IPv6 stateless provisioning message that the command switch of described network element group network issues, enables the automatic configuration feature of IPv6 stateless;
Private net address generation unit, when enabling the automatic configuration feature of IPv6 stateless at this member switch, generates the IPv6 address of the mac address information that comprises this member switch;
Communication unit in net, for communicating by described IPv6 address with other member switch or command switch;
Internetwork communication unit, for sending to command switch to forward the data message communicating with external network, this command switch, carrying out in repeating process, carries out the NAT between the IPv4 public network address of network element group network and the described IPv6 address of member switch by data message.
For a communication system for network element group network, this system comprises mentioned order switch and member switch.
As can be seen from the above technical solutions, the present invention uses the IPv6 address that comprises member switch mac address information to replace IPv4 private net address in network element group network, use the automatic configuration feature of IPv6 stateless to replace the IPv4 private net address distribution mechanism of network element group, make command switch without one by one for member switch distributing IP v4 private net address, and the mapping relations between IPv4 private net address pond and IPv4 private net address and the MAC Address of Maintenance free member switch, have simplified the management complexity of network element group greatly.
Accompanying drawing explanation
Fig. 1 is a schematic diagram of network element group network;
The method flow diagram that Fig. 2 provides for the embodiment of the present invention;
Fig. 3 is the networking schematic diagram that network element group network and external network are exchanged visits;
Fig. 4 is the structural representation of command switch provided by the invention;
Fig. 5 is the structural representation of member switch provided by the invention.
Embodiment
In order to make the object, technical solutions and advantages of the present invention clearer, below in conjunction with the drawings and specific embodiments, describe the present invention.
Main method provided by the invention comprises: command switch notice adds the member switch of network element group network to enable the automatic configuration feature of IPv6 stateless, for this member switch generate and maintenance package containing the IPv6 address of the mac address information of this member switch; Each member switch, when adding network element group network, generates the IPv6 address that comprises self MAC address information; Between each member switch, by IPv6 address, communicate, the nat feature by command switch between member switch and external network communicates.
Wherein, the IPv6 address that comprises member switch mac address information can adopt link-local (link-local) address or the IPv6 global unicast address of IPv6.When adopting the link-local address of IPv6, the bridge MAC Address of member switch can be added to prefix FE80 forms link-local address; When adopting IPv6 global unicast address, the bridge MAC Address of member switch can be added to IPv6 global unicast address prefix.In following examples all take the link-local address of IPv6 as example.
Below in conjunction with specific embodiment, said method is described in detail, as shown in Figure 2, the method can specifically comprise the following steps:
Step 201: when command switch is found newly to add the member switch of network element group network, issue the IPv6 stateless configuration messages of configuration automatically to this member switch.
If exist certain switch to add network element group network, the topology discovery feature of command switch can be found this switch, and sends and join request to this switch.After this switch receives this and joins request, can initiate verification process to this command switch, after authentication success, this switch becomes member switch and adds network element group network.In this process, command switch can get the bridge MAC Address of this member switch newly adding.
The form of the configuration messages that command switch issues can be as shown in table 1, and IPv6 address configuration indication (IP6ConfigFlag) field is used to indicate member switch and whether enables IPv6 stateless and automatically configure.Other field is identical with the implication in existing configuration messages, does not repeat them here.
Table 1
Step 202: member switch receives after this configuration messages, enables the automatic configuration feature of IPv6 stateless, utilizes the bridge MAC Address of self to generate link-local address.
The form of the link-local address that in this embodiment, member switch generates is FE80:: the machine bridge MAC.The unified prefix of the link-local address that wherein, FE80 is IPv6.
Step 203: command switch utilizes the bridge MAC Address of member switch to generate the link-local address of this member switch.
From the description in step 201, command switch is the bridge MAC Address to member switch by NDP Receive message, same, and the form of the link-local address of this member switch that command switch generates is FE80:: the machine bridge MAC.
Because the bridge MAC Address of every equipment is unique, therefore, can reach an agreement in the link-local address of this member switch that command switch and member switch are safeguarded.For example, the bridge MAC Address of member switch 1 is 000f-5980-0046, the link-local address that member switch self generates is FE80::f:5980:0046, and the link-local address of this member switch that command switch generates is FE80::f:5980:0046.
In addition, it should be noted that between step 202 and step 203, there is no fixing precedence relationship, also can carry out simultaneously.
Step 204: find the link-local address of (ND) message study neighbor switch by neighbours between each switch of network element group network inside, and communicate in network element group network by link-local address.
Because the link-local address of the each switch in network element group network is unique, and external network is sealed, therefore, when needing to carry out message interaction between the each switch in network element group network, directly use the link-local address of the neighbor switch of learning to realize.
In the normally transmission of keep-alive message of communication of network element group network inside, between the switch in network element group network, send keep-alive message and safeguard annexation, the IPv6 address of the transmission of this keep-alive message based on each switch.
In addition, it should be noted that, the each switch in the network element group network relating in this step comprises member switch and command switch.
Step 205: communicating by letter between member switch and external network realizes by the nat feature of command switch.
Communicating by letter between member switch and external network comprises: access and the external network access to member switch of member switch to external network, is described these two processes respectively below.
Command switch is generating behind the link-local address of member switch, can generate respectively internal server NAT list item for this member switch, this internal server NAT list item is static entry, during for the member switch of outside network device access network element group network, use, its content comprises: application protocol information, global ip address (Global IP), global port numbers (Global Port), local ip address (Local IP), local port number (Local Port).Global ip address is the IPv4 public network address of this network element group, local ip address is the link-local address of member switch, local port number is the well-known protocol port number of corresponding application protocol, global port numbers is that command switch is the port numbers of the corresponding application protocol of this member switch distribution, wherein, global ip address and global port numbers, for the data message from external network being carried out to the coupling of object IP address and destination interface, will specifically describe in subsequent descriptions.
As shown in Figure 3, the link-local address of supposing the member switch newly adding is FE80::f:5980:0046, the link-local address of command switch is FE80::f:5980:0040, the IPv4 public network address configuring on command switch is 210.1.1.1, if configured tri-kinds of application protocols of SNMP, HTTP and FTP on this command switch, the internal server NAT list item generating for this member switch is as shown in table 2.Take list item corresponding to FTP as example, wherein, global port numbers 53249 for command switch be port numbers corresponding to FTP that this member switch distributes, local port number 21 is the well-known protocol port number that FTP is corresponding.
Table 2
| Application protocol | Global IP | Global Port | Local IP | Local Port | Protocol number |
| SNMP | 210.1.1.1 | 49153 | FE80::f:5980:0046 | 161 | 17 |
| HTTP | 210.1.1.1 | 51201 | FE80::f:5980:0046 | 80 | 6 |
| FTP | 210.1.1.1 | 53249 | FE80::f:5980:0046 | 21 | 6 |
In addition, while newly connecting outside network device on command switch, can generate respectively external server NAT list item for each outside network device, this external server NAT list item is static entry, while accessing outside network device for the member switch of network element group network, use, its content comprises equally: application protocol information, global ip address (Global IP), global port numbers (Global Port), local ip address (Local IP), local port number (Local Port).Wherein, global ip address is the link-local address of command switch, the IPv4 address that local ip address is outside network device, the well-known protocol port number that global port numbers is corresponding application protocol, local port number can be selected identical with global port numbers, can be also a random port number.
Take framework shown in Fig. 3 as example, as shown in table 3 for the external server NAT list item of outside network device configuration equally.
Table 3
| Application protocol | Local IP | Local Port | Global IP | Global Port | Protocol number |
| TRAP | 210.1.1.10 | 162 | FE80::f:5980:0040 | 162 | 17 |
| TFTP | 210.1.1.10 | 69 | FE80::f:5980:0040 | 69 | 17 |
| FTP | 210.1.1.10 | 21 | FE80::f:5980:0040 | 21 | 6 |
| SYSLOG | 210.1.1.10 | 514 | FE80::f:5980:0040 | 514 | 17 |
The process of member switch access outside network device comprises:
Member switch sends datagram to command switch, and the link-local address that the source IP address of this data message is member switch, link-local address, the source port number that object IP address is command switch are that random port number, destination slogan are well-known protocol port number.Take framework shown in Fig. 3 as example, the source IP address of the FTP data message sending during member device access outside network device is that FE80::f:5980:0046, source port number are that random port numbers 1086, object IP address are that FE80::f:5980:0040, destination slogan are 21.
When command switch receives this data message, the object IP address of this data message and destination slogan are mated with global ip address and global port numbers in external server static NAT list item respectively, find the NAT list item of coupling, it by the object IP address transition of this data message, is the local ip address in the NAT list item mating, the IPv4 public network address that again source IP address of this data message is converted to this network element group, then sends this data message.This data message just can be transferred to the corresponding network equipment in public network.In this NAT process, destination slogan does not change, and source port number can carry out random transition.
The example continuing in a upper process, it is FE80::f:5980:0046 that command switch receives source IP address, source port number is 1086, object IP address is FE80::f:5980:0040, destination slogan is after 21 data message, by object IP address FE80::f:5980:0040 and destination slogan, be 21 after the global ip address in table 3 and global port numbers are mated with external server static NAT table respectively, the list item that the list item that finds coupling is the third line, carry out after NAT, the object IP address of data message is 210.1.1.10, source IP address is 210.1.1.1, source port number is 49152, destination slogan is 21.
Command switch is being carried out after above-mentioned NAT, can generate in this locality an external server pooled NAT list item, this pooled NAT list item comprises destination slogan and object IP address, the source IP address of conversion front and back and the source port number of conversion front and back after data message conversion, as shown in table 4.
Table 4
The data message of replying for outside network device, its source IP address is that 210.1.1.10, object IP address are that 210.1.1.1, destination slogan are 49152, source port number is 21.Command switch receives after this data message, whether the destination slogan that can judge this data message is that command switch is the port numbers of the corresponding application protocol of member switch distribution, if, explanation is the access to network element group network that outside network device is initiated, search internal server static NAT list item data message is mated, this process specifically describes in the process of visiting from outside member switch.Otherwise explanation is the data message that outside network device is replied.
Determine be outside network device reply data message after, command switch is searched external server pooled NAT list item, determine the external server pooled NAT list item that mate with object IP address, destination slogan, source IP address, the source port number of this data message respectively of destination slogan after the source port number after source IP address, the conversion after conversion, object IP address, the conversion after conversion, the object IP address of data message and destination slogan are converted to respectively to the source IP address before conversion in the NAT list item of coupling and change before source port number.Now, the object IP address of the data message after conversion and destination slogan are respectively FE80::f:5980:0046 and 1086.
Then search external server static NAT list item, determine the static NAT list item that local ip address and local port number mate with source IP address and the source port number of data message respectively, the source IP address of this data message and source port number are converted to respectively to global ip address and global port numbers in the static NAT list item of coupling.Now, the source IP address of the data message after changing is FE80::f:5980:0040, and source port number is 21.Then this data message just can be sent to corresponding member switch.
The process of outside network device access member switch comprises:
Outside network device sends datagram to command switch, the source IP address of this data message is the IP address of outside network device, object IP address is the IPv4 public network address of network element group, source port number is random port numbers, destination slogan be command switch be member switch distribute corresponding application protocol port numbers (outside network device conventionally first log on command switch obtain this port numbers corresponding to member switch that will access, set it as the destination slogan sending datagram), this destination slogan and this outside network device corresponding global port numbers in command switch is consistent.Still take Fig. 3 as example, the FTP data message sending during outside network device visit order switch, its source IP address is that 210.1.1.10, object IP address are that 210.1.1.1, source port number are 49152, destination slogan is 53249.
Command switch receives after this data message, the destination slogan of determining this data message is that command switch is the port numbers of the corresponding application protocol of member switch distribution, therefore, the object IP address of this data message and destination slogan are mated with global ip address and global port numbers in internal server static NAT list item respectively, find the NAT list item of coupling, the object IP address of this data message and destination slogan are converted to respectively to local ip address and local port number in the NAT list item of coupling, again the source IP address of this data message is converted to the link-local address of this command switch, then send this data message.This data message can pass to corresponding member switch.In this NAT process, source port number can random transition.
The example continuing in a upper process, command switch receives after data message, the list item that finds coupling is the list item of the third line in table 2, carry out after NAT, the object IP address of data message is that FE80::f:5980:0046, source IP address are that FE80::f:5980:0040, source port number are 1087, destination slogan is 21, and this data message just can be sent to corresponding member switch.
Command switch is being carried out after above-mentioned NAT, can generate in this locality an internal server pooled NAT list item, this internal server pooled NAT list item comprises destination slogan and object IP address, the source IP address of conversion front and back and the source port number of conversion front and back after data message conversion, as shown in table 5.
Table 5
The data message of replying for member switch, its source IP address is that FE80::f:5980:0046, object IP address are that FE80::f:5980:0040, source port number are 21, destination slogan is 1087.Command switch receives after this data message, first judge whether destination slogan is corresponding well-known protocol port number, if, determine that this data message is the data message that member switch sends while initiatively accessing external network,, according to the process of above-mentioned member switch access outside network device, mate external server static NAT list item.Otherwise, determine that this data message is the data message that member switch is replied.
After determining that this data message is the data message of member switch reply, search internal server pooled NAT list item, determine the internal server pooled NAT list item that mate with object IP address, destination slogan, source IP address and the source port number of this data message respectively of destination slogan after the source port number after source IP address, the conversion after conversion, object IP address and the conversion after conversion, then the object IP address of data message and destination slogan are converted to respectively to the source IP address before conversion in the NAT list item of coupling and change before source port number.Now, the object IP address of the data message after conversion and destination slogan are respectively: 210.1.1.10 and 49152.
Then, search internal server static NAT list item, determine the static NAT list item that local ip address and local port number mate with source IP address and the source port number of data message respectively, the source IP address of this data message and source port number are converted to respectively to global ip address and global port numbers in the static NAT list item of coupling.Now, the source IP address of the data message after changing is 210.1.1.1, and source port number is 53249, then this data message just can be sent to corresponding outside network device.
Be more than the detailed description that method provided by the present invention is carried out, below device provided by the present invention and system be described in detail.
Fig. 4 is the structural representation of command switch provided by the invention, and as shown in Figure 4, this command switch can comprise: communication unit 420 and internetwork communication unit 430 in configuration distributing unit 400, address-generation unit 410, net.
Address-generation unit 410, for for member switch, generate and maintenance package containing the IPv6 address of the mac address information of this member switch.
Net in communication unit 420, for and member switch between by IPv6 address, communicate.
Particularly, configuration distributing unit 400 can be to newly adding the member switch of network group network to issue IPv6 stateless provisioning message.
Address-generation unit 410 is in the topology discovery procedure of this command switch, the bridge MAC Address of the member switch newly adding by NDP Receive message, before the bridge MAC Address of obtaining, increase link-local link-local address prefix or IPv6 global unicast address prefix, form the IPv6 address of member switch.
Particularly, in order to realize communicating by letter between network element group network and external network, this command switch also comprises: the first static entry generation unit 440 and the second static entry generation unit 450.
The first static entry generation unit 440, for forming behind the IPv6 address of member switch at address-generation unit 410, for member switch, generate internal server static NAT list item, the IPv4 public network address that global ip address in this internal server static NAT list item is network element group network, local ip address is the IPv6 address of member switch, local port number is the well-known protocol port number of corresponding application protocol, and global port numbers is that command switch is the port numbers of the corresponding application protocol of member switch distribution.
The second static entry generation unit 450, for when this command switch connects outside network device, for outside network device, generate external server static NAT list item, the IPv6 address that global ip address in this external server static NAT list item is command switch, the mac address information that comprises command switch in the IPv6 address of this command switch, local ip address is the IPv4 address of outside network device, global port numbers is the well-known protocol port number of corresponding application protocol, and local port number is identical with global port numbers or be random port number;
Above-mentioned internetwork communication unit 430 can specifically comprise: external network side transmitting-receiving subelement 431, a NAT process subelement 432, the 2nd NAT processes subelement 433 and internal network side transmitting-receiving subelement 434.
External network side transmitting-receiving subelement 431, for receiving after the data message from outside network device, offers a NAT by this data message and processes subelement 432; The data message that the 2nd NAT processing subelement 433 is provided is sent to outside network device.
The one NAT processes subelement 432, for the data message receiving is carried out after a NAT, data message is offered to internal network side transmitting-receiving subelement 434, wherein, the one NAT specifically comprises: the object IP address of the data message receiving and destination slogan are mated with global ip address and global port numbers in internal server static NAT list item, find the static NAT list item of coupling, the object IP address of this data message and destination slogan are converted to respectively to local ip address and local port number in the static NAT list item of coupling, again the source IP address of this data message is converted to the IPv6 address of command switch, source port number carries out random transition.
Internal network side transmitting-receiving subelement 434, is sent to member switch for the data message that a NAT processing subelement 432 is provided; Receive after the data message from member switch, this data message is offered to the 2nd NAT and process subelement 433.
The 2nd NAT processes subelement 433, for the data message receiving, carry out offering external network side transmitting-receiving subelement 431 after the 2nd NAT, wherein, the 2nd NAT comprises: the object IP address of this data message and destination slogan are mated with global ip address and global port numbers in external server static NAT list item, find the static NAT list item of coupling, it by the object IP address transition of this data message, is the local ip address in the static NAT list item mating, again the source IP address of this data message is converted to the IPv4 public network address of network element group network, and the source port of this data message is carried out to random transition.
Further, internetwork communication unit 430 can also comprise: the first dynamic entry produces subelement 435, the first judgment sub-unit 436 and the 3rd NAT and processes subelement 437.
The first dynamic entry produces subelement 435, for a NAT, process the NAT generation internal server pooled NAT list item that subelement 432 is carried out, the source port number before and after source IP address and conversion before and after the destination slogan after the conversion that this internal server pooled NAT list item comprises a NAT and object IP address, conversion.
The first judgment sub-unit 436, for obtaining internal network side transmitting-receiving subelement 434, offer the data message of the 2nd NAT processing subelement 433, whether the destination slogan that judges this data message is well-known protocol port number, if so, this data message is continued to be transmitted to the 2nd NAT and process subelement 433; Otherwise, this data message is offered to the 3rd NAT and processes subelement 437.
The 3rd NAT processes subelement 437, be used for receiving after data message, by the object IP address of data message, destination slogan, source IP address after the conversion of source IP address and source port number and internal server pooled NAT list item, source port number after conversion, destination slogan after object IP address after conversion and conversion mates, the object IP address of data message and destination slogan are converted to respectively to the source IP address before conversion and the source port number before conversion in the internal server pooled NAT list item of coupling, then the source IP address of data message and source port number are mated with local ip address and local port number in internal server static NAT list item respectively, the source IP address of this data message and source port number are converted to respectively to global ip address and global port numbers in the static NAT list item of coupling, send this data message to external network side transmitting-receiving subelement 431.
External network side transmitting-receiving subelement 431, is also sent to outside network device for the data message that the 3rd NAT processing subelement 437 is provided.
In addition, internetwork communication unit can also comprise: the second dynamic entry produces subelement 438, the second judgment sub-unit 439
The second dynamic entry produces subelement 438, the 2nd NAT generation external server pooled NAT list item of carrying out for process subelement 433 for the 2nd NAT, the source port number before and after source IP address and conversion before and after the destination slogan after the conversion that this external server pooled NAT list item comprises the 2nd NAT and object IP address, conversion.
The second judgment sub-unit 439, for obtaining external network side transmitting-receiving subelement 431, offer the data message of a NAT processing subelement, whether the destination slogan that judges this data message is that command switch is the port numbers of the corresponding application protocol of member switch distribution, if so, this data message is continued to be transmitted to a NAT and process subelement 432; Otherwise, this data message is offered to the 4th NAT and processes subelement 461.
The 4th NAT processes subelement 461, be used for the object IP address of the data message receiving, destination slogan, source IP address after the conversion of source IP address and source port number and external server pooled NAT list item, source port number after conversion, destination slogan after object IP address after conversion and conversion mates, the object IP address of data message and destination slogan are converted to respectively to the source IP address before conversion and the source port number before conversion in the external server pooled NAT list item of coupling, then the source IP address of data message and source port number are mated with local ip address and local port number in external server static NAT list item respectively, the source IP address of this data message and source port number are converted to respectively to global ip address and global port numbers in the static NAT list item of coupling, send this data message to internal network side transmitting-receiving subelement 434.
Internal network side transmitting-receiving subelement 434, is also sent to member switch for the data message that the 4th NAT processing subelement 461 is provided.
Fig. 5 is the structural representation of member switch provided by the invention, and as shown in Figure 5, this member switch can comprise: communication unit 520 and internetwork communication unit 530 in configuration receiving element 500, private net address generation unit 510, net.
Configuration receiving element 500, when receiving the IPv6 stateless provisioning message that the command switch of network element group network issues, enables the automatic configuration feature of IPv6 stateless.
Private net address generation unit 510, when enabling the automatic configuration feature of IPv6 stateless at this member switch, generates the IPv6 address of the mac address information that comprises this member switch.
Communication unit 520 in net, for communicating by IPv6 address with other member switch or command switch.
Internetwork communication unit 530, for sending to command switch to forward the data message communicating with external network, this command switch, carrying out in repeating process, carries out the NAT between the IPv4 public network address of network element group network and the IPv6 address of member switch by data message.
Wherein, private net address generation unit 510 increased link-local link-local address prefix or IPv6 global unicast address prefix before the bridge MAC Address of self, formed the IPv6 address of this member switch.
Communication system for network element group network provided by the invention, can comprise command switch as shown in Figure 4 and member switch as shown in Figure 5.
By above description, can be found out, the present invention possesses following advantage:
1) the present invention uses the IPv6 address that comprises member switch mac address information to replace IPv4 private net address in network element group network, use the automatic configuration feature of IPv6 stateless to replace the IPv4 private net address distribution mechanism of network element group, make command switch without one by one for member switch distributing IP v4 private net address, and the mapping relations between IPv4 private net address pond and IPv4 private net address and the MAC Address of Maintenance free member switch, have simplified the management complexity of network element group greatly.
2) adopt mode of the present invention existing IPv6 security feature can be introduced to network element group network, and without extra consideration safety function in network element group network.
3) IPv6 technology is in development fast, and the new features that in network element group network, follow-up IPv6 is convenient in the introducing of IPv6 can be dissolved in network element management and group rapidly, facilitate the upgrading of network element group network function and the expansion of characteristic.
The foregoing is only preferred embodiment of the present invention, in order to limit the present invention, within the spirit and principles in the present invention not all, any modification of making, be equal to replacement, improvement etc., within all should being included in the scope of protection of the invention.
Claims (11)
1. a communication means for network element group network, is characterized in that, the method comprises:
Command switch in network element group network notice adds the member switch of described network element group network to enable the automatic configuration feature of IPv6 stateless, for described member switch generate and maintenance package containing the IPv6 address of the mac address information of this member switch;
Between each member switch in described network element group network or between member switch and command switch, by described IPv6 address, communicate;
Described command switch is realized communicating by letter of member switch and external network by the IPv4 public network address of described network element group network and the described IPv6 address of member switch being carried out to network address translation NAT.
2. method according to claim 1, it is characterized in that, the command switch notice in network element group network adds the member switch of described network element group network to enable the automatic configuration feature of IPv6 stateless and specifically comprises: described command switch is to newly adding the member switch of described network element group network to issue IPv6 stateless provisioning message;
Described member switch receives after IPv6 stateless provisioning message, enable the automatic configuration feature of IPv6 stateless, before the bridge MAC Address of self, increase link-local link-local address prefix or IPv6 global unicast address prefix, form the IPv6 address of this member switch.
3. method according to claim 1, is characterized in that, generates also maintenance package specifically comprise containing the IPv6 address of the mac address information of this member switch for described member switch:
Described command switch is to newly adding the member switch of described network element group network to carry out in the process of topology discovery, the bridge MAC Address of the member switch newly adding by NDP Receive message, before the bridge MAC Address of obtaining, increase link-local address prefix or IPv6 global unicast address prefix, form the IPv6 address of described member switch.
4. according to claim 1, method described in 2 or 3, it is characterized in that, described command switch is generating behind IPv6 address for described member switch, for this member switch, generate internal server static NAT list item, the IPv4 public network address that global ip address in this internal server static NAT list item is described network element group network, local ip address is the IPv6 address of described member switch, local port number is the well-known protocol port number of corresponding application protocol, global port numbers is that command switch is the port numbers of the corresponding application protocol of described member switch distribution,
Described command switch is when connecting outside network device, can generate external server static NAT list item for described outside network device, the IPv6 address that global ip address in this external server static NAT list item is described command switch, the mac address information that comprises command switch in the IPv6 address of this command switch, local ip address is the IPv4 address of outside network device, global port numbers is the well-known protocol port number of corresponding application protocol, and local port number is identical with global port numbers or be random port number;
Described command switch specifically comprises by NAT is carried out in the described IPv6 address of the IPv4 public network address of described network element group network and member switch:
Command switch receives after the data message from outside network device, and this data message is carried out, after a NAT, sending datagram to member switch; Wherein, the one NAT comprises: the object IP address of this data message and destination slogan are mated with global ip address and global port numbers in internal server static NAT list item, find the static NAT list item of coupling, the object IP address of this data message and destination slogan are converted to respectively to local ip address and local port number in the static NAT list item of coupling, again the source IP address of this data message is converted to the IPv6 address of described command switch, source port number carries out random transition, sends datagram to member switch;
Described command switch receives after the data message from described member switch, and this data message is carried out, after the 2nd NAT, sending datagram to outside network device; Wherein, the 2nd NAT comprises: the object IP address of this data message and destination slogan are mated with global ip address and global port numbers in external server static NAT list item, find the static NAT list item of coupling, it by the object IP address transition of this data message, is the local ip address in the static NAT list item mating, again the source IP address of this data message is converted to the IPv4 public network address of described network element group network, and the source port of this data message is carried out to random transition.
5. method according to claim 4, it is characterized in that, described sending datagram to before member switch, also comprise: described command switch generates internal server pooled NAT list item in this locality the source port number before and after source IP address and conversion before and after the destination slogan after the conversion that this internal server pooled NAT list item comprises a NAT and object IP address, conversion;
Described the object IP address of this data message and destination slogan are mated with global ip address in external server static NAT list item and global port numbers before, also comprise: described command switch judges whether the destination slogan of the described data message from member switch is well-known protocol port number, if so, continue to carry out the described step that the object IP address of this data message and destination slogan are mated with global ip address in external server static NAT list item and global port numbers, otherwise, by the object IP address of data message, destination slogan, source IP address after the conversion of source IP address and source port number and internal server pooled NAT list item, source port number after conversion, destination slogan after object IP address after conversion and conversion mates, the object IP address of data message and destination slogan are converted to respectively to the source IP address before conversion and the source port number before conversion in the internal server pooled NAT list item of coupling, then the source IP address of data message and source port number are mated with local ip address and local port number in internal server static NAT list item respectively, the source IP address of this data message and source port number are converted to respectively to global ip address and global port numbers in the static NAT list item of coupling, send this data message to outside network device.
6. method according to claim 4, it is characterized in that, this data message of described transmission is to before outside network device, also comprise: described command switch generates external server pooled NAT list item in this locality the source port number before and after source IP address and conversion before and after the destination slogan after the conversion that this external server pooled NAT list item comprises the 2nd NAT and object IP address, conversion;
Described the object IP address of this data message and destination slogan are mated with global ip address in internal server static NAT list item and global port numbers before, also comprise: described command switch judges whether from the destination slogan of the data message of outside network device be that described command switch is the port numbers of the corresponding application protocol of member switch distribution, if, continue to carry out the described step that the object IP address of this data message and destination slogan are mated with global ip address in internal server static NAT list item and global port numbers, otherwise, by the object IP address of data message, destination slogan, source IP address after the conversion of source IP address and source port number and external server pooled NAT list item, source port number after conversion, destination slogan after object IP address after conversion and conversion mates, the object IP address of data message and destination slogan are converted to respectively to the source IP address before conversion and the source port number before conversion in the external server pooled NAT list item of coupling, then the source IP address of data message and source port number are mated with local ip address and local port number in external server static NAT list item respectively, the source IP address of this data message and source port number are converted to respectively to global ip address and global port numbers in the static NAT list item of coupling, send this data message to member switch.
7. the command switch in network element group network, is characterized in that, this command switch comprises:
Configuration distributing unit, adds the member switch of described network element group network to enable the automatic configuration feature of IPv6 stateless for notifying;
Address-generation unit, for for described member switch, generate and maintenance package containing the IPv6 address of the mac address information of this member switch;
Net in communication unit, for and described member switch between by described IPv6 address, communicate;
Internetwork communication unit, for realizing communicating by letter of member switch and external network by the IPv4 public network address of described group network and the described IPv6 address of member switch being carried out to network address translation NAT.
8. command switch according to claim 7, is characterized in that, described configuration distributing unit is to newly adding the member switch of described network element group network to issue IPv6 stateless provisioning message;
Described address-generation unit is in the topology discovery procedure of this command switch, the bridge MAC Address of the member switch newly adding by NDP Receive message, before the bridge MAC Address of obtaining, increase link-local link-local address prefix or IPv6 global unicast address prefix, form the IPv6 address of described member switch.
9. according to the command switch described in claim 7 or 8, it is characterized in that, this command switch also comprises: the first static entry generation unit and the second static entry generation unit;
Described the first static entry generation unit, for forming behind the IPv6 address of described member switch at described address-generation unit, for described member switch, generate internal server static NAT list item, the IPv4 public network address that global ip address in this internal server static NAT list item is described network element group network, local ip address is the IPv6 address of described member switch, local port number is the well-known protocol port number of corresponding application protocol, and global port numbers is that command switch is the port numbers of the corresponding application protocol of described member switch distribution;
Described the second static entry generation unit, for when this command switch connects outside network device, for described outside network device, generate external server static NAT list item, the IPv6 address that global ip address in this external server static NAT list item is described command switch, the mac address information that comprises command switch in the IPv6 address of this command switch, local ip address is the IPv4 address of outside network device, global port numbers is the well-known protocol port number of corresponding application protocol, local port number is identical with global port numbers or be random port number,
Described internetwork communication unit specifically comprises:
External network side transmitting-receiving subelement, for receiving after the data message from outside network device, offers a NAT by this data message and processes subelement; The data message that the 2nd NAT processing subelement is provided is sent to outside network device;
The one NAT processes subelement, for the data message receiving is carried out after a NAT, data message is offered to internal network side transmitting-receiving subelement, wherein, the one NAT specifically comprises: the object IP address of the data message receiving and destination slogan are mated with global ip address and global port numbers in internal server static NAT list item, find the static NAT list item of coupling, the object IP address of this data message and destination slogan are converted to respectively to local ip address and local port number in the static NAT list item of coupling, again the source IP address of this data message is converted to the IPv6 address of described command switch, source port number carries out random transition,
Internal network side transmitting-receiving subelement, is sent to member switch for the data message that a described NAT processing subelement is provided; Receive after the data message from member switch, this data message is offered to the 2nd NAT and process subelement;
The 2nd NAT processes subelement, for the data message receiving, carry out offering described external network side transmitting-receiving subelement after the 2nd NAT, wherein, the 2nd NAT comprises: the object IP address of this data message and destination slogan are mated with global ip address and global port numbers in external server static NAT list item, find the static NAT list item of coupling, it by the object IP address transition of this data message, is the local ip address in the static NAT list item mating, again the source IP address of this data message is converted to the IPv4 public network address of described network element group network, and the source port of this data message is carried out to random transition.
10. command switch according to claim 9, is characterized in that, described internetwork communication unit also comprises:
The first dynamic entry produces subelement, for a described NAT, process the NAT generation internal server pooled NAT list item that subelement is carried out, the source port number before and after source IP address and conversion before and after the destination slogan after the conversion that this internal server pooled NAT list item comprises a NAT and object IP address, conversion;
The first judgment sub-unit, for obtaining described internal network side transmitting-receiving subelement, offer the data message of described the 2nd NAT processing subelement, whether the destination slogan that judges this data message is well-known protocol port number, if so, this data message is continued to be transmitted to described the 2nd NAT and process subelement; Otherwise, this data message is offered to the 3rd NAT and processes subelement;
The 3rd NAT processes subelement, be used for receiving after data message, by the object IP address of data message, destination slogan, source IP address after the conversion of source IP address and source port number and internal server pooled NAT list item, source port number after conversion, destination slogan after object IP address after conversion and conversion mates, the object IP address of data message and destination slogan are converted to respectively to the source IP address before conversion and the source port number before conversion in the internal server pooled NAT list item of coupling, then the source IP address of data message and source port number are mated with local ip address and local port number in internal server static NAT list item respectively, the source IP address of this data message and source port number are converted to respectively to global ip address and global port numbers in the static NAT list item of coupling, send this data message to described external network side transmitting-receiving subelement,
Described external network side transmitting-receiving subelement, is also sent to outside network device for the data message that described the 3rd NAT processing subelement is provided.
11. command switch according to claim 9, is characterized in that, described internetwork communication unit also comprises:
The second dynamic entry produces subelement, the 2nd NAT generation external server pooled NAT list item of carrying out for process subelement for described the 2nd NAT, the source port number before and after source IP address and conversion before and after the destination slogan after the conversion that this external server pooled NAT list item comprises the 2nd NAT and object IP address, conversion;
The second judgment sub-unit, for obtaining described external network side transmitting-receiving subelement, offer the data message of a described NAT processing subelement, whether the destination slogan that judges this data message is that described command switch is the port numbers of the corresponding application protocol of member switch distribution, if so, this data message is continued to be transmitted to a described NAT and process subelement; Otherwise, this data message is offered to the 4th NAT and processes subelement;
The 4th NAT processes subelement, be used for the object IP address of the data message receiving, destination slogan, source IP address after the conversion of source IP address and source port number and external server pooled NAT list item, source port number after conversion, destination slogan after object IP address after conversion and conversion mates, the object IP address of data message and destination slogan are converted to respectively to the source IP address before conversion and the source port number before conversion in the external server pooled NAT list item of coupling, then the source IP address of data message and source port number are mated with local ip address and local port number in external server static NAT list item respectively, the source IP address of this data message and source port number are converted to respectively to global ip address and global port numbers in the static NAT list item of coupling, send this data message to internal network side transmitting-receiving subelement,
Described internal network side transmitting-receiving subelement, is also sent to member switch for the data message that described the 4th NAT processing subelement is provided.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010259655.2A CN102377835B (en) | 2010-08-20 | 2010-08-20 | Communication method and device for network element group network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010259655.2A CN102377835B (en) | 2010-08-20 | 2010-08-20 | Communication method and device for network element group network |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102377835A CN102377835A (en) | 2012-03-14 |
| CN102377835B true CN102377835B (en) | 2014-04-16 |
Family
ID=45795782
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010259655.2A Expired - Fee Related CN102377835B (en) | 2010-08-20 | 2010-08-20 | Communication method and device for network element group network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102377835B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107070719B (en) * | 2017-04-24 | 2019-12-06 | 新华三信息技术有限公司 | Equipment management method and device |
| CN110995502B (en) * | 2019-12-18 | 2022-06-21 | 迈普通信技术股份有限公司 | Network configuration management method, device, switching equipment and readable storage medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101098256A (en) * | 2007-06-14 | 2008-01-02 | 中兴通讯股份有限公司 | Simple network management protocol based cluster management method and system |
| CN101621528A (en) * | 2009-06-30 | 2010-01-06 | 迈普通信技术股份有限公司 | Conversation system based on Ethernet switch cluster management and method for realizing conversation passage |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7586897B2 (en) * | 2004-10-29 | 2009-09-08 | Telecom Italis S.P.A. | Method for controlling routing operations in a network, related network and computer program product thereof |
-
2010
- 2010-08-20 CN CN201010259655.2A patent/CN102377835B/en not_active Expired - Fee Related
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101098256A (en) * | 2007-06-14 | 2008-01-02 | 中兴通讯股份有限公司 | Simple network management protocol based cluster management method and system |
| CN101621528A (en) * | 2009-06-30 | 2010-01-06 | 迈普通信技术股份有限公司 | Conversation system based on Ethernet switch cluster management and method for realizing conversation passage |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102377835A (en) | 2012-03-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Liu et al. | Efficient naming, addressing and profile services in Internet-of-Things sensory environments | |
| US8767737B2 (en) | Data center network system and packet forwarding method thereof | |
| CN102291320B (en) | MAC (media access control) address learning method and edge device | |
| CN106412142B (en) | Resource equipment address obtaining method and device | |
| US8566474B2 (en) | Methods, systems, and computer readable media for providing dynamic origination-based routing key registration in a diameter network | |
| CN102710811B (en) | Realize method and the switch of dhcp address safety distribution | |
| CN103997414A (en) | Configuration information generation method and network control unit | |
| CN102801623B (en) | Multi-access data transmitting method and device | |
| US10911400B2 (en) | Network device movement validation | |
| CN104488222A (en) | Home network system and network setting method of router therein | |
| CN101883090A (en) | Client access method, equipment and system | |
| KR102059282B1 (en) | Improved Neighbor Discovery in Communication Networks | |
| US8832314B2 (en) | Information synchronization method, apparatus and system | |
| US9413590B2 (en) | Method for management of a secured transfer session through an address translation device, corresponding server and computer program | |
| WO2017012089A1 (en) | Communication method, device and system based on data link layer | |
| CN101321118A (en) | Method and apparatus for implementing wireless router proxy | |
| CN102377835B (en) | Communication method and device for network element group network | |
| CN112995038A (en) | Access method of PROFINET protocol in industrial SDN | |
| CN103516820A (en) | Port forwarding method and apparatus based on MAC address | |
| CN102594808A (en) | System and method for preventing Dynamic Host Configuration Protocol for Internet Protocol Version 6 (DHCPv6) server spoofing | |
| Rodrigues et al. | Zigzag: A middleware for service discovery in future internet | |
| CN104683491A (en) | Method and system for obtaining Internet protocol addresses of virtual machines | |
| Chelius et al. | No Administration Protocol (NAP) for IPv6 router auto-configuration | |
| CN104468467A (en) | Dynamic host configuration protocol (DHCP) message transmitting method and device | |
| JP6002642B2 (en) | Communication node, network system, and device control method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address |
Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No. Patentee after: Xinhua three Technology Co., Ltd. Address before: 310053 Hangzhou hi tech Industrial Development Zone, Zhejiang province science and Technology Industrial Park, No. 310 and No. six road, HUAWEI, Hangzhou production base Patentee before: Huasan Communication Technology Co., Ltd. |
|
| CP03 | Change of name, title or address | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20140416 Termination date: 20200820 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |