CN102833167A - Method and data for transmitting data between local area networks - Google Patents
Method and data for transmitting data between local area networks Download PDFInfo
- Publication number
- CN102833167A CN102833167A CN2012103111609A CN201210311160A CN102833167A CN 102833167 A CN102833167 A CN 102833167A CN 2012103111609 A CN2012103111609 A CN 2012103111609A CN 201210311160 A CN201210311160 A CN 201210311160A CN 102833167 A CN102833167 A CN 102833167A
- Authority
- CN
- China
- Prior art keywords
- network
- line
- router
- local area
- tunnel
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 33
- 230000005540 biological transmission Effects 0.000 claims description 81
- 238000001514 detection method Methods 0.000 claims description 28
- 230000005641 tunneling Effects 0.000 claims description 4
- 238000012545 processing Methods 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 8
- 238000005516 engineering process Methods 0.000 description 5
- 238000004891 communication Methods 0.000 description 4
- 230000000694 effects Effects 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 238000013519 translation Methods 0.000 description 2
- 238000012423 maintenance Methods 0.000 description 1
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a method and a system for transmitting data between local area networks. The system comprises two special routers, wherein the two special routers are connected with an Ethernet network tunnel by a main network special line and a spare network special line, each special router is connected with a local area network router of the local area network and comprises a control device, and the control device is used for controlling the special routers to adopt the main network special line and the spare network special line and controlling data transmitted between two local area networks by the Ethernet network tunnel.
Description
Technical Field
The present invention relates to the field of network communications, and in particular, to a method and system for transmitting data between local area networks.
Background
Fig. 1 is a schematic diagram of a network structure of an enterprise headquarters and an enterprise branch in the prior art. In fig. 1, due to different deployment positions, the network of the same enterprise may have at least two networks, which are called an enterprise headquarters and an enterprise branch, wherein the enterprise branch and the enterprise headquarters respectively deploy an enterprise router, the enterprise applies for a network dedicated line from an operator, and then the headquarters and the branch enterprise routers can be directly connected, and only IP addresses need to be configured on the two routers. The network special line is a special channel provided by a network service provider for a user, so that the data transmission of the user becomes reliable and credible, and the special line has the advantages of good safety and guaranteed QoS.
However, with the increase of the service reliability requirement of the branch headquarters, the reliability of the network cannot be guaranteed by a single private line service, and enterprises want to increase the backup link of the public network VPN to guarantee the reliability requirement of the public network VPN. Fig. 2 is a schematic diagram of a network for backing up the network structure shown in fig. 1 in the prior art. In the network shown in fig. 2, the two enterprise servers are connected with a public network, and the public network transmission realizes the safe transmission of information through the VPN technology.
Existing solutions are generally implemented by upgrading an enterprise router, the upgraded router needs to support dial-up infrastructure access to an operator network, and in the current 3G-popular era, the router needs to be upgraded to a 3G router version.
For an enterprise router, if services such as VPN and 3G access are to be supported simultaneously, the cost of equipment needs to be increased for the enterprise router, each enterprise branch node needs to be updated, and existing network deployment of an enterprise may be damaged.
Therefore, on the premise of meeting the requirement of the local area network in the process of communication through the private network line, how to ensure that the original network is not changed is an urgent problem to be solved for the operators of the private network line.
Disclosure of Invention
The invention provides a method and a system for transmitting data between local area networks, aiming at solving the technical problem of how to ensure that the original network is not changed on the premise of meeting the requirement of the local area network in the process of communication through a network private line.
In order to solve the technical problems, the invention provides the following technical scheme:
a data transmission system between local area networks comprises two special line routers, wherein the two special line routers are connected with an Ethernet network tunnel through network special lines which are mutually a main line and a standby line, and each special line router is connected with a local area network router of a local area network; wherein the private line router comprises:
and the control device is used for controlling the special line router to transmit data between the two local area networks by adopting the mutually-active and standby special network lines and the Ethernet network tunnel.
Preferably, the system also has the following features:
the private line router includes:
the private line transmission device is used for transmitting data between the two local area networks through a network private line;
the tunnel transmission device is used for transmitting data between the two local area networks through an Ethernet tunnel;
the control device includes:
the detection module is used for detecting whether the network special line works normally or not;
and the switching module is connected with the detection module, the special line transmission device and the tunnel transmission device and is used for starting the tunnel transmission device when the special network line cannot normally work and starting the special line transmission device when the special network line can normally work.
Preferably, the system also has the following features: the detection module comprises:
the first sending unit is used for sending a ping packet to a special line router at the opposite end of the network special line through the network special line;
the acquisition unit is used for acquiring the result of the ping packet transmission;
the first detection unit is connected with the acquisition unit and used for obtaining the information that the network private line normally works when the ping packet is successfully sent;
the counting unit is connected with the first sending unit and the obtaining unit and used for counting the retransmission times of the ping packet before the ping packet is successfully sent when the ping packet is failed to be sent;
and the second detection unit is connected with the counting unit and used for obtaining the information that the network private line cannot normally work when the counting result of the counting unit reaches a preset frequency threshold value.
Preferably, the system also has the following features: the detection module comprises:
the second sending unit is used for sending a heartbeat signal to a special line router at the opposite end of the network special line through the network special line;
the timing unit is connected with the second sending unit and the acquisition unit and used for starting timing from the heartbeat signal sent by the sending unit and stopping timing when a response signal of the heartbeat signal is received;
the third detection unit is used for obtaining the information that the network private line normally works when receiving the response signal of the heartbeat signal;
and the fourth detection unit is connected with the timing unit and used for obtaining the information that the network private line cannot normally work when the timing result of the timing unit reaches a preset time threshold value.
Preferably, the system also has the following features:
the private line transmission device is used for transparently transmitting data which is sent from a local area network router to another local area network through local and data which is received from another private line router.
Preferably, the system also has the following features: the private line transmission device includes:
the transparent bridge unit is provided with a bridge group, wherein an interface connected with a local area network router and an interface connected with a special line router at the opposite end of the network special line are recorded in the bridge group of the transparent bridge unit;
and the processing unit is connected with the transparent bridge unit and used for calling the transparent bridge unit to transmit data.
Preferably, the system also has the following features: the tunnel transmission device comprises a special line side tunnel transmission module for sending data to a network special line opposite end and a local area network side tunnel transmission module for sending data to a local area network side, wherein:
the private line side tunnel transmission module includes:
an encryption unit, configured to encrypt received data before sending the data to the ethernet tunnel;
a second sending unit, configured to send the encrypted data through an ethernet tunnel;
the local area network side tunnel transmission module comprises:
the decryption unit is used for decrypting the encrypted data after receiving the encrypted data from the Ethernet tunnel;
and the third sending unit is used for sending the decrypted data to the local area network side.
Preferably, the system also has the following features: the private line router further comprises a tunnel establishing device for establishing an ethernet tunnel, wherein the tunnel establishing device comprises:
the enabling module is used for enabling an Internet interface;
the obtaining module is connected with the starting module and used for obtaining the public network IP address of the Internet interface;
and the establishing module is connected with the acquiring module and is used for establishing an Ethernet network tunnel by taking the public network IP address of the Internet interface as a source address and the public network IP address of the Internet interface on the special line router at the opposite end of the network special line as a destination address, wherein the objects encapsulated by the Ethernet network tunnel are all Ethernet frames which come from the interfaces locally connected with the local area network router and have the destination addresses not corresponding to the interfaces locally connected with the local area network router.
A data transmission method between local area networks, two special line routers are connected with an Ethernet network tunnel through mutually master and backup network special lines, wherein each special line router is connected with a local area network router of a local area network; the special line router adopts a network special line and an Ethernet network tunnel which are mutually a main line and a standby line to transmit data between two local area networks.
Preferably, the method also has the following characteristics: the special line router adopts mutually master and standby network special lines and an Ethernet network tunnel to transmit data between two local area networks, and comprises the following steps:
detecting whether the network private line works normally;
if the special network line can not work normally, the data between the two local area networks is transmitted through the Ethernet tunnel, and when the special network line can work normally, the data between the two local area networks is transmitted through the special network line.
Preferably, the method also has the following characteristics: the detecting whether the network special line works normally comprises the following steps:
sending a ping packet to a special line router of a network special line opposite end through a network special line;
obtaining a result sent by the ping packet;
if the ping packet is successfully sent, obtaining the information that the network special line normally works;
if the ping packet is failed to be sent, counting the retransmission times of the ping packet before the ping packet is successfully sent;
and when the counting result reaches a preset frequency threshold value, obtaining the information that the network private line can not work normally.
Preferably, the method also has the following characteristics: the detecting whether the network special line works normally comprises the following steps:
sending a heartbeat signal to a special line router at the opposite end of the special line of the network through the special line of the network;
starting timing from the sending of the heartbeat signal, and stopping timing when a response signal of the heartbeat signal is received;
if a response signal of the heartbeat signal is received, obtaining information that the network private line normally works; otherwise, when the timing result reaches a preset time threshold, the information that the network private line cannot work normally is obtained.
Preferably, the method also has the following characteristics: transmitting data between two local area networks through an Ethernet tunnel, comprising:
data sent from one LAN router to another LAN and received from another special line router are transmitted transparently.
Preferably, the method also has the following characteristics: the transparent transmission of the data between the local router and the local area network router and the data between the local router and the special line router at the opposite end of the network special line comprises the following steps:
configuring a transparent bridge unit, wherein an interface connected with a local area network router and an interface connected with a special line router at the opposite end of the network special line are recorded in a bridging group of the transparent bridge unit;
and invoking the transparent bridge unit to transmit data.
Preferably, the method also has the following characteristics: transmitting data between two local area networks through an Ethernet tunnel, comprising: :
before sending data to the Ethernet tunnel, encrypting the received data and sending the encrypted data through the Ethernet tunnel; and the number of the first and second groups,
and after receiving the encrypted data from the Ethernet tunnel, decrypting the encrypted data and sending the decrypted data to the local area network side.
Preferably, the method also has the following characteristics: the Ethernet tunnel is established by the following modes:
enabling an internet interface;
acquiring a public network IP address of the Internet interface;
and establishing an Ethernet network tunnel by taking the public network IP address of the Internet interface as a source address and the public network IP address of the Internet interface on the special line router at the opposite end of the special line of the network as a destination address, wherein the encapsulated objects of the Ethernet network tunnel are all Ethernet frames which come from the interfaces connected with the local area network router locally and have the destination addresses not the MAC addresses corresponding to the interfaces connected with the local area network router locally.
Different from the prior art, in the embodiment provided by the invention, the local area network router is not directly connected with the network private line, but is connected with the network private line through the private line router arranged on the outer side of the local area network router, and the network private line is backed up by the Ethernet network tunnel between the two private line routers, so that the network private line is backed up without changing the local area network router.
Drawings
FIG. 1 is a diagram illustrating a network architecture of a headquarters and branches of an enterprise in the prior art;
FIG. 2 is a schematic diagram of a prior art network for backing up the network architecture of FIG. 1;
fig. 3 is a schematic structural diagram of an embodiment of a data transmission system between local area networks according to the present invention;
fig. 4 is a schematic structural diagram of an application example of the data transmission system between local area networks according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail with reference to the accompanying drawings and specific embodiments. It should be noted that the embodiments and features of the embodiments in the present application may be arbitrarily combined with each other without conflict.
Fig. 3 is a schematic structural diagram of an embodiment of a data transmission system between local area networks according to the present invention. In the embodiment of the system shown in fig. 3, the system includes two dedicated routers, and the two dedicated routers are connected to an ethernet network tunnel through network dedicated lines that are a master and a standby, where each dedicated router is connected to a local area network router of a local area network; wherein the private line router comprises:
and the control device is used for controlling the special line router to transmit data between the two local area networks by adopting the mutually-active and standby special network lines and the Ethernet network tunnel.
Different from the prior art, in the system embodiment provided by the invention, the local area network router is not directly connected with the network private line, but is connected with the network private line through the private line router arranged on the outer side of the local area network router, and the network private line is backed up by the Ethernet network tunnel between the two private line routers, so that the backup of the network private line is realized without changing the local area network router.
The system provided by the present invention is further described below:
the private line router includes:
the private line transmission device is used for transmitting data between the two local area networks through a network private line;
the tunnel transmission device is used for transmitting data between the two local area networks through an Ethernet tunnel;
the control device includes:
the detection module is used for detecting whether the network special line works normally or not;
and the switching module is connected with the detection module, the special line transmission device and the tunnel transmission device and is used for starting the tunnel transmission device when the special network line cannot normally work and starting the special line transmission device when the special network line can normally work.
Namely, when the network private line can work normally, the private line router selects the network private line for transmission; when the network private line can not work normally, the private line router switches the data to the Ethernet network tunnel for transmission; in the process of using the Ethernet network tunnel for transmission, whether the network special line works normally is continuously detected, once the network special line is recovered to work normally, even if the Ethernet network tunnel can still work normally, data is switched back to the network special line, namely, the network special line is preferentially used for transmission whenever, because the transmission performance of the network special line is better than that of the Ethernet network tunnel, an operator can use the network special line to provide the best transmission performance for a user when the network special line can work normally, and the advantages of the network special line can be fully exerted.
It is further described that the detecting device detects whether the network dedicated line works normally in the following two ways, which are respectively described below:
first, the detection module comprises:
the first sending unit is used for sending a ping packet to a special line router at the opposite end of the network special line through the network special line;
the acquisition unit is used for acquiring the result of the ping packet transmission;
the first detection unit is connected with the acquisition unit and used for obtaining the information that the network private line normally works when the ping packet is successfully sent;
the counting unit is connected with the first sending unit and the obtaining unit and is used for counting the retransmission times of the ping packet before the ping packet is successfully sent;
and the second detection unit is connected with the counting unit and used for obtaining the information that the network private line cannot normally work when the counting result of the counting unit reaches a preset frequency threshold value.
Therefore, the counting is carried out on the retransmission times of the ping packets, the aim is to avoid the problem that the retransmission of the ping packets caused by temporary network faults influences the accurate judgment of the working state, and the accurate judgment of the working state of the network special line can be ensured.
Second, the detection module includes:
the second sending unit is used for sending a heartbeat signal to a special line router at the opposite end of the network special line through the network special line;
the timing unit is connected with the second sending unit and the acquisition unit and used for starting timing from the heartbeat signal sent by the sending unit and stopping timing when a response signal of the heartbeat signal is received;
the third detection unit is used for obtaining the information that the network private line normally works when receiving the response signal of the heartbeat signal;
and the fourth detection unit is connected with the timing unit and used for obtaining the information that the network private line cannot normally work when the timing result of the timing unit reaches a preset time threshold value.
Generally, the heartbeat signal and the response signal are only used for rapidly detecting whether the dedicated line can be used, so that the message with a small data volume can be used.
For the transmission pair of the network private line, referring to the network shown in fig. 1, it can be known that data is transmitted only through one network private line, that is, the intermediate transmission does not pass through any device, and there is no possibility of data leakage, but if a private line router is installed outside a local area network router, there is a possibility of data leakage, and therefore, for the above situation, the following solutions are proposed:
the private line transmission device is used for carrying out transparent transmission on data which is sent to another local area network from a local area network router through local and data received from another private line router.
The special line transmission device is used for transparently transmitting data between the two local area network routers, so that transparent transmission between the enterprise router and the special line router and between the two special line routers is realized, and transparent transmission of the enterprise data through the special line routers is completed. Because the data is transmitted transparently, the result is consistent with that of the enterprise data transmitted by the network private line in fig. 1, that is, on the premise of adding a private line router, because the data between two enterprise servers is transmitted transparently and is consistent with that of the network private line in fig. 1, the data is still equivalent to a network private line for a user using the network private line, the problem of data leakage does not exist, and the original private line transmission function of the enterprise is reused.
Certainly, there are many means for realizing transparent transmission of some data, but the invention realizes the effect of transparent transmission by applying the bridge technology of the prior art to the special line router in order to reduce the equipment cost of the special line router, and simultaneously achieves the effect of reducing the equipment configuration work. The following first gives a brief description of the bridge:
a Bridge (Bridge) is a store-and-forward device that connects lans over a data link layer and transfers data between lans. In some small networks, especially distributed relatively decentralized networks, the use of bridges may reduce the cost of network maintenance and the network end-user need not specifically configure the device. In practical applications, there are mainly four types of bridges: transparent bridges, source address routing bridges, translation bridges, and source address routing-translation bridges. In the present invention, transparent bridge technology will be used. Transparent bridges (Transparent Bridging) are used to connect lans of the same physical media type, and are mainly used in ethernet environments.
Specifically, the dedicated line transmission device includes:
the transparent bridge unit is provided with a bridge group, wherein an interface connected with a local area network router and an interface connected with a special line router at the opposite end of the network special line are recorded in the bridge group of the transparent bridge unit;
and the processing unit is connected with the transparent bridge unit and used for calling the transparent bridge unit to transmit data.
The above-mentioned special line transmission device is further explained, and the tunnel transmission device is explained as follows:
different from the network dedicated line transmission, the ethernet network tunnel is not a signal line, but a logical communication line established across the public network device, so that the transmitted data is stored with a certain security risk, and therefore, when the dedicated line router performs data transmission through the ethernet network tunnel, in order to ensure the security of the tunnel data, the transmitted data can be encrypted in the process of encapsulating the data, and correspondingly, once the encrypted data is received, the transmission device also needs to decrypt the encrypted data, so the tunnel transmission device comprises a dedicated line side tunnel transmission module for sending data to the opposite end of the network dedicated line and a local area network side tunnel transmission module for sending data to the local area network side, wherein:
the private line side tunnel transmission module includes:
an encryption unit for encrypting the received data before transmitting the data to the ethernet tunnel;
a second sending unit, configured to send the encrypted data through an ethernet tunnel;
the local area network side tunnel transmission module comprises:
the decryption unit is used for decrypting the encrypted data after receiving the encrypted data from the Ethernet tunnel;
and the third sending unit is used for sending the decrypted data to the local area network side.
The secure transmission of the Ethernet tunnel is realized through the encryption and decryption of data.
The following describes an ethernet tunnel used by the tunneling apparatus:
the private line router further comprises a tunnel establishing device for establishing an ethernet tunnel, wherein the tunnel establishing device comprises:
the enabling module is used for enabling an Internet interface;
the obtaining module is connected with the starting module and used for obtaining the public network IP address of the Internet interface;
and the establishing module is connected with the acquiring module and used for establishing an Ethernet network tunnel by taking the public network IP address of the Internet interface as a source address and the public network IP address of the Internet interface on the special line router at the opposite end of the special line of the network as a destination address, wherein the objects encapsulated by the Ethernet network tunnel are all Ethernet frames which come from the interfaces connected with the local area network router locally and have the destination addresses not the MAC addresses corresponding to the interfaces connected with the local area network router locally.
The internet interface enabled by the enabling module can be selected according to actual transmission needs, and if the transmission needs of the local area network are 3G transmission, the selected internet interface is the 3G interface.
The system embodiment provided by the present invention is further explained by an application example as follows:
fig. 4 is a schematic structural diagram of an application example of the data transmission system between local area networks according to the present invention. In the application example of the system shown in fig. 4, the enterprise headquarters and the enterprise branches are two lans, and the enterprise routers in the enterprise headquarters and the enterprise branches are the above-mentioned lan routers, wherein a router, i.e. a dedicated router, is respectively disposed outside the enterprise routers; unlike enterprise routers, private routers are typically provided by operators that provide network private services, while enterprise routers are provided by enterprises that use network private services.
In the present application example, the private line router is integrated with transparent bridge technology. Wherein,
one interface E0/0 of each special line router is connected with the enterprise router, one interface E0/1 is connected with the special line, and then the interface E0/0 and the interface E0/1 are added into a bridge group of the transparent bridge on the special line router, namely for the special line router, data transmitted from the interface E0/0 and the interface E0/1 are not analyzed, and transparent data transmission of the two interfaces is realized.
On the premise of reusing the original private line of an enterprise, a backup line of the network private line is established. The method comprises the following specific steps:
an eoip (Ethernet Over IP) technology is proposed in RFC3378, which mainly performs logical bridging on two Ethernet networks through an IP network, so that two networks on two sides can be in the same local area network, and the two networks can be guaranteed to access each other through two layers of MAC on the IP network.
In the application example, an Internet interface (in this example, a 3G interface) is enabled on a private line route, the 3G interface first accesses to an operator network through PPP dialing to obtain a public network IP, and the invention requests to apply for a fixed IP address from the operator. Then, two EOIP logical tunnel interfaces are respectively established on the special line router, the IP address of the opposite end is designated as a destination address, and the IP address of the 3G interface of the local equipment is designated as a source address; and specifying an EOIP tunneled object: all ethernet frames from interface E0/0 having a destination MAC address that is not the MAC address of interface E0/0, thereby enabling all ethernet frames from interface E0/0 to be sent to the tunnel peer through the EOIP tunnel.
For ease of understanding, the EOIP logical tunnel interface is a logical ethernet interface, and the EOIP tunnel is a bridge channel established between the E0/0 physical interface and the EOIP interface.
Because the EOIP tunnel is used as a backup line of an enterprise private line on a public network, and important and sensitive data of an enterprise are transmitted on the line, in the invention, IPSec (Internet protocol security) VPN is deployed on a 3G interface so as to perform anti-disclosure and anti-tampering protection on IP data encapsulated by EOIP.
After configuring the backup line for the network private line, how to backup the network private line by using the logic private line is described as follows:
at present, two lines exist in a private line device, one is a network private line, and the other is an ethernet network tunnel, and the specific use is as follows:
when the network private line is available, the private line router preferentially selects a bridging line from E0/0 to E0/1 to forward the message without using an EOIP tunnel;
when the network special line is unavailable, the special line router responds to the network special line unavailable event and switches the line to the EOIP bridging line, namely the EOIP line is optimized by the two-layer bridging line;
and after the network special line is recovered from the fault, the second-layer bridging forwarding module responds to the special line available event and switches the line back to the network special line again to carry out bridging forwarding service.
The detection of the network private line state can be specifically realized by the following modes:
configuring heartbeat detection messages on a network private line to detect the state of the private line; the method can be carried out in any mode:
the first method is as follows: acquiring an IP address corresponding to an interface connected with a network private line on a private line router of an opposite end of the network private line; and then sending ping packet detection to the IP address, and defining retry times N, wherein N is a positive integer, namely if the sending times of the ping packet reaches N, if the detection result is still failure, the network special line cannot work normally, and conversely, the network special line can work normally.
The second method comprises the following steps: defining a heartbeat frame for detecting whether a network private line is available or not, and configuring a detection frame for responding to the heartbeat frame; the special line router sends a heartbeat frame at fixed time, and the timeout time is defined to be N seconds, namely, if the opposite-end detection frame can not be received within the N seconds, the network special line is considered to be unavailable; conversely, if received, the network private line is deemed available.
It can be seen from the above that the enterprise router is not directly connected with the network dedicated line, but is connected with the network dedicated line through the dedicated line router, and the network dedicated line is backed up by the ethernet network tunnel between the two dedicated line routers, thereby realizing the backup of the network dedicated line without changing the enterprise router.
Corresponding to the system, the invention also provides an embodiment of a method for transmitting data between local area networks, wherein in the method, two special line routers are connected with an Ethernet network tunnel through mutually master and standby network special lines, wherein each special line router is connected with a local area network router of a local area network; wherein:
the special line router adopts a network special line and an Ethernet network tunnel which are mutually a main line and a standby line to transmit data between two local area networks.
The special line router transmits data between two local area networks by adopting a network special line and an Ethernet network tunnel which are mutually active and standby, and comprises the following steps:
detecting whether the network private line works normally;
if the special network line can not work normally, the data between the two local area networks is transmitted through the Ethernet tunnel, and when the special network line can work normally, the data between the two local area networks is transmitted through the special network line.
Wherein, whether to normally work to network private line detects, includes:
sending a ping packet to a special line router of a network special line opposite end through a network special line;
obtaining a result sent by the ping packet;
if the ping packet is successfully sent, obtaining the information that the network special line normally works;
if the ping packet is failed to be sent, counting the retransmission times of the ping packet before the ping packet is successfully sent;
and when the counting result reaches a preset frequency threshold value, obtaining the information that the network private line can not work normally.
Wherein, whether to normally work to network private line detects, includes:
sending a heartbeat signal to a special line router at the opposite end of the special line of the network through the special line of the network;
starting timing from the sending of the heartbeat signal, and stopping timing when a response signal of the heartbeat signal is received;
if a response signal of the heartbeat signal is received, obtaining information that the network private line normally works; otherwise, when the timing result reaches a preset time threshold, the information that the network private line cannot work normally is obtained.
Wherein, the data between the two local area networks is transmitted through the Ethernet tunnel, which comprises:
data sent from one LAN router to another LAN and received from another special line router are transmitted transparently.
Wherein, the transparent transmission is carried out on the data sent from the local area network router to another local area network locally and the data received from another private line router, and the transparent transmission comprises the following steps:
configuring a transparent bridge unit, wherein an interface connected with a local area network router and an interface connected with a special line router at the opposite end of the network special line are recorded in a bridging group of the transparent bridge unit;
and invoking the transparent bridge unit to transmit data.
Wherein, the data between the two local area networks is transmitted through the Ethernet tunnel, which comprises: :
before sending data to the Ethernet tunnel, encrypting the received data and sending the encrypted data through the Ethernet tunnel; and the number of the first and second groups,
and after receiving the encrypted data from the Ethernet tunnel, decrypting the encrypted data and sending the decrypted data to the local area network side.
The Ethernet tunnel is established in the following way, including:
enabling an internet interface;
acquiring a public network IP address of the Internet interface;
and establishing an Ethernet network tunnel by taking the public network IP address of the Internet interface as a source address and the public network IP address of the Internet interface on the special line router at the opposite end of the special line of the network as a destination address, wherein the encapsulated objects of the Ethernet network tunnel are all Ethernet frames which come from the interfaces connected with the local area network router locally and have the destination addresses not the MAC addresses corresponding to the interfaces connected with the local area network router locally.
Different from the prior art, in the method embodiment provided by the invention, the local area network router is not directly connected with the network private line, but is connected with the network private line through the private line router arranged on the outer side of the local area network router, and the network private line is backed up by the Ethernet network tunnel between the two private line routers, so that the network private line is backed up without changing the local area network router.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (16)
1. A data transmission system between local area networks is characterized by comprising two special line routers, wherein the two special line routers are connected with an Ethernet network tunnel through mutually master and standby network special lines, and each special line router is connected with a local area network router of a local area network; wherein the private line router comprises:
and the control device is used for controlling the special line router to transmit data between the two local area networks by adopting the mutually-active and standby special network lines and the Ethernet network tunnel.
2. The system for data transmission between local area networks according to claim 1, wherein:
the private line router includes:
the private line transmission device is used for transmitting data between the two local area networks through a network private line;
the tunnel transmission device is used for transmitting data between the two local area networks through an Ethernet tunnel;
the control device includes:
the detection module is used for detecting whether the network special line works normally or not;
and the switching module is connected with the detection module, the special line transmission device and the tunnel transmission device and is used for starting the tunnel transmission device when the special network line cannot normally work and starting the special line transmission device when the special network line can normally work.
3. The system according to claim 2, wherein the detecting module comprises:
the first sending unit is used for sending a ping packet to a special line router at the opposite end of the network special line through the network special line;
the acquisition unit is used for acquiring the result of the ping packet transmission;
the first detection unit is connected with the acquisition unit and used for obtaining the information that the network private line normally works when the ping packet is successfully sent;
the counting unit is connected with the first sending unit and the obtaining unit and used for counting the retransmission times of the ping packet before the ping packet is successfully sent when the ping packet is failed to be sent;
and the second detection unit is connected with the counting unit and used for obtaining the information that the network private line cannot normally work when the counting result of the counting unit reaches a preset frequency threshold value.
4. The system according to claim 2, wherein the detecting module comprises:
the second sending unit is used for sending a heartbeat signal to a special line router at the opposite end of the network special line through the network special line;
the timing unit is connected with the second sending unit and the acquisition unit and used for starting timing from the heartbeat signal sent by the sending unit and stopping timing when a response signal of the heartbeat signal is received;
the third detection unit is used for obtaining the information that the network private line normally works when receiving the response signal of the heartbeat signal;
and the fourth detection unit is connected with the timing unit and used for obtaining the information that the network private line cannot normally work when the timing result of the timing unit reaches a preset time threshold value.
5. The inter-local area network data transmission system according to claim 2, wherein:
the private line transmission device is used for transparently transmitting data which is sent from a local area network router to another local area network through local and data which is received from another private line router.
6. The system of claim 5, wherein the dedicated line transmission device comprises:
the transparent bridge unit is provided with a bridge group, wherein an interface connected with a local area network router and an interface connected with a special line router at the opposite end of the network special line are recorded in the bridge group of the transparent bridge unit;
and the processing unit is connected with the transparent bridge unit and used for calling the transparent bridge unit to transmit data.
7. The system according to claim 2, wherein the tunneling apparatus includes a dedicated-line-side tunneling module for sending data to the network dedicated-line opposite end and a local-area-network-side tunneling module for sending data to the local-area-network side, wherein:
the private line side tunnel transmission module includes:
an encryption unit, configured to encrypt received data before sending the data to the ethernet tunnel;
a second sending unit, configured to send the encrypted data through an ethernet tunnel;
the local area network side tunnel transmission module comprises:
the decryption unit is used for decrypting the encrypted data after receiving the encrypted data from the Ethernet tunnel;
and the third sending unit is used for sending the decrypted data to the local area network side.
8. The system for data transmission between local area networks according to claim 1, wherein said private line router further comprises tunnel establishing means for establishing an ethernet tunnel, wherein said tunnel establishing means comprises:
the enabling module is used for enabling an Internet interface;
the obtaining module is connected with the starting module and used for obtaining the public network IP address of the Internet interface;
and the establishing module is connected with the acquiring module and is used for establishing an Ethernet network tunnel by taking the public network IP address of the Internet interface as a source address and the public network IP address of the Internet interface on the special line router at the opposite end of the network special line as a destination address, wherein the objects encapsulated by the Ethernet network tunnel are all Ethernet frames which come from the interfaces locally connected with the local area network router and have the destination addresses not corresponding to the interfaces locally connected with the local area network router.
9. A data transmission method between local area networks is characterized in that two special line routers are connected with an Ethernet network tunnel through network special lines which are mutually a main network and a standby network, wherein each special line router is connected with a local area network router of a local area network; the special line router adopts a network special line and an Ethernet network tunnel which are mutually a main line and a standby line to transmit data between two local area networks.
10. The method according to claim 9, wherein the dedicated router transmits data between two lans by using a network dedicated line and an ethernet network tunnel, the method comprising:
detecting whether the network private line works normally;
if the special network line can not work normally, the data between the two local area networks is transmitted through the Ethernet tunnel, and when the special network line can work normally, the data between the two local area networks is transmitted through the special network line.
11. The method according to claim 10, wherein the detecting whether the dedicated network line is working normally comprises:
sending a ping packet to a special line router of a network special line opposite end through a network special line;
obtaining a result sent by the ping packet;
if the ping packet is successfully sent, obtaining the information that the network special line normally works;
if the ping packet is failed to be sent, counting the retransmission times of the ping packet before the ping packet is successfully sent;
and when the counting result reaches a preset frequency threshold value, obtaining the information that the network private line can not work normally.
12. The method according to claim 10, wherein the detecting whether the dedicated network line is working normally comprises:
sending a heartbeat signal to a special line router at the opposite end of the special line of the network through the special line of the network;
starting timing from the sending of the heartbeat signal, and stopping timing when a response signal of the heartbeat signal is received;
if a response signal of the heartbeat signal is received, obtaining information that the network private line normally works; otherwise, when the timing result reaches a preset time threshold, the information that the network private line cannot work normally is obtained.
13. The method of claim 10, wherein the transmitting data between two local area networks via ethernet tunnel comprises:
data sent from one LAN router to another LAN and received from another special line router are transmitted transparently.
14. The method according to claim 13, wherein the transparently transmitting data between the local router and the lan router and between the local router and the private router at the opposite end of the private network includes:
configuring a transparent bridge unit, wherein an interface connected with a local area network router and an interface connected with a special line router at the opposite end of the network special line are recorded in a bridging group of the transparent bridge unit;
and invoking the transparent bridge unit to transmit data.
15. The method of claim 10, wherein the transmitting data between two local area networks via ethernet tunnel comprises: :
before sending data to the Ethernet tunnel, encrypting the received data and sending the encrypted data through the Ethernet tunnel; and the number of the first and second groups,
and after receiving the encrypted data from the Ethernet tunnel, decrypting the encrypted data and sending the decrypted data to the local area network side.
16. The method of claim 9, wherein the ethernet tunnel is established by:
enabling an internet interface;
acquiring a public network IP address of the Internet interface;
and establishing an Ethernet network tunnel by taking the public network IP address of the Internet interface as a source address and the public network IP address of the Internet interface on the special line router at the opposite end of the special line of the network as a destination address, wherein the encapsulated objects of the Ethernet network tunnel are all Ethernet frames which come from the interfaces connected with the local area network router locally and have the destination addresses not the MAC addresses corresponding to the interfaces connected with the local area network router locally.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210311160.9A CN102833167B (en) | 2012-08-28 | 2012-08-28 | Data transmission method and system between local area network (LAN) |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210311160.9A CN102833167B (en) | 2012-08-28 | 2012-08-28 | Data transmission method and system between local area network (LAN) |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102833167A true CN102833167A (en) | 2012-12-19 |
| CN102833167B CN102833167B (en) | 2016-01-20 |
Family
ID=47336140
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210311160.9A Active CN102833167B (en) | 2012-08-28 | 2012-08-28 | Data transmission method and system between local area network (LAN) |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102833167B (en) |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103532789A (en) * | 2013-10-25 | 2014-01-22 | 北京直真科技股份有限公司 | Inter-network transparent transmission detecting system |
| CN107257300A (en) * | 2017-08-09 | 2017-10-17 | 广州市大为通信有限公司 | A kind of 4G access devices of wireless backup, system and method |
| CN108023802A (en) * | 2016-11-01 | 2018-05-11 | 中国移动通信集团广东有限公司 | Data transmission system and method |
| CN108243101A (en) * | 2016-12-23 | 2018-07-03 | 中国移动通信集团广东有限公司 | Data transmission system and method |
| CN108512698A (en) * | 2018-03-15 | 2018-09-07 | 北京奇艺世纪科技有限公司 | A kind of network disaster tolerance method, device and electronic equipment |
| CN110290545A (en) * | 2019-06-19 | 2019-09-27 | 高新兴科技集团股份有限公司 | A kind of online keepalive method of wireless telecom equipment |
| CN111182022A (en) * | 2019-10-31 | 2020-05-19 | 腾讯云计算(北京)有限责任公司 | Data transmission method and device, storage medium and electronic device |
| CN114268578A (en) * | 2021-12-16 | 2022-04-01 | 平安证券股份有限公司 | Data transmission method, device and equipment for switching line and storage medium |
| CN114866466A (en) * | 2022-03-29 | 2022-08-05 | 深圳会当科技有限公司 | Device communication method and device, electronic device and readable storage medium |
| CN114885115A (en) * | 2022-07-06 | 2022-08-09 | 杭州峰图信息技术有限责任公司 | Automatic switching device for communication line |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2003062947A2 (en) * | 2002-01-17 | 2003-07-31 | Cisco Technology, Inc. | Load balancing for fast reroute backup tunnels |
| CN1319336C (en) * | 2003-05-26 | 2007-05-30 | 华为技术有限公司 | Method for building special analog network |
| CN101304346A (en) * | 2008-06-27 | 2008-11-12 | 北京星网锐捷网络技术有限公司 | Method and apparatus for monitoring link |
| CN101345649A (en) * | 2007-07-11 | 2009-01-14 | 数位联合电信股份有限公司 | Redundant network system and its processing method |
| CN101645836A (en) * | 2009-08-25 | 2010-02-10 | 杭州华三通信技术有限公司 | Packet transmission method and device in multi-protocol label switching network |
-
2012
- 2012-08-28 CN CN201210311160.9A patent/CN102833167B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2003062947A2 (en) * | 2002-01-17 | 2003-07-31 | Cisco Technology, Inc. | Load balancing for fast reroute backup tunnels |
| CN1319336C (en) * | 2003-05-26 | 2007-05-30 | 华为技术有限公司 | Method for building special analog network |
| CN101345649A (en) * | 2007-07-11 | 2009-01-14 | 数位联合电信股份有限公司 | Redundant network system and its processing method |
| CN101304346A (en) * | 2008-06-27 | 2008-11-12 | 北京星网锐捷网络技术有限公司 | Method and apparatus for monitoring link |
| CN101645836A (en) * | 2009-08-25 | 2010-02-10 | 杭州华三通信技术有限公司 | Packet transmission method and device in multi-protocol label switching network |
Non-Patent Citations (3)
| Title |
|---|
| 秦祥旺,卢小冰: "局域网互连和数据专线备份的ISDN解决方案", 《黑龙江通信技术》 * |
| 秦祥旺,卢小冰: "局域网互连和数据专线备份的ISDN解决方案", 《黑龙江通信技术》, no. 4, 31 December 2000 (2000-12-31) * |
| 郑树平,等: "无线VPN技术在数字前兆台网中的应用", 《大地测量与地球动力学》 * |
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103532789B (en) * | 2013-10-25 | 2017-02-15 | 北京直真科技股份有限公司 | Inter-network transparent transmission detecting system |
| CN103532789A (en) * | 2013-10-25 | 2014-01-22 | 北京直真科技股份有限公司 | Inter-network transparent transmission detecting system |
| CN108023802A (en) * | 2016-11-01 | 2018-05-11 | 中国移动通信集团广东有限公司 | Data transmission system and method |
| CN108023802B (en) * | 2016-11-01 | 2020-11-10 | 中国移动通信集团广东有限公司 | Data transmission system and method |
| CN108243101B (en) * | 2016-12-23 | 2021-03-16 | 中国移动通信集团广东有限公司 | Data transmission system and method |
| CN108243101A (en) * | 2016-12-23 | 2018-07-03 | 中国移动通信集团广东有限公司 | Data transmission system and method |
| CN107257300A (en) * | 2017-08-09 | 2017-10-17 | 广州市大为通信有限公司 | A kind of 4G access devices of wireless backup, system and method |
| CN107257300B (en) * | 2017-08-09 | 2018-08-31 | 广州市大为通信有限公司 | A kind of 4G access devices of wireless backup, system and method |
| CN108512698A (en) * | 2018-03-15 | 2018-09-07 | 北京奇艺世纪科技有限公司 | A kind of network disaster tolerance method, device and electronic equipment |
| CN110290545A (en) * | 2019-06-19 | 2019-09-27 | 高新兴科技集团股份有限公司 | A kind of online keepalive method of wireless telecom equipment |
| CN111182022A (en) * | 2019-10-31 | 2020-05-19 | 腾讯云计算(北京)有限责任公司 | Data transmission method and device, storage medium and electronic device |
| CN111182022B (en) * | 2019-10-31 | 2023-08-29 | 腾讯云计算(北京)有限责任公司 | Data transmission method and device, storage medium and electronic device |
| CN114268578A (en) * | 2021-12-16 | 2022-04-01 | 平安证券股份有限公司 | Data transmission method, device and equipment for switching line and storage medium |
| CN114268578B (en) * | 2021-12-16 | 2024-04-02 | 平安证券股份有限公司 | Data transmission method, device, equipment and storage medium for switching line |
| CN114866466A (en) * | 2022-03-29 | 2022-08-05 | 深圳会当科技有限公司 | Device communication method and device, electronic device and readable storage medium |
| CN114885115A (en) * | 2022-07-06 | 2022-08-09 | 杭州峰图信息技术有限责任公司 | Automatic switching device for communication line |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102833167B (en) | 2016-01-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102833167B (en) | Data transmission method and system between local area network (LAN) | |
| US11190491B1 (en) | Method and apparatus for maintaining a resilient VPN connection | |
| CN108574614B (en) | Message processing method, device and network system | |
| US9426678B2 (en) | Implementing dual-homed node protection | |
| CN102571426B (en) | Double-homing protection method and device | |
| US20100189115A1 (en) | Edge node redundant system in label switching network | |
| US20220210130A1 (en) | Method and apparatus for maintaining a resilient vpn connection | |
| WO2016082412A1 (en) | Method and apparatus for realizing reliable transmission of data, and computer storage medium | |
| JP2006013827A (en) | Packet transfer apparatus | |
| CN102480423B (en) | A kind of guard method of L2TP network and system | |
| JP6107498B2 (en) | COMMUNICATION METHOD, COMMUNICATION DEVICE, AND COMMUNICATION PROGRAM | |
| JP6027688B2 (en) | Method and apparatus for automatic label assignment in ring network protection | |
| CN102970160B (en) | The method and apparatus of a kind of auxiliary monitor terminal and standby server high-speed traffic | |
| CN102742222B (en) | Method and apparatus for maintaining connectivity of transmission lines | |
| CN101800774A (en) | Environmental-friendly accessing method and environmental-friendly accessing network | |
| US11606390B1 (en) | Rerouting network traffic based on detecting offline connection | |
| IL269035B (en) | Methods and devices for providing cyber security for time aware end-to-end packet flow networks | |
| WO2014206207A1 (en) | Route withdrawal method and network device | |
| CN102164085A (en) | Tunnel group protection realization method and device based on multi-protocol label switching network | |
| US11006346B2 (en) | X2 service transmission method and network device | |
| Lam et al. | Network management requirements for mpls-based transport networks | |
| WO2014044088A1 (en) | L2tp network protection method, apparatus and system | |
| Sajassi et al. | Layer 2 Virtual Private Network (L2VPN) Operations, Administration, and Maintenance (OAM) Requirements and Framework | |
| WO2022001937A1 (en) | Service transmission method and apparatus, network device, and storage medium | |
| JP5288505B2 (en) | Communication apparatus, communication system, communication path switching method, and communication path switching program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |