CN103297338A - Virtual private network (VPN) router advertisement method and device - Google Patents
Virtual private network (VPN) router advertisement method and device Download PDFInfo
- Publication number
- CN103297338A CN103297338A CN2013102497086A CN201310249708A CN103297338A CN 103297338 A CN103297338 A CN 103297338A CN 2013102497086 A CN2013102497086 A CN 2013102497086A CN 201310249708 A CN201310249708 A CN 201310249708A CN 103297338 A CN103297338 A CN 103297338A
- Authority
- CN
- China
- Prior art keywords
- public network
- network tunnel
- vpn
- route
- equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses a virtual private network (VPN) router advertisement method which includes that a first router device receives VPN router information issued by a second router device which serves as the VPN neighbor, and the VPN router information contains the router address prefixes of VPN routers and public network tunnel path attributes used for indicating whether a public network tunnel which the VPN routers depend on is built or not; the first router device determines whether a public network tunnel between the VPN router device and the VPN router address prefixes of the VPN routers is built or not according to the public network tunnel path attributes of the VPN routers and whether a public network tunnel between the VPN router device and a second router device is built or not, and the public network tunnel path attributes of the VPN routers are updated according to the determining result; and when the first router device performs router optimization aiming at the VPN routers with the same router address prefix, the VPN routers with the built public network tunnel between the VPN router device and the public network tunnel path attributes is preferred. The VPN router advertisement method can optimize the router convergence time.
Description
Technical field
The present invention relates to network communications technology field, particularly a kind of VPN route advertising method and equipment.
Background technology
BGP(Border Gateway Protocol, Border Gateway Protocol) be a kind of for AS(Autonomous System, autonomous system) between dynamic routing protocol.The set of router that AS refers to have same routing policy, moves under same technical management department when BGP runs between the different AS, is called EBGP(External BGP, BGP between the territory), when BGP runs between the same AS, be called IBGP(InternalBGP, Internal BGP).Border Gateway Protocol/multiprotocol label switching (BGP/MPLS) VPN(Virtual Private Network) is a kind of three-layer VPN technology, it utilizes the VPN route of the multi-protocols extended attribute transmission tape label of BGP, and carry out professional isolation by the tag feature of MPLS and transmit, thereby provide VPN service.
Fig. 1 is the prior art schematic network structure.The MPLS backbone network is made up of AS100 and two autonomous systems of AS200, provider edge equipment (PE) 1 and PE2 in AS100, PE3 in AS200.Suppose to exist on the customer edge (CE) 1 VPN route 10.1.1.1, it is that the Business Stream of 10.1.1.1 is example that prior art will send purpose IP to CE1 with CE3, and it is as follows to the process of CE3 announcement VPN route 10.1.1.1 to describe CE1:
Step 11, by disposing EBGP, IGP(Interior Gateway Protocol, Interior Gateway Protocol between PE1 and the CE1) or static routing, CE1 is communicated to PE1 with VPN route (destination address that is assumed to be this route is 10.1.1.1).
Step 12, PE1 write local corresponding VPN instance with VPN route 10.1.1.1 and transmit in (being assumed to be VRF1), and be this route assignment private network tags 1024 according to the interface that receives the VPN route, can write following clauses and subclauses in the VRF1 of PE1:
| Purpose IP | Outgoing interface | Next jumping |
| 10.1.1.1 | E0 | Direct-connected |
Wherein, outgoing interface E0 represents that the outgoing interface of this route is E0, and next is jumped to direct-connected, represents that this route is direct route, and namely place, the destination network of this route directly links to each other with PE.
PE1 writes following clauses and subclauses in going into of self in the label mapping table (ILM):
| Go into label | Action type | Outgoing direction is transmitted information |
| 1024 | Eject | Look into VRFl and carry out the IP forwarding |
Step 13, PE1 by and PE2 between the IBGP session, be 1024 VPN route 10.1.1.1 to PE2 private network tags that announcement distributes.
Step 14, PE2 write local VPN instance with this VPN route and transmit among the VRF1 according to route target community (VPN Target), can write following clauses and subclauses in the VRF1 of PE2:
| Purpose IP | Outgoing interface | Next jumping | The public network label | Private network tags |
| 10.1.1.1 | E0 | 1.1.1.1 | 20 | 1024 |
Wherein, outgoing interface E0 represents that the outgoing interface of PE2 is E0, and 1.1.1.1 is the loop-back address of PE1, the next hop address of expression VPN route 10.1.1.1, and private network tags 1024 expression PE1 are the private network tags of this VPN route assignment.After PE2 learns this VPN route, with the public network tunnel of next the jumping 1.1.1.1 among the VRF1 of PE2 as VPN route 10.1.1.1 association.The public network label is represented that the VPN message is employed when being sent to PE1 along the public network tunnel from PE2 and is gone into label.
Step 15, PE2 are VPN route assignment private network tags 1025, and the public network tunnel (being the LSP of forwarding equivalence class 1.1.1.1 correspondence) of inspection VPN route association, if the public network tunnel is set up, then write following clauses and subclauses in the label mapping table (ILM) in going into of PE2:
| Go into label | Action type | Outgoing label | Outgoing direction is transmitted information |
| 1025 | Exchange | 1024 | PEl (tunnel 1.1.1.1/32) |
Wherein, with PE1 be the private network tags 1024 of this route assignment as outgoing label, with PE2 for this route assignment private network tags 1025 as going into label, the label action is switch label, and among the VRF1 of PE2 next jumped as outgoing direction forwarding information.
Under step 16, the situation about having set up in associated public network tunnel, by the EBGP that disposes between PE2 and PE3, PE2 is 1025 VPN route 10.1.1.1 to PE3 private network tags that announcement distributes.
Step 17, PE3 by and CE3 between EBGP, IGP or the static routing of disposing, announce above-mentioned VPN route 10.1.1.1 to CE3 so that CE3 receives this VPN route, write local routing table.
In the prior art, before execution in step 16, need to check whether the public network tunnel of VPN route association is set up, if set up then to PE3 announcement VPN route, if do not set up, execution in step 16 not then.Will cause like this public network tunnel of VPN route association break down not recover before, CE3 can't receive this VPN route, wait until that the public network tunnel is set up after, PE2 just can send to CE3 through PE3 successively with the VPN route, therefore, and when switching in the tunnel, routing convergence is chronic, poor performance.
Summary of the invention
The object of the present invention is to provide a kind of VPN route advertising method and equipment, can optimize the routing convergence time.
For achieving the above object, the invention provides a kind of VPN route advertising method, be applied to use between the routing device of Border Gateway Protocol (BGP), this method comprises:
First routing device receives the VPN routing iinformation as VPN neighbours' secondary route equipment issue, and described VPN routing iinformation carries the routing address prefix of VPN route and the public network tunnel path attribute of whether having set up for the public network tunnel that the described VPN route of expression relies on;
Whether first routing device is set up to the public network tunnel between the secondary route equipment according to public network tunnel path attribute and this equipment of VPN route, determine whether this equipment is set up to the public network tunnel between the routing address prefix of described VPN route, and upgrade the public network tunnel path attribute of described VPN route according to described definite result;
When first routing device carries out routing optimization at the VPN route of same routing address prefix, the VPN route of preferentially selecting this equipment to set up to the public network tunnel between the described routing address prefix.
For achieving the above object, the present invention also provides a kind of first routing device, and this first routing device comprises:
Receiver module, be used for receiving the VPN routing iinformation as VPN neighbours' secondary route equipment issue, described VPN routing iinformation carries the routing address prefix of VPN route and the public network tunnel path attribute of whether having set up for the public network tunnel that the described VPN route of expression relies on;
Update module, be used for whether setting up to the public network tunnel between the secondary route equipment according to public network tunnel path attribute and this equipment of VPN route, determine whether this equipment is set up to the public network tunnel between the routing address prefix of described VPN route, and upgrade the public network tunnel path attribute of described VPN route according to described definite result;
The route prefix preferred module, when being used for carrying out routing optimization at the VPN route of same routing address prefix, the VPN route of preferentially selecting this equipment to set up to the public network tunnel between the described routing address prefix.
In sum, in the embodiment of the invention, secondary route equipment is to the first via during by the devices advertise route, carry the public network tunnel path attribute of whether having set up for the public network tunnel of the described VPN route dependence of expression, after first routing device receives advertising of route, whether public network tunnel path attribute and this equipment according to the VPN route are set up to the public network tunnel between the secondary route equipment, determine whether this equipment is set up to the public network tunnel between the routing address prefix of described VPN route, and according to the public network tunnel path attribute that described definite result upgrades described VPN route, be carried at next routing device that sends in the advertising of route message in the path.Because routing device does not need will wait for self associated public network tunnel foundation as prior art, just announce route messages, so effectively reduced needed convergence time when the public network tunnel changes.
Description of drawings
Fig. 1 is the prior art schematic network structure.
Fig. 2 is the schematic flow sheet of embodiment of the invention route advertising method
Fig. 3 is the schematic network structure with backup link.
Fig. 4 is the structural representation of routing device in the embodiment of the invention.
Embodiment
For making purpose of the present invention, technical scheme and advantage clearer, below with reference to the accompanying drawing embodiment that develops simultaneously, scheme of the present invention is described in further detail.
A kind of VPN route advertising method is provided in the embodiment of the invention, be applied to use between the routing device of BGP, first routing device receives the VPN routing iinformation as VPN neighbours' secondary route equipment issue, and described VPN routing iinformation carries the routing address prefix of VPN route and the public network tunnel path attribute of whether having set up for the public network tunnel that the described VPN route of expression relies on; Whether first routing device is set up to the public network tunnel between the secondary route equipment according to public network tunnel path attribute and this equipment of VPN route, determine whether this equipment is set up to the public network tunnel between the routing address prefix of described VPN route, and upgrade the public network tunnel path attribute of described VPN route according to described definite result; When first routing device carries out routing optimization at the VPN route of same routing address prefix, the VPN route of preferentially selecting this equipment to set up to the public network tunnel between the described routing address prefix.This is explanation just, and no matter whether first routing device is set up to the public network tunnel between the secondary route equipment, and first routing device all can send routing iinformation to other routing devices, thereby has guaranteed that the tunnel has better convergence performance when switching.And, when first routing device carries out routing optimization at the VPN route of same routing address prefix, the preferential VPN route of selecting this equipment to set up to the public network tunnel between the described routing address prefix, in the time of can guaranteeing that tunnel failure appears in any node on the primary link, can in time switch to backup link.
Wherein, VPN neighbours each other between first routing device and the secondary route equipment refer to the bgp neighbor that has enabled VPN.
The present invention is described in detail below in conjunction with specific embodiment.At first a kind of new path attribute that the present invention is introduced is introduced:
The public network tunnel path attribute whether the present invention has set up for the public network tunnel that expression VPN route relies on is LSP_MED, attribute type: 33; Option: Optional(is optional), Transitive(can transmit); Length: 1 byte; Value is 0 or 1; If be 1, expression is transmitted along this route, obstructed situation can occur in the path transmitting because the public network tunnel does not exist; If be 0, expression is transmitted along this route, can not occur in the path because the public network tunnel does not exist and causes transmitting obstructed situation.
Still the networking with Fig. 1 is example, and route advertising method of the present invention is described, and Fig. 2 is the schematic flow sheet of embodiment of the invention route advertising method, and it may further comprise the steps:
The public network tunnel path attribute whether step 21, CE1 will have been set up for the public network tunnel that expression VPN route relies on sends to PE1 by advertising of route message.
Particularly, by disposing EBGP, IGP or static routing between PE1 and the CE1, when CE1 announces VPN route 10.1.1.1 to PE1, also be that 0 path attribute sends to PE1 with the LSP_MED value.
The public network tunnel path attribute whether step 22, PE1 will have been set up for the public network tunnel that expression VPN route relies on sends to PE2 by advertising of route message.
Particularly, PE1 writes local VPN instance with VPN route 10.1.1.1 and transmits among the VRF1, and be this route assignment private network tags 1024 according to the interface that receives the VPN route, can write following clauses and subclauses in the VRF1 of PE1:
| Purpose IP | Outgoing interface | Next jumping |
| 10.1.1.1 | E0 | Direct-connected |
Wherein, outgoing interface E0 represent this route outgoing interface be E0, next is jumped to direct-connected, represents that this route is direct route, namely place, the destination network of this route directly links to each other with PE.
PE1 writes following clauses and subclauses in going into of self in the label mapping table (ILM):
| Go into label | Action type | Outgoing direction is transmitted information |
| 1024 | Eject (pop) | Look into VRFI and carry out the IP forwarding |
Because PE1 and CE1 are direct-connected, there is not self associated public network tunnel in PE1, therefore there is not the unfounded situation in public network tunnel yet, so PE1 by and PE2 between the IBGP session, when to distribute private network tags be 1024 VPN route 10.1.1.1 to PE2 announcement institute, direct was that 0 path attribute sends to PE2 with the LSP_MED value.
Whether step 23, PE2 check and self set up to the public network tunnel of PE1, whether public network tunnel path attribute and this equipment according to the VPN route are set up to the public network tunnel between the PE1, determine whether this equipment is set up to the public network tunnel between the routing address prefix of described VPN route, and according to the public network tunnel path attribute that described definite result upgrades described VPN route, send to PE3 by advertising of route message.
Particularly, PE2 writes local VPN instance according to route target community with this VPN route and transmits among the VRF1, can write following clauses and subclauses in the VRF1 of PE2:
| Purpose IP | Outgoing interface | Next jumping | The public network label | Private network tags |
| 10.1.1.1 | E0 | 1.1.1.1 | 20 | 1024 |
Wherein, outgoing interface E0 represents that the outgoing interface of PE2 is E0,1.1.1.1 be the loop-back address of PE1, the next hop address of expression VPN route 10.1.1.1, private network tags 1024 expression PE1 be the private network tags of this VPN route assignment, and public network label 20 is represented that the VPN messages are employed when being sent to PE1 along the public network tunnel from PE2 and gone into label.After PE2 learns this VPN route, with the public network tunnel of next the jumping 1.1.1.1 among the VRF1 of PE2 as VPN route 10.1.1.1 association.
PE2 redistributes private network tags 1025 for the VPN route, and the public network tunnel of inspection VPN route association, if the public network tunnel is set up, when PE2 was 1025 VPN route 10.1.1.1 to private network tags that PE3 announcement distributes, the LSP_MED path attribute value of carrying was 0; If the public network tunnel is not set up, then LSP_MED path attribute value is updated to 1, PE2 when being 1025 VPN route 10.1.1.1 to private network tags that PE3 announcement distributes by 0, the LSP_MED path attribute value of carrying is 1.
Whether step 24, PE3 check and self set up to PE2 public network tunnel, whether public network tunnel path attribute and this equipment according to the VPN route are set up to the public network tunnel between the PE2, determine whether this equipment is set up to the public network tunnel between the routing address prefix of described VPN route, and according to the public network tunnel path attribute that described definite result upgrades described VPN route, send to CE3 by advertising of route message.
Particularly, PE3 writes local VPN instance according to route target community with this VPN route and transmits among the VRF1, can write following clauses and subclauses in the VRF1 of PE3:
| Purpose IP | Outgoing interface | Next jumping | Private network tags |
| 10.1.1.1 | E0 | 2.2.2.2 | 1025 |
Wherein, outgoing interface E0 represents that the outgoing interface of PE3 is E0, and 2.2.2.2 is the loop-back address of PE2, the next hop address of expression VPN route 10.1.1.1, and private network tags 1025 expression PE2 are the label of this VPN route assignment.After PE3 learns this VPN route, with the public network tunnel of next the jumping 2.2.2.2 among the VRF1 of PE3 as VPN route 10.1.1.1 association.
Whether the public network tunnel between PE3 inspection and the PE2 is set up, according to check result the LSP_MED path attribute value that receives is upgraded, PE3 by and CE3 between EBGP, IGP or the static routing of disposing, when announcing above-mentioned VPN route 10.1.1.1 to CE3, carry the LSP_MED path attribute value after the renewal.
Wherein, if PE3 checks self associated public network tunnel (the public network tunnel between PE3 and the PE2) foundation, but the LSP_MED path attribute value that PE3 receives is 1, then is that 1 path attribute sends to CE3 by advertising of route message with the LSP_MED value;
If PE3 checks self associated public network tunnel (the public network tunnel between PE3 and the PE2) and set up, and the LSP_MED path attribute value that PE3 receives is 0, then is that 0 path attribute sends to CE3 by advertising of route message with the LSP_MED value;
If PE3 inspection self associated public network tunnel (the public network tunnel between PE3 and the PE2) is not set up, the LSP_MED path attribute value that no matter receives is 0 or 1, all is that 1 path attribute sends to CE3 by advertising of route message with the LSP_MED value.
So far, CE3 receives the advertising of route message that carries the path attribute that whether the public network tunnel is set up in the expression path, and the VPN route 10.1.1.1 with in the advertising of route message writes local routing table.
In above-mentioned steps 23, the embodiment of the invention when setting up, then writes following clauses and subclauses in going into of PE2 in PE2 inspection self associated public network tunnel (the public network tunnel between PE1 and the PE2) in the label mapping table (ILM):
| Go into label | Action type | Outgoing label | Outgoing direction is transmitted information |
| 1025 | Exchange (swap) | 1024 | PEl (tunnel 1.1.1.1) |
Wherein, with PE1 be the private network tags 1024 of this route assignment as outgoing label, with PE2 for the private network tags 1025 of this route assignment as going into label, among the VRF1 of PE2 next jumped as outgoing direction forwarding information.Need to prove, if PE2 checks self not foundation of associated public network tunnel, though can not issue the ILM that transmits for message, but still can announce route to PE3, just when the announcement route, carry the path attribute of whether setting up for expression public network tunnel, path.Therefore, can be as prior art, only under the situation of the existence of the public network tunnel between PE1 and the PE2, PE2 could announce route to PE3, like this, as long as the public network tunnel between PE1 and the PE2 one is set up, as long as issuing the ILM list item, PE2 can E-Packet, significantly reduced the convergence time the when tunnel switches.
In like manner, in above-mentioned steps 24, the embodiment of the invention when setting up, then writes following clauses and subclauses in going into of PE3 in PE3 inspection self associated public network tunnel (the public network tunnel between PE3 and the PE2) in the label mapping table (ILM):
| Go into label | Action type | Outgoing direction is transmitted information |
| 1025 | Be pressed into (push) | PE2 (tunnel 2.2.2.2) |
Wherein, the private network tags 1025 among the VRF1 of PE3 as going into label, is transmitted information with next jumping among the VRF1 of PE3 as outgoing direction.
Need to prove, if PE3 checks self not foundation of associated public network tunnel, though can not issue the ILM that transmits for message, but still can announce route to CE3, just when the announcement route, carry the path attribute of whether setting up for expression public network tunnel, path.Therefore, can only under the situation of the existence of the public network tunnel between PE2 and the PE3, could not announce route to CE3 as prior art, significantly reduce the convergence time the when tunnel switches.
Further, there are two links in networking as shown in Figure 2 between CE1 and the CE3, and primary link is CE1-〉PE1-〉PE2-〉PE3-〉CE3, backup link is CE1-〉PE1-〉PE3-〉CE3.So the route 10.1.1.1 on the CE1 passes through CE1-〉PE1-〉PE2-〉PE3 and CE1-〉PE1-〉this two paths of PE3 is distributed to PE3, the route of coming from the CE1 issue on PE3 has two parts, the prefix of two parts of routes is identical, neighbours' difference, and LSP_MED path attribute value is all carried in issue during route.
Under this scene, under the situation that link changes, suppose that the public network tunnel between PE1 and the PE2 is recovered by original malfunction, then PE2 needs again route to be announced to PE3 by primary link, and PE3 this locality exists CE1 to announce the route of coming by backup link.At this moment the path attribute of PE3 after according to each routing update carried out preferably the VPN route of preferentially selecting this equipment to set up to the public network tunnel between the described routing address prefix to the route of same prefix.It should be noted that, when PE3 triggering prefix is preferred, be not directly to carry out routing optimization according to the LSP_MED value of carrying in the advertising of route message, but to check whether self associated public network tunnel is set up, after according to check result the LSP_MED value of carrying in the route notice message being upgraded, just the route of same prefix is carried out preferably.
On primary link, because PE1 and CE1 are direct-connected, there is not self associated public network tunnel in PE1, does not therefore have the unfounded situation in public network tunnel yet, so PE1 during to PE2 transmission advertising of route is that 0 path attribute sends to PE2 with the LSP_MED value;
Suppose the public network tunnel restoration between PE1 and the PE2, PE2 is checked through self associated public network tunnel (the public network tunnel between PE1 and the PE2) foundation, when then PE2 sends advertising of route to PE3, still is that 0 path attribute sends to PE3 with the LSP_MED value;
Suppose the public network tunnel failure between PE2 and the PE3, PE3 receives advertising of route message, be checked through self associated public network tunnel (the public network tunnel between PE2 and the PE3) and do not set up, then PE3 is that to be updated to the LSP_MED value be 1 for 0 path attribute with the LSP_MED value.
On backup link, because PE1 and CE1 are direct-connected, there is not self associated public network tunnel in PE1, does not therefore have the unfounded situation in public network tunnel yet, so PE1 during to PE3 transmission advertising of route is that 0 path attribute sends to PE3 with the LSP_MED value;
Suppose the public network tunnel foundation between PE1 and the PE3, PE3 receives advertising of route message, is checked through self associated public network tunnel (the public network tunnel between PE1 and the PE3) foundation, and then the last determined LSP_MED value of PE3 still is 0.
The LSP_MED value is 0, and expression is transmitted along this route, can not occur in the path because the public network tunnel does not exist and causes transmitting obstructed situation; The LSP_MED value is 1, and expression is transmitted along this route, obstructed situation can occur in the path transmitting because the public network tunnel does not exist.PE3 just can know from the final LSP_MED value of determining, can occur on business net tunnel (the public network tunnel between PE2 and the PE3) on the primary link and not exist and transmit obstructed situation.Therefore PE3 goes up that to trigger prefix preferred, the LSP_MED value of two routes of contrast when preferred, it is low to be worth big route priority, with backup link as preferred route, thereby in time flow is switched on the backup link.Therefore, exist under the situation of backup link, the present invention carries the LSP_MED value in advertising of route message advantage is, when tunnel failure appears in any node on the primary link, can in time switch to backup link.
Need to prove that embodiment of the invention LSP_MED path attribute is a kind of in the multiple path attribute, other path attributes have: ORIGIN, AS_PATH, NEXT_HOP etc.Because whether the LSP_MED path attribute represent to have in the path public network tunnel not exist, represent namely whether the path is unobstructed, thus even more important than other path attributes, therefore trigger prefix when preferred, pay the utmost attention to the LSP_MED path attribute.Under the identical situation of LSP_MED path attribute, again other path attributes are contrasted successively.That is to say, when routing device carries out when preferred the VPN route of a plurality of identical routing address prefixes, if the VPN route that this equipment is not all set up to the public network tunnel between the described routing address prefix or this equipment has been set up to the public network tunnel between the described routing address prefix in all VPN routes has more than two, then according to default priority orders, other predetermined path attributes are contrasted successively.
Based on same inventive concept, the present invention also proposes a kind of first routing device, and referring to Fig. 4, Fig. 4 is for being applied to the structural representation of first routing device of said method in the specific embodiment of the invention.This first routing device comprises:
Route prefix preferred module 403, when being used for carrying out routing optimization at the VPN route of same routing address prefix, the VPN route of preferentially selecting this equipment to set up to the public network tunnel between the described routing address prefix.
Described update module 402 specifically is used for:
Set up in the public network tunnel that the described VPN route of the public network tunnel path attribute representation of VPN route relies on, and, when this equipment has been set up to the public network tunnel between the secondary route equipment, determine that this equipment sets up to the public network tunnel between the routing address prefix of described VPN route, the public network tunnel path attribute of described VPN route is updated to the public network tunnel that the described VPN route of expression relies on and sets up;
Otherwise, determine that this equipment do not set up to the public network tunnel between the routing address prefix of described VPN route, the public network tunnel path attribute of described VPN route is updated to the public network tunnel that the described VPN route of expression relies on and does not set up.
Described equipment further comprises sending module 404, is used for after passing through routing optimization, selecting a VPN route, issues the described VPN route of selecting to other routing devices as VPN neighbours, and carries the public network tunnel path attribute after the renewal.
Described equipment further comprises: list item issues module 405, be used for when this equipment of detecting has been set up to the public network tunnel between the secondary route equipment, issue for what message was transmitted and go into label mapping table ILM, described ILM comprises that at least the outgoing direction that points to secondary route equipment transmits information.
Described equipment further comprises: relating module 406, be used for receiving after the VPN routing iinformation of issuing as VPN neighbours' secondary route equipment, and related this equipment is to the public network tunnel between the secondary route equipment.
In sum, specific embodiment of the invention routing device is when the announcement route, carry the public network tunnel path attribute whether public network tunnel that the VPN route relies on has been set up, guarantee that under the situation that does not have backup path there is routing convergence performance preferably in the tunnel when switching.Can in time switch to backup link when tunnel failure appears in any node on the main path under having the situation of backup link, control route preferred in communication process.
Need to prove, Fig. 1 of networking schematic diagram of the present invention and Fig. 2 are a kind of typical networking example, method of the present invention is not limited to above-mentioned networking structure, as long as have the public network tunnel in the path, can carry the public network tunnel path attribute whether the public network tunnel that relies on for expression VPN route of the present invention has been set up in the advertising of route message, therefore, to being applicable to that networking structure of the present invention illustrates no longer one by one at this.
The above is preferred embodiment of the present invention only, is not for limiting protection scope of the present invention.Within the spirit and principles in the present invention all, any modification of doing, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (11)
1. a virtual private network route advertising method is applied to use between the routing device of Border Gateway Protocol (BGP), it is characterized in that this method comprises:
First routing device receives the VPN routing iinformation as VPN neighbours' secondary route equipment issue, and described VPN routing iinformation carries the routing address prefix of VPN route and the public network tunnel path attribute of whether having set up for the public network tunnel that the described VPN route of expression relies on;
Whether first routing device is set up to the public network tunnel between the secondary route equipment according to public network tunnel path attribute and this equipment of VPN route, determine whether this equipment is set up to the public network tunnel between the routing address prefix of described VPN route, and upgrade the public network tunnel path attribute of described VPN route according to described definite result;
When first routing device carries out routing optimization at the VPN route of same routing address prefix, the VPN route of preferentially selecting this equipment to set up to the public network tunnel between the described routing address prefix.
2. the method for claim 1 is characterized in that,
Describedly determine whether this equipment is set up to the public network tunnel between the described routing address prefix, and comprise according to the public network tunnel path attribute that described definite result upgrades described VPN route:
Set up in the public network tunnel that the described VPN route of the public network tunnel path attribute representation of VPN route relies on, and, when this equipment has been set up to the public network tunnel between the secondary route equipment, determine that this equipment sets up to the public network tunnel between the routing address prefix of described VPN route, the public network tunnel path attribute of described VPN route is updated to the public network tunnel that the described VPN route of expression relies on and sets up;
Otherwise, determine that this equipment do not set up to the public network tunnel between the routing address prefix of described VPN route, the public network tunnel path attribute of described VPN route is updated to the public network tunnel that the described VPN route of expression relies on and does not set up.
3. method as claimed in claim 1 or 2 is characterized in that, first routing device is after passing through routing optimization, selecting a VPN route, and described method also comprises:
Issue the described VPN route of selecting to other routing devices as VPN neighbours, and carry the public network tunnel path attribute after the renewal.
4. method as claimed in claim 3, it is characterized in that, the public network tunnel path attribute whether the public network tunnel that expression VPN route relies on has been set up is LSP_MED, when first routing device carries out when preferred the VPN route of a plurality of identical routing address prefixes, if the VPN route that this equipment is not all set up to the public network tunnel between the described routing address prefix or this equipment has been set up to the public network tunnel between the described routing address prefix in all VPN routes has more than two, then according to default priority orders, other predetermined path attributes are contrasted successively.
5. method as claimed in claim 3, it is characterized in that, when the first via is gone out this equipment and has set up to the public network tunnel the secondary route equipment by Equipment Inspection, this method further comprises: issue for what message was transmitted and go into label mapping table ILM, described ILM comprises that at least the outgoing direction that points to secondary route equipment transmits information.
6. method as claimed in claim 5, it is characterized in that, first routing device receives after the VPN routing iinformation of issuing as VPN neighbours' secondary route equipment, before whether this equipment of detection was set up to the public network tunnel between the secondary route equipment, this method further comprised: related this equipment is to the step in the public network tunnel between the secondary route equipment.
7. routing device, this equipment comprises:
Receiver module, be used for receiving the VPN routing iinformation as VPN neighbours' secondary route equipment issue, described VPN routing iinformation carries the routing address prefix of VPN route and the public network tunnel path attribute of whether having set up for the public network tunnel that the described VPN route of expression relies on;
Update module, be used for whether setting up to the public network tunnel between the secondary route equipment according to public network tunnel path attribute and this equipment of VPN route, determine whether this equipment is set up to the public network tunnel between the routing address prefix of described VPN route, and upgrade the public network tunnel path attribute of described VPN route according to described definite result;
The route prefix preferred module, when being used for carrying out routing optimization at the VPN route of same routing address prefix, the VPN route of preferentially selecting this equipment to set up to the public network tunnel between the described routing address prefix.
8. equipment as claimed in claim 7 is characterized in that,
Described update module specifically is used for:
Set up in the public network tunnel that the described VPN route of the public network tunnel path attribute representation of VPN route relies on, and, when this equipment has been set up to the public network tunnel between the secondary route equipment, determine that this equipment sets up to the public network tunnel between the routing address prefix of described VPN route, the public network tunnel path attribute of described VPN route is updated to the public network tunnel that the described VPN route of expression relies on and sets up;
Otherwise, determine that this equipment do not set up to the public network tunnel between the routing address prefix of described VPN route, the public network tunnel path attribute of described VPN route is updated to the public network tunnel that the described VPN route of expression relies on and does not set up.
9. equipment as claimed in claim 7, it is characterized in that, described equipment further comprises sending module, be used for passing through routing optimization, after selecting a VPN route, issue the described VPN route of selecting to other routing devices as VPN neighbours, and carry the public network tunnel path attribute after the renewal.
10. equipment as claimed in claim 7, it is characterized in that, described equipment further comprises: list item issues module, be used for when this equipment of detecting has been set up to the public network tunnel between the secondary route equipment, issue for what message was transmitted and go into label mapping table ILM, described ILM comprises that at least the outgoing direction that points to secondary route equipment transmits information.
11. equipment as claimed in claim 10 is characterized in that, described equipment further comprises:
Relating module is used for receiving after the VPN routing iinformation of issuing as VPN neighbours' secondary route equipment, and related this equipment is to the public network tunnel between the secondary route equipment.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310249708.6A CN103297338B (en) | 2013-06-20 | 2013-06-20 | A kind of VPN route advertising method and equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310249708.6A CN103297338B (en) | 2013-06-20 | 2013-06-20 | A kind of VPN route advertising method and equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103297338A true CN103297338A (en) | 2013-09-11 |
| CN103297338B CN103297338B (en) | 2016-06-01 |
Family
ID=49097678
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310249708.6A Active CN103297338B (en) | 2013-06-20 | 2013-06-20 | A kind of VPN route advertising method and equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103297338B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107666723A (en) * | 2016-07-22 | 2018-02-06 | 华为技术有限公司 | A kind of information transferring method, Convergence gateway and system |
| CN110661713A (en) * | 2019-10-22 | 2020-01-07 | 新华三信息安全技术有限公司 | Message forwarding method and device |
| CN111405639A (en) * | 2020-03-09 | 2020-07-10 | 深圳前海百递网络有限公司 | Wireless network connection method and device, readable storage medium and computer equipment |
| CN112468398A (en) * | 2015-12-31 | 2021-03-09 | 华为技术有限公司 | VPN processing method, PE equipment and system |
| CN112787935A (en) * | 2016-02-01 | 2021-05-11 | 华为技术有限公司 | VPN route notification method, data flow forwarding method and related equipment |
| CN113411243A (en) * | 2018-10-23 | 2021-09-17 | 华为技术有限公司 | Data transmission method and device |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101277245A (en) * | 2008-05-06 | 2008-10-01 | 华为技术有限公司 | Method, system and apparatus for implementing L2VPN field across |
| CN101355487A (en) * | 2007-07-23 | 2009-01-28 | 中国移动通信集团公司 | Method and apparatus for distributing label |
| CN102195844A (en) * | 2010-03-02 | 2011-09-21 | 杭州华三通信技术有限公司 | Method and equipment for managing forwarding table entry |
-
2013
- 2013-06-20 CN CN201310249708.6A patent/CN103297338B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101355487A (en) * | 2007-07-23 | 2009-01-28 | 中国移动通信集团公司 | Method and apparatus for distributing label |
| CN101277245A (en) * | 2008-05-06 | 2008-10-01 | 华为技术有限公司 | Method, system and apparatus for implementing L2VPN field across |
| CN102195844A (en) * | 2010-03-02 | 2011-09-21 | 杭州华三通信技术有限公司 | Method and equipment for managing forwarding table entry |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112468398A (en) * | 2015-12-31 | 2021-03-09 | 华为技术有限公司 | VPN processing method, PE equipment and system |
| CN112787935A (en) * | 2016-02-01 | 2021-05-11 | 华为技术有限公司 | VPN route notification method, data flow forwarding method and related equipment |
| CN112787935B (en) * | 2016-02-01 | 2022-12-06 | 华为技术有限公司 | VPN route notification method, data flow forwarding method and related equipment |
| US10958482B2 (en) | 2016-07-22 | 2021-03-23 | Huawei Technologies Co., Ltd. | Information transmission method and system, and convergence gateway |
| CN107666723B (en) * | 2016-07-22 | 2021-04-09 | 华为技术有限公司 | Information transmission method, convergence gateway and system |
| CN107666723A (en) * | 2016-07-22 | 2018-02-06 | 华为技术有限公司 | A kind of information transferring method, Convergence gateway and system |
| US11665025B2 (en) | 2016-07-22 | 2023-05-30 | Huawei Technologies Co., Ltd. | Information transmission method and system, and convergence gateway |
| CN113411243A (en) * | 2018-10-23 | 2021-09-17 | 华为技术有限公司 | Data transmission method and device |
| US11750515B2 (en) | 2018-10-23 | 2023-09-05 | Huawei Technologies Co., Ltd. | Data transmission method and apparatus |
| CN113411243B (en) * | 2018-10-23 | 2024-03-19 | 华为技术有限公司 | Data transmission method and device |
| CN110661713A (en) * | 2019-10-22 | 2020-01-07 | 新华三信息安全技术有限公司 | Message forwarding method and device |
| CN110661713B (en) * | 2019-10-22 | 2021-09-21 | 新华三信息安全技术有限公司 | Message forwarding method and device |
| CN111405639A (en) * | 2020-03-09 | 2020-07-10 | 深圳前海百递网络有限公司 | Wireless network connection method and device, readable storage medium and computer equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103297338B (en) | 2016-06-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112995029B (en) | Transmission path fault processing method, device and system | |
| CN105634940B (en) | SR information acquisition method and method for establishing segment routing network | |
| EP3065342B1 (en) | Update of mac routes in evpn single-active topology | |
| CN107733793B (en) | Forwarding table item maintenance method and device | |
| US9019814B1 (en) | Fast failover in multi-homed ethernet virtual private networks | |
| EP3151485A1 (en) | Egress node protection in evpn all-active topology | |
| CN102664788B (en) | CE dual-homed link protection method in MPLS L3VPN and system thereof | |
| US8238338B2 (en) | Interior gateway protocol summarization preserving internet protocol reachability information | |
| CN100550841C (en) | Autonomous System Boundary Router, AS Boundary Router route issuing method and Autonomous System Boundary Router, AS Boundary Router | |
| CN101517998B (en) | Method for announcing border connecting information of autonomous system and boundary nodes | |
| CN103297338A (en) | Virtual private network (VPN) router advertisement method and device | |
| CN101227399B (en) | Message transmission method, system and forwarding node | |
| US20140233369A1 (en) | Ethernet virtual private network system for providing fast protection for access rings | |
| CN102075419B (en) | Method for generating and transmitting three-layer virtual special network equative routing and edge router | |
| WO2018103099A1 (en) | Method, device and system for sending and receiving message | |
| CN102932499A (en) | Method and device for learning media access control (MAC) addresses in virtual private lan service (VPLS) networks | |
| US20140301403A1 (en) | Node device and method for path switching control in a ring network | |
| CN103326915A (en) | Method, device and system for achieving three-layer VPN | |
| KR102245989B1 (en) | Redundancy Administrating Method for a Virtual Private Network and Network Switching Apparatus with the method implemented on it | |
| CN102035740A (en) | Multi-protocol label switching layer-3 virtual private network fast reroute (MPLSL3VPNFRR) method and system | |
| CN104301226A (en) | Designated routing bridge (DRB) election method, equipment and system | |
| CN107888493B (en) | Method and device for establishing label switching path | |
| CN107682261B (en) | Flow forwarding method and device | |
| CN101692654B (en) | Method, system and equipment for HUB-Spoken networking | |
| CN103139040B (en) | The VPN FRR implementation method of a kind of extension and equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address |
Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No. Patentee after: Xinhua three Technology Co., Ltd. Address before: 310053 Hangzhou hi tech Industrial Development Zone, Zhejiang province science and Technology Industrial Park, No. 310 and No. six road, HUAWEI, Hangzhou production base Patentee before: Huasan Communication Technology Co., Ltd. |
|
| CP03 | Change of name, title or address |