CN103841026A - VPN route managing system and method of router IP protocol stack - Google Patents
VPN route managing system and method of router IP protocol stack Download PDFInfo
- Publication number
- CN103841026A CN103841026A CN201410059678.7A CN201410059678A CN103841026A CN 103841026 A CN103841026 A CN 103841026A CN 201410059678 A CN201410059678 A CN 201410059678A CN 103841026 A CN103841026 A CN 103841026A
- Authority
- CN
- China
- Prior art keywords
- vpn
- interface
- route
- message
- control plane
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention relates to a VPN route managing system and method of a router IP protocol stack and relates to the technical field of data communication. The VPN route managing system comprises a control plane and a transferring plane. The control plane comprises a route managing module and the IP protocol stack. The transferring plane comprises a VPN transferring list. The transferring plane further comprises a parser and a repeater. The parser is used for processing a message of a mark of an interface in the control plane and the transferring plane. The mark comprises the type of the interface and a VPN index value. The repeater is used for searching for the VPN transferring list corresponding to the VPN according to the index value of the VPN and a route set corresponding to the VPN is obtained. According to a target IP address of the message, the right route is searched for and selected. According to the VPN route managing system and method of the router IP protocol stack, interruption of relevant services of the control plane is prevented, workloads of the control plane are reduced and the complexity of the control plane is lowered.
Description
Technical field
The present invention relates to data communication technology field, is specifically a kind of VPN route management system and method for accessor protocol stack.
Background technology
Along with the high speed development of network technology, VPN(Virtual Private Network Virtual Private Network) technology in modern telecom network, use more and more extensive, wherein especially with MPLS(Multi-Protocol Label Switching multiprotocol label switching) VPN technologies are paid attention to by industry, become the mainstream technology in VPN application.At MPLS L3(Layer3,3 layers) in VPN, use the VRF(Virtual Routing virtual route of and Forwarding and forwarding) table carries out the instantiation of VPN route, the route of different VPN is kept apart completely.
Modern router topology is mainly divided into control plane and Forwarding plane two large divisions.Control plane refers to the part that is used for move instruction in system, calculates list item; Such as protocol massages forwarding, protocol item calculating, maintenance etc. all belongs to the category of control plane.Forwarding plane refers in system, be used for carrying out the encapsulation of data message, the part of forwarding; All belong to the category of Forwarding plane such as the reception of data message, decapsulation, encapsulation, forwarding etc.Control plane is by the route sending-down calculating to Forwarding plane, and Forwarding plane carries out the forwarding of data message according to route.Most business is directly carried out route by Forwarding plane, but still some service needed is carried out route at control plane, such as the OAM(Operation Administration and Maintenance such as MPLS Ping, Trace, operation management maintain) function.
In the realization of the VPN route management method of conventional router control plane IP stack, IP stack need to realize the forwarding capability with MPLS label packet.In order to realize above-mentioned forwarding capability, just require the routing management module of control plane by VRF and LSP(Label Switched Path, label switched path) FTN(FEC to NHLFE map, at Ingress node, forwarding equivalence class FEC is mapped to the process of NHLFE) table, ILM(Incoming Label Map, enters label mapping) table issues IP stack.When the data message in VPN is given IP stack by application program, IP stack determines the operation of message according to FTN.
As shown in Figure 1 in BGP/MPLS VPN network configuration, CE(Customer Edge, user network boundary device), PE(Provider Edge, Provider Edge equipment) and P(Provider, Provider) be connected, set up a MPLS switching network.On PE1 equipment, control plane application program is initiated a ping, the IP address of the interface (interface 3) that object is PE2 in VPN-1 the inside.IP stack need to be stamped the label of VPN-1, the label of LSP to message, then encapsulates two layers of head, gives Forwarding plane by message, and Forwarding plane directly sends message from network side interface (interface 5).If there is the protection configuration of route; such as the quick heavy-route of VPN FRR(Fast ReRoute); and occur to protect while switching; Forwarding plane can be carried out and switch immediately; but control plane perception immediately or at all cannot perception; therefore may there is control plane and the inconsistent situation of Forwarding plane route, cause the interruption of control plane related service.And now, attendant can take for VPN and break down, in fact just there is VPN FRR.In this traditional VPN route management method, control plane IP stack need to be obtained all VRF information and LSP information, and in having there is FRR, control plane also needs to obtain datum plane to be notified timely, to upgrade.So just improve the complexity of system, increased the weight of the burden of control plane, and required IP stack to support MPLS forwarding capability.
Summary of the invention
For the defect existing in prior art, the object of the present invention is to provide a kind of VPN route management system and method for accessor protocol stack, prevent the interruption of control plane related service, reduce the live load of control plane, the complexity of minimizing control plane.
For reaching above object, the invention provides a kind of VPN route management system of accessor protocol stack, comprise control plane and Forwarding plane, described control plane comprises routing management module and IP stack, described Forwarding plane comprises that VPN transmits, described Forwarding plane also comprises resolver and transponder, described bag resolver is for the treatment of the message of stamping the mark of interface in control plane and Forwarding plane, described mark comprises interface type and VPN index value, described transponder is transmitted for searching according to VPN index value the VPN that this VPN is corresponding, obtain the route set that VPN is corresponding, according to the object IP address search of described message and select correct route.
The present invention also provides a kind of VPN route management method of accessor protocol stack of described system: S1. control plane is set up an interface by IP stack, and creates a default route, and the outgoing interface of described default route points to described interface; S2. the data of control plane and Forwarding plane are stamped the mark of described interface, and this mark comprises interface type and VPN index value; S3. Forwarding plane is processed and is confirmed that described message is that described interface sends, and selects corresponding VPN to transmit according to VPN index value, carries out routing forwarding in conjunction with the object IP address of message.
On the basis of technique scheme, when the routing management module of described control plane creates VPN, send VPN to IP stack and create message, create a VRF table, create described interface simultaneously.
On the basis of technique scheme, described IP stack is set up described interface, and closes the ARP ability of this interface.
On the basis of technique scheme, in described S2, the described interface that control plane is set up is stamped described mark sending when message, and type field is interface type, and VPN index value is as this VPN ID.
On the basis of technique scheme, in described S3, Forwarding plane judges according to type field in described mark whether described message is that described interface sends, if be interface type, is that described interface sends in type field.
On the basis of technique scheme, in described S3, when forwarding, Forwarding plane will refill target MAC (Media Access Control) address and the source MAC of message, and target MAC (Media Access Control) address is filled to the next-hop mac address of route outgoing interface, and source MAC is filled out the MAC Address into outgoing interface.
Beneficial effect of the present invention is: by VPN route management system and the method for accessor protocol stack, the VPN route work that former cause control plane is carried out is transferred to Forwarding plane and carries out, can reduce control plane live load, reduce control plane complexity, give full play to the powerful data-handling capacity of Forwarding plane; And can switch at Forwarding plane generation active-standby path, during as VPN FRR, control plane is without the generation of perception FRR, and the vpn service on control plane does not also interrupt then, solves control plane and the inconsistent problem of Forwarding plane VPN route.
Brief description of the drawings
Fig. 1 is the present invention's schematic network structure of the prior art;
Fig. 2 is the VPN route management system schematic diagram of accessor protocol stack of the present invention;
Fig. 3 is the VPN route management method flow chart of accessor protocol stack of the present invention.
Embodiment
Below in conjunction with the drawings and specific embodiments, the present invention is described in further detail.
As shown in Figure 2, the VPN route management system of accessor protocol stack of the present invention, comprise control plane and Forwarding plane, described control plane comprises routing management module and IP stack, described Forwarding plane comprises that VPN transmits, bag resolver and transponder, described bag resolver is for the treatment of the message of stamping the mark of interface in control plane and Forwarding plane, described mark comprises interface type and VPN index value, described transponder is transmitted for searching according to VPN index value the VPN that this VPN is corresponding, obtain the route scope that VPN is corresponding, search in route scope according to the object IP address of described message, select correct route.
As shown in Figure 3, the VPN route management method of accessor protocol stack of the present invention, comprises the steps: in detail
S1. when the routing management module of described control plane creates VPN, send VPN to IP stack and create message, create a VRF table.IP stack is in creating VRF table, create an interface (interface name is Vrf Tunnel, is designated hereinafter simply as Vrf Tunnel interface), close the ARP ability of this interface, and creating a default route, the outgoing interface of described default route points to described Vrf Tunnel interface.
S2. as shown in table 1, the data of control plane and Forwarding plane are stamped the mark of one deck Vrf Tunnel interface, and this mark comprises two effective attributes, i.e. interface type and VPN index value.Vrf Tunnel interface is stamped this mark sending when message, and type field is interface type, and VPN index value is as this VPN ID.
Table 1
S3. Forwarding plane, according to type field in described mark, judges whether described message is that Vrf Tunnel interface sends, if type field is not described interface type, walks conventional forwarding process, directly searches routing table and forwards.If type field is described interface type, be considered as described Vrf Tunnel interface and send, then search corresponding VPN according to VPN index value and transmit, in the route scope obtaining, the route corresponding according to the object IP address choice of message, carries out routing forwarding.When forwarding, Forwarding plane need to refill the object MAC(Media Access Control of message, medium access control) address and source MAC, target MAC (Media Access Control) address is filled to the next-hop mac address of route outgoing interface, and source MAC is filled out the MAC Address into outgoing interface.
Taking network configuration shown in Fig. 1 as example, suppose that PE1 and PE2 have set up VPN-1 and VPN-2, CE1, CE3 belong to VPN-1, and CE2, CE4 belong to VPN-2.
First, the routing management module of PE1 control plane issues IP stack VPN routing table and creates message, and IP stack creates VPN routing table, and creates a vrf tunnel interface, generate a default route, the outgoing interface of this default route points to this vrf tunnel interface simultaneously.In like manner, PE2 completes configuration in an identical manner.
Then, on PE1 control plane, to initiate the ping of a VPN-1, object is CE3, ping message is given IP stack from application program, and IP stack is searched the VPN routing table that VPN-1 is corresponding, the default route of configuration before matching, according to this routing forwarding message, message forwards from Vrf Tunnel interface, marks the interface type that comprises Vrf Tunnel interface and VPN index value simultaneously.
Message is delivered to Forwarding plane, the resolver of Forwarding plane is analyzed the mark of message, parse interface type and VPN index value, once judge the interface type that type field is Vrf Tunnel interface, searching according to VPN index value the VPN that this VPN is corresponding by transponder transmits, then transmit according to this VPN of object IP address search, select correct route, by this message transmissions in network.
The present invention is not limited to above-mentioned execution mode, for those skilled in the art, under the premise without departing from the principles of the invention, can also make some improvements and modifications, within these improvements and modifications are also considered as protection scope of the present invention.The content not being described in detail in this specification belongs to the known prior art of professional and technical personnel in the field.
Claims (7)
1. the VPN route management system of an accessor protocol stack, comprise control plane and Forwarding plane, described control plane comprises routing management module and IP stack, described Forwarding plane comprises that VPN transmits, it is characterized in that: described Forwarding plane also comprises resolver and transponder, described bag resolver is for the treatment of the message of stamping the mark of interface in control plane and Forwarding plane, described mark comprises interface type and VPN index value, described transponder is transmitted for searching according to VPN index value the VPN that this VPN is corresponding, obtain the route set that VPN is corresponding, according to the object IP address search of described message and select correct route.
2. a VPN route management method for the accessor protocol stack based on system described in claim 1, is characterized in that:
S1. control plane is set up an interface by IP stack, and creates a default route, and the outgoing interface of described default route points to described interface;
S2. the data of control plane and Forwarding plane are stamped the mark of described interface, and this mark comprises interface type and VPN index value;
S3. Forwarding plane is processed and is confirmed that described message is that described interface sends, and selects corresponding VPN to transmit according to VPN index value, carries out routing forwarding in conjunction with the object IP address of message.
3. the VPN route management method based on accessor protocol stack claimed in claim 2, it is characterized in that: when the routing management module of described control plane creates VPN, send VPN to IP stack and create message, create a VRF table, create described interface simultaneously.
4. a VPN route management method for the accessor protocol stack based on described in claim 2 or 3, is characterized in that: described IP stack is set up described interface, and closes the ARP ability of this interface.
5. the VPN route management method based on accessor protocol stack claimed in claim 2, it is characterized in that: in described S2, the described interface that control plane is set up is stamped described mark sending when message, and type field is interface type, and VPN index value is as this VPN ID.
6. the VPN route management method based on accessor protocol stack claimed in claim 2, it is characterized in that: in described S3, Forwarding plane judges according to type field in described mark whether described message is that described interface sends, if be interface type, be that described interface sends in type field.
7. the VPN route management method based on accessor protocol stack claimed in claim 2, it is characterized in that: in described S3, when forwarding, Forwarding plane will refill target MAC (Media Access Control) address and the source MAC of message, target MAC (Media Access Control) address is filled to the next-hop mac address of route outgoing interface, and source MAC is filled out the MAC Address into outgoing interface.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410059678.7A CN103841026B (en) | 2014-02-21 | 2014-02-21 | VPN route managing system and method of router IP protocol stack |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410059678.7A CN103841026B (en) | 2014-02-21 | 2014-02-21 | VPN route managing system and method of router IP protocol stack |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103841026A true CN103841026A (en) | 2014-06-04 |
| CN103841026B CN103841026B (en) | 2017-04-12 |
Family
ID=50804177
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410059678.7A Active CN103841026B (en) | 2014-02-21 | 2014-02-21 | VPN route managing system and method of router IP protocol stack |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103841026B (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107666442A (en) * | 2016-07-29 | 2018-02-06 | 北京金山云网络技术有限公司 | A kind of virtual network controls method and apparatus based on software defined network SDN |
| CN110048953A (en) * | 2019-04-30 | 2019-07-23 | 新华三技术有限公司 | A kind of load sharing method, device and router |
| CN112737932A (en) * | 2020-12-25 | 2021-04-30 | 江苏省未来网络创新研究院 | DPDK-based high-performance IPSCE gateway |
| CN114301842A (en) * | 2021-12-30 | 2022-04-08 | 山石网科通信技术股份有限公司 | Route searching method and device, storage medium, processor and network system |
| CN114650196A (en) * | 2020-12-17 | 2022-06-21 | 浙江宇视科技有限公司 | VLAN interface data message forwarding method, device, equipment and storage medium |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101087257B (en) * | 2007-07-03 | 2010-06-09 | 中兴通讯股份有限公司 | Method for realizing service quality for VPN traffic based on Ethernet interface |
| CN103078794B (en) * | 2013-01-08 | 2017-03-15 | 杭州华三通信技术有限公司 | A kind of Message processing control method and device |
-
2014
- 2014-02-21 CN CN201410059678.7A patent/CN103841026B/en active Active
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107666442A (en) * | 2016-07-29 | 2018-02-06 | 北京金山云网络技术有限公司 | A kind of virtual network controls method and apparatus based on software defined network SDN |
| CN107666442B (en) * | 2016-07-29 | 2019-09-17 | 北京金山云网络技术有限公司 | A kind of virtual network controls method and apparatus based on software defined network SDN |
| CN110048953A (en) * | 2019-04-30 | 2019-07-23 | 新华三技术有限公司 | A kind of load sharing method, device and router |
| CN110048953B (en) * | 2019-04-30 | 2021-11-23 | 新华三技术有限公司 | Load sharing method, device and router |
| CN114650196A (en) * | 2020-12-17 | 2022-06-21 | 浙江宇视科技有限公司 | VLAN interface data message forwarding method, device, equipment and storage medium |
| CN114650196B (en) * | 2020-12-17 | 2024-04-05 | 浙江宇视科技有限公司 | VLAN interface data message forwarding method, device, equipment and storage medium |
| CN112737932A (en) * | 2020-12-25 | 2021-04-30 | 江苏省未来网络创新研究院 | DPDK-based high-performance IPSCE gateway |
| CN114301842A (en) * | 2021-12-30 | 2022-04-08 | 山石网科通信技术股份有限公司 | Route searching method and device, storage medium, processor and network system |
| CN114301842B (en) * | 2021-12-30 | 2024-03-15 | 山石网科通信技术股份有限公司 | Route searching method and device, storage medium, processor and network system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103841026B (en) | 2017-04-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102170386B (en) | The implementation method that identify label is separated with position, system and data encapsulation method | |
| EP3780545B1 (en) | Flow specification protocol-based communications method, and device | |
| RU2493677C2 (en) | Method and router for implementing mirroring | |
| US20180026884A1 (en) | Cloud overlay for operations administration and management | |
| CN113411243B (en) | Data transmission method and device | |
| CN102664788A (en) | CE dual-homed link protection method in MPLS L3VPN and system thereof | |
| CN101651630A (en) | Switching method and switching device based on link fault | |
| CN103841026A (en) | VPN route managing system and method of router IP protocol stack | |
| CN104243362B (en) | A kind of message forwarding method and device | |
| CN101123531A (en) | Convergence method and device based on VPLS dual home full connection network | |
| US9860080B2 (en) | Method and device for implementing hierarchical virtual private LAN service | |
| US20210328922A1 (en) | Packet forwarding method and network device | |
| US11411859B2 (en) | Network device, network control method, and program | |
| CN103124236B (en) | The management method of route and label and device | |
| US20210359879A1 (en) | Packet forwarding method and network device | |
| US20230308386A1 (en) | Packet Transmission Method and Apparatus | |
| EP2897328B1 (en) | Method, system and apparatus for establishing communication link | |
| CN110365578B (en) | Network interface control and link switching method, device, network equipment and medium | |
| CN112671650A (en) | End-to-end SR control method, system and readable storage medium under SD-WAN scene | |
| EP2538602A1 (en) | Method and system for realizing hot standby in centralized network nodes | |
| CN101102321B (en) | Implementation method of virtual route redundancy protocol based on layer 3 VLAN technology | |
| EP2832055B1 (en) | Pseudowire groups in a packet switched network | |
| CN103634210B (en) | Find the method and apparatus of the opposite end PE equipment of VPLS example | |
| CN109698781B (en) | Management method of message forwarding path and PE (provider edge) equipment | |
| CN101316239B (en) | Method for controlling access and forwarding in virtual special LAN service network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |