CN103841026B - VPN route managing system and method of router IP protocol stack - Google Patents
VPN route managing system and method of router IP protocol stack Download PDFInfo
- Publication number
- CN103841026B CN103841026B CN201410059678.7A CN201410059678A CN103841026B CN 103841026 B CN103841026 B CN 103841026B CN 201410059678 A CN201410059678 A CN 201410059678A CN 103841026 B CN103841026 B CN 103841026B
- Authority
- CN
- China
- Prior art keywords
- vpn
- interface
- protocol stack
- plane
- message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention relates to a VPN route managing system and method of a router IP protocol stack and relates to the technical field of data communication. The VPN route managing system comprises a control plane and a transferring plane. The control plane comprises a route managing module and the IP protocol stack. The transferring plane comprises a VPN transferring list. The transferring plane further comprises a parser and a repeater. The parser is used for processing a message of a mark of an interface in the control plane and the transferring plane. The mark comprises the type of the interface and a VPN index value. The repeater is used for searching for the VPN transferring list corresponding to the VPN according to the index value of the VPN and a route set corresponding to the VPN is obtained. According to a target IP address of the message, the right route is searched for and selected. According to the VPN route managing system and method of the router IP protocol stack, interruption of relevant services of the control plane is prevented, workloads of the control plane are reduced and the complexity of the control plane is lowered.
Description
Technical field
The present invention relates to data communication technology field, is specifically a kind of VPN routing managements of accessor protocol stack
System and method.
Background technology
With the high speed development of network technology, VPN(Virtual Private Network Virtual Private Networks)Technology is existing
It is more and more extensive for what is used in communication network, wherein especially with MPLS(Multi-Protocol Label Switching are more
Protocol label is exchanged)VPN technologies are paid attention to by industry, become the mainstream technology in VPN applications.In MPLS L3(Layer3,3
Layer)In VPN, using VRF(Virtual Routing and Forwarding virtual flow-lines and forwarding)Table carries out VPN routes
Instantiation, the route of different VPN is isolated entirely from.
Modern router topology is broadly divided into control plane and Forwarding plane two large divisions.Control plane refer in system for
Transmission instruction, the part for calculating list item;Protocol massages forwarding, protocol item calculating, maintenance etc. belong to control plane
Category.Forwarding plane refers in system for carrying out the part of encapsulation, the forwarding of data message;The reception of such as data message, solution
Encapsulation, encapsulation, forwarding etc. belong to the category of Forwarding plane.Control plane to Forwarding plane, turns the route sending-down for calculating
Sending out plane carries out the forwarding of data message according to route.Most business is directly route by Forwarding plane, but is still had
A little service neededs are route in control plane, such as the OAM such as MPLS Ping, Trace(Operation
Administration and Maintenance, operation management maintainance)Function.
In the realization of the VPN route management methods of conventional router control plane IP protocol stack, IP protocol stack needs reality
Now with the forwarding capability of MPLS label message.In order to realize above-mentioned forwarding capability, it is desirable to the routing management module of control plane
By VRF and LSP(Label Switched Path, label switched path)FTN(FEC to NHLFE map,
Forwarding equivalence class FEC is mapped to Ingress nodes the process of NHLFE)Table, ILM(Incoming Label Map, enter label
Mapping)Table issues IP protocol stack.When data message in VPN is given IP protocol stack by application program, IP protocol stack according to
FTN determines the operation of message.
As shown in Figure 1 in BGP/MPLS VPN structures, CE(Customer Edge, user network boundary device)、PE
(Provider Edge, service provider edge devices)And P(Provider, Provider)It is connected, group
A MPLS switching network is built.Control plane application program initiates a ping inside VPN-1 on PE1 equipment, and purpose is PE2
Interface(Interface 3)IP address.IP protocol stack needs the label that the label of VPN-1, LSP are stamped to message, then encapsulates two
Layer head, by message Forwarding plane is given, and Forwarding plane is directly by message from Network Side Interface(Interface 5)Send.If
There is the relaying configuration of route, such as VPN FRR(The quick heavy-routes of Fast ReRoute), and when there is pretection switch, turn
Sending out plane can be immediately performed and switch, but control plane can not immediately be perceived or cannot perceived at all, it is thus possible to deposit
Inconsistent situation is route in control plane and Forwarding plane, the interruption of control plane related service is caused.And now, safeguard people
Member can take for VPN and have occurred and that failure, actually simply there occurs VPN FRR.In this traditional VPN route management method
In, control plane IP protocol stack needs to obtain all of VRF information and LSP information, and when there occurs FRR, control
Plane processed there is a need for being able to obtain datum plane timely to notify, to update.The complexity of system is which improves, is increased
The burden of control plane, and require that IP protocol stack supports MPLS forwarding capabilitys.
The content of the invention
For defect present in prior art, it is an object of the invention to provide a kind of VPN of accessor protocol stack
Route management system and method, prevent the interruption of control plane related service, reduce the workload of control plane, reduce control
The complexity of plane.
To reach object above, the present invention provides a kind of VPN route management systems of accessor protocol stack, including control
Plane and Forwarding plane, the control plane includes routing management module and IP protocol stack, and the Forwarding plane is forwarded including VPN
Table, the Forwarding plane also includes Packet analyzing device and transponder, and the Packet analyzing device is used for processing controls plane and Forwarding plane
In stamp interface labelling message, the labelling includes interface type and VPN index values, and the transponder is used for according to VPN
Index value searches the corresponding VPN forward tables of the VPN, the corresponding route sets of VPN is obtained, according to the purpose IP address of the message
Search and select correct route.
The present invention also provides a kind of VPN route management methods of the accessor protocol stack of the system:S1. control plane
One interface is set up by IP protocol stack, and creates a default route, the outgoing interface of the default route points to the interface;
S2. the data of control plane and Forwarding plane stamp the labelling of the interface, and the labelling includes interface type and VPN index values;
S3. Forwarding plane is processed and confirms that the message is that the interface sends, and according to VPN index values corresponding VPN forwardings are selected
Table, with reference to the purpose IP address of message routing forwarding is carried out.
On the basis of above-mentioned technical proposal, when the routing management module of the control plane creates VPN, to IP protocol stack
Send VPN and create message, a VRF table is created, while creating the interface.
On the basis of above-mentioned technical proposal, the IP protocol stack sets up the interface, and closes the ARP energy of the interface
Power.
On the basis of above-mentioned technical proposal, in the S2, the interface that control plane is set up is beaten when message is sent
The upper labelling, and type field is interface type, and VPN index values are used as the VPN ID.
On the basis of above-mentioned technical proposal, in the S3, Forwarding plane judges institute according to type field in the labelling
State whether message is what the interface sent, if in type field being interface type, for interface transmission.
On the basis of above-mentioned technical proposal, in the S3, during forwarding, Forwarding plane will refill the purpose of message
MAC Address and source MAC, target MAC (Media Access Control) address is filled to the next-hop mac address of route outgoing interface, and source MAC is filled out to go out
The MAC Address of interface.
The beneficial effects of the present invention is:By the VPN route management systems and method of accessor protocol stack, will be original
The VPN route work performed by control plane is transferred to Forwarding plane and performs, and can reduce the workload of control plane, reduce
The complexity of control plane, give full play to the powerful data-handling capacity of Forwarding plane;And can lead in Forwarding plane
Standby path switching, during such as VPN FRR, without perceiving the generation of FRR, then the VPN traffic in control plane is not yet for control plane
Interrupt, solve the problems, such as that control plane and Forwarding plane VPN routes are inconsistent.
Description of the drawings
Fig. 1 is schematic network structure of the prior art of the invention;
Fig. 2 is the VPN route management system schematic diagrams of accessor protocol stack of the present invention;
Fig. 3 is the VPN route management method flow charts of accessor protocol stack of the present invention.
Specific embodiment
The present invention is described in further detail below in conjunction with the drawings and specific embodiments.
As shown in Fig. 2 the VPN route management systems of accessor protocol stack of the present invention, including control plane and forwarding it is flat
Face, the control plane includes routing management module and IP protocol stack, and the Forwarding plane includes VPN forward tables, Packet analyzing device
And transponder, the Packet analyzing device is used in processing controls plane and Forwarding plane the message of the labelling for stamping interface, the mark
Note includes interface type and VPN index values, and the transponder is used to search the corresponding VPN forwardings of the VPN according to VPN index values
Table, obtains the corresponding route scopes of VPN, is searched in route scope according to the purpose IP address of the message, selects correct road
By.
As shown in figure 3, the VPN route management methods of accessor protocol stack of the present invention, comprise the steps in detail:
S1. when the routing management module of the control plane creates VPN, send VPN to IP protocol stack and create message, create
One VRF table.IP protocol stack creates an interface while VRF table is created(Interface name is Vrf Tunnel, below letter
Referred to as Vrf Tunnel interfaces), the ARP abilities of the interface are closed, and create a default route, the default route goes out to connect
Mouth points to the Vrf Tunnel interfaces.
S2. as shown in table 1, the data of control plane and Forwarding plane beat the labelling of last layer Vrf Tunnel interfaces, should
Labelling includes two effective attribute, i.e. interface types and VPN index values.Vrf Tunnel interfaces stamp the mark when message is sent
Note, and type field is interface type, and VPN index values are used as the VPN ID.
Table 1
S3. Forwarding plane judges whether the message is that Vrf Tunnel interfaces are sent out according to type field in the labelling
Send, if type field is not the interface type, walk conventional forwarding process, directly search routing table and forwarded.If class
Type-word section is the interface type, then be considered as the Vrf Tunnel interfaces and send, and is then searched according to VPN index values corresponding
VPN forward tables, in the route scope for obtaining, according to the purpose IP address of message corresponding route are selected, and carry out routing forwarding.
During forwarding, Forwarding plane needs purpose MAC for refilling message(Media Access Control, medium access control)Ground
Location and source MAC, target MAC (Media Access Control) address is filled to the next-hop mac address of route outgoing interface, and source MAC is filled out as outgoing interface
MAC Address.
By taking network structure shown in Fig. 1 as an example, it is assumed that PE1 and PE2 establishes VPN-1 and VPN-2, and CE1, CE3 belong to VPN-
1, CE2, CE4 belongs to VPN-2.
First, the routing management module of PE1 control planes issues IP protocol stack VPN routing tables and creates message, IP protocol stack
VPN routing tables are created, and a vrf tunnel interface is created, while generate a default route, the default route goes out
Interface points to the vrf tunnel interfaces.In the same manner, PE2 completes in an identical manner configuration.
Then, the ping of a VPN-1 is initiated in PE1 control planes, purpose is CE3, and ping messages are from application program
IP protocol stack is given, IP protocol stack searches the corresponding VPN routing tables of VPN-1, the default route for configuring before matched, according to this
Routing forwarding message, message is forwarded from Vrf Tunnel interfaces, while marking, the interface class comprising Vrf Tunnel interfaces
Type and VPN index values.
Message is delivered to Forwarding plane, and the resolver of Forwarding plane analyzes the labelling of message, parses interface type and VPN
Index value, once judging the interface type that type field is Vrf Tunnel interfaces, is searched by transponder according to VPN index values
The corresponding VPN forward tables of the VPN, then search the VPN forward tables according to purpose IP address, select correct route, and this is reported
Text is transferred in network.
The present invention is not limited to above-mentioned embodiment, for those skilled in the art, without departing from
On the premise of the principle of the invention, some improvements and modifications can also be made, these improvements and modifications are also considered as the protection of the present invention
Within the scope of.The content not being described in detail in this specification belongs to prior art known to professional and technical personnel in the field.
Claims (7)
1. a kind of VPN route management systems of accessor protocol stack, including control plane and Forwarding plane, the control plane
Including routing management module and IP protocol stack, the Forwarding plane includes VPN forward tables, it is characterised in that:The Forwarding plane
Also include Packet analyzing device and transponder, the Packet analyzing device is used in processing controls plane and Forwarding plane stamp the labelling of interface
Message, the labelling includes interface type and VPN index values, and the transponder is used to search this VPN pair according to VPN index values
The VPN forward tables answered, obtain the corresponding route sets of VPN, and correct road is searched and selected according to the purpose IP address of the message
By;
When carrying out VPN routing managements, control plane sets up an interface by IP protocol stack, and creates a default route, institute
The outgoing interface for stating default route points to the interface;The data of control plane and Forwarding plane stamp the labelling of the interface, should
Labelling includes interface type and VPN index values;Forwarding plane is processed and confirms that the message is that the interface sends, according to
VPN index values select corresponding VPN forward tables, and with reference to the purpose IP address of message routing forwarding is carried out.
2. a kind of VPN route management methods of the accessor protocol stack based on system described in claim 1, it is characterised in that:
S1. control plane sets up an interface by IP protocol stack, and create a default route, and the default route goes out to connect
Mouth points to the interface;
S2. the data of control plane and Forwarding plane stamp the labelling of the interface, and the labelling includes interface type and VPN indexes
Value;
S3. Forwarding plane is processed and confirms that the message is that the interface sends, and according to VPN index values corresponding VPN is selected
Forward table, with reference to the purpose IP address of message routing forwarding is carried out.
3. a kind of VPN route management methods of the accessor protocol stack based on described in claim 2, it is characterised in that:It is described
When the routing management module of control plane creates VPN, send VPN to IP protocol stack and create message, create a VRF table, while
Create the interface.
4. a kind of VPN route management methods of the accessor protocol stack based on described in Claims 2 or 3, it is characterised in that:Institute
State IP protocol stack and set up the interface, and close the ARP abilities of the interface.
5. a kind of VPN route management methods of the accessor protocol stack based on described in claim 2, it is characterised in that:It is described
In S2, the interface that control plane is set up stamps the labelling when message is sent, and type field is interface type,
VPN index values are used as the VPN ID.
6. a kind of VPN route management methods of the accessor protocol stack based on described in claim 2, it is characterised in that:It is described
In S3, Forwarding plane judges whether the message is what the interface sent according to type field in the labelling, if class type-word
Duan Zhongwei interface types, then be interface transmission.
7. a kind of VPN route management methods of the accessor protocol stack based on described in claim 2, it is characterised in that:It is described
In S3, during forwarding, Forwarding plane will refill the target MAC (Media Access Control) address and source MAC of message, and target MAC (Media Access Control) address is filled to
The next-hop mac address of route outgoing interface, source MAC fills out the MAC Address for outgoing interface.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410059678.7A CN103841026B (en) | 2014-02-21 | 2014-02-21 | VPN route managing system and method of router IP protocol stack |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410059678.7A CN103841026B (en) | 2014-02-21 | 2014-02-21 | VPN route managing system and method of router IP protocol stack |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103841026A CN103841026A (en) | 2014-06-04 |
| CN103841026B true CN103841026B (en) | 2017-04-12 |
Family
ID=50804177
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410059678.7A Active CN103841026B (en) | 2014-02-21 | 2014-02-21 | VPN route managing system and method of router IP protocol stack |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103841026B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107666442B (en) * | 2016-07-29 | 2019-09-17 | 北京金山云网络技术有限公司 | A kind of virtual network controls method and apparatus based on software defined network SDN |
| CN110048953B (en) * | 2019-04-30 | 2021-11-23 | 新华三技术有限公司 | Load sharing method, device and router |
| CN114650196B (en) * | 2020-12-17 | 2024-04-05 | 浙江宇视科技有限公司 | VLAN interface data message forwarding method, device, equipment and storage medium |
| CN112737932B (en) * | 2020-12-25 | 2023-04-07 | 江苏省未来网络创新研究院 | DPDK-based high-performance IPSCE gateway |
| CN114301842B (en) * | 2021-12-30 | 2024-03-15 | 山石网科通信技术股份有限公司 | Route searching method and device, storage medium, processor and network system |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101087257A (en) * | 2007-07-03 | 2007-12-12 | 中兴通讯股份有限公司 | Method for realizing service quality for VPN traffic based on Ethernet interface |
| CN103078794A (en) * | 2013-01-08 | 2013-05-01 | 杭州华三通信技术有限公司 | Message processing control method and device |
-
2014
- 2014-02-21 CN CN201410059678.7A patent/CN103841026B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101087257A (en) * | 2007-07-03 | 2007-12-12 | 中兴通讯股份有限公司 | Method for realizing service quality for VPN traffic based on Ethernet interface |
| CN103078794A (en) * | 2013-01-08 | 2013-05-01 | 杭州华三通信技术有限公司 | Message processing control method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103841026A (en) | 2014-06-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10320664B2 (en) | Cloud overlay for operations administration and management | |
| CN105515978B (en) | Realize the method and device of distributed routing, physical host access | |
| WO2017162095A1 (en) | Communication method, device and system based on flow specification protocol | |
| CN103546374B (en) | A kind of method and apparatus E-Packeted in edge double layer network | |
| CN104243270B (en) | A kind of method and apparatus for establishing tunnel | |
| CN103685022B (en) | Message forwarding method and service provider network edge equipment | |
| US8416787B2 (en) | Method, system and apparatus for implementing L2VPN between autonomous systems | |
| CN108574639A (en) | EVPN message processing methods, equipment and system | |
| CN108574630A (en) | EVPN message processing methods, equipment and system | |
| CN103841026B (en) | VPN route managing system and method of router IP protocol stack | |
| CN102739501B (en) | Message forwarding method and system in two three layer virtual private networks | |
| JPWO2014136864A1 (en) | Packet rewriting device, control device, communication system, packet transmission method and program | |
| JP2013504959A (en) | Method and system for realizing virtual private network | |
| CN102075446A (en) | Interconnection method of transparent interconnection network of lots of links in different places and operator edge device | |
| CN104243362B (en) | A kind of message forwarding method and device | |
| WO2013139270A1 (en) | Method, device, and system for implementing layer3 virtual private network | |
| CN103124236B (en) | The management method of route and label and device | |
| CN103326940A (en) | Method for forwarding message in network and edge device of operator | |
| CN106850380A (en) | Realize the method and system of the three-layer virtual special network of multiprotocol label switching | |
| CN108141392A (en) | The method and apparatus that pseudowire load is shared | |
| WO2020098611A1 (en) | Method and apparatus for acquiring routing information | |
| CN103457820B (en) | The implementation method and device of hierarchical virtual private local area network service | |
| CN106961400A (en) | A kind of method and system for realizing cloud platform virtual port mirror image | |
| CN103326917A (en) | MPLS-based method and device for line speed mutual forwarding of two-layer VPN and three-layer VPN | |
| EP2832055B1 (en) | Pseudowire groups in a packet switched network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |