CN104683206A - Method and device for coordinating and switching layer 2 and layer 3 virtual private networks in bridging apparatus - Google Patents
Method and device for coordinating and switching layer 2 and layer 3 virtual private networks in bridging apparatus Download PDFInfo
- Publication number
- CN104683206A CN104683206A CN201310626109.1A CN201310626109A CN104683206A CN 104683206 A CN104683206 A CN 104683206A CN 201310626109 A CN201310626109 A CN 201310626109A CN 104683206 A CN104683206 A CN 104683206A
- Authority
- CN
- China
- Prior art keywords
- tunnel
- bridging nodes
- l3vpn
- network segment
- main
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Abstract
The present invention discloses a method and device for coordinating and switching layer 2 and layer 3 virtual private networks in a bridging apparatus. The method includes: establishing a tunnel between a main bridging node and a backup bridging node thereof of the layer 2 and layer 3 virtual private networks for carrying a layer 3 virtual private network (L3VPN) business; establishing a protective tunnel at the L3VPN via a layer 3 looped network; and when a breaking point exists in links on a converging ring hung beneath the main bridging node and between the main bridging node and the backup bridging node thereof of the layer 2 and layer 3 virtual private networks, detecting an IP address segment which is route inaccessible caused by the breaking point; starting, by the main bridging node, fast reroute VPN FRR switching, and switching the business to the backup bridging node via the protective tunnel. At the same time, the present invention further discloses a device for coordinating and switching layer 2 and layer 3 virtual private networks in a bridging apparatus. According to the present invention, the L2VPN and L3VPN protection linkage can be achieved to ensure normal operation of the business.
Description
Technical field
The present invention relates to the network switching technique of the communications field, to particularly relate in a kind of bridging device two layers of method and device coordinating to switch with Layer3 Virtual Private Network.
Background technology
Existing Packet Transport Network (PTN, Packet Transport Network) framework is generally made up of key ring, convergence ring and access ring or access chain, and wherein, key ring is the circulus be composed in series by several backbone nodes; Converging ring is the circulus be composed in series by least one backbone node be positioned on same key ring and several aggregation nodes; Access ring is the circulus be composed in series by a backbone node or one or two aggregation node and several access nodes, and access ring is divided into again dual homed access ring and single aggregation node access ring usually; Access chain is the chain structure be composed in series by the access node on a backbone node or an aggregation node or an access ring and several access nodes.
When adopting PTN to carry 3GPP Long Term Evolution (LTE, Long Term Evolution) business, the common a kind of networking topology of PTN network is the group network topological structure of pair first line of a couplet form, as shown in Figure 1.In the two first line of a couplet networking topologys shown in Fig. 1; usual meeting configures Layer3 Virtual Private Network (L3VPN in core layer PTN device and key convergence device; Layer 3 Virtual Private Network); cut-in convergent layer configures two layer virtual private network (L2VPN; Layer 2 Virtual Private Network), adopt the mode of L2VPN+L3VPN to carry out carrying and the scheduling of LTE business.
The equipment being positioned at L2VPN and L3VPN network boundary is called as two layers and three layers of (L2L3) Virtual Private Network bridging nodes, i.e. backbone node, the L3 virtual interface of L2 virtual interface and the IP network sector address for configurating base station is provided with in the inside of L2L3 bridging nodes, therefore, L2L3 bridging nodes can set up the bridge joint relation of L2 virtual interface and L3 virtual interface, and then the forwarding of the business that realizes between L2VPN and L3VPN.
In order to when L2L3 bridging nodes fault, the protection of business can be realized, usually can adopt two extension forms as shown in Figure 1.In L2VPN network, adopt pseudo-line (PW, Pseudo Wire) dual-homing protection, the dual homed node edge router (PE that PW dual-homing protection is corresponding, Provider Edge) PE3/PE4, PE5/PE6, PE7/PE8 separately forming surface protect to the active/standby gateway Virtual Router Redundancy Protocol (VRRP, Virtual Router Redundancy Protocol) of evolved base station (e-NodeB), wherein, e-NodeB represents with eNB-n, and n is integer; Simultaneously; at L3VPN internal configurations Quickly regroup (VPN FRR; Fast ReRoute) protection; to all Virtual Private Network routing forwarding (VRF; VPN Routing & Forwarding) route all configures active and standby down hop PE node, the fault detect between PE node, adopts label switched path (LSP; Label Switching Path) operation management maintain (OAM, the Operation Administration and Maintenance) functional realiey of layer.
Carry in LTE business networking resist technology at existing PTN, lack the joint-action mechanism of L2VPN and L3VPN protection, as shown in Figure 2, there is breakpoint in the convergence ring 1 hung under L2L3 bridging nodes PE3, and also there is breakpoint in the link between bridging nodes PE3 and its bridging nodes PE4 for subsequent use, at this moment, due in L2VPN network, the downlink business of LTE network cannot be forwarded to LTE base station by main bridging nodes PE3, but cannot perception L2VPN network internal fault within the scope of L3VPN, still downlink business is sent to PE3, interrupt causing the downlink business converged on the access ring of ring 1 time extension.
Summary of the invention
In view of this, method and device that main purpose of the present invention to be to provide in a kind of bridging device two layers to coordinate to switch with Layer3 Virtual Private Network, can realize the interlock of L2VPN and L3VPN protection, ensure normally carrying out of business.
For achieving the above object, technical scheme of the present invention is achieved in that
Embodiments provide a kind of method that in bridging device, two layers are coordinated to switch with Layer3 Virtual Private Network, between the main bridging nodes and its bridging nodes for subsequent use of two layers and Layer3 Virtual Private Network, set up the tunnel carrying Layer3 Virtual Private Network L3VPN business, and set up protection tunnel at L3VPN by shellring net; Described method also comprises:
When breakpoint appears in the link on the convergence ring hung under the main bridging nodes of two layers and Layer3 Virtual Private Network and between main bridging nodes and its bridging nodes for subsequent use, detect the inaccessible IP address network segment of route that described breakpoint causes;
Main bridging nodes starts Quickly regroup VPN FRR and switches, and switches the business to described bridging nodes for subsequent use by described protection tunnel.
In such scheme, the primary route that described main bridging nodes startup VPN FRR switches is the route through Layer 2 virtual private network L2VPN and L3VPN interface, and alternate routing is the tunnel carrying L3VPN business between main bridging nodes and bridging nodes for subsequent use;
Wherein, described tunnel is comprised the tunnel of the L3VPN business set up between main bridging nodes and its bridging nodes for subsequent use and to be set up by shellring net at L3VPN and protect tunnel; Described protection tunnel is protected described tunnel configuration APS APS 1:1.
In such scheme, described IP address network segment presses dual homed access ring and/or the aggregation node division of base station;
Each described IP address network segment only for dual homed access ring or the aggregation node of same convergence ring, and not across dual homed access ring or aggregation node.
In the IP address that described IP address network segment divides, subnet number is 12bit, main frame is numbered 4bit.
In such scheme, described dual homed access ring or aggregation node comprise: the base station number of management is less than or equal to 11 being greater than 11 with the base station number of management and being less than or equal to 22;
The base station number of described management is less than or equal to dual homed access ring or the corresponding IP address network segment of aggregation node of 11; The base station number of described management is greater than 11 and is less than or equal to dual homed access ring or corresponding two the IP address network segments of aggregation node of 22.
In such scheme, described method also comprises:
Detect the IP address network segment that route that described breakpoint recovers to cause can reach;
Accordingly, when IP address network segment route can reach, start VPN FRR protection, by described protection tunnel by service switchback.
The embodiment of the present invention additionally provides the device that in a kind of bridging device, two layers are coordinated to switch with Layer3 Virtual Private Network, and described device comprises tunnel and sets up unit, detecting unit, switch unit;
Unit is set up in described tunnel, for setting up the tunnel carrying L3VPN business between the main bridging nodes and its bridging nodes for subsequent use of two layers and Layer3 Virtual Private Network, and sets up protection tunnel at L3VPN by shellring net;
Described detecting unit, when breakpoint appears in the link on the convergence ring hung under the main bridging nodes at two layers and Layer3 Virtual Private Network and between main bridging nodes and its bridging nodes for subsequent use, detects the inaccessible IP address network segment of route that described breakpoint causes;
Described switch unit, switching for starting VPN FRR by main bridging nodes, switching the business to described bridging nodes for subsequent use by described protection tunnel.
In such scheme, the primary route that described main bridging nodes startup VPN FRR switches is the route through L2VPN and L3VPN interface, and alternate routing is the tunnel carrying L3VPN business between main bridging nodes and bridging nodes for subsequent use;
Wherein, described tunnel is comprised the tunnel of the L3VPN business set up between main bridging nodes and its bridging nodes for subsequent use and to be set up by shellring net at L3VPN and protect tunnel; Described protection tunnel is protected described tunnel configuration APS1:1.
In such scheme, described device also comprises dispensing unit, divides IP address network segment for the dual homed access ring and/or aggregation node pressing base station;
Each described IP address network segment only for dual homed access ring or the aggregation node of same convergence ring, and not across dual homed access ring or aggregation node;
In the IP address that described IP address network segment divides, subnet number is 12bit, main frame is numbered 4bit.
In such scheme, described dual homed access ring or aggregation node comprise: the base station number of management is less than or equal to 11 being greater than 11 with the base station number of management and being less than or equal to 22;
The base station number of described management is less than or equal to dual homed access ring or the corresponding IP address network segment of aggregation node of 11; The base station number of described management is greater than 11 and is less than or equal to dual homed access ring or corresponding two the IP address network segments of aggregation node of 22.
In such scheme, described detecting unit, the IP address network segment that the route also recovering to cause for detecting described breakpoint can reach;
Accordingly, described switch unit, also for when IP address network segment route can reach, starts VPN FRR protection, by described protection tunnel by service switchback.
Two layers of method coordinating to switch with Layer3 Virtual Private Network and device in the bridging device that the embodiment of the present invention provides, the division of IP address network segment is carried out by dual homed access ring and/or aggregation node in base station, there is breakpoint in the link on the convergence ring hung under the main bridging nodes of two layers and Layer3 Virtual Private Network and between main bridging nodes and its bridging nodes for subsequent use, when causing part IP address network segment route unreachable, main bridging nodes starts Quickly regroup VPN FRR and switches, and switches the business to described bridging nodes for subsequent use by described protection tunnel; So, the present invention can make L3VPN perceive the change occurred in L2VPN network, thus sets up the joint-action mechanism of L2VPN and L3VPN protection, the service disconnection phenomenon existed to avoid prior art, ensures normally carrying out of business, improves the performance of system.
Accompanying drawing explanation
Fig. 1 is a kind of networking topological diagram of two first line of a couplet forms of existing PTN network;
The networking topological diagram of many places fault is there is when Fig. 2 is L2L3 bridging nodes band single convergence ring;
The networking topological diagram of many places fault is there is when Fig. 3 is L2L3 bridging nodes band multiple convergence ring;
Fig. 4 be L2L3 bridging nodes band multiple convergence ring and same convergence endless belt multiple access ring time there is the networking topological diagram of many places fault;
Fig. 5 is that the embodiment of the present invention one realizes two layers and coordinates the schematic flow sheet of the method for switching with Layer3 Virtual Private Network;
Fig. 6 is that the embodiment of the present invention two realizes two layers and coordinates the schematic flow sheet of the method for switching with Layer3 Virtual Private Network;
Fig. 7 be in embodiment of the present invention bridging device two layers coordinate the composition structural representation of the device switched with Layer3 Virtual Private Network.
Embodiment
In embodiments of the present invention, between the main bridging nodes and its bridging nodes for subsequent use of two layers and Layer3 Virtual Private Network, set up the tunnel carrying L3VPN business, and set up protection tunnel at L3VPN by shellring net; There is breakpoint in the link on the convergence ring hung under the main bridging nodes of two layers and Layer3 Virtual Private Network and between main bridging nodes and its bridging nodes for subsequent use; when causing part IP address network segment route unreachable; main bridging nodes starts VPN FRR and switches, and switches the business to described bridging nodes for subsequent use by described protection tunnel.
The primary route that main bridging nodes startup VPN FRR switches is the route through L2VPN and L3VPN interface, and alternate routing is the tunnel carrying L3VPN business between main bridging nodes and bridge joint for subsequent use save; Wherein, described service tunnel is comprised the tunnel of the L3VPN business set up between main bridging nodes and its bridging nodes for subsequent use and to be set up by shellring net at L3VPN and protect tunnel; Described protection tunnel is protected described tunnel configuration APS APS 1:1.
Further, start above-mentioned failure notification mechanism and VPN FRR wrap protection, switch making the polyaluminium chloride PAC of the section of breaking down, the result of switching is BTS service all under making this polyaluminium chloride PAC network segment, comprise the business of uplink and downlink both direction, be switched to PE for subsequent use, therefore, also there is certain relation in the division of realization and base station IP address network segment that the present invention coordinates reverse method; Accordingly, the present invention also needs base station to carry out the division of IP address network segment by dual homed access ring and/or aggregation node.
In the present invention, IP address can adopt the IP address network segment division methods by dual homed access ring, also can adopt the IP address network segment division methods by aggregation node; Described aggregation node comprises single aggregation node access ring of aggregation node itself and lower extension thereof or the access chain of aggregation node itself and lower extension thereof, and described dual homed access ring and described single aggregation node access ring can comprise access chain.When carrying out the division of IP address network segment by dual homed access ring, due to dual homed access ring and on it fault scenes of aggregation node different, cause not switched by the aggregation node of fault effects to prevent the fault of dual homed access ring self thereupon and affect aggregation node business, therefore, the aggregation node do not comprised when IP address network segment divides on dual homed access ring is carried out by dual homed access ring.
Below in conjunction with the drawings and specific embodiments, the technical solution of the present invention is further elaborated.
In prior art, IP address format, as shown in table 1, IP address, base station adopts 24bit mask, comprises 8bit whole nation districts and cities numbering, 8bit subnet number, 8bit main frame numbering; Here, described main frame refers to bastion host; Except 24bit mask, in IP address, base station, 8bit is fixing 10. or 172. in addition, this is that the IP address adopted due to LTE base station belongs to private net address, follow Internet Engineering Task group (IETF, Internet Engineering Task Force,) about the definition of IP address, private net address is generally 10 or 172.
Removing host number be 0 and 255 IP address and active and standby gateway IP address beyond, have 252 IP addresses in the IP address network segment that the L3 virtual interface of each L2L3 bridging nodes is corresponding, therefore, 252 base stations can be held.In actual applications, a key ring converging ring number of nodes usually can not more than 6, and the quantity of the base-station node hung under each convergence ring is no more than 100 usually, and therefore, 252 base stations will be distributed on multiple convergence ring.
| 10. or 172. | Whole nation districts and cities numbering | Subnet number | Main frame is numbered |
| 8bit | 8bit | 8bit | 8bit |
Table 1
When L2L3 bridging nodes is connected with multiple convergence ring, and the convergence ring broken down just wherein Part Convergence ring time, VPN FRR wrap protection cannot be used.Specifically, as shown in Figure 3, there is breakpoint in the convergence ring 1a hung under L2L3 bridging nodes PE3, and also there is breakpoint in the link between bridging nodes PE3 and its bridging nodes PE4 for subsequent use, at this moment, the BTS service of hanging under will causing this convergence ring 1a cannot arrive L2L3 bridging nodes PE3, and the BTS service of hanging under converging ring 1b still can arrive L2L3 bridging nodes PE3; But if PE3 notifies that far-end PE such as PE1 switches, then the BTS service of hanging under causing converging ring 1b be also affected, this processing mode is obviously unreasonable.
The method solving problem shown in Fig. 3 is: according to the scale converging ring, carry out suitable division, make all base stations that L2L3 bridging nodes is hung under each L3 virtual interface in same convergence ring to base station IP address network segment.But, this solution can not solve situation as shown in Figure 4, when there is double breaking points fault in convergence ring 1a, wherein, on the convergence ring 1 hung under one place's breakpoint fault is positioned at L2L3 bridging nodes PE3, on the link of another place's breakpoint fault between bridging nodes PE3 and its bridging nodes PE4 for subsequent use, at this moment, BTS service such as the business of eNB1 of the access ring 1 time extension converged on ring 1a can be caused cannot to arrive L2L3 bridging nodes PE3, and BTS service such as the business of eNB5 that access ring is hung for 2 times still can arrive L2L3 bridging nodes PE3, therefore, if PE3 notifies that far-end PE such as PE1 switches in this case, this processing mode is obviously also irrational.
As can be seen from the above analysis, the precondition of startup separator informing mechanism and VPN FRR Switchover mechanism should be: all LSP that certain L3 virtual interface is corresponding all lost efficacy.
In order to solve the problem shown in Fig. 3 and Fig. 4; the present invention realizes two layers of method coordinating to switch with Layer3 Virtual Private Network; by by dual homed access ring and/or aggregation node, the IP address network segment to base station divides, because dual homed access ring or aggregation node are all minimum units of looped network protection.Table 2 coordinates with Layer3 Virtual Private Network reverse method to carry out the division of IP address network segment IP address format by dual homed access ring and/or aggregation node for the present invention realizes two layers, as shown in table 2, the IP address format carrying out the division of IP address network segment by dual homed access ring and/or aggregation node is followed successively by from a high position to low level: the first address field 8bit is fixing 10. or 172.; Second address field 8bit represents that national districts and cities number; 3rd address field 12bit represents subnet number, i.e. the quantity of dual homed access ring or aggregation node; Four-address section 4bit represents that main frame is numbered, and here, main frame refers to bastion host.Under the dividing mode of this IP address network segment, each IP address network segment is containing 16 IP addresses, and except full 0 and all ones address, gateway address and VRRP address (reserved 2 addresses), each IP address network segment can use 11 IP addresses, represents 11 base stations respectively.
| 10. or 172. | Whole nation districts and cities numbering | Subnet number | Main frame is numbered |
| 8bit | 8bit | 12bit | 4bit |
Table 2
Except employing is undertaken except the division of IP address network segment by dual homed access ring and/or aggregation node, also need dual homed access ring or aggregation node to be divided into two classes in the present invention: the base station number that first kind dual homed access ring or aggregation node self manage is less than or equal to 11, the corresponding IP address network segment of described first kind access ring; The base station number that Equations of The Second Kind dual homed access ring or aggregation node self manage is greater than 11 and is less than or equal to 22, described Equations of The Second Kind dual homed access ring or corresponding two the IP address network segments of aggregation node.In general, in actual applications, on LTE access ring, the quantity of base station is at 6 ~ 8, thus more than the dual homed access ring of 11 base stations or aggregation node less.In addition, also need to ensure same IP address network segment only in the dual homed access ring of same convergence ring or aggregation node, and each IP address network segment is not across dual homed access ring or aggregation node.
Adopt the service protection that can to realize by the IP address network segment division methods of dual homed access ring and/or aggregation node under various scene, give an example, as shown in Figure 4, the access ring 1 being subject to fault effects all lost efficacy to the LSP of the corresponding L3 virtual interface of PE3, the uplink service of base station cannot be communicated to PE3, now, uplink service is switched to PE4 by PW double-returning protection switching, PE3 coordinates the VPN FRR that PE1 starts the L3 virtual interface of access ring 1 correspondence, PE1 downlink business is switched to PE4, thus upper on access ring 1, downlink business is all switched to PE4, like this, upper on access ring 1, downlink business is all protected.For the access ring 2 of convergence ring 1a not by fault effects, the uplink service of access ring 2 still can arrive PE3, so do not start PW double-returning protection switching.For only occur single-break fault convergence ring 1b and on access ring, uplink service still can arrive PE3, does not also start PW double-returning protection switching.
Carry out the prerequisite of IP address network segment division by dual homed access ring and/or aggregation node to base station based on above-mentioned, as shown in Figure 5, the embodiment of the present invention one realizes two layers of method coordinating to switch with Layer3 Virtual Private Network, comprises the following steps:
Step 501: set up the tunnel carrying L3VPN business between the main bridging nodes and its bridging nodes for subsequent use of two layers and Layer3 Virtual Private Network, and set up protection tunnel at L3VPN by shellring net;
The primary route that described main bridging nodes startup VPN FRR switches is the route through L2VPN and L3VPN interface, and alternate routing is the tunnel carrying L3VPN business between main bridging nodes and bridging nodes for subsequent use;
Wherein, described tunnel is comprised the tunnel of the L3VPN business set up between main bridging nodes and its bridging nodes for subsequent use and to be set up by shellring net at L3VPN and protect tunnel; Described protection tunnel is protected described tunnel configuration APS APS 1:1.
The tunnel of described carrying L3VPN business is the service tunnel between main bridging nodes and its bridging nodes for subsequent use, such as, and the service tunnel set up between PE3 and PE4 in Fig. 4; Described protection tunnel is the tunnel set up by shellring net, such as, by service tunnel that PE3-PE1-PE2-PE4 sets up in Fig. 4.
Step 502: when breakpoint appears in the link on the convergence ring hung under the main bridging nodes of two layers and Layer3 Virtual Private Network and between main bridging nodes and its bridging nodes for subsequent use, detect the inaccessible IP address network segment of route that described breakpoint causes;
Wherein, the route of described IP address network segment is unreachable to be referred to, bridge joint relation according to L2L3 bridging nodes configures, it is access ring nodes that the L2 virtual interface that L3 virtual interface is corresponding generally exists 2N(N) bar LSP, if the 2N bar LSP that certain L3 virtual interface is corresponding all lost efficacy, then illustrated that the route of the corresponding IP address network segment of this L3 virtual interface was unreachable; Here, described L3 virtual interface and L2 virtual interface are an access ring and exclusively enjoy.
Step 503: main bridging nodes starts Quickly regroup VPN FRR and switches, and switches the business to described bridging nodes for subsequent use by described protection tunnel.
Here; described pretection switch refers to: when the route of IP address network segment is unreachable; main bridging nodes starts Quickly regroup VPN FRR and switches, and triggers VPN FRR pretection switch to the alternate routing of configuration, switches the business to described bridging nodes for subsequent use by described protection tunnel.The route of LSP is now protected to be PE3-PE1-PE2-PE4.
Further, the present invention also comprises: the breakpoint on the convergence ring hung under two layers of bridging nodes with Layer3 Virtual Private Network recovers, and/or the breakpoint of link between described bridging nodes and its bridging nodes for subsequent use is when recovering, detect the IP address network segment that route that described breakpoint recovers can reach;
Here, the route of described IP address network segment can reach and refer to, if the p bar (1≤p≤2N) in 2N bar LSP corresponding to former route certain L3 virtual interface inaccessible recovers normal, then illustrates that the route of the IP address network segment that this L3 virtual interface is corresponding can reach from unreachable becoming.
Accordingly, when IP address network segment route can reach, start VPN FRR protection, by described protection tunnel by service switchback.
Here, described protection switchback refers to: when the route of IP address network segment can reach, and main bridging nodes starts Quickly regroup VPN FRR and switches, and route is switched back to primary route.
Fig. 6 is that the embodiment of the present invention two realizes two layers and coordinates the schematic flow sheet of the method for switching with Layer3 Virtual Private Network; As shown in Figure 6, described coordination reverse method comprises the following steps:
Step 601: set up the tunnel carrying L3VPN business between the main bridging nodes and its bridging nodes for subsequent use of two layers and Layer3 Virtual Private Network, and set up protection tunnel at L3VPN by shellring net;
The primary route that described main bridging nodes startup VPN FRR switches is the route through L2VPN and L3VPN interface, and alternate routing is the tunnel carrying L3VPN business between main bridging nodes and bridging nodes for subsequent use.
Wherein, described tunnel is comprised the tunnel of the L3VPN business set up between main bridging nodes and its bridging nodes for subsequent use and to be set up by shellring net at L3VPN and protect tunnel; Described protection tunnel is protected described tunnel configuration APS APS 1:1.
The tunnel of described carrying L3VPN business is the service tunnel between main bridging nodes and its bridging nodes for subsequent use, such as, and the service tunnel set up between PE3 and PE4 in Fig. 4; Described protection tunnel is the tunnel set up by shellring net, such as, by service tunnel that PE3-PE1-PE2-PE4 sets up in Fig. 4.
Step 602: judge whether the breakpoint of the breakpoint on the convergence ring hung under the bridging nodes of two layers and Layer3 Virtual Private Network and the link between described main bridging nodes and its bridging nodes for subsequent use changes; When breakpoint produces, perform step 603; When breakpoint recovers, perform step 605;
Step 603: detect the inaccessible IP address network segment of route whether described breakpoint causes; When detecting that IP address network segment route is unreachable, perform step 604, otherwise, perform step 602;
Wherein, the route of described IP address network segment is unreachable to be referred to, bridge joint relation according to L2L3 bridging nodes configures, it is access ring nodes that the L2 virtual interface that L3 virtual interface is corresponding generally exists 2N(N) bar LSP, if the 2N bar LSP that certain L3 virtual interface is corresponding all lost efficacy, then illustrated that the route of the corresponding IP address network segment of this L3 virtual interface was unreachable; Here, described L3 virtual interface and L2 virtual interface are an access ring and exclusively enjoy.
Step 604: main bridging nodes starts Quickly regroup VPN FRR and switches, and switch the business to described bridging nodes for subsequent use by described protection tunnel, this flow process terminates.
Here; described pretection switch refers to: when the route of IP address network segment is unreachable; main bridging nodes starts Quickly regroup VPN FRR and switches, and triggers VPN FRR pretection switch to the alternate routing of configuration, switches the business to described bridging nodes for subsequent use by described protection tunnel.The route of LSP is now protected to be PE3-PE1-PE2-PE4.
Step 605: detect the inaccessible IP address network segment of former route that described breakpoint recovers whether to cause and become and can reach; When detecting that IP address network segment route can reach, perform step 606, otherwise, perform step 602;
Here, the route of described IP address network segment can reach and refer to, if the p bar (1≤p≤2N) in 2N bar LSP corresponding to former route certain L3 virtual interface inaccessible recovers normal, then illustrates that the route of the IP address network segment that this L3 virtual interface is corresponding can reach from unreachable becoming;
Step 606: start VPN FRR protection, by described protection tunnel by service switchback, this flow process terminates.
Here, described protection switchback refers to: when the route of IP address network segment can reach, and main bridging nodes starts Quickly regroup VPN FRR and switches, and route is switched back to primary route.
The embodiment of the present invention additionally provides the device that in a kind of bridging device, two layers are coordinated to switch with Layer3 Virtual Private Network, and as shown in Figure 7, described device comprises tunnel and sets up unit 71, detecting unit 72, switch unit 73.
Unit 71 is set up in described tunnel, for setting up the tunnel carrying L3VPN business between the main bridging nodes and its bridging nodes for subsequent use of two layers and Layer3 Virtual Private Network, and sets up protection tunnel at L3VPN by shellring net;
Described detecting unit 72, when breakpoint appears in the link on the convergence ring hung under the main bridging nodes at two layers and Layer3 Virtual Private Network and between main bridging nodes and its bridging nodes for subsequent use, detect the inaccessible IP address network segment of route that described breakpoint causes;
Described switch unit 73, switching for starting VPN FRR by main bridging nodes, switching the business to described bridging nodes for subsequent use by described protection tunnel.
The primary route that described main bridging nodes startup VPN FRR switches is the route through L2VPN and L3VPN interface, and alternate routing is the tunnel carrying L3VPN business between main bridging nodes and bridging nodes for subsequent use;
Wherein, described tunnel is comprised the tunnel of the L3VPN business set up between main bridging nodes and its bridging nodes for subsequent use and to be set up by shellring net at L3VPN and protect tunnel; Described protection tunnel is protected described tunnel configuration APS 1:1.
Further, described device also comprises dispensing unit 74, divides IP address network segment for the dual homed access ring and/or aggregation node pressing base station;
Each described IP address network segment only for dual homed access ring or the aggregation node of same convergence ring, and not across dual homed access ring or aggregation node;
In the IP address that described IP address network segment divides, subnet number is 12bit, main frame is numbered 4bit.
Concrete, the IP address that described dispensing unit 74 carries out the division of IP address network segment by dual homed access ring and/or aggregation node adopts 28bit mask, comprising subnet number and main frame numbering be respectively 12bit and 4bit.
Described dual homed access ring or aggregation node comprise: the base station number of management is less than or equal to 11 being greater than 11 with the base station number of management and being less than or equal to 22;
Dispensing unit 74 is when carrying out IP address network segment and dividing, there are two class dual homed access ring or aggregation nodes, the base station number that one class dual homed access ring or aggregation node self manage is less than or equal to 11, and distribution IP address network segment is given this kind of dual homed access ring or aggregation node by dispensing unit 74; The base station number that another kind of dual homed access ring or aggregation node self manage is greater than 11 and is less than or equal to 22, and distribution two IP address network segments are given this kind of dual homed access ring or aggregation node by dispensing unit 74.
Further, described detecting unit 72, the IP address network segment that the route also recovering to cause for detecting described breakpoint can reach;
Accordingly, described switch unit 73, also for when IP address network segment route can reach, starts VPN FRR protection, by described protection tunnel by service switchback.
In actual applications, unit 71 is set up in tunnel, detecting unit 72, switch unit 73, dispensing unit 74 are arranged in bridging nodes, can be realized by the central processing unit (CPU) in bridging nodes, microprocessor (MPU), digital signal processor (DSP) or field programmable gate array (FPGA).
The above, be only preferred embodiment of the present invention, be not intended to limit protection scope of the present invention.
Claims (10)
1. two layers of method coordinating to switch with Layer3 Virtual Private Network in a bridging device, it is characterized in that, between the main bridging nodes and its bridging nodes for subsequent use of two layers and Layer3 Virtual Private Network, set up the tunnel carrying Layer3 Virtual Private Network L3VPN business, and set up protection tunnel at L3VPN by shellring net; Described method also comprises:
When breakpoint appears in the link on the convergence ring hung under the main bridging nodes of two layers and Layer3 Virtual Private Network and between main bridging nodes and its bridging nodes for subsequent use, detect the inaccessible IP address network segment of route that described breakpoint causes;
Main bridging nodes starts Quickly regroup VPN FRR and switches, and switches the business to described bridging nodes for subsequent use by described protection tunnel.
2. method according to claim 1, it is characterized in that, the primary route that described main bridging nodes startup VPN FRR switches is the route through Layer 2 virtual private network L2VPN and L3VPN interface, and alternate routing is the tunnel carrying L3VPN business between main bridging nodes and bridging nodes for subsequent use;
Wherein, described tunnel is comprised the tunnel of the L3VPN business set up between main bridging nodes and its bridging nodes for subsequent use and to be set up by shellring net at L3VPN and protect tunnel; Described protection tunnel is protected described tunnel configuration APS APS 1:1.
3. method according to claim 1, is characterized in that, described IP address network segment presses dual homed access ring and/or the aggregation node division of base station;
Each described IP address network segment only for dual homed access ring or the aggregation node of same convergence ring, and not across dual homed access ring or aggregation node;
In the IP address that described IP address network segment divides, subnet number is 12bit, main frame is numbered 4bit.
4. method according to claim 3, is characterized in that, described dual homed access ring or aggregation node comprise: the base station number of management is less than or equal to 11 being greater than 11 with the base station number of management and being less than or equal to 22;
The base station number of described management is less than or equal to dual homed access ring or the corresponding IP address network segment of aggregation node of 11; The base station number of described management is greater than 11 and is less than or equal to dual homed access ring or corresponding two the IP address network segments of aggregation node of 22.
5. the method according to any one of claims 1 to 3, is characterized in that, described method also comprises:
Detect the IP address network segment that route that described breakpoint recovers to cause can reach;
Accordingly, when IP address network segment route can reach, start VPN FRR protection, by described protection tunnel by service switchback.
6. the device that in bridging device, two layers are coordinated to switch with Layer3 Virtual Private Network, is characterized in that, described device comprises tunnel and sets up unit, detecting unit, switch unit;
Unit is set up in described tunnel, for setting up the tunnel carrying L3VPN business between the main bridging nodes and its bridging nodes for subsequent use of two layers and Layer3 Virtual Private Network, and sets up protection tunnel at L3VPN by shellring net;
Described detecting unit, when breakpoint appears in the link on the convergence ring hung under the main bridging nodes at two layers and Layer3 Virtual Private Network and between main bridging nodes and its bridging nodes for subsequent use, detects the inaccessible IP address network segment of route that described breakpoint causes;
Described switch unit, switching for starting VPN FRR by main bridging nodes, switching the business to described bridging nodes for subsequent use by described protection tunnel.
7. device according to claim 6, it is characterized in that, the primary route that described main bridging nodes startup VPN FRR switches is the route through L2VPN and L3VPN interface, and alternate routing is the tunnel carrying L3VPN business between main bridging nodes and bridging nodes for subsequent use;
Wherein, described tunnel is comprised the tunnel of the L3VPN business set up between main bridging nodes and its bridging nodes for subsequent use and to be set up by shellring net at L3VPN and protect tunnel; Described protection tunnel is protected described tunnel configuration APS1:1.
8. device according to claim 6, is characterized in that, described device also comprises dispensing unit, divides IP address network segment for the dual homed access ring and/or aggregation node pressing base station;
Each described IP address network segment only for dual homed access ring or the aggregation node of same convergence ring, and not across dual homed access ring or aggregation node;
In the IP address that described IP address network segment divides, subnet number is 12bit, main frame is numbered 4bit.
9. device according to claim 8, is characterized in that, described dual homed access ring or aggregation node comprise: the base station number of management is less than or equal to 11 being greater than 11 with the base station number of management and being less than or equal to 22;
The base station number of described management is less than or equal to dual homed access ring or the corresponding IP address network segment of aggregation node of 11; The base station number of described management is greater than 11 and is less than or equal to dual homed access ring or corresponding two the IP address network segments of aggregation node of 22.
10. the device according to any one of claim 6 to 8, is characterized in that, described detecting unit, the IP address network segment that the route also recovering to cause for detecting described breakpoint can reach;
Accordingly, described switch unit, also for when IP address network segment route can reach, starts VPN FRR protection, by described protection tunnel by service switchback.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310626109.1A CN104683206A (en) | 2013-11-29 | 2013-11-29 | Method and device for coordinating and switching layer 2 and layer 3 virtual private networks in bridging apparatus |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310626109.1A CN104683206A (en) | 2013-11-29 | 2013-11-29 | Method and device for coordinating and switching layer 2 and layer 3 virtual private networks in bridging apparatus |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104683206A true CN104683206A (en) | 2015-06-03 |
Family
ID=53317827
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310626109.1A Pending CN104683206A (en) | 2013-11-29 | 2013-11-29 | Method and device for coordinating and switching layer 2 and layer 3 virtual private networks in bridging apparatus |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104683206A (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106817302A (en) * | 2015-12-01 | 2017-06-09 | 中国移动通信集团内蒙古有限公司 | It is a kind of to realize two layers of method and device for coordinating to switch with Layer3 Virtual Private Network |
| CN107276792A (en) * | 2017-05-27 | 2017-10-20 | 中国移动通信集团江苏有限公司 | Synthesized gateway disaster recovery method, device, equipment and computer-readable recording medium |
| CN107277187A (en) * | 2017-06-07 | 2017-10-20 | 烽火通信科技股份有限公司 | The system and method for ARP Hot Spare Fast synchronizations |
| WO2018054335A1 (en) * | 2016-09-21 | 2018-03-29 | 中兴通讯股份有限公司 | Method and device for implementing layers two and three service bridging and ptn equipment |
| CN108023800A (en) * | 2016-11-03 | 2018-05-11 | 中国移动通信集团广东有限公司 | A kind of guard method of LTE bearer networks and device |
| CN108234200A (en) * | 2017-12-21 | 2018-06-29 | 中国联合网络通信集团有限公司 | Communication processing method and device based on access ring |
| CN109995635A (en) * | 2017-12-29 | 2019-07-09 | 中国移动通信集团上海有限公司 | PTN group-network construction based on 5G bearer network |
| CN110572317A (en) * | 2019-07-16 | 2019-12-13 | 烽火通信科技股份有限公司 | Method and system for realizing dynamic ARP hot backup in telecommunication network |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101800774A (en) * | 2010-02-04 | 2010-08-11 | 中兴通讯股份有限公司 | Environmental-friendly accessing method and environmental-friendly accessing network |
| WO2011110029A1 (en) * | 2010-03-11 | 2011-09-15 | 中兴通讯股份有限公司 | Method and system for host route reachability in packet transport network access ring |
| CN102572905A (en) * | 2012-01-09 | 2012-07-11 | 中兴通讯股份有限公司 | Dual-homing protection switching method and system |
| CN104135418A (en) * | 2013-05-03 | 2014-11-05 | 中国移动通信集团内蒙古有限公司 | Method and device of implementing coordinated switching of layer 2 virtual private network and layer 3 virtual private network |
-
2013
- 2013-11-29 CN CN201310626109.1A patent/CN104683206A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101800774A (en) * | 2010-02-04 | 2010-08-11 | 中兴通讯股份有限公司 | Environmental-friendly accessing method and environmental-friendly accessing network |
| WO2011110029A1 (en) * | 2010-03-11 | 2011-09-15 | 中兴通讯股份有限公司 | Method and system for host route reachability in packet transport network access ring |
| CN102572905A (en) * | 2012-01-09 | 2012-07-11 | 中兴通讯股份有限公司 | Dual-homing protection switching method and system |
| CN104135418A (en) * | 2013-05-03 | 2014-11-05 | 中国移动通信集团内蒙古有限公司 | Method and device of implementing coordinated switching of layer 2 virtual private network and layer 3 virtual private network |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106817302B (en) * | 2015-12-01 | 2020-02-21 | 中国移动通信集团内蒙古有限公司 | Method and device for realizing coordination switching between two-layer virtual private network and three-layer virtual private network |
| CN106817302A (en) * | 2015-12-01 | 2017-06-09 | 中国移动通信集团内蒙古有限公司 | It is a kind of to realize two layers of method and device for coordinating to switch with Layer3 Virtual Private Network |
| WO2018054335A1 (en) * | 2016-09-21 | 2018-03-29 | 中兴通讯股份有限公司 | Method and device for implementing layers two and three service bridging and ptn equipment |
| CN108023800A (en) * | 2016-11-03 | 2018-05-11 | 中国移动通信集团广东有限公司 | A kind of guard method of LTE bearer networks and device |
| CN107276792A (en) * | 2017-05-27 | 2017-10-20 | 中国移动通信集团江苏有限公司 | Synthesized gateway disaster recovery method, device, equipment and computer-readable recording medium |
| CN107276792B (en) * | 2017-05-27 | 2020-06-12 | 中国移动通信集团江苏有限公司 | Integrated gateway disaster tolerance method, device, equipment and computer readable storage medium |
| CN107277187A (en) * | 2017-06-07 | 2017-10-20 | 烽火通信科技股份有限公司 | The system and method for ARP Hot Spare Fast synchronizations |
| CN107277187B (en) * | 2017-06-07 | 2019-09-06 | 烽火通信科技股份有限公司 | The system and method for ARP warm back-up Fast synchronization |
| CN108234200A (en) * | 2017-12-21 | 2018-06-29 | 中国联合网络通信集团有限公司 | Communication processing method and device based on access ring |
| CN108234200B (en) * | 2017-12-21 | 2019-08-27 | 中国联合网络通信集团有限公司 | Communication processing method and device based on access ring |
| CN109995635A (en) * | 2017-12-29 | 2019-07-09 | 中国移动通信集团上海有限公司 | PTN group-network construction based on 5G bearer network |
| CN110572317A (en) * | 2019-07-16 | 2019-12-13 | 烽火通信科技股份有限公司 | Method and system for realizing dynamic ARP hot backup in telecommunication network |
| CN110572317B (en) * | 2019-07-16 | 2022-04-08 | 烽火通信科技股份有限公司 | Method and system for realizing dynamic ARP hot backup in telecommunication network |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104135418B (en) | It is a kind of to realize two layers of method and device for coordinating to switch with Layer3 Virtual Private Network | |
| CN104683206A (en) | Method and device for coordinating and switching layer 2 and layer 3 virtual private networks in bridging apparatus | |
| EP2498454B1 (en) | Method, device and system for processing service traffic based on pseudo wires | |
| CN104270298B (en) | Message forwarding method and device in a kind of VXLAN networks | |
| CN107819677B (en) | Message forwarding method and device | |
| CN102571426B (en) | Double-homing protection method and device | |
| CN105379197B (en) | It establishes the method in tunnel, distribute method, equipment and the network system of label | |
| CN104205748B (en) | Has redundancy between the frame of coordinated traffic direction | |
| CN102664788B (en) | CE dual-homed link protection method in MPLS L3VPN and system thereof | |
| CN102638389B (en) | The redundancy backup method and system of a kind of TRILL network | |
| EP2364539B1 (en) | A system and method of implementing lightweight not-via ip fast reroutes in a telecommunications network | |
| CN108574616A (en) | A kind of method, equipment and the system of processing routing | |
| JP4526423B2 (en) | Ring connection method and apparatus | |
| EP3255840B1 (en) | Label distribution method and device | |
| CN105915400A (en) | Data stream switching method and system | |
| CN101374075A (en) | Method, apparatus and system for protecting multicast source | |
| WO2016034127A1 (en) | System and method for achieving dual-node interconnection pseudo-wire | |
| WO2012171378A1 (en) | Method and router for preventing flow interruption caused by failover from vpls to l3 | |
| CN105490937B (en) | Ether virtual network gateway switching method and service provider's edge node devices | |
| CN108337161A (en) | Method for smoothly switching M L AG interface fault three-layer data flow | |
| CN100446476C (en) | Method and apparatus for communicating network trouble dtecting result | |
| WO2012146097A1 (en) | Vpls network and ethernet ring switching method and device | |
| CN105227458B (en) | The route computing method and device of TRILL ISIS | |
| CN104702431B (en) | A kind of method and device of Virtual Private Network double break protection | |
| CN104702498B (en) | A kind of method and device reducing equipment room light connects quantity by harmonious protection |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20150603 |
|
| RJ01 | Rejection of invention patent application after publication |