CN104702431A - Double-breakage protection method and double-breakage protection device for virtual private network - Google Patents
Double-breakage protection method and double-breakage protection device for virtual private network Download PDFInfo
- Publication number
- CN104702431A CN104702431A CN201310684476.7A CN201310684476A CN104702431A CN 104702431 A CN104702431 A CN 104702431A CN 201310684476 A CN201310684476 A CN 201310684476A CN 104702431 A CN104702431 A CN 104702431A
- Authority
- CN
- China
- Prior art keywords
- bridging nodes
- route
- breakpoint
- network segment
- layers
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
The invention discloses a double-breakage protection method for a virtual private network. The double-breakage protection method comprises the following steps of detecting a routing unreachable network section caused by breakage points when a first breakage point appears on space between an upper-layer backbone node and a bridging node of a layer-2 virtual private network and a layer-3 virtual private network and a second breakage point appears on a link between the bridging node and a standby bridging node; inserting a warning instruction in a business pseudo wire (PW) in the layer-2 virtual private network through the bridging node by using a bridging configuration relation if routing of a network section corresponding to an interface of the bridging node is unreachable due to the first breakage point and the second breakage point; starting PW double-returning switching after the PW receives the warning instruction; and switching the business of the L2VPN to the standby bridging node. The invention also discloses a double-breakage protection device for the virtual private network. By the double-breakage protection and the double-breakage protection device for the virtual private network, the L2VPN can sense change of the inside of the L3VPN (layer-3 virtual private network), a VPN double-breakage protection mechanism is established, service interruption is avoided, normal service can be guaranteed, and the performance of a system is improved.
Description
Technical field
The present invention relates to the network switching technique of the communications field, particularly relate to method and the device of the protection of a kind of Virtual Private Network double break.
Background technology
Existing Packet Transport Network (PTN, Packet Transport Network) framework is generally made up of key ring, convergence ring and access ring or access chain, and wherein, key ring is the circulus be composed in series by several backbone nodes; Converging ring is the circulus be composed in series by least one backbone node be positioned on same key ring and several aggregation nodes; Access ring is the circulus be composed in series by a backbone node or one or two aggregation node and several access nodes, and access ring is divided into again dual homed access ring and single aggregation node access ring usually; Access chain is the chain structure be composed in series by the access node on a backbone node or an aggregation node or an access ring and several access nodes.
When adopting PTN to carry 3GPP Long Term Evolution (LTE, Long Term Evolution) business, the common a kind of networking topology of PTN network is the group network topological structure of pair first line of a couplet form, as shown in Figure 1.In the two first line of a couplet networking topologys shown in Fig. 1; usual meeting configures Layer3 Virtual Private Network (L3VPN in core layer PTN device and key convergence device; Layer3Virtual Private Network); cut-in convergent layer configures two layer virtual private network (L2VPN; Layer2Virtual Private Network), adopt the mode of L2VPN+L3VPN to carry out carrying and the scheduling of LTE business.
The equipment being positioned at L2VPN and L3VPN network boundary is called as two layers and three layers of (L2L3) bridging nodes, i.e. backbone node, the L3 virtual interface of L2 virtual interface and the IP network sector address for configurating base station is provided with in the inside of L2L3 bridging nodes, therefore, L2L3 bridging nodes can set up the bridge joint relation of L2 virtual interface and L3 virtual interface, and then the forwarding of the business that realizes between L2VPN and L3VPN.
In order to when L2L3 bridging nodes fault, the protection of business can be realized, usually can adopt two extension forms as shown in Figure 1.In L2VPN network, adopt pseudo-line (PW, Pseudo Wire) dual-homing protection, the dual homed node edge router (PE that PW dual-homing protection is corresponding, Provider Edge) PE3/PE4, PE5/PE6, PE7/PE8 separately forming surface protect to the active/standby gateway Virtual Router Redundancy Protocol (VRRP, Virtual Router Redundancy Protocol) of evolved base station (e-NodeB), wherein, e-NodeB represents with eNB-n, and n is integer; Simultaneously; at L3VPN internal configurations Quickly regroup (VPN FRR; Fast ReRoute) protection; to all Virtual Private Network routing forwarding (VRF; VPN Routing & Forwarding) route all configures active and standby down hop PE node, the fault detect between PE node, adopts label switched path (LSP; Label Switching Path) operation management maintain (OAM, the OperationAdministration and Maintenance) functional realiey of layer.
Carry in LTE business networking resist technology at existing PTN; lack the joint-action mechanism of L2VPN and L3VPN protection; as shown in Figure 2; when there is fault as shown in Figure 2, owing to occurring in L3VPN network that double break causes downlink business to be sent to PE4, but; switch to the business of main bridging nodes PE3 in L2VPN network; still uplink service is sent to PE3 in L2VPN network, like this, the interruption of business will be caused.
Summary of the invention
In view of this, a kind of method that the embodiment of the present invention is expected to provide Virtual Private Network double break to protect and device, can realize the interlock of L2VPN and L3VPN protection, ensures normally carrying out of business.
For achieving the above object, the technical scheme of the embodiment of the present invention is achieved in that
Embodiments provide the method for a kind of Virtual Private Network double break protection, described method comprises:
Between the bridging nodes and upper strata backbone node of two layers and Layer3 Virtual Private Network, there is the first breakpoint, and when the second breakpoint appears in the link between described bridging nodes and its bridging nodes for subsequent use, detect the unreachable network segment of route that described breakpoint causes;
When described first breakpoint and the second breakpoint cause the route of the network segment that described bridging nodes interface is corresponding unreachable, described bridging nodes utilizes bridge configuration relation, inserts alarm instruction to the business PW in L2VPN;
After described PW receives alarm instruction, start PW dual homed and switch, L2VPN business is switched to bridging nodes for subsequent use.
In such scheme, the unreachable network segment of route that the described breakpoint of described detection causes is: the state detecting L3VPN LSP corresponding to described bridging nodes three layer interface;
The route of the network segment that described bridging nodes is corresponding is unreachable is: all L3VPN LSP that described bridging nodes three layer interface is corresponding all lost efficacy.
In such scheme, the described business PW in L2VPN inserts alarm and is designated as: what alarm instruction was inserted into described bridging nodes by described bridging nodes has in two layers of virtual interface of bridge joint relation with three layers of virtual interface, is inserted into corresponding PW by described two layers of virtual interface.
In such scheme, described method also comprises:
Detect that the route that described first breakpoint recovers and/or described second breakpoint recovers to cause can reach the network segment;
Detection route can reach the network segment and be: the state detecting L3VPN label switching path LSP corresponding to described bridging nodes three layer interface;
When the network segment route detecting that described breakpoint recovers to cause described bridging nodes corresponding can reach, stop inserting alarm instruction to the business PW in L2VPN;
The route of the network segment that described bridging nodes is corresponding can reach for: the p bar (1≤p≤2N) in 2N bar three layers of LSP that described bridging nodes three layer interface is corresponding recovers normal, then the route of the IP address network segment that described three layers of virtual interface are corresponding can reach from unreachable becoming.
Start PW dual homed to switch, by L2VPN service switchback.
The embodiment of the present invention additionally provides the device of a kind of Virtual Private Network double break protection, and described device comprises detecting unit, Alarm Unit, switch unit;
Described detecting unit, for there is the first breakpoint between the bridging nodes and upper strata backbone node of two layers and Layer3 Virtual Private Network, and the link between described bridging nodes and its bridging nodes for subsequent use is when occurring the second breakpoint, detect the unreachable network segment of route that described breakpoint causes;
Described Alarm Unit, for when the route of the network segment that described first breakpoint and the second breakpoint cause described bridging nodes corresponding is unreachable, described bridging nodes utilizes bridge configuration relation, inserts alarm instruction to the business PW in L2VPN;
Described switch unit, for receive alarm instruction at described PW after, starts PW dual homed and switches, L2VPN business is switched to bridging nodes for subsequent use.
In such scheme, described detecting unit detects the unreachable network segment of route that described breakpoint causes and is: the state detecting L3VPN LSP corresponding to described bridging nodes three layer interface;
The route of the network segment that described bridging nodes is corresponding is unreachable is: all L3VPN LSP that described bridging nodes three layer interface is corresponding all lost efficacy.
In such scheme, described Alarm Unit inserts alarm to the business PW in L2VPN and is designated as: what alarm instruction was inserted into described bridging nodes by Alarm Unit has in two layers of virtual interface of bridge joint relation with three layers of virtual interface, is inserted into corresponding PW by described two layers of virtual interface.
In such scheme, when described detecting unit is also for detecting that the route that described first breakpoint recovers and/or described second breakpoint recovers to cause can reach the network segment;
Detection route can reach the network segment and be: the state detecting L3VPN label switching path LSP corresponding to described bridging nodes three layer interface;
Described Alarm Unit, time also for reaching when the network segment route detecting that described breakpoint recovers to cause described bridging nodes corresponding, stops inserting alarm instruction to the business PW in L2VPN;
The route of the network segment that described bridging nodes is corresponding can reach for the p bar (1≤p≤2N) in 2N bar three layers of LSP corresponding to certain three layers of virtual interface of: the L3VPN that described bridging nodes three layer interface is corresponding recovers normal, then the route of the IP address network segment that described three layers of virtual interface are corresponding can reach from unreachable becoming.
Described switch unit, also switches, by L2VPN service switchback for starting PW dual homed.
The method of Virtual Private Network double break protection that what the embodiment of the present invention provided realize and device, the first breakpoint is there is between the bridging nodes and upper strata backbone node of two layers and Layer3 Virtual Private Network, and when there is the second breakpoint in the link between described bridging nodes and its bridging nodes for subsequent use, the fault of MPLS-OAM technology for detection LSP is adopted in L2L3 bridging nodes, when described first breakpoint and the second breakpoint cause the route of the network segment that described bridging nodes interface is corresponding unreachable, described bridging nodes utilizes bridge configuration relation to insert alarm instruction to the business PW in L2VPN, after described PW receives alarm instruction, start PW dual homed and switch, L2VPN business is switched to bridging nodes for subsequent use.So, the present invention can make L2VPN perceive the change occurred in L3VPN network in time, thus sets up the interlock double break protection mechanism of L3VPN protection, the service disconnection phenomenon existed to avoid prior art, ensures normally carrying out of business, improves the performance of system.
Accompanying drawing explanation
Fig. 1 is a kind of networking topological diagram of two first line of a couplet forms of existing PTN network;
Fig. 2 is the networking topological diagram that many places fault occurs Virtual Private Network;
Fig. 3 is the embodiment of the present invention one Virtual Private Network double break guard method realization flow schematic diagram;
Fig. 4 is the embodiment of the present invention two Virtual Private Network double break guard method realization flow schematic diagram;
Fig. 5 is embodiment of the present invention Virtual Private Network double break protective device composition structural representation.
Embodiment
In embodiments of the present invention, between the bridging nodes and upper strata backbone node of two layers and Layer3 Virtual Private Network and occur breakpoint between described bridging nodes and its bridging nodes for subsequent use, when causing the route of the network segment that described bridging nodes interface is corresponding unreachable, according to bridge configuration relation, insert alarm instruction to the business PW in L2VPN; After PW receives alarm instruction, start PW dual homed and switch, L2VPN business is switched to bridging nodes for subsequent use.
Fault detect between L3VPN node, adopts multiprotocol label switching operation management maintain (Multi-Protocol Label Switching Operation Administration and Maintenance) the MPLS-OAM functional realiey of LSP layer;
The unreachable network segment of route that the described breakpoint of described detection causes is: the state detecting L3VPN label switching path LSP corresponding to described bridging nodes three layer interface; Describedly detect that the route of the network segment that bridging nodes interface is corresponding is unreachable and be: detect that the LSP of all L3VPN that described bridging nodes three layer interface is corresponding all lost efficacy.
Bridge joint relation according to the bridging nodes of L3VPN configures, generally there is 2N(N is three layers of PE nodes) bar LSP, the fault of this 2N bar of MPLS-OAM technology for detection LSP is adopted at L3VPN node, if the 2N bar LSP that certain L3VPN bridging nodes interface is corresponding all lost efficacy, then judged that the route of the network segment that L3VPN bridging nodes is corresponding was unreachable.
The described business PW in L2VPN inserts alarm and is designated as: what alarm instruction was inserted into described bridging nodes by described bridging nodes has in two layers of virtual interface of bridge joint relation with three layers of virtual interface, corresponding PW is inserted into, concerning the alarm producing client side signal PW and lost efficacy by described two layers of virtual interface.
Described alarm instruction, can include but not limited to user signal failure alarm.
After PW receives alarm instruction, start PW dual homed and switch, L2VPN business is switched to bridging nodes for subsequent use.
After PW dual homed switches startup, described bridging nodes still adopts the fault recovery situation of this 2N bar of MPLS-OAM technology for detection LSP, when detecting that the p bar (1≤p≤2N) in the 2N bar LSP that former route certain L3VPN bridging nodes interface inaccessible is corresponding recovers normal, then the route of the network segment that described L3VPN bridging nodes interface is corresponding can reach from unreachable becoming; When detecting that described breakpoint recovers to cause network segment route corresponding to described bridging nodes interface to reach, stop inserting alarm instruction to the related service PW of L2VPN; Described PW, when not receiving alarm instruction, starts PW dual homed and switches, by L2VPN service switchback.
Fig. 3 is the embodiment of the present invention one Virtual Private Network double break guard method schematic flow sheet, and as shown in Figure 3, the present invention realizes the method for Virtual Private Network double break protection, comprises the following steps:
Step 301: occur the first breakpoint between the bridging nodes and upper strata backbone node of two layers and Layer3 Virtual Private Network, and the link between described bridging nodes and its bridging nodes for subsequent use is when occurring the second breakpoint, detect the unreachable network segment of route that described breakpoint causes;
Wherein, the fault detect between PE node, adopts the MPLS-OAM functional realiey of LSP layer.The unreachable network segment of route that the described breakpoint of described detection causes is: the state detecting L3VPN label switching path LSP corresponding to described bridging nodes three layer interface.
Step 302: when described first breakpoint and the second breakpoint cause the route of the network segment that described bridging nodes interface is corresponding unreachable, described bridging nodes utilizes bridge configuration relation, inserts alarm instruction to the business PW in L2VPN;
The route of the network segment that described bridging nodes interface is corresponding is unreachable is: the LSP of all L3VPN that described bridging nodes three layer interface is corresponding all lost efficacy.Here, bridge joint relation according to the bridging nodes of L3VPN configures, generally there is 2N(N is three layers of PE nodes) bar LSP, the fault of this 2N bar of MPLS-OAM technology for detection LSP is adopted at L3VPN node, if the 2N bar LSP that certain L3VPN bridging nodes three layer interface is corresponding all lost efficacy, then judged that the route of the network segment that this L3VPN bridging nodes interface is corresponding was unreachable.
Here, then when detecting that the route of the network segment that described breakpoint causes described bridging nodes corresponding is unreachable, to having in two layers of virtual interface of bridge joint relation with three layers of virtual interface, insertion alarm indicates, corresponding PW is inserted into, concerning the alarm producing client side signal PW and lost efficacy by described two layers of virtual interface.
Wherein, described alarm instruction, can include but not limited to user signal failure alarm.
Step 303: after described PW receives alarm instruction, starts PW dual homed and switches, L2VPN business is switched to bridging nodes for subsequent use.
Here, describedly L2VPN business is switched to bridging nodes for subsequent use is specially: trigger PW dual homed and switch, the uplink service of L2VPN is mail to trouble-free bridging nodes for subsequent use.
Further, the method for the embodiment of the present invention also comprises:
When the first breakpoint between the bridging nodes and upper strata backbone node of two layers and Layer3 Virtual Private Network recovers and/or the second breakpoint of link between described bridging nodes and its bridging nodes for subsequent use recovers, detect the network segment that described first breakpoint recovers and/or described second breakpoint recovers to cause route can reach;
Detection route can reach the network segment and be: the state detecting L3VPN label switching path LSP corresponding to described bridging nodes three layer interface;
Accordingly, when the network segment route detecting that described breakpoint recovers to cause described bridging nodes corresponding can reach, stop inserting alarm instruction to the business PW in L2VPN.
Here, the route of the described network segment can reach and refer to: if the p bar (1≤p≤2N) in 2N bar LSP corresponding to former route certain L3VPN bridging nodes three layer interface inaccessible recovers normal, then the route of the IP address network segment that described three layers of virtual interface are corresponding can reach from unreachable becoming.
Described stopping is inserted alarm instruction to the business PW in L2VPN and is specially: described bridging nodes no longer alarm instruction is inserted into described bridging nodes and three layers of virtual interface have in two layers of virtual interface of bridge joint relation, corresponding, concerning the alarm no longer producing client side signal PW and lost efficacy.
Accordingly, described PW, when not receiving alarm instruction, starts PW dual homed and switches, by L2VPN service switchback.
Here, described protection switchback refers to: when detecting that the route of the corresponding network segment can reach, and triggers PW dual homed and switches, the uplink service of L2VPN is switched back main bridging nodes.
Fig. 4 is the method flow schematic diagram that the embodiment of the present invention two realizes the protection of Virtual Private Network double break; As shown in Figure 4, the method for described Virtual Private Network double break protection comprises the following steps:
Step 401: judge whether the breakpoint of the breakpoint between the bridging nodes of two layers and Layer3 Virtual Private Network and upper strata backbone node and the link between described bridging nodes and its bridging nodes for subsequent use changes; When breakpoint produces, perform step 402; When breakpoint recovers, perform step 405;
Fault detect between PE node, adopts the MPLS-OAM functional realiey of LSP layer.The breakpoint of the breakpoint between the bridging nodes of described two layers and Layer3 Virtual Private Network and upper strata backbone node and the link between described bridging nodes and its bridging nodes for subsequent use change into: former unimpeded link produces breakpoint, or the former link that there is breakpoint recovers to cause link-recovery unimpeded due to breakpoint.
Step 402: detect described breakpoint and whether cause the network segment route that L3VPN bridging nodes interface is corresponding unreachable; When the network segment route detecting that L3VPN bridging nodes interface is corresponding is unreachable, perform step 403, otherwise, perform step 401;
Detect described breakpoint and whether cause that the network segment route of L3VPN is unreachable is: the state detecting L3VPN label switching path LSP corresponding to described bridging nodes three layer interface; The route of the network segment of the corresponding L3VPN of described bridging nodes is unreachable is: the LSP of all L3VPN that described bridging nodes three layer interface is corresponding all lost efficacy.
Here, bridge joint relation according to the bridging nodes of L3VPN configures, generally there is 2N(N is three layers of PE nodes) bar LSP, the fault of this 2N bar of MPLS-OAM technology for detection LSP is adopted at L3VPN node, if the 2N bar LSP that certain L3VPN bridging nodes three layer interface is corresponding all lost efficacy, then judged that the route of the network segment that this L3VPN bridging nodes interface is corresponding was unreachable.
Step 403: described bridging nodes utilizes bridge configuration relation, inserts alarm instruction to the business PW in L2VPN;
Concrete: alarm instruction is inserted into described bridging nodes with three layers of virtual interface have in two layers of virtual interface of bridge joint relation by described bridging nodes, is inserted into corresponding PW by described two layers of virtual interface, concerning the alarm producing client side signal inefficacy PW.
Wherein, described alarm instruction, can include but not limited to user signal failure alarm.
Step 404: after described PW receives alarm instruction, starts PW dual homed and switches, L2VPN business is switched to bridging nodes for subsequent use.This flow process terminates.
Here, describedly L2VPN business is switched to bridging nodes for subsequent use is specially: trigger PW dual homed and switch, the uplink service of L2VPN is mail to trouble-free bridging nodes for subsequent use.
Step 405: detect described first breakpoint recover and/or described second breakpoint recover whether cause the route of the network segment corresponding to L3VPN bridging nodes interface to reach; When the network segment route detecting that L3VPN bridging nodes interface is corresponding can reach, perform step 406, otherwise, perform step 401;
Detect described breakpoint to recover whether to cause the route of the network segment corresponding to L3VPN bridging nodes interface can reach for the state that detects L3VPN LSP corresponding to described bridging nodes three layer interface; The route of the network segment of the corresponding L3VPN of described bridging nodes interface can reach for: if the p bar (1≤p≤2N) in 2N bar LSP corresponding to former route inaccessible L3VPN bridging nodes recovers normal, then the route of the network segment that described L3VPN bridging nodes is corresponding can reach from unreachable becoming.
Step 406: described bridging nodes utilizes bridge configuration relation, stops inserting alarm instruction to the business PW in L2VPN; Be specially: alarm instruction is no longer inserted into described bridging nodes and three layers of virtual interface have in two layers of virtual interface of bridge joint relation by described bridging nodes, corresponding, concerning the alarm no longer producing client side signal inefficacy PW.
Step 407: described PW, when not receiving alarm instruction, starts PW dual homed and switches, by L2VPN service switchback;
Here, described service switchback refers to: when detecting that the route of the network segment that described bridging nodes interface is corresponding can reach, and triggers PW dual homed and switches, the uplink service of L2VPN is switched back main bridging nodes.
The embodiment of the present invention additionally provides the device of a kind of Virtual Private Network double break protection, and as shown in Figure 5, the present invention realizes the device of Virtual Private Network double break, comprises detecting unit 51, Alarm Unit 52, switch unit 53.
Described detecting unit 51, for there is the first breakpoint between the bridging nodes and upper strata backbone node of two layers and Layer3 Virtual Private Network, and the link between described bridging nodes and its bridging nodes for subsequent use is when occurring the second breakpoint, detect the unreachable network segment of route that described breakpoint causes;
Wherein, the fault detect between PE node, adopts the MPLS-OAM functional realiey of LSP layer.Described detecting unit 51 detects the unreachable network segment of route that described breakpoint causes: the state detecting L3VPN label switching path LSP corresponding to described bridging nodes three layer interface.
Described Alarm Unit 52, for when the route of the network segment that described first breakpoint and the second breakpoint cause described bridging nodes corresponding is unreachable, utilizes bridge configuration relation, inserts alarm instruction to the business PW in L2VPN;
The route of the network segment that described bridging nodes is corresponding is unreachable is: the LSP of all L3VPN that described bridging nodes three layer interface is corresponding all lost efficacy.Here, bridge joint relation according to the bridging nodes of L3VPN configures, generally there is 2N(N is three layers of PE nodes) bar LSP, the fault of this 2N bar of MPLS-OAM technology for detection LSP is adopted at L3VPN node, if the 2N bar LSP that certain L3VPN bridging nodes three layer interface is corresponding all lost efficacy, then judged that the route of the network segment that this L3VPN bridging nodes interface is corresponding was unreachable.
Concrete: alarm instruction is inserted into described bridging nodes with three layers of virtual interface have in two layers of virtual interface of bridge joint relation by Alarm Unit 52, is inserted into corresponding PW by described two layers of virtual interface, concerning the alarm producing client side signal inefficacy PW.
Wherein, described alarm instruction, can include but not limited to user signal failure alarm.
Described switch unit 53, for receive alarm instruction at described PW after, starts PW dual homed and switches, L2VPN business is switched to bridging nodes for subsequent use;
Here, describedly L2VPN business is switched to bridging nodes for subsequent use is specially: trigger PW dual homed and switch, the uplink service of L2VPN is mail to trouble-free bridging nodes for subsequent use.
Further, the related service of L2VPN also for when described breakpoint recovers, is switched back main bridging nodes by described Virtual Private Network double break protective device, concrete:
Described detecting unit 51, also recover for the first breakpoint between the bridging nodes and upper strata backbone node of two layers and Layer3 Virtual Private Network and/or the second breakpoint of link between described bridging nodes and its bridging nodes for subsequent use recovers time, detect the network segment that described first breakpoint recovers and/or described second breakpoint recovers to cause route can reach;
Here, the route of the described network segment can reach and refer to: if the p bar (1≤p≤2N) in 2N bar LSP corresponding to former route certain L3VPN bridging nodes three layer interface inaccessible recovers normal, then the route of the network segment that described L3VPN bridging nodes interface is corresponding can reach from unreachable becoming.
Described Alarm Unit 52, time also for reaching when the network segment route detecting that described breakpoint recovers to cause described bridging nodes corresponding, stops inserting alarm instruction to the business PW in L2VPN;
Concrete, alarm instruction is no longer inserted into described bridging nodes with three layers of virtual interface have in two layers of virtual interface of bridge joint relation by described Alarm Unit 52, corresponding, concerning the alarm no longer producing client side signal inefficacy PW.
Described switch unit 53, also at described PW when not receiving alarm instruction, start PW dual homed and switch, by L2VPN service switchback.
Here, described protection switchback refers to: when detecting that the route of the corresponding network segment can reach, and triggers PW dual homed and switches, the uplink service of L2VPN is switched back main bridging nodes.
The practical function of each processing unit in the device of the Virtual Private Network double break protection shown in Fig. 5, can refer to the associated description of the method for aforementioned virtual private network double break protection and understands.Those skilled in the art are to be understood that, in the device of the Virtual Private Network double break protection shown in Fig. 5, the function of each processing unit realizes by the program run on processor, also realize by concrete logical circuit, such as: can realize by being positioned at the central processing unit (CPU) of bridging nodes, microprocessor (MPU), digital signal processor (DSP) or field programmable gate array (FPGA); Described memory cell also can be realized by various memory or storage medium.
In several embodiment provided by the present invention, should be understood that, disclosed method and apparatus, can realize in other way.Device embodiment described above is only schematic, such as, the division of described unit, be only a kind of logic function to divide, actual can have other dividing mode when realizing, and as: multiple unit or assembly can be in conjunction with, maybe can be integrated into another system, or some features can be ignored, or do not perform.In addition, the communication connection each other of shown or discussed each part can be by some interfaces, the indirect coupling of equipment or module or communication connection, can be electrical, machinery or other forms of.
The above-mentioned unit illustrated as separating component or can may not be and physically separates, and the parts as unit display can be or may not be physical module, namely can be positioned at a place, also can be distributed on multiple mixed-media network modules mixed-media; Part or all of unit wherein can be selected according to the actual needs to realize the object of the present embodiment scheme.
In addition, each functional unit in various embodiments of the present invention can all be integrated in a processing unit, also can be each unit individually as a unit, also can two or more unit in a unit integrated; Above-mentioned integrated unit both can adopt the form of hardware to realize, and the form that hardware also can be adopted to add SFU software functional unit realizes.
One of ordinary skill in the art will appreciate that: all or part of step realizing said method embodiment can have been come by the hardware that program command is relevant, aforesaid program can be stored in computer read/write memory medium, this program, when performing, performs the step comprising said method embodiment; And aforesaid storage medium comprises: movable storage device, read-only memory (ROM, Read-Only Memory), magnetic disc or CD etc. various can be program code stored medium.
Or, if the above-mentioned integrated unit of the embodiment of the present invention using the form of software function module realize and as independently production marketing or use time, also can be stored in a computer read/write memory medium.Based on such understanding, the technical scheme of the embodiment of the present invention can embody with the form of software product the part that prior art contributes in essence in other words, this computer software product is stored in a storage medium, comprises some instructions and performs all or part of of method described in each embodiment of the present invention in order to make a computer equipment (can be personal computer, server or the network equipment etc.).And aforesaid storage medium comprises: movable storage device, ROM, magnetic disc or CD etc. various can be program code stored medium.
The present invention be the Virtual Private Network double break guard method recorded in example and device only for L2VPN and L3VPN, but be not limited only to this, as long as relate to this Virtual Private Network double break guard method and device all in protection scope of the present invention.
The above, be only preferred embodiment of the present invention, be not intended to limit protection scope of the present invention.
Claims (8)
1. a method for Virtual Private Network double break protection, it is characterized in that, described method comprises:
Between the bridging nodes and upper strata backbone node of two layers and Layer3 Virtual Private Network, there is the first breakpoint, and when the second breakpoint appears in the link between described bridging nodes and its bridging nodes for subsequent use, detect the unreachable network segment of route that described breakpoint causes;
When described first breakpoint and the second breakpoint cause the route of the network segment that described bridging nodes interface is corresponding unreachable, described bridging nodes utilizes bridge configuration relation, inserts alarm instruction to the pseudo-line PW of the business in Layer 2 virtual private network L2VPN;
After described PW receives alarm instruction, start PW dual homed and switch, L2VPN business is switched to bridging nodes for subsequent use.
2. method according to claim 1, it is characterized in that, the unreachable network segment of route that the described breakpoint of described detection causes is: the state detecting Layer3 Virtual Private Network L3VPN label switching path LSP corresponding to described bridging nodes three layer interface;
The route of the network segment that described bridging nodes is corresponding is unreachable is: all L3VPN LSP that described bridging nodes three layer interface is corresponding all lost efficacy.
3. method according to claim 1 or 2, it is characterized in that, the described business PW in L2VPN inserts alarm and is designated as: what alarm instruction was inserted into described bridging nodes by described bridging nodes has in two layers of virtual interface of bridge joint relation with three layers of virtual interface, is inserted into corresponding PW by described two layers of virtual interface.
4. method according to claim 1 or 2, is characterized in that, described method also comprises:
Detect that the route that described first breakpoint recovers and/or described second breakpoint recovers to cause can reach the network segment;
Detection route can reach the network segment and be: the state detecting L3VPN label switching path LSP corresponding to described bridging nodes three layer interface;
When the network segment route detecting that described breakpoint recovers to cause described bridging nodes corresponding can reach, stop inserting alarm instruction to the business PW in L2VPN;
The route of the network segment that described bridging nodes is corresponding can reach for: the p bar (1≤p≤2N) in 2N bar three layers of LSP that described bridging nodes three layer interface is corresponding recovers normal, then the route of the IP address network segment that described three layers of virtual interface are corresponding can reach from unreachable becoming;
Start PW dual homed to switch, by L2VPN service switchback.
5. a device for Virtual Private Network double break protection, it is characterized in that, described device comprises detecting unit, Alarm Unit, switch unit;
Described detecting unit, for there is the first breakpoint between the bridging nodes and upper strata backbone node of two layers and Layer3 Virtual Private Network, and the link between described bridging nodes and its bridging nodes for subsequent use is when occurring the second breakpoint, detect the unreachable network segment of route that described breakpoint causes;
Described Alarm Unit, for when the route of the network segment that described first breakpoint and the second breakpoint cause described bridging nodes corresponding is unreachable, described bridging nodes utilizes bridge configuration relation, inserts alarm instruction to the business PW in L2VPN;
Described switch unit, for receive alarm instruction at described PW after, starts PW dual homed and switches, L2VPN business is switched to bridging nodes for subsequent use.
6. device according to claim 4, is characterized in that, described detecting unit detects the unreachable network segment of route that described breakpoint causes and is: the state detecting L3VPN LSP corresponding to described bridging nodes three layer interface;
The route of the network segment that described bridging nodes is corresponding is unreachable is: all L3VPN LSP that described bridging nodes three layer interface is corresponding all lost efficacy.
7. the device according to claim 5 or 6, it is characterized in that, described Alarm Unit inserts alarm to the business PW in L2VPN and is designated as: what alarm instruction was inserted into described bridging nodes by Alarm Unit has in two layers of virtual interface of bridge joint relation with three layers of virtual interface, is inserted into corresponding PW by described two layers of virtual interface.
8. the device according to claim 5 or 6, is characterized in that, when described detecting unit is also for detecting that the route that described first breakpoint recovers and/or described second breakpoint recovers to cause can reach the network segment;
Detection route can reach the network segment and be: the state detecting L3VPN label switching path LSP corresponding to described bridging nodes three layer interface;
Described Alarm Unit, time also for reaching when the network segment route detecting that described breakpoint recovers to cause described bridging nodes corresponding, stops inserting alarm instruction to the business PW in L2VPN;
The route of the network segment that described bridging nodes is corresponding can reach for the p bar (1≤p≤2N) in 2N bar three layers of LSP corresponding to certain three layers of virtual interface of: the L3VPN that described bridging nodes three layer interface is corresponding recovers normal, then the route of the IP address network segment that described three layers of virtual interface are corresponding can reach from unreachable becoming;
Described switch unit, also switches, by L2VPN service switchback for starting PW dual homed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310684476.7A CN104702431B (en) | 2013-12-10 | 2013-12-10 | A kind of method and device of Virtual Private Network double break protection |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310684476.7A CN104702431B (en) | 2013-12-10 | 2013-12-10 | A kind of method and device of Virtual Private Network double break protection |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104702431A true CN104702431A (en) | 2015-06-10 |
| CN104702431B CN104702431B (en) | 2018-10-26 |
Family
ID=53349223
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310684476.7A Active CN104702431B (en) | 2013-12-10 | 2013-12-10 | A kind of method and device of Virtual Private Network double break protection |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104702431B (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016197950A1 (en) * | 2015-06-11 | 2016-12-15 | 华为技术有限公司 | Route detection method, router device and system |
| CN106604253A (en) * | 2015-10-15 | 2017-04-26 | 福建华渔未来教育科技有限公司 | Wireless networking method and system |
| CN107707429A (en) * | 2017-10-17 | 2018-02-16 | 广东睿江云计算股份有限公司 | The method and system that a kind of discovery IP routes are interrupted |
| CN110365578A (en) * | 2019-08-01 | 2019-10-22 | 新华三大数据技术有限公司 | Network interface control and link switch-over method, device, the network equipment and medium |
| CN115955688A (en) * | 2023-03-03 | 2023-04-11 | 新华三技术有限公司 | Data transmission method, system and device applied to 5G and electronic equipment |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101800774A (en) * | 2010-02-04 | 2010-08-11 | 中兴通讯股份有限公司 | Environmental-friendly accessing method and environmental-friendly accessing network |
| WO2011110029A1 (en) * | 2010-03-11 | 2011-09-15 | 中兴通讯股份有限公司 | Method and system for host route reachability in packet transport network access ring |
| CN102572905A (en) * | 2012-01-09 | 2012-07-11 | 中兴通讯股份有限公司 | Dual-homing protection switching method and system |
-
2013
- 2013-12-10 CN CN201310684476.7A patent/CN104702431B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101800774A (en) * | 2010-02-04 | 2010-08-11 | 中兴通讯股份有限公司 | Environmental-friendly accessing method and environmental-friendly accessing network |
| WO2011110029A1 (en) * | 2010-03-11 | 2011-09-15 | 中兴通讯股份有限公司 | Method and system for host route reachability in packet transport network access ring |
| CN102572905A (en) * | 2012-01-09 | 2012-07-11 | 中兴通讯股份有限公司 | Dual-homing protection switching method and system |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016197950A1 (en) * | 2015-06-11 | 2016-12-15 | 华为技术有限公司 | Route detection method, router device and system |
| CN106604253A (en) * | 2015-10-15 | 2017-04-26 | 福建华渔未来教育科技有限公司 | Wireless networking method and system |
| CN106604253B (en) * | 2015-10-15 | 2020-08-11 | 福建省华渔教育科技有限公司 | Wireless networking method and system |
| CN107707429A (en) * | 2017-10-17 | 2018-02-16 | 广东睿江云计算股份有限公司 | The method and system that a kind of discovery IP routes are interrupted |
| CN110365578A (en) * | 2019-08-01 | 2019-10-22 | 新华三大数据技术有限公司 | Network interface control and link switch-over method, device, the network equipment and medium |
| CN110365578B (en) * | 2019-08-01 | 2021-12-24 | 新华三大数据技术有限公司 | Network interface control and link switching method, device, network equipment and medium |
| CN115955688A (en) * | 2023-03-03 | 2023-04-11 | 新华三技术有限公司 | Data transmission method, system and device applied to 5G and electronic equipment |
| CN115955688B (en) * | 2023-03-03 | 2023-05-26 | 新华三技术有限公司 | Data transmission method, system and device applied to 5G and electronic equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104702431B (en) | 2018-10-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10686749B2 (en) | Packet sending method and network device | |
| EP2649752B1 (en) | System and method for providing improved failover performance for pseudowires | |
| CN104135418B (en) | It is a kind of to realize two layers of method and device for coordinating to switch with Layer3 Virtual Private Network | |
| CN103460647B (en) | For operating the technology of network node | |
| EP2242215B1 (en) | Method for client data transmission through a packet switched provider network | |
| CN102571426B (en) | Double-homing protection method and device | |
| JP4729119B2 (en) | Communication device in label switching network | |
| CN101931520B (en) | Switching method and system | |
| EP2498454A1 (en) | Method, device and system for processing service traffic based on pseudo wires | |
| US20130272114A1 (en) | Pseudo wire switching method and device | |
| CN101924654B (en) | Point-to-multipoint service-based path switching method and system | |
| CN102882780B (en) | Looped network tunnel configuration method based on overlapping trees, ring network protection method and system | |
| CN101364927A (en) | Method, apparatus and system realizing fault recovery of virtual private network | |
| CN101374075A (en) | Method, apparatus and system for protecting multicast source | |
| CN104702431A (en) | Double-breakage protection method and double-breakage protection device for virtual private network | |
| CN104683206A (en) | Method and device for coordinating and switching layer 2 and layer 3 virtual private networks in bridging apparatus | |
| CN105656776B (en) | Pseudo wire dual-homing protection switching system, method and device | |
| CN105591800A (en) | Traffic protection method and device | |
| CN103457817A (en) | PW+L3VPN protection method and system | |
| WO2013178097A1 (en) | Announcement method, device and system | |
| CN104702498B (en) | A kind of method and device reducing equipment room light connects quantity by harmonious protection | |
| WO2016124117A1 (en) | Method, switching device and network controller for protecting links in software-defined network (sdn) | |
| US20130003532A1 (en) | Protection switching method and system | |
| CN102143060A (en) | Method and device for building primary pseudowire and spare pseudowire | |
| EP2512070A1 (en) | Protection method, equipment and system for semi-ring network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |