CN105743797B - Multicasting VPN tunnel establishing method based on interface binding - Google Patents

Multicasting VPN tunnel establishing method based on interface binding Download PDF

Info

Publication number
CN105743797B
CN105743797B CN201610204870.XA CN201610204870A CN105743797B CN 105743797 B CN105743797 B CN 105743797B CN 201610204870 A CN201610204870 A CN 201610204870A CN 105743797 B CN105743797 B CN 105743797B
Authority
CN
China
Prior art keywords
multicast
interface
tunnel
private network
public network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610204870.XA
Other languages
Chinese (zh)
Other versions
CN105743797A (en
Inventor
赵荣方
秦骏
李振华
陈朝阳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Forward Industrial Co Ltd
Original Assignee
Shenzhen Forward Industrial Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Forward Industrial Co Ltd filed Critical Shenzhen Forward Industrial Co Ltd
Priority to CN201610204870.XA priority Critical patent/CN105743797B/en
Publication of CN105743797A publication Critical patent/CN105743797A/en
Application granted granted Critical
Publication of CN105743797B publication Critical patent/CN105743797B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/50Routing or path finding of packets in data switching networks using label swapping, e.g. multi-protocol label switch [MPLS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/16Multipoint routing

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

A kind of multicasting VPN tunnel establishing method based on interface binding, comprising the following steps: configure public network multicast group address, including default forwarding group and specific data forwarding address pond for each private network;Multicast Tunnel Interface is respectively created for private network and public network, and configures private network Multicast Tunnel Interface address;Establish the binding relationship between private network Multicast Tunnel Interface and public network Multicast Tunnel Interface;Generate public network multicast forwarding tree;Receiving end network edge device is forwarded to by public network forwarding tree after the flux of multicast encapsulation that private network Multicast Tunnel Interface is sent, receiving end network edge device determines that the message after decapsulation gives private network Multicast Tunnel Interface according to multicast address and Multicast Tunnel Interface binding relationship, to realize the forwarding of flux of multicast between different websites.The present invention realizes the multicast intercommunication between same network edge device difference VPN.

Description

Multicasting VPN tunnel establishing method based on interface binding
Technical field
The present invention relates to the methods that multicast transmission tunnel in Virtual Private Network is established.
Background technique
Multicasting VPN (Multicast in BGP/MPLS IP VPNs) is passed based on MPLS L3VPN network implementations multicast Defeated technology.
MPLS L3VPN is a kind of based on BGP (Border Gateway Protocol, Border Gateway Protocol) and MPLS VPN (the Virtual that (Multiprotocol Label Switching, multiprotocol label switching) expansion technique is realized Private Network, Virtual Private Network), be made of the backbone network of operator and each website of user, between each website that This is mutually isolated, is only just able to achieve intercommunication by backbone network.VPN can be regarded as a group policy, control between each website Connection.
Generally it is used to realize that the scheme of multicasting VPN is MD (Multicast in MPLS L3VPN network at present Domain), also it is multicast domain.One multicast domain is by some VRF that can send and receive multicast service between each other (virtual routing and forwarding) composition.It is each that multicast domain, which realizes that the main realization thought of multicasting VPN is, VPN constructs independent forwarding tree in public network, and private network data first carry out GRE encapsulation, outer layer destination address envelope before entering public network Dress is dedicated multicast group address and is forwarded to the network edge device of receiving station connection in public network by the address, by connecing The network edge device of receiving end is decapsulated and is sent to corresponding private network and is forwarded.
The technology of multicast domain scheme most critical is that the foundation of MT (Multicast Tunnel) Multicast Tunnel.It is big at present Partial implementation is all that a MTI (Multicast Tunnel Interface) realization is established on network edge device Private network multicast traffic transport, for the attribute definition of MTI, all some are fuzzy, and MTI becomes on network edge device in logic One belongs to the interface of public network and private network simultaneously, this exists with the thought of VPN itself conflicts, in addition, due in multicast forwarding, The same interface cannot be used as incoming interface and outgoing interface simultaneously, and this method is not easy to realize under the same network edge device not With the flux of multicast intercommunication between private network website.
Summary of the invention
The purpose of the present invention is to provide a kind of logical construction is clear, realize that simple and flexible is controllable, and be able to solve local The multicasting VPN tunnel establishing method based on interface binding of the problem of VPN multicast intercommunication.
The purpose of the present invention can be achieved, and design a kind of multicasting VPN tunnel establishing method based on interface binding, packet Include following steps:
A, public network multicast group address, including default forwarding group and specific data forwarding address pond are configured for each private network VRF, Public network multicast group address determines that message is sent to finger as public network tunnel interface in tunnel interface binding unit for identifying private network Determine the foundation of private network Multicast Tunnel Interface;
B, Multicast Tunnel Interface is respectively created for private network and public network, and configures private network Multicast Tunnel Interface address, and according to It needs to start multicast protocol on interface;The configuration of private network Multicast Tunnel Interface address only needs the address in the public network of this equipment Middle presence and as needed progress advertising of route;
C, the binding relationship between private network Multicast Tunnel Interface and public network Multicast Tunnel Interface is established;With binding relationship Private network Multicast Tunnel Interface and public network Multicast Tunnel Interface are intraconnection, logically independent relationship, and private network multicast packet passes through The message that private network Multicast Tunnel Interface is sent directly is received by public network Multicast Tunnel Interface, and public network multicast packet passes through public network multicast The message that tunnel interface is sent directly is received by its one or more private network Multicast Tunnel Interface bound;
D, public network multicast forwarding tree is generated;
E, the flux of multicast that private network Multicast Tunnel Interface is sent enters public affairs by the public network Multicast Tunnel Interface bound with it Net, and receiving end network edge device is forwarded to according to public network multicast forwarding tree, receiving end network edge device is according to multicast Location and Multicast Tunnel Interface binding relationship determine that the message after decapsulation gives private network Multicast Tunnel Interface, to realize different stations The forwarding of flux of multicast between point.
Further, the Multicast Tunnel Interface with binding relationship is the relationship of an intraconnection, private network Multicast Tunnel The PIM mode separate configurations that the PIM mode of interface and public network tunnel interface use, also not no protocol massages is direct between the two Interaction.
Further, the address configuration of private network Multicast Tunnel Interface is the interface IP address in public network, which is to establish BGP The address used when neighbours or other public network addresses, as long as mode of these address notifications into network is identical and establishes BGP The address notification mode used when neighbours is identical.
Further, the address of private network Multicast Tunnel Interface is used to generate the connection of private network unicast VPN routing as private network Attribute.
Optionally, in step D, private network specified default turn is added by executing IGMP static state on public network tunnel interface The mode of hair group realizes shared tree building public network default forwarding tree.
Optionally, in step D, specified by executing the IGMP static state addition private network in specified source on public network tunnel interface The mode of default forwarding group realize that source tree mode constructs default forwarding tree.
Optionally, in step D, selected by executing the IGMP static state addition private network in specified source on public network tunnel interface The mode of data forwarding group realize that source tree mode constructs data transfer tree, and in cross-domain environment, sent out in source PE It send and one BGP MDT routing is generated simultaneously according to the address of private network tunnel interface and public network data address while MDT Join TLV It is advertised to bgp neighbor, it is ensured that receiving end PE can be successfully established the source DATA MDT forwarding tree in such a way that PIM is acted on behalf of.
The present invention realizes the multicast intercommunication between same network edge device difference VPN.
Detailed description of the invention
Fig. 1 is the configuration diagram of present pre-ferred embodiments;
Fig. 2 is that the device of present pre-ferred embodiments constitutes schematic diagram;
Fig. 3 is the construction step schematic diagram of present pre-ferred embodiments;
Fig. 4 is the Multicast Tunnel inlet internal processing flow schematic diagram of present pre-ferred embodiments;
Fig. 5 is the Multicast Tunnel outlet internal processes schematic diagram of present pre-ferred embodiments;
Fig. 6 is that the Multicast Tunnel of present pre-ferred embodiments realizes local intercommunication internal processes schematic diagram;
Fig. 7 is the Multicast Tunnel multicast message forwarding process schematic diagram of present pre-ferred embodiments;
Fig. 8 is that the Multicast Tunnel of present pre-ferred embodiments realizes local private network multicast intercommunication message forwarding schematic diagram;
Fig. 9 is that the Multicast Tunnel of present pre-ferred embodiments realizes that example illustrates topological diagram.
Specific embodiment
The invention will be further described with reference to embodiments.
A kind of multicasting VPN tunnel establishing method based on interface binding, comprising the following steps:
A, public network multicast group address, including default forwarding group and specific data forwarding address pond are configured for each private network VRF, Public network multicast group address determines that message is sent to finger as public network tunnel interface in tunnel interface binding unit for identifying private network Determine the foundation of private network Multicast Tunnel Interface;
B, Multicast Tunnel Interface is respectively created for private network and public network, and configures private network Multicast Tunnel Interface address, and according to It needs to start multicast protocol on interface;
C, the binding relationship between private network Multicast Tunnel Interface and public network Multicast Tunnel Interface is established;With binding relationship Private network Multicast Tunnel Interface and public network Multicast Tunnel Interface are intraconnection, logically independent relationship, and private network multicast packet passes through The message that private network Multicast Tunnel Interface is sent directly is received by public network Multicast Tunnel Interface, and public network multicast packet passes through public network multicast The message that tunnel interface is sent directly is received by its one or more private network Multicast Tunnel Interface bound;
D, public network multicast forwarding tree is generated;
E, the flux of multicast that private network Multicast Tunnel Interface is sent enters public affairs by the public network Multicast Tunnel Interface bound with it Net, and receiving end network edge device is forwarded to according to public network multicast forwarding tree, receiving end network edge device is according to multicast Location and Multicast Tunnel Interface binding relationship determine that the message after decapsulation gives private network Multicast Tunnel Interface, to realize different stations The forwarding of flux of multicast between point.
The present invention creates Multicast Tunnel Interface simultaneously by the public network and private network in VPN network edge device, and configures private The binding relationship of net tunnel interface and public network tunnel interface forms an intraconnection, logically independent multicast interface, realizes empty The transmission of quasi- private network multicast packet;When outgoing interface of the Multicast Tunnel Interface as private network multicast message of private network, first With encapsulating the dedicated default public network multicast group address of preconfigured multicasting VPN or the specific data forwarding multicasting calculated Location (data MDT) is then directly submitted to message the public network Multicast Tunnel Interface of its binding;Public network Multicast Tunnel Interface is received After the message for encapsulating public network multicast group submitted to private network Multicast Tunnel Interface, the public network forwarding table pre-established is searched, Message is forwarded to receiving end PE equipment;PE equipment receives public network multicasting VPN message and finds public network Multicast Tunnel Interface As outgoing interface, is then searched according to public network address and the binding relationship of Multicast Tunnel Interface finds corresponding private network Multicast Tunnel Interface is submitted to corresponding private network Multicast Tunnel Interface after then releasing packet outer layer GRE is encapsulated;Multicast Tunnel Interface receives After the multicast message submitted to public network Multicast Tunnel Interface, the multicast forward table for directly searching private network is forwarded;It can pass through Flexible configuration binding strategy realizes the controllable forwarding of multicasting VPN flow.
As shown in Fig. 2, the present invention includes 4 basic units, Multicast Tunnel Interface generation unit, interface binding unit, road By generation unit and data processing unit.
As shown in figure 3, the generation of Multicast Tunnel of the invention comprises the following steps:
The S301 stage is the initial stage, configures public network multicast group address, including default forwarding group and spy for each private network VRF Determine data forwarding addresses pond, public network multicast group address is used as public network for identifying each private network in tunnel interface binding unit Tunnel interface determines that message is sent to the foundation of which private network Multicast Tunnel Interface.
The S302 stage is that private network and public network create Multicast Tunnel Interface, and configure private network Multicast Tunnel Interface address, and root Start multicast protocol (such as PIM SM, PIM DM etc.) on interface according to needs.Private network Multicast Tunnel Interface address is in the present invention With critical effect.Interface IP address is other than sending the source address of agreement as itself, more for generating the private network unicast The connector attribute carried when VPN advertising of route, unlike current most of realization, private network Multicast Tunnel Interface The configuration of location is not limited to public network and establishes the IP address used when bgp neighbor, it is only necessary to deposit in the public network of this equipment the address And as needed carry out advertising of route, different private networks may be implemented in this way can be used different addresses, be convenient for Realize local private network multicast intercommunication.
S303 stage, association (binding) private network Multicast Tunnel Interface to some public network Multicast Tunnel Interface.As shown in Figure 1, The Multicast Tunnel Interface mvpn-tunnel 1 of VRF1 is associated with public network Multicast Tunnel Interface mvpn-tunnel 0;VRF2 and VRF3 Multicast Tunnel Interface mvpn-tunnel 2 and mvpn-tunnel 3 be associated with public network Multicast Tunnel Interface mvpn-tunnel 10.Private network tunnel interface with incidence relation is connected to the data transmit-receive channel of public network tunnel interface, and private network tunnel connects Mouthful send message can directly be received by public network tunnel interface, public network tunnel interface can choose by message be sent to some or The private network Multicast Tunnel Interface of the certain associated relationships of person.
S304 stage, the stage generate public network multicast forwarding tree.The mode that shared tree or source tree can be used constructs public affairs Net multicast forwarding tree.
Public network default forwarding tree (default MDT) that some private network is established using shared tree, passes through the group in the private network It broadcasts and is realized in such a way that the specified default forwarding group of private network is added in IGMP static state on the associated public network tunnel interface of tunnel interface;
Public network default forwarding tree (default MDT) is established using source tree (PIM-SSM), is routed by BGP MDT specified Information PE and group address create public network multicast forwarding tree, and the address of PE uses the ground of the private network Multicast Tunnel Interface of corresponding VRF Location, group address forward group address using the default of VRF or are the data forwarding group address that specific multicast stream uses, and receive BGP The pe router of MDT routing searches the binding relationship of public network Multicast Tunnel Interface according to the group address message of routing iinformation, if Some public network Multicast Tunnel Interface has private network tunnel interface to bind and the default forwarding group address and routing iinformation of the private network Multicast group address is identical, then on the public network Multicast Tunnel Interface in MDT routing iinformation the address PE and group address establish one A IGMP static group is added.
The building of data transfer tree (data MDT), can be divided into situation in domain and cross-domain:
The foundation of public network data transfer tree (data MDT) in domain is needed by sending MDT Join TLV notice receiving end PE The data transfer tree information to be switched, the source address of MDT Join TLV message use the address of private network tunnel interface, in TLV Public network group address message uses the free address in the public network multicast packet address pool calculated, and receiving end PE is according to private network It is no to there is recipient to decide whether that data transfer tree is added, if necessary to be added, the public network tunnel of private network tunnel interface binding An IGMP static group is established on interface with the public network group address in the message source address and TLV in MDT Join TLV to be added.
The foundation of public network data transfer tree between domain is sending MDT Join TLV's in addition to process in above-mentioned domain, source PE A BGP MDT is generated according to the address of private network tunnel interface and public network data address simultaneously and routes and be advertised to bgp neighbor, really The source DATA MDT forwarding tree can be successfully established in such a way that PIM is acted on behalf of by protecting receiving end PE.
In the S305 stage, after public network multicast forwarding tree constructs successfully, the flux of multicast that private network Multicast Tunnel Interface is sent (is assisted View message and data message) far-end network edge device can be forwarded to by public network multicast forwarding tree, far-end network edge is set It is standby to determine that the message after decapsulation is given those private network Multicast Tunnel and connect according to multicast address and Multicast Tunnel Interface binding relationship Mouthful, to realize the forwarding of flux of multicast between different websites.
Fig. 4 and Fig. 5 show the Way in of Multicast Tunnel of the invention and the internal processes of export direction.
Fig. 6 gives the implementation method of local private network flux of multicast intercommunication, gives under same network edge device VRF1 and VRF2 between realize intercommunication internal processes.In this scene, the private network Multicast Tunnel of VRF1 and VRF2 Interface needs to configure as different addresses, and is tied on different public Multicast Tunnel Interface.
Fig. 7 and Fig. 8 gives real between the multicasting VPN data forwarding process and local network edge device across public network The transmitting multicast data process of existing intercommunication.
The present invention realizes multicasting VPN flow rate controllability or can intervention.The building one of above-mentioned public network multicast forwarding tree As be to be automatically performed after being configured with the basic binding relationship of default multicast group or data forwarding group and Multicast Tunnel Interface, In addition to this, some public network of manual configuration can be passed through in the case where not modifying private network default multicast group or data forwarding group The group of certain groups or specified source is added in Multicast Tunnel Interface, and configures certain tunnel interface associating policy, exists as needed The flux of multicast for carrying out other websites is received on some website.Such as in the network edge device of Fig. 1, mvpn-tunnel 10 can Reception to realize the flow to the default forwarding group of VRF1 by way of configuring static IGMP addition, while configured tunneling technique connects These flows that mouth binding strategy receives mvpn-tunnel 10 are submitted to mvpn-tunnel 3, realize VRF3 to local network The flux of multicast of respective site is received on network edge device VRF1 website and far-end network edge device.
Example one, the example illustrate the realization process of general multicast VPN in the present invention.In the topology of Fig. 9, using PIM SM and PIM SSM realizes that the CE1 and CE2 of virtual private network 1 and CE3 and CE4 multicast in virtual private network 2 are mutual It is logical.Illustrate the realization process in this example below with reference to the Multicast Tunnel building process of Fig. 3:
The S301 stage configures the dedicated default multicast group of a public network first on PE1 and PE2 for VPN1, is used for agreement The encapsulation of the default of message and data message is in this example VPN1 configuration address 228.0.0.1, is VPN2 configuration address 228.0.0.2。
The S302 stage is that private network and public network create Multicast Tunnel Interface and configuration address, on PE1, creates mvpn- Tunnel 1 is simultaneously tied to VPN1, creates mvpn-tunnel 2 and is tied to VPN2, mvpn-tunnel 0 is used as public network interface. Address (1.1.1.11) on PE1 using loopback mouth loopback 1 is configured to the address of interface mvpn-tunnel 1, uses The address (1.1.1.12) of loopback 2 is configured to the address of interface mvpn-tunnel 2;Loopback mouth is used on PE2 The address (2.2.2.21) of loopback 1 is configured to the address of interface mvpn-tunnel 1, use the address of loopback 2 (2.2.2.22) is configured to the address of interface mvpn-tunnel 2;After the completion of configuration, private network unicast road of bgp update is triggered By using the address of corresponding mvpn-tunnel interface as connector attribute.For example, updating the private network of VPN1 on PE1 When singlecast router, the connector attribute of carrying is encapsulated using the interface IP address 1.1.1.11 of mvpn-tunnel1, other VPN it is similar, the foundation for using connector attribute to search as private network multicast RPF neighbours in this way.
The S303 stage is associated with private network Multicast Tunnel Interface and public network Multicast Tunnel Interface.On PE1, mvpn-tunnel 1 and mvpn-tunnel 2 is associated on mvpn-tunnel 0.Incidence relation mainly forwards mvpn-tunnel interface data It has an impact, the message sent from mvpn-tunnel 1 and mvpn-tunnel 2 is mainly reflected in, directly by mvpn-tunnel 0 receives.The message sent from mvpn-tunnel 0, can be by mvpn-tunnel 1 or mvpn-tunnel 2, here mainly The matching of the group address of the VPN configured according to the group address of message and S301 stage realizes which mvpn- selection is submitted to Tunnel interface.For example, when being 228.0.0.1 from the message group address that the public network mvpn-tunnel 0 of PE1 is sent, Selection is submitted to mvpn-tunnel 1, and when group address is 228.0.0.2, selection is submitted to mvpn-tunnel 2.
The S304 stage, the case where using PIM SM, before constructing tunnel, first in public network PE1, PE2 and P router it Between configure multicast, and specified RP.Then, it on PE, according to the configuring condition in private network S301 to S303, is connect in public network tunnel Private network multicast group is added on mouth.In this example, PIM SM is enabled on the mvpn-tunnel of PE1 0, and is automatically added to static state IGMP multicast group 228.0.0.1 and 228.0.0.2.In this way, establishing the shared tree of corresponding group address after being advertised to RP, building After the completion of vertical, on PE1, public network multicast forwarding list item can be generated, incoming interface and outgoing interface are as follows:
Multicast data flow Incoming interface Outgoing interface
(2.2.2.21,228.0.0.1) GE0 mvpn-tunnel 0
(2.2.2.22,228.0.0.2) GE0 mvpn-tunnel 0
(1.1.1.11,228.0.0.1) mvpn-tunnel 0 GE0
(1.1.1.12,228.0.0.2) mvpn-tunnel 0 GE0
Table 1
Wherein, the first two list item is for receiving and forwarding the VPN flow from remote station to site-local, latter two table The flux of multicast that site-local is sent for being sent to remote station by item.
The upper VPN1 private network forwarding-table item of PE1 is as follows:
Table 2
The upper VPN2 private network forwarding-table item of PE1 is as follows:
Table 3
Multicast forwarding list item on PE2 is similar with PE1.
The case where using PIM SSM, needs to route using BGP MDT.It completes to postpone matching in S301 to S303, trigger BGP generates local MDT routing and is originally advertised to bgp neighbor.In this example, on PE1, source address is routed for the MDT that VPN1 is generated It is the MDT routing source address that VPN2 is generated is 1.1.1.12 for 1.1.1.11, group address 228.0.0.1, group address is 228.0.0.2 similar on PE2.After receiving MDT routing, the group in specified source is added on public network interface according to MDT routing, In this example, after the MDT routing that PE2 notice is received on PE1, it is 2.2.2.21 that source, which is added, in mvpn-tunnel 0, and group is 228.0.0.1 it is 2.2.2.22 with source, organizes the static IGMP for 228.0.0.2, it is similar on PE2.By above-mentioned process, equally Complete the foundation of public network multicast forwarding list item as shown in Table 1.
The foundation of Data MDT, data MDT message by defaulting after forwarding tree is forwarded to opposite end PE, according to private network whether There are downstream recipients to decide whether on the public network tunnel interface (in this case, it is 0 interfaces of mvpn-tunnel) that private network is bound Specified data MDT public network multicast group is added.
After the completion of Multicast Tunnel is established, the transmission flow of private network flux of multicast is as shown in Figure 7.
Example two, this example illustrate the realization process of local multicast VPN intercommunication in the present invention.In this example, to realize The intercommunication between VPN1 and VPN2 in topological diagram 9 on PE1 illustrates.In order to realize local intercommunication, reality is different from configuration The place of example one is that, in the S301 stage, VPN1 and VPN2 are configured to identical multicast group, all uses 228.0.0.1 here, S303 stage VPN1 and VPN2 need to be tied on different public network Multicast Tunnel Interface.Herein, a mvpn- is created Tunnel 10 is tied to mvpn-tunnel 1 on mvpn-tunnel 0, and mvpn-tunnel 2 is tied to mvpn- On tunnel 10.Others configuration is similar with the configuration in example 1, similar with the process of example one, can be real using PIM SM The building of existing public network multicast forwarding tree, meanwhile, by configuring the extended attribute Route Target (RT) of BGP, MDT may be implemented The importing of routing, can be with the building of PIM SSM public network multicast forwarding tree.Public network forwarding after the completion of Multicast Tunnel building, on PE1 List item is as follows:
Multicast data flow Incoming interface Outgoing interface
(1.1.1.11,228.0.0.1) mvpn-tunnel 0 mvpn-tunnel 10
(1.1.1.12,228.0.0.1) mvpn-tunnel 10 mvpn-tunnel 0
Table 4
If the upper public network multicast list of PE1 is as follows simultaneously with the website intercommunication under far-end PE 2
Table 5
After the completion of Multicast Tunnel is established, transmission flow such as Fig. 8 of private network flux of multicast local VPN multicast intercommunication on PE1 It is shown.
The multicast list and example one of private network website are identical, are shown in Table 2, table 3.
Example three, this example illustrate the realization process in controllable multicast tunnel in the present invention.In the topology of Fig. 9, usual feelings Under condition, what the data of VPN1 and VPN2 were mutually isolated.In the present invention, it can according to need the intervention realized to VPN flow. In this example, in the case where not changing the configuration of current VPN flow introduces the website of VPN1 on website CE4 on VPN2 CE1 realizes the purpose of the flow of monitoring and observation from VPN2 website CE4.
In order to reach this effect, on the basis of example one, binding strategy can be configured, the group from website CE4 When stream (2.2.2.22,228.0.0.2) is broadcast by the transmission of mvpn-tunnel 0, it can be sent to mvpn-tunne1 simultaneously 1 and mvpn-tunnel, 2 interface.In website CE1, in order to which the flux of multicast from CE4 website can be examined by reverse path (rpf check) is looked into, can be realized by configuring Multicast Routing, the private network unicast that BGP introduces CE4 website can also be directly configured Routing is to realize.
Under this scene, after the completion of intervention, the multicast routing table item in example one on PE1 does not change, as shown in table 1, When only being forwarded to the flow of (2.2.2.22,228.0.0.2) from mvpn-tunnel 0, in addition to being forwarded toward VPN2, It can also be forwarded simultaneously toward VPN1.
In the different scene of the public network Multicast Tunnel Interface that VPN1 and VPN2 is bound on PE1, such as mvpn-tunnel 1 It is tied on mvpn-tunnel 0, mvpn-tunnel 2 is tied on mvpn-tunnel 10, in order to realize CE1 website pair The flux of multicast of CE4 website monitors, and directly passes through static configuration IGMP in the upper mvpn-tunnel 1 of PE1, addition source is 2.2.2.22 multicast group 228.0.0.2, while configuring the multicast packet on mvpn-tunnel 0 and sending strategy, so that The multicast data flow of (2.2.2.22,228.0.0.2) can be submitted to 1 interface of mvpn-tunnel.To realize that the CE1 in VPN1 connects The website connect can monitor the flux of multicast from CE4.
Under this scene, after the completion of intervention, the multicast forwarding list item on PE1 is as follows:
Table 6
The present invention realizes the multicast intercommunication between same network edge device difference VPN.

Claims (8)

1. a kind of multicasting VPN tunnel establishing method based on interface binding, it is characterised in that the following steps are included:
A, public network multicast group address, including default forwarding group and specific data forwarding address pond, public network are configured for each private network VRF Multicast group address determines that message is sent to specified private as public network tunnel interface in tunnel interface binding unit for identifying private network The foundation of net Multicast Tunnel Interface;
B, Multicast Tunnel Interface is respectively created for private network and public network, and configures private network Multicast Tunnel Interface address, and as needed Start multicast protocol on interface;The configuration of private network Multicast Tunnel Interface address only needs the address to deposit in the public network of this equipment And as needed carry out advertising of route;
C, the binding relationship between private network Multicast Tunnel Interface and public network Multicast Tunnel Interface is established;Private network with binding relationship Multicast Tunnel Interface and public network Multicast Tunnel Interface are intraconnection, logically independent relationship, and private network multicast packet passes through private network The message that Multicast Tunnel Interface is sent directly is received by public network Multicast Tunnel Interface, and public network multicast packet passes through public network Multicast Tunnel The message that interface is sent directly is received by its one or more private network Multicast Tunnel Interface bound;
D, public network multicast forwarding tree is generated;
E, receiving end network is forwarded to by public network multicast forwarding tree after the flux of multicast encapsulation that private network Multicast Tunnel Interface is sent Edge device, receiving end network edge device determine the report after decapsulation according to multicast address and Multicast Tunnel Interface binding relationship Text gives private network Multicast Tunnel Interface, to realize the forwarding of flux of multicast between different websites.
2. the multicasting VPN tunnel establishing method according to claim 1 based on interface binding, it is characterised in that: have and tie up The Multicast Tunnel Interface for determining relationship is the relationship of an intraconnection, the PIM mode and public network tunnel of private network Multicast Tunnel Interface The PIM mode separate configurations that interface uses, the between the two also not direct interaction of protocol massages.
3. the multicasting VPN tunnel establishing method according to claim 1 based on interface binding, it is characterised in that: private network group It is that the address used when establishing bgp neighbor or network edge are set that the address configuration of tunnel interface, which is broadcast, as the interface IP address in public network Other public network addresses of standby address, if mode of these address notifications into network it is identical with use when establishing bgp neighbor Address notification mode is identical.
4. the multicasting VPN tunnel establishing method according to claim 1 based on interface binding, it is characterised in that: private network group The address for broadcasting tunnel interface is used to generate the connection attribute of private network unicast VPN routing as private network.
5. the multicasting VPN tunnel establishing method according to claim 1 based on interface binding, it is characterised in that: pass through handle The Multicast Tunnel Interface of different VRF is tied to different public network Multicast Tunnel Interface, realizes the multicast between the PE difference VRF of local Intercommunication.
6. the multicasting VPN tunnel establishing method according to claim 1 based on interface binding, it is characterised in that: in step D In, shared tree structure is realized by way of executing IGMP static state on public network tunnel interface and the specified default forwarding group of private network is added Build public network default forwarding tree.
7. the multicasting VPN tunnel establishing method according to claim 1 based on interface binding, it is characterised in that: in step D In, the IGMP static state executing specified source on public network tunnel interface is realized by way of the specified default forwarding group of private network is added Source tree mode constructs default forwarding tree.
8. the multicasting VPN tunnel establishing method according to claim 1 based on interface binding, it is characterised in that: in step D In, the IGMP static state executing specified source on public network tunnel interface is realized by way of the selected data forwarding group of private network is added Source tree mode constructs data transfer tree, and in cross-domain environment, in source PE while sending MDT Join TLV root It is routed according to the one BGP MDT in the address of private network tunnel interface and the generation of public network data address and is advertised to bgp neighbor, it is ensured that received End PE can be successfully established the source DATA MDT forwarding tree in such a way that PIM is acted on behalf of.
CN201610204870.XA 2016-04-05 2016-04-05 Multicasting VPN tunnel establishing method based on interface binding Active CN105743797B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610204870.XA CN105743797B (en) 2016-04-05 2016-04-05 Multicasting VPN tunnel establishing method based on interface binding

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610204870.XA CN105743797B (en) 2016-04-05 2016-04-05 Multicasting VPN tunnel establishing method based on interface binding

Publications (2)

Publication Number Publication Date
CN105743797A CN105743797A (en) 2016-07-06
CN105743797B true CN105743797B (en) 2019-03-29

Family

ID=56253587

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610204870.XA Active CN105743797B (en) 2016-04-05 2016-04-05 Multicasting VPN tunnel establishing method based on interface binding

Country Status (1)

Country Link
CN (1) CN105743797B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107547399B (en) * 2017-05-31 2020-07-07 新华三技术有限公司 Multicast forwarding table item processing method and PE equipment
CN109120746B (en) * 2018-09-30 2022-04-15 新华三技术有限公司 Network address translation method and device and address translation equipment
CN112054962B (en) 2019-06-06 2021-12-14 华为技术有限公司 Method and device for realizing multicast
CN110247846B (en) * 2019-07-26 2021-09-03 宙安科技河北有限公司 Routing method and routing device of virtual private network
CN112636935B (en) * 2019-10-08 2023-06-30 中兴通讯股份有限公司 Virtual private network multicast method based on IPv6 network and electronic equipment

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101459606B (en) * 2008-12-31 2011-04-20 华为技术有限公司 Extranet networking method, system and device for multicast VPN
CN102571375B (en) * 2012-02-09 2015-04-22 北京星网锐捷网络技术有限公司 Multicast forwarding method and device as well as network device
CN102916888B (en) * 2012-09-21 2015-07-22 杭州华三通信技术有限公司 Multicast data transmission method and multicast data transmission device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101459606B (en) * 2008-12-31 2011-04-20 华为技术有限公司 Extranet networking method, system and device for multicast VPN
CN102571375B (en) * 2012-02-09 2015-04-22 北京星网锐捷网络技术有限公司 Multicast forwarding method and device as well as network device
CN102916888B (en) * 2012-09-21 2015-07-22 杭州华三通信技术有限公司 Multicast data transmission method and multicast data transmission device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"MPLS/BGP VPN中组播的实现研究";程彪,徐学洲;《电子科技》;20070419(第3期);第53-57页

Also Published As

Publication number Publication date
CN105743797A (en) 2016-07-06

Similar Documents

Publication Publication Date Title
CN102035729B (en) Multicast data forwarding method
CN105991432B (en) Provider edge router and method
CN105743797B (en) Multicasting VPN tunnel establishing method based on interface binding
US8958423B2 (en) Implementing a multicast virtual private network by using multicast resource reservation protocol-traffic engineering
CN102137000B (en) Method, device and system for establishing switching multicast distribution tree
CN100531040C (en) Method and apparatus for realizing multicasting virtual private network binding
US20100329252A1 (en) Method and Apparatus for Enabling Multicast Route Leaking Between VRFs in Different VPNs
CN101616014B (en) Method for realizing cross-virtual private local area network multicast
US20130259042A1 (en) Multicast packet transmission
EP1737164A1 (en) A method for realizing multicasting in a virtual private network using a virtual router
CN102148745B (en) Method and system for increasing forwarding efficiency of virtual private LAN service network
CN102143026B (en) Method for avoiding loop circuit in virtual two layer network
CN102739501B (en) Message forwarding method and system in two three layer virtual private networks
CN101645790B (en) Switching-over method, device and system of multicast distribution tree
CN104092554B (en) Multicast distribution tree method for building up and device
CN102075446A (en) Interconnection method of transparent interconnection network of lots of links in different places and operator edge device
CN105227471B (en) The method and edge device of multicast forwarding list item are established in a kind of EVI networks
US20140294003A1 (en) Optimizing otv multicast traffic flow for site local receivers
CN103209134B (en) Method and equipment for multicast forwarding
CN104539545B (en) Method for forwarding multicast message and equipment in TRILL network
CN103973459B (en) The transmission method and device of multicast message between IPv6 multicast isolated island
CN101119222B (en) Method, device and system for implementing multicast of HOPE network
CN102404179A (en) Method and device for processing message
CN103716244B (en) Method and device enabling extra-VPN forwarding of multicasts to be achieved
CN106357541A (en) Information transmission method and device

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP02 Change in the address of a patent holder
CP02 Change in the address of a patent holder

Address after: 518040, Tian Jian building, Tian An Industrial Zone, Futian District, Shenzhen, Guangdong, Che Kung Temple, 2B2, 3B2, 4B1

Patentee after: SHENZHEN FORWARD INDUSTRIAL Co.,Ltd.

Address before: 518055, Nanshan District, Guangdong hi tech Industrial Park, Shenzhen District North West Road, No. 5, Galaxy Fengyun building, 6 floor

Patentee before: SHENZHEN FORWARD INDUSTRIAL Co.,Ltd.