CN106059963A - Data transmission control method and device - Google Patents

Data transmission control method and device Download PDF

Info

Publication number
CN106059963A
CN106059963A CN201610402523.8A CN201610402523A CN106059963A CN 106059963 A CN106059963 A CN 106059963A CN 201610402523 A CN201610402523 A CN 201610402523A CN 106059963 A CN106059963 A CN 106059963A
Authority
CN
China
Prior art keywords
vlan
upstream
target port
forwarding
described target
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610402523.8A
Other languages
Chinese (zh)
Other versions
CN106059963B (en
Inventor
张洋
秦涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
New H3C Information Technologies Co Ltd
Original Assignee
Hangzhou H3C Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou H3C Technologies Co Ltd filed Critical Hangzhou H3C Technologies Co Ltd
Priority to CN201610402523.8A priority Critical patent/CN106059963B/en
Publication of CN106059963A publication Critical patent/CN106059963A/en
Application granted granted Critical
Publication of CN106059963B publication Critical patent/CN106059963B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • H04L12/467Arrangements for supporting untagged frames, e.g. port-based VLANs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/35Switches specially adapted for specific applications
    • H04L49/354Switches specially adapted for specific applications for supporting virtual local area networks [VLAN]

Abstract

The invention provides a data transmission control method and device. The method comprises the steps of determining a forwarding VLAN of uplink data streams which are allowed to pass through by a target port when it is determined that the condition that the forwarding virtual local area network VLAN of the uplink data streams is different from an initial VLAN exists in the target port; closing a VLAN filtering detection function for the target port, wherein the function is in a chip corresponding to the target port and is started by default; and setting the target port to allow the uplink data streams of the forwarding VLAN to pass through and forbid the uplink data streams of other VLANs to pass through. Through application of the embodiment of the method and the device, filtering detection based on the forwarding VLAN can be realized, and the possibility of generating a loop is reduced.

Description

A kind of data transfer control method and device
Technical field
The present invention relates to network communication technology field, particularly relate to a kind of data transfer control method and device.
Background technology
It is the simplest for dividing VLAN (Virtual Local Area Network, VLAN) based on port Single, maximally effective VLAN division methods.It defines member of vlan according to device port, will specify After port joins in assigned vlan, this port just can forward the message of this VLAN.
Dividing to realize VLAN based on port, the data stream needing chip to receive port is carried out VLAN filters inspection, it is achieved as follows:
The port needing intercommunication adds identical VLAN;The port needing isolation adds different VLAN;
Upstream is VLAN and filters inspection by chip, adds the port of certain VLAN, just allows The upstream of this VLAN passes through, and otherwise carries out data stream filtering, does not i.e. add the end of this VLAN Mouthful, do not allow the upstream of this VLAN to pass through.
But practice finds, it is (initial based on Initial that the VLAN of existing chip support filters inspection Changing) VLAN carries out rather than forwards VLAN, as forwarding VLAN and Initial of certain port on equipment During VLAN difference, if using the VLAN of existing chip to filter Examined effect, this port needs to add Initial VLAN, adds the possibility producing loop.
As a example by data transmitting scene shown in Fig. 1, Device (equipment) B is that the downstream of Device A sets Standby, Device B to Device A has two data feedback channels, and upstream all carries VLAN100, Wherein the upstream of passage 1 carries out VLAN replacement on Device A and (assumes by VLAN100 Replace with VLAN200), the upstream of passage 2 keeps constant.If using existing chip to support VLAN filters Examined effect, then port GE1/0/1, GE1/0/2 on Device A are required for adding Entering VLAN100, now, the flow of Device A upper port GE1/0/2 may pass through port GE1/0/1 Forward, thus produce loop.
Summary of the invention
The present invention provides a kind of data transfer control method and device, to solve what existing chip was supported VLAN filters the problem that Examined effect easily produces loop.
First aspect according to embodiments of the present invention, it is provided that a kind of data transfer control method, including:
When determining that target port exists forwarding virtual LAN VLAN and the initialization of upstream During different for VLAN situation, determine that described target port allows the forwarding of the upstream passed through VLAN;
Close the VLAN for described target port that on the chip that described target port is corresponding, acquiescence is opened Filter audit function, and described target port is positioned to allow for the upstream of described forwarding VLAN Pass through, and forbid that the upstream of other VLAN passes through.
Second aspect according to embodiments of the present invention, it is provided that a kind of data transfer controller, including:
Determine unit, for when determining that target port exists the forwarding VLAN of upstream VLAN, from when initializing the different situation of VLAN, determines that described target port allows to pass through up The forwarding VLAN of data stream;
Control unit, for close on the chip that described target port is corresponding that acquiescence opens for described mesh The VLAN of mark port filters audit function, and described target port is positioned to allow for described forwarding The upstream of VLAN passes through, and forbids that the upstream of other VLAN passes through.
The application embodiment of the present invention, by when determining that target port exists forwarding VLAN and Initial During different for VLAN situation, determine that this target port allows the forwarding VLAN of the upstream passed through, And then close the VLAN filtration inspection for target port that acquiescence on the chip that target port is corresponding is opened Function, and the upstream that target port is positioned to allow for this forwarding VLAN passes through, and forbids other The upstream of VLAN passes through, it is achieved that filtration inspection based on forwarding VLAN, reduces generation The probability of loop.
Accompanying drawing explanation
Fig. 1 is the configuration diagram of a kind of data transmitting scene;
Fig. 2 is the schematic flow sheet of a kind of data transfer control method that the embodiment of the present invention provides;
Fig. 3 is the structural representation of a kind of data transfer controller that the embodiment of the present invention provides;
Fig. 4 is the structural representation of the another kind of data transfer controller that the embodiment of the present invention provides.
Detailed description of the invention
For the technical scheme making those skilled in the art be more fully understood that in the embodiment of the present invention, and make The above-mentioned purpose of the embodiment of the present invention, feature and advantage can become apparent from understandable, the most right In the embodiment of the present invention, technical scheme is described in further detail.
Refer to Fig. 2, for the flow process signal of a kind of data transfer control method that the embodiment of the present invention provides Figure, as in figure 2 it is shown, this data transfer control method may comprise steps of:
It should be noted that the executive agent of step 201~step 202 can be with access device or access device In processor, such as CPU (Center Process Unit, CPU).Wherein, this access Equipment can include but not limited to router or switch etc..For ease of describing, below with step 201~ The executive agent of step 202 is to illustrate as a example by access device.
Step 201, when determining that target port exists the forwarding VLAN and Initial VLAN of upstream During different situation, determine that target port allows the forwarding VLAN of the upstream passed through.
In the embodiment of the present invention, it is contemplated that the VLAN of existing chip filters Examined effect on access device Exist in the scene different for forwarding VLAN from Initial VLAN of certain port, generation loop can be increased May, therefore, in order to avoid the generation of loop, for the forwarding VLAN that there is certain port on access device The scene different from Initial VLAN, access device is required for the VLAN filtration inspection of this port to be needed To carry out rather than based on Initial VLAN based on forwarding VLAN.
Correspondingly, in embodiments of the present invention, certain port (referred to herein as target is determined when access device Port) when there is different for forwarding VLAN from the Initial VLAN situation of upstream, access sets Standby needs first determines the forwarding VLAN that target port allows the upstream passed through.
As the optional embodiment of one, in embodiments of the present invention, determine that target port exists up The situation different for forwarding VLAN from Initial VLAN of data stream, may include that
When determining that target port is deployed with VLAN mapping business, determine and on target port, there is line number Situation different for forwarding VLAN from Initial VLAN according to stream;
Correspondingly, determine that target port allows the forwarding VLAN of the upstream passed through, may include that
VLAN after the mapping include VLAN mapping ruler corresponding for target port is defined as target Port allows the forwarding VLAN of the upstream passed through.
In this embodiment, when access device determines that target port is deployed with VLAN and maps business, as VXLAN (VirtualExtensible Local Area it is deployed with on the target port of access device Network, virtual expansible LAN) (Edge Virtual Bridging, edge is empty for business or EVB Intend bridge) business time, the upstream that target port is received, access device need according on this VLAN ID (mark) (initializing the VLAN ID of VLAN) the coupling phase carried in row data stream The VLAN mapping ruler answered, and when the match is successful, by the VLAN ID carried in upstream Replace with the VLAN ID after the mapping that VLAN mapping ruler includes and (forward the VLAN of VLAN ID), i.e. there are the feelings different for forwarding VLAN from Initial VLAN of upstream on target port Condition.
In this case, in order to avoid loop produces, access device needs to wrap in VLAN mapping ruler VLAN after the mapping included is defined as target port and allows the forwarding VLAN of the upstream passed through, And it is carried out filtering inspection by the Initial VLAN being no longer based on upstream.
The VLAN for target port that on the chip that step 202, closedown target port are corresponding, acquiescence is opened Filter audit function, and forward the upstream of VLAN determined by being positioned to allow for by target port Pass through, and forbid that the upstream of other VLAN passes through.
In the embodiment of the present invention, there is the forwarding of upstream on target port when access device determines The situation that VLAN from Initial VLAN is different, and determine that target port allows the upstream data road passed through Forwarding VLAN time, access device needs to be first shut off on the chip that target port is corresponding what acquiescence was opened VLAN for target port filters audit function, i.e. closes on the chip that target port is corresponding for mesh The filtration inspection that mark port is carried out based on Initial VLAN.
Then, access device also need to be positioned to allow for target port determined by forward that VLAN's is upper Row data circulated, and forbade that the upstream of other VLAN passes through.
As an example it is assumed that the port 1 of access device is deployed with VLAN maps business, need VLAN VLAN ID in the upstream of 100 replaces with VLAN 200, then access device may determine that this The forwarding VLAN of upstream is VLAN 200, i.e. upstream after VLAN maps needs Forwarding in VLAN 200, now, access device needs to close on the chip that target port is corresponding to be given tacit consent to The VLAN for target port opened filter audit function (this acquiescence open for target port It is only to allow the upstream of VLAN 100 to pass through that VLAN filters audit function), and by destination end Mouth is positioned to allow for the upstream of VLAN 200 to be passed through, and forbids other VLAN (VLAN 200 Outside other VLAN) upstream pass through.
As the optional embodiment of one, in embodiments of the present invention, target port is positioned to allow for Determined by forward the upstream of VLAN to pass through, and forbid other VLAN upstream data circulation Cross, may include that
Issue first data transmission to the chip that target port is corresponding and control rule and the second Data Transmission Controlling Rule, this first data transmission controls rule and abandons target port for the chip indicating target port corresponding The upstream received, the second Data Transmission Controlling rule is for indicating the chip that target port is corresponding The upstream forwarding VLAN determined by permission passes through;Wherein, first data transmission controls rule Priority less than second Data Transmission Controlling rule.
In this embodiment, access device close that acquiescence on chip corresponding to target port opens for After the VLAN of target port filters audit function, in addition it is also necessary to the chip corresponding to target port issues two Bar is for the Data Transmission Controlling rule of target port, and wherein, a data transmission controls rule and is used for referring to Show that the chip that target port is corresponding abandons the upstream (referred to herein as first that target port receives Data Transmission Controlling rule), another turns determined by the chip permission that target port is corresponding for indicating Send out the upstream of VLAN by (the referred to herein as second Data Transmission Controlling rule), the first number The priority of rule is controlled less than the second Data Transmission Controlling rule according to transmission.
Correspondingly, when the target port of access device receives upstream, need first to mate second Data Transmission Controlling rule, and when the match is successful, it is allowed to this upstream passes through, and otherwise, continues Coupling first data transmission controls rule, abandons this upstream, thus, the destination end of access device Mouth forwards the upstream of VLAN to pass through determined by only allowing, and forbids that other VLAN's is up Data stream passes through.
Further, in embodiments of the present invention, reflect when the target port of access device is deployed with VLAN When penetrating business, the target port of access device receives the handling process of upstream and can include following Step:
11), when target port receives target upstream, take according in target upstream The VLAN ID of band mates the VLAN mapping ruler that target port is corresponding;
12) if the match is successful, according to VLAN mapping ruler, target upstream is carried out VLAN ID replaces, and determines whether in the target after VLAN ID replacement according to the VLAN ID after replacing Row data circulated;
13) if mating unsuccessful, then determine according to the VLAN ID carried in target upstream Target upstream whether is allowed to pass through.
It should be noted that in embodiments of the present invention, target upstream is also not specific to a certain fixing Upstream, but arbitrary upstream that the target port that may refer to access device receives.
Concrete, in embodiments of the present invention, if the target port of access device is deployed with VLAN and maps Business, then, when the target port of access device receives target upstream, access device needs elder generation Corresponding VLAN mapping ruler is mated according to the VLAN ID carried in this target upstream;
If the match is successful, i.e. match the VLAN mapping ruler of correspondence, then access device needs this mesh VLAN ID in mark upstream replaces with the VLAN of mated VLAN mapping ruler instruction ID, and mate the second Data Transmission Controlling rule according to the VLAN ID after replacing, if coupling the second number Control rule success according to transmission, then allow this target upstream to pass through;Otherwise, after according to replacing VLAN ID coupling first data transmission controls rule, abandons this target upstream.
If it fails to match, i.e. do not match the VLAN mapping ruler of correspondence, then access device can basis The Initial VLAN ID of this target upstream mates the second Data Transmission Controlling rule, if coupling the Two Data Transmission Controlling rule successes, then allow this target upstream to pass through;Otherwise, according to Initial VLAN ID coupling first data transmission controls rule, abandons this target upstream.
What deserves to be explained is, in embodiments of the present invention, as the VLAN carried in target upstream When ID (the VLAN ID of Initial VLAN) does not matches the VLAN mapping ruler of correspondence, access sets Standby this target upstream that can also directly abandon, and no longer carry out data transmission controlling the coupling of rule, It implements and does not repeats them here.
Visible, in the method flow shown in Fig. 2, by when determining that target port exists forwarding VLAN During different from Initial VLAN situation, determine turning of the upstream that this target port allows to pass through Send out VLAN, so close that acquiescence on chip corresponding to target port opens for target port VLAN filters audit function, and target port is positioned to allow for the upstream of this forwarding VLAN Pass through, forbid that the upstream of other VLAN passes through, it is achieved that based on the filtration inspection forwarding VLAN Look into, reduce the probability producing loop.
In order to make those skilled in the art be more fully understood that the technical scheme that the embodiment of the present invention provides, below The technical scheme provided the embodiment of the present invention in conjunction with concrete application scenarios is described below in greater detail.
As a example by data transmitting scene shown in Fig. 1, it is assumed that Device A upper port GE1/0/1 is deployed with VLAN maps business, and VLAN mapping ruler is by the upstream on port GE1/0/1 VLAN ID is replaced with VLAN 200 by VLAN 100, goes to the data stream of outer net by VLAN 200 Forward;VLAN ID in upstream on port GE1/0/2 keeps constant, port GE1/0/2 Add VLAN 100.
Based on this data transmitting scene, the data transfer control method that the embodiment of the present invention provides is accomplished by
1, determine that port GE1/0/1 allows the forwarding VLAN of the upstream data passed through to be VLAN 200; Wherein, port GE1/0/1 need not add VLAN 100;
2, close that acquiescence on chip corresponding to Device A upper port GE1/0/1 opens for destination end The VLAN of mouth filters audit function;
3, Device A issues first data transmission control rule to the chip that port GE1/0/1 is corresponding, and Second Data Transmission Controlling rule;Wherein:
1), first data transmission controls rule for indicating chip corresponding for port GE1/0/1 to abandon port All upstreams that GE1/0/1 receives;
2), the second Data Transmission Controlling rule is used for indicating port GE1/0/1 to allow to forward the VLAN be The upstream of VLAN 200 passes through;Wherein, the priority of first data transmission control rule is less than Second Data Transmission Controlling rule.
4, the upstream received for port GE1/0/1, Device A is first according to this upstream data The VLAN ID (the VLAN ID of Initial VLAN) carried in stream mates VLAN mapping ruler, If coupling VLAN mapping ruler success, i.e. Initial VLAN ID is VLAN 100, then Device A VLAN 100 is replaced with VLAN 200;Device A is according to VLAN ID (the i.e. VLAN after replacing 200) mate the second Data Transmission Controlling rule, determine that this upstream of permission passes through;
5, the VLAN that the upstream received for port GE1/0/2 is supported according to existing chip Filter Examined effect to process.
Visible, in above-mentioned flow process, port GE1/0/1 allows the flow of VLAN 200 to pass through, port GE1/0/2 allows the flow of VLAN 100 to pass through, and two ports are isolated, it is to avoid loop generation.
By above description it can be seen that in the technical scheme that the embodiment of the present invention provides, by when really When the port that sets the goal exists situations different for forwarding VLAN from Initial VLAN, determine this target port Allow the forwarding VLAN of the upstream passed through, and then close acquiescence on the chip that target port is corresponding The VLAN for target port opened filters audit function, and target port is positioned to allow for this turn The upstream sending out VLAN passes through, and forbids that the upstream of other VLAN passes through, it is achieved that base In the filtration inspection of forwarding VLAN, reduce the probability producing loop.
Refer to Fig. 3, for the structural representation of a kind of data transfer controller that the embodiment of the present invention provides Figure, wherein, this device can apply to the access device in said method embodiment, as it is shown on figure 3, This device may include that
Determine unit 310, for when determining that target port exists the forwarding VLAN of upstream VLAN, from when initializing the different situation of VLAN, determines that described target port allows to pass through up The forwarding VLAN of data stream;
Control unit 320, for close on the chip that described target port is corresponding that acquiescence opens for institute The VLAN stating target port filters audit function, and described target port is positioned to allow for described forwarding The upstream of VLAN passes through, and forbids that the upstream of other VLAN passes through.
In an alternative embodiment, described control unit 320, can be specifically for described target port pair The chip answered issues first data transmission and controls rule and the second Data Transmission Controlling rule, described first number Control rule according to transmission to receive for indicating the chip that described target port is corresponding to abandon described target port Upstream, described second Data Transmission Controlling rule is for indicating the core that described target port is corresponding Sheet allows the upstream of described forwarding VLAN to pass through;Wherein, described first data transmission controls rule Priority then is less than described second Data Transmission Controlling rule.
In an alternative embodiment, described determine unit 310, can be specifically for when determine destination end oral area When administration has VLAN to map business, determine that target port exists the forwarding VLAN of upstream with initial Change the different situation of VLAN;The mapping that VLAN mapping ruler corresponding for described target port is included After VLAN be defined as the forwarding VLAN of upstream that described target port allows to pass through.
See also Fig. 4, for the knot of the another kind of data transfer controller that the embodiment of the present invention provides Structure schematic diagram, this embodiment is on the basis of aforementioned embodiment illustrated in fig. 3, and the data shown in Fig. 4 are transmitted Control device can also include:
Receive unit 330, be used for receiving target upstream;
Matching unit 340, for receiving target when described reception unit 330 from described target port During row data stream, the VLAN mark ID according to carrying in described target upstream mates described mesh The VLAN mapping ruler that mark port is corresponding;
Map unit 350, if for the match is successful, according to described VLAN mapping ruler to described target Upstream carries out VLAN ID replacement;
Described control unit 320, is additionally operable to determine whether VLAN according to the VLAN ID after replacing Target upstream after ID replaces passes through.
In an alternative embodiment, described control unit 320, it is also possible to if unsuccessful for mating, then root Described target upstream data is determined whether according to the VLAN ID carried in described target upstream Stream passes through.
In said apparatus, the function of unit and the process that realizes of effect specifically refer in said method corresponding Step realize process, do not repeat them here.
For device embodiment, owing to it corresponds essentially to embodiment of the method, so relevant part ginseng See that the part of embodiment of the method illustrates.Device embodiment described above is only schematically, The wherein said unit illustrated as separating component can be or may not be physically separate, makees The parts shown for unit can be or may not be physical location, i.e. may be located at a place, Or can also be distributed on multiple NE.Can select according to the actual needs part therein or The whole module of person realizes the purpose of the present invention program.Those of ordinary skill in the art are not paying creativeness In the case of work, i.e. it is appreciated that and implements.
As seen from the above-described embodiment, by when determining that target port exists forwarding VLAN and Initial During different for VLAN situation, determine that this target port allows the forwarding VLAN of the upstream passed through, And then close the VLAN filtration inspection for target port that acquiescence on the chip that target port is corresponding is opened Function, and the upstream that target port is positioned to allow for this forwarding VLAN passes through, and forbids other The upstream of VLAN passes through, it is achieved that filtration inspection based on forwarding VLAN, reduces generation The probability of loop.
Those skilled in the art, after considering description and putting into practice invention disclosed herein, will readily occur to this Other embodiment of invention.The application is intended to any modification, purposes or the adaptability of the present invention Change, these modification, purposes or adaptations are followed the general principle of the present invention and include this Bright undocumented common knowledge in the art or conventional techniques means.Description and embodiments only by Being considered as exemplary, true scope and spirit of the invention are pointed out by claim below.
It should be appreciated that the invention is not limited in described above and illustrated in the accompanying drawings accurately Structure, and various modifications and changes can carried out without departing from the scope.The scope of the present invention is only by institute Attached claim limits.

Claims (10)

1. a data transfer control method, it is characterised in that including:
When determining that target port exists forwarding virtual LAN VLAN and the initialization of upstream During different for VLAN situation, determine that described target port allows the forwarding of the upstream passed through VLAN;
Close the VLAN for described target port that on the chip that described target port is corresponding, acquiescence is opened Filter audit function, and described target port is positioned to allow for the upstream of described forwarding VLAN Pass through, and forbid that the upstream of other VLAN passes through.
Method the most according to claim 1, it is characterised in that described described target port is arranged For allowing the upstream of described forwarding VLAN to pass through, and forbid the upstream of other VLAN Pass through, including:
Issue first data transmission to the chip that described target port is corresponding and control rule and the transmission of the second data Controlling rule, described first data transmission controls rule for indicating the chip that described target port is corresponding to lose Abandoning the upstream that described target port receives, described second Data Transmission Controlling rule is used for indicating The chip that described target port is corresponding allows the upstream of described forwarding VLAN to pass through;Wherein, institute State first data transmission and control the priority of rule less than described second Data Transmission Controlling rule.
Method the most according to claim 1, it is characterised in that described determine target port exist on The situation that the forwarding VLAN of row data stream is different from initializing VLAN, including:
When determining that target port is deployed with VLAN mapping business, determine that target port exists upstream data The situation that the forwarding VLAN of stream is different from initializing VLAN;
Described determine that described target port allows the forwarding VLAN of upstream passed through, including:
VLAN after the mapping include VLAN mapping ruler corresponding for described target port is defined as Described target port allows the forwarding VLAN of the upstream passed through.
Method the most according to claim 3, it is characterised in that described method also includes:
When described target port receives target upstream, according in described target upstream The VLAN mark ID carried mates the VLAN mapping ruler that described target port is corresponding;
If the match is successful, according to described VLAN mapping ruler, described target upstream is carried out VLAN ID replace, and according to replace after VLAN ID determine whether VLAN ID replace after Target upstream passes through.
Method the most according to claim 4, it is characterised in that described method also includes:
If mating unsuccessful, then determine according to the VLAN ID carried in described target upstream and be No permission described target upstream passes through.
6. a data transfer controller, it is characterised in that including:
Determine unit, for when determining that target port exists the forwarding VLAN of upstream VLAN, from when initializing the different situation of VLAN, determines that described target port allows to pass through up The forwarding VLAN of data stream;
Control unit, for close on the chip that described target port is corresponding that acquiescence opens for described mesh The VLAN of mark port filters audit function, and described target port is positioned to allow for described forwarding The upstream of VLAN passes through, and forbids that the upstream of other VLAN passes through.
Device the most according to claim 6, it is characterised in that
Described control unit, issues first data transmission specifically for the chip corresponding to described target port Controlling rule and the second Data Transmission Controlling rule, described first data transmission controls rule and is used for indicating institute State chip corresponding to target port and abandon the upstream that described target port receives, described second number Rule is controlled for indicating the chip that described target port is corresponding to allow described forwarding VLAN's according to transmission Row data circulated;Wherein, described first data transmission controls the priority of rule less than described second number Rule is controlled according to transmission.
Device the most according to claim 6, it is characterised in that
Described determine unit, specifically for when determine target port be deployed with VLAN map business time, really There is the situation that the forwarding VLAN of upstream is different from initializing VLAN in the port that sets the goal;By institute State the VLAN after the mapping that VLAN mapping ruler corresponding to target port includes and be defined as described target Port allows the forwarding VLAN of the upstream passed through.
Device the most according to claim 8, it is characterised in that described device also includes:
Receive unit, be used for receiving target upstream;
Matching unit, for receiving target upstream when described reception unit from described target port Time, the VLAN mark ID according to carrying in described target upstream mates described target port pair The VLAN mapping ruler answered;
Map unit, if for the match is successful, up to described target according to described VLAN mapping ruler Data stream carries out VLAN ID replacement;
Described control unit, is additionally operable to determine whether VLAN ID according to the VLAN ID after replacing Target upstream after replacement passes through.
Device the most according to claim 9, it is characterised in that
Described control unit, if being additionally operable to mate unsuccessful, then takes according in described target upstream The VLAN ID of band determines whether that described target upstream passes through.
CN201610402523.8A 2016-06-07 2016-06-07 A kind of data transfer control method and device Active CN106059963B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610402523.8A CN106059963B (en) 2016-06-07 2016-06-07 A kind of data transfer control method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610402523.8A CN106059963B (en) 2016-06-07 2016-06-07 A kind of data transfer control method and device

Publications (2)

Publication Number Publication Date
CN106059963A true CN106059963A (en) 2016-10-26
CN106059963B CN106059963B (en) 2019-08-06

Family

ID=57170484

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610402523.8A Active CN106059963B (en) 2016-06-07 2016-06-07 A kind of data transfer control method and device

Country Status (1)

Country Link
CN (1) CN106059963B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101022392A (en) * 2007-03-06 2007-08-22 华为技术有限公司 Virtual local network-based data exchanging method and equipment
CN101179455A (en) * 2007-12-07 2008-05-14 中兴通讯股份有限公司 Method and system for implementing VLAN based port loop detection
CN101697555A (en) * 2009-11-12 2010-04-21 烽火通信科技股份有限公司 Solution to VLAN ID convergence conversion
CN102857428A (en) * 2012-09-18 2013-01-02 杭州华三通信技术有限公司 Message transmitting method and message transmitting equipment on basis of access control list
CN103200100A (en) * 2013-03-12 2013-07-10 杭州华三通信技术有限公司 Method and device for packet transmitting

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101022392A (en) * 2007-03-06 2007-08-22 华为技术有限公司 Virtual local network-based data exchanging method and equipment
CN101179455A (en) * 2007-12-07 2008-05-14 中兴通讯股份有限公司 Method and system for implementing VLAN based port loop detection
CN101697555A (en) * 2009-11-12 2010-04-21 烽火通信科技股份有限公司 Solution to VLAN ID convergence conversion
CN102857428A (en) * 2012-09-18 2013-01-02 杭州华三通信技术有限公司 Message transmitting method and message transmitting equipment on basis of access control list
CN103200100A (en) * 2013-03-12 2013-07-10 杭州华三通信技术有限公司 Method and device for packet transmitting

Also Published As

Publication number Publication date
CN106059963B (en) 2019-08-06

Similar Documents

Publication Publication Date Title
US11637755B2 (en) SDN network system, controller, and controlling method
KR101925184B1 (en) Virtual router cluster, data forwarding method and device
EP2701342A1 (en) Method and system for implementing elastic network interface and interconnection
EP2544409A1 (en) Generic monitoring packet handling mechanism for OpenFlow 1.1
JP2017511073A (en) Path selection in hybrid networks
CN102684979A (en) Multicast data forwarding method and device capable of supporting virtual terminal
CN104065571B (en) A kind of broadcasting packet processing method, apparatus and system
US8830994B2 (en) Network system
US20210288909A1 (en) Switch, devices and methods for receiving and forwarding ethernet packets
US20130250813A1 (en) Upgrading a programmable logic gate array in an in-service pluggable transceiver
US20070217438A1 (en) Ring node device and method of connecting terminal to ring node device
WO2018090210A1 (en) Service packet transmission method, and node apparatus
CN109753392B (en) Network bridging device, bus testing method and system
EP2911353A1 (en) Method and device for flow path negotiation in link aggregation group
CN114499849A (en) Service user terminal, secure transmission system and method
US20020181412A1 (en) Communication device, network system using same, and method of constructing spanning tree
CN106059963A (en) Data transmission control method and device
US20170302473A1 (en) Method of transmission of a signal and ring network
EP1727318A1 (en) Facilitating computation of role and state information for multiple spanning tree instances
US20140133351A1 (en) Communication system and network relay apparatus
EP1583296A2 (en) Relay equipment and communication system
KR102412933B1 (en) System and method for providing network separation service based on software-defined network
US20060047784A1 (en) Method, apparatus and system for remotely and dynamically configuring network elements in a network
CN109379234B (en) Message forwarding processing method and system based on Hybrid switch
JP2007124336A (en) Bulk transmission system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information
CB02 Change of applicant information

Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No.

Applicant after: NEW H3C TECHNOLOGIES Co.,Ltd.

Address before: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No.

Applicant before: HANGZHOU H3C TECHNOLOGIES Co.,Ltd.

GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20230629

Address after: 310052 11th Floor, 466 Changhe Road, Binjiang District, Hangzhou City, Zhejiang Province

Patentee after: H3C INFORMATION TECHNOLOGY Co.,Ltd.

Address before: 310052 Changhe Road, Binjiang District, Hangzhou, Zhejiang Province, No. 466

Patentee before: NEW H3C TECHNOLOGIES Co.,Ltd.