CN106713100B - A kind of method, CPE and convergence device for establishing tunnel automatically - Google Patents

A kind of method, CPE and convergence device for establishing tunnel automatically Download PDF

Info

Publication number
CN106713100B
CN106713100B CN201510790045.8A CN201510790045A CN106713100B CN 106713100 B CN106713100 B CN 106713100B CN 201510790045 A CN201510790045 A CN 201510790045A CN 106713100 B CN106713100 B CN 106713100B
Authority
CN
China
Prior art keywords
tunnel
cpe
address
convergence
identifier
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201510790045.8A
Other languages
Chinese (zh)
Other versions
CN106713100A (en
Inventor
栗明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Digital Technologies Suzhou Co Ltd
Original Assignee
Huawei Digital Technologies Suzhou Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Digital Technologies Suzhou Co Ltd filed Critical Huawei Digital Technologies Suzhou Co Ltd
Priority to CN201510790045.8A priority Critical patent/CN106713100B/en
Publication of CN106713100A publication Critical patent/CN106713100A/en
Application granted granted Critical
Publication of CN106713100B publication Critical patent/CN106713100B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Small-Scale Networks (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a kind of methods for establishing tunnel automatically, the tunnel between CPE and convergence device can be established automatically, without manually being configured and debugged, improving the efficiency of configured tunneling technique and reducing the cost of configured tunneling technique.The method of the present invention, which includes: CPE, sends PPP connection request to convergence device to establish the connection of the PPP between convergence device, the tunnel configuration parameter that convergence device is sent by PPP connection is received, according to the tunnel of tunnel configuration parameter foundation and convergence device.The above-mentioned CPE and convergence device for establishing tunnel approach automatically may be implemented the present invention also provides a kind of.

Description

Method for automatically establishing tunnel, CPE (customer premises equipment) and convergence equipment
Technical Field
The present invention relates to the field of communications, and in particular, to a method for automatically establishing a tunnel, a user terminal device (CPE for short), and a convergence device.
Background
Tunneling is a way of communicating data between networks through the infrastructure of the internet. The tunneled data may be data frames or packets of different protocols. Tunneling protocols re-encapsulate data frames or packets of other protocols and then tunnel them, with new headers providing routing information to deliver the encapsulated payload data over the internet. In ethernet, tunneling techniques include: layer 2Tunneling Protocol (L2 TP for short), Generic Routing Encapsulation (GRE for short), Virtual Network using Generic Routing Encapsulation (NVGRE for short), Virtual Extensible local area Network (VXLAN for short), and the like. The CPE can provide network access service for a plurality of terminals, and the enterprise user can conveniently connect the terminals in the enterprise network to the Internet through the CPE.
In the existing tunnel establishment technology, a network configurator needs to set a mapping relationship between a tunnel address and a Media Access Control (MAC) address (or an Internet Protocol (IP) address for short) for a CPE and a convergence device (e.g., a router). For example, a network configurator sets a tunnel address and a tunnel protocol for a CPE and a convergence device, the CPE and the convergence device perform Point-to-Point protocol (PPP) negotiation and PPP information exchange to obtain configuration variables of the tunnel, such as an IP address, encryption or compression, the CPE can establish a tunnel connection with the convergence device according to the configuration variables of the tunnel, and a user can transparently transmit an ethernet two-layer packet to the convergence device through the tunnel.
In practical application, an enterprise network generally needs to be established through a plurality of CPEs, and when tunnels are established or maintained between the CPEs and the convergence device, manual configuration and debugging are needed, so that the efficiency of establishing the tunnels is low, and the cost is high.
Disclosure of Invention
The application provides a method for automatically establishing a tunnel, a CPE and convergence equipment, which can automatically establish the tunnel between the CPE and the convergence equipment without manual configuration and debugging, improve the efficiency of tunnel configuration and reduce the cost of tunnel configuration.
In a first aspect, a method for automatically establishing a tunnel is provided, including:
the CPE sends a PPP connection request to the convergence equipment to establish PPP connection with the convergence equipment, receives tunnel configuration parameters sent by the convergence equipment through the PPP connection, and establishes a tunnel with the convergence equipment according to the tunnel configuration parameters.
Therefore, the CPE can obtain the tunnel configuration parameters fed back by the convergence equipment through PPP connection, automatically configure the tunnel configuration parameters, establish the tunnel connection with the convergence equipment, and improve the efficiency of tunnel configuration without manual configuration and debugging.
With reference to the first aspect, in a first implementation manner of the first aspect, the establishing, by the CPE, a tunnel with the aggregation device according to the tunnel configuration parameter includes: if the tunnel configuration parameters include the L2TP identifier, the CPE sends a BCP request to the aggregation equipment, so that the aggregation equipment establishes an L2TP tunnel with the CPE according to the BCP request.
Thus, an L2TP tunnel can be automatically configured and established between the CPE and the aggregation device, as identified by L2 TP.
With reference to the first aspect, in a second implementation manner of the first aspect, a tunnel type parameter in the tunnel configuration parameter includes a tunnel type identifier, a first internet protocol IP address of a network layer, and a second IP address;
the CPE determines a source address of the tunnel according to the first IP address, and determines a destination address of the tunnel according to the second IP address, wherein the first IP address corresponds to the CPE, the second IP address corresponds to the convergence equipment, and the tunnel corresponds to the tunnel type identifier;
and the CPE binds the local area network interface with the tunnel interface of the tunnel.
With reference to the second implementation manner of the first aspect, in a third implementation manner of the first aspect,
when the tunnel type identifier is a GRE identifier, the tunnel is a GRE tunnel;
when the tunnel type identifier is the NVGRE identifier, the tunnel is the NVGRE tunnel;
and when the tunnel type identifier is a VXLAN identifier, the tunnel is a VXLAN tunnel.
Therefore, the tunnel corresponding to the tunnel type identifier can be automatically configured and established between the CPE and the convergence equipment through the tunnel type identifier in the tunnel type parameter, the IP address of the CPE and the IP address of the convergence equipment.
A second aspect provides a method for automatically establishing a tunnel, comprising:
the convergence equipment receives a PPP connection request sent by the CPE, establishes PPP connection with the CPE according to the PPP connection request, acquires tunnel configuration parameters, sends the tunnel configuration parameters to the CPE through the PPP connection, and establishes a tunnel with the CPE according to the tunnel configuration parameters.
Therefore, the convergence device can send the tunnel configuration parameters to the CPE through the PPP connection, automatically configure the tunnel configuration parameters, establish the tunnel connection with the CPE, do not need manual configuration and debugging, and improve the efficiency of tunnel configuration.
With reference to the second aspect, in a first implementation manner of the second aspect, the establishing, by the aggregation device, a tunnel with the CPE according to the tunnel configuration parameter includes:
if the tunnel configuration parameters include the L2TP identifier, the convergence device receives a BCP request sent by the CPE, and establishes an L2TP tunnel with the CPE according to the BCP request. Thus, an L2TP tunnel can be automatically configured and established between the CPE and the aggregation device, as identified by L2 TP.
In a second implementation manner of the second aspect, the tunnel configuration parameter includes a tunnel type identifier, a first IP address of a network layer, and a second IP address;
the step of the convergence device establishing a tunnel with the CPE according to the tunnel configuration parameters comprises the following steps:
the convergence device determines a source address of the tunnel according to the second IP address, and determines a destination address of the tunnel according to the first IP address, wherein the first IP address corresponds to the CPE, the second IP address corresponds to the convergence device, and the tunnel corresponds to the tunnel type identifier.
In combination with the second implementation manner of the second aspect, in a third implementation manner of the second aspect,
when the tunnel type identifier is a GRE identifier, the tunnel is a GRE tunnel;
when the tunnel type identifier is the NVGRE identifier, the tunnel is the NVGRE tunnel;
and when the tunnel type identifier is a VXLAN identifier, the tunnel is a VXLAN tunnel.
Therefore, the tunnel corresponding to the tunnel type identifier can be automatically configured and established between the CPE and the convergence equipment through the tunnel type identifier in the tunnel type parameter, the IP address of the CPE and the IP address of the convergence equipment.
With reference to the second aspect, or the foregoing implementation manner of the second aspect, in a third implementation manner of the second aspect, after the aggregation device establishes a tunnel with the CPE according to the tunnel configuration parameter, the method further includes:
the convergence device obtains a parameter modification instruction, and disconnects the tunnel connected with the CPE according to the parameter modification instruction, wherein the parameter modification instruction is used for modifying the tunnel configuration parameters.
With reference to the third implementation manner of the second aspect, in a fourth implementation manner of the second aspect, the parameter modification indication is used to indicate that the tunnel configuration parameter is modified from the first tunnel configuration parameter to the second tunnel configuration parameter, and the disconnecting, by the aggregation device, the first tunnel connected to the CPE according to the parameter modification indication includes: the convergence device acquires a second tunnel configuration parameter according to the parameter modification indication, and sends a renegotiation request to the CPE so that the CPE initiates a request for acquiring the tunnel configuration parameter to the convergence device;
and the convergence equipment sends the second tunnel configuration parameter to the CPE so that the CPE establishes a tunnel with the convergence equipment according to the second tunnel configuration parameter.
Therefore, after the convergence device modifies the tunnel configuration parameters, the CPE can automatically acquire the modified tunnel configuration parameters and establish the tunnel with the convergence device without manually reconfiguring the tunnel parameters on the CPE, thereby improving the efficiency of tunnel configuration.
In another possible implementation, the aggregation device stores at least two tunnel configuration parameters, each tunnel configuration parameter corresponding to at least one L2TP group.
In a third aspect, a CPE is provided, which has a function of implementing a CPE behavior in the above method for automatically establishing a tunnel. The functions may be implemented by hardware, or by hardware executing corresponding software. The hardware or software includes one or more modules corresponding to the above-described functions.
In one possible implementation, the CPE includes a transmitter, a receiver, and a processor; wherein,
a sender for sending a PPP connection request to the sink device to establish a PPP connection with the sink device;
the receiver is used for receiving the tunnel configuration parameters sent by the convergence equipment through the PPP connection;
and the processor is used for establishing the tunnel with the convergence equipment according to the tunnel configuration parameters.
In another possible implementation manner, the CPE includes:
a PPP connection establishing module, which is used for sending a PPP connection request to the convergence equipment so as to establish PPP connection with the convergence equipment;
the receiving module is used for receiving the tunnel configuration parameters sent by the convergence equipment through the PPP connection;
and the tunnel establishing module is used for establishing a tunnel of the convergence device according to the tunnel configuration parameters.
In a fourth aspect, a convergence device is provided, where the convergence device has a function of implementing a behavior of the convergence device in the above method for automatically establishing a tunnel. The functions may be implemented by hardware, or by hardware executing corresponding software. The hardware or software includes one or more modules corresponding to the above-described functions.
In one possible implementation, the convergence device includes a transmitter, a receiver, and a processor, wherein,
the receiver is used for receiving the PPP connection request sent by the CPE and establishing PPP connection with the CPE according to the PPP connection request;
the processor is used for acquiring tunnel configuration parameters;
a sender for sending the tunnel configuration parameters to the CPE through the PPP connection;
and the processor is also used for establishing a tunnel with the CPE according to the tunnel configuration parameters.
In another possible implementation manner, the aggregation device includes:
the connection establishing module is used for receiving a PPP connection request sent by the CPE and establishing PPP connection with the CPE according to the PPP connection request;
the acquisition module is used for acquiring tunnel configuration parameters;
a sending module, configured to send the tunnel configuration parameter to the CPE through the PPP connection;
and the tunnel establishing module is also used for establishing a tunnel with the CPE according to the tunnel configuration parameters.
According to the technical scheme, the CPE sends the PPP connection request to the convergence equipment, the PPP connection is established with the convergence equipment, the convergence equipment sends the tunnel configuration parameters to the CPE through the PPP connection, the CPE configures the CPE according to the tunnel configuration parameters, the CPE can automatically establish the tunnel connection with the convergence equipment according to the tunnel configuration parameters fed back by the convergence equipment, manual configuration and debugging are not needed, the efficiency of tunnel configuration is improved, and the cost of tunnel configuration is reduced.
Drawings
FIG. 1 is a flowchart illustrating a method for automatically establishing a tunnel according to an embodiment of the present invention;
fig. 2 is a schematic diagram of a format of a tunnel configuration parameter in an LCP message;
FIG. 3 is another flowchart illustrating a method for automatically establishing a tunnel according to an embodiment of the present invention;
FIG. 4 is a flowchart illustrating a method for automatically establishing a tunnel according to an embodiment of the present invention;
FIG. 5 is a schematic diagram of a CPE in accordance with an embodiment of the invention;
FIG. 6 is a schematic diagram of another configuration of a CPE according to an embodiment of the invention;
FIG. 7 is a schematic diagram of a convergence device in an embodiment of the invention;
FIG. 8 is a schematic diagram of another configuration of a convergence device in an embodiment of the invention;
fig. 9 is a schematic structural diagram of a convergence device in an embodiment of the present invention.
Detailed Description
For ease of understanding, the following terms used in the present application are first introduced:
the Layer 2Tunneling Protocol (L2 TP for short) is an industry standard Internet Tunneling Protocol, and can integrate a multi-Protocol dial-up service to an existing Internet service provider. Allowing the layer two termination point and the PPP termination point to reside on different devices interconnected by the packet-switched network. L2TP is a UDP based data link layer protocol. The messages are divided into two types, namely data messages and control messages, wherein the data messages are used for transmitting PPP frames, and the PPP frames serve as data areas of the L2TP messages. L2TP does not guarantee reliable transmission of data messages and does not support flow control and congestion control of data messages if lost and not retransmitted. Control messages are used to establish, maintain and terminate control connections and sessions, and L2TP ensures reliable transport of control messages and supports flow control and congestion control of control messages.
The Point-to-Point Protocol (PPP) is a data link layer Protocol used for synchronous modulation connection, and defines an encapsulation mechanism for a multi-Protocol to perform Point-to-Point link across a second layer.
The tunnel is established between the CPE of the enterprise branch and the convergence equipment of the enterprise headquarters, network configuration personnel are required to set the source address and the destination address of the tunnel on the CPE of the enterprise branch, and when the network and the tunnel protocol are adopted, the efficiency is low and the cost is high. Meanwhile, if the uplink IP address of the CPE is a dynamic IP address, the remote network manager cannot identify the IP address because the uplink IP address changes, and thus cannot perform remote configuration on the CPE.
In order to improve the efficiency of establishing a tunnel, the present application provides a method for automatically establishing a tunnel, please refer to fig. 1, where the method includes:
s101, the CPE sends a PPP connection request to the convergence equipment to establish PPP connection with the convergence equipment;
in this embodiment, the aggregation device refers to a Network device connecting the Access layer and the core layer, and may be a router, a Broadband Remote Access Server (BRAS), a Broadband Network Gateway control device (BNG), a Gateway, or a firewall, which is not limited herein.
When the CPE wants to establish a tunnel connection with the aggregation device, the CPE sends a CPE identifier to an Auto-Configuration Server (ACS), the ACS may obtain a dialing Configuration parameter according to the CPE identifier and send the dialing Configuration parameter to the CPE, and after receiving the dialing Configuration parameter, the CPE performs PPP negotiation with the aggregation device according to the dialing Configuration parameter, where the PPP negotiation includes L2TP negotiation and Link Control Protocol (LCP) negotiation. In the LCP negotiation process, the aggregation device sends an LCP message to the CPE. The CPE identifier may be a Serial Number (SN).
It should be noted that, before the CPE sends the CPE identifier, the CPE has configured a CPE device start-up file, which may be preset by a manufacturer; or after the CPE is started, the CPE acquires and configures a CPE device start-up file from the ACS through a CPE wide area network management protocol (CWMP).
S102, the CPE receives the tunnel configuration parameters sent by the convergence equipment through PPP connection;
the LCP message carries the tunnel configuration parameters, and when the CPE and the convergence equipment carry out the LCP negotiation stage of PPP negotiation, the CPE can acquire the tunnel configuration parameters carried by the LCP message through PPP connection.
Referring to fig. 2, the following describes the format of the tunnel configuration parameter:
the PPP message comprises fields such as a mark, an Address, a Control, a Protocol, Information, a Frame check sequence and the like, and in practical application, the fields such as Flag, Address, Control, Protocol, Information, a Frame check sequence (FCS for short) and the like can be respectively adopted for representation, wherein Flag fields are respectively arranged at the head and the tail of the PPP message, the Flag, Address and Control fields are respectively 8bits, the Protocol field is 8bits or 16bits, the FCS field is 16bits, and the Information field is used for storing the LCP message;
the LCP message comprises fields such as Code, Identifier, Length and Data, and in practical application, the fields can be respectively represented by Code, Identifier, Length and Data, wherein the fields of the Code and the Identifier are 8bits, the field of the Length is 16bits, the fields of the Code with the number of 0x01 to 0xB are occupied, and the LCP message corresponding to the fields of the Code with the number of 0x0C to 0x0F can be used for storing the configuration parameters of the tunnel. It should be noted that, more than two tunnel configuration parameters may be stored in the Data field of the LCP message, and the specific number is not limited here.
The tunnel configuration parameters include Type, Length, content, and the like, and in practical application, the tunnel configuration parameters may be represented by Type, Length, and Data fields, which may also be referred to as Type (Type), Length (Length), and Value (Value), where the Type and Length fields are 8bits respectively, the Type field is used to store the tunnel Type, the Length field is used to identify the Length of the tunnel configuration parameters, and the Data field is used to store the tunnel configuration parameters, such as an IP address. It will be appreciated that the format of the tunnel configuration parameters conforms to the tunneling protocol standard.
S103, the CPE establishes a tunnel with the convergence equipment according to the tunnel configuration parameters.
The CPE may establish a tunnel with the aggregation device according to the tunnel configuration parameters, and the specific process of establishing the tunnel may include the following implementation manners:
firstly, the tunnel configuration parameters include L2TP identifiers:
if the tunnel configuration parameter includes the L2TP identifier, the CPE sends a Bridge Control Protocol (BCP) request to the aggregation device, so that the aggregation device establishes an L2TP tunnel with the CPE according to the BCP request.
Specifically, when the tunnel configuration parameter includes an L2TP identifier, it indicates that the CPE may establish an L2TP tunnel with the aggregation device, and after the CPE obtains the above tunnel configuration parameter, the CPE sends a BCP request to the aggregation device, and after the aggregation device receives the BCP request, the aggregation device performs BCP negotiation with the CPE, and after the negotiation passes, the L2TP tunnel between the aggregation device and the CPE is established.
Secondly, the tunnel configuration parameters comprise a GRE identifier, a first IP address and a second IP address of a network layer:
if the tunnel type parameter in the tunnel configuration parameter comprises a GRE identifier, a first IP address and a second IP address of a network layer, the CPE determines a source address of the GRE tunnel according to the first IP address and determines a destination address of the GRE tunnel according to the second IP address, wherein the first IP address corresponds to the CPE, and the second IP address corresponds to the convergence equipment; and the CPE binds the local area network interface with the tunnel interface of the GRE tunnel.
Specifically, a Local Area Network (LAN) interface refers to a Network device interface connected to a user device, and a Wide Area Network (WAN) interface refers to a Network device interface connected to a public Network.
If the tunnel type parameter in the tunnel configuration parameter is the GRE identifier, it indicates that the CPE can establish a GRE tunnel with the aggregation device. After the CPE obtains the tunnel configuration parameters, the CPE sets the first IP address of the network layer as the source address of the GRE tunnel, sets the second IP address of the network layer as the destination address of the GRE tunnel, and binds the local area network interface with the tunnel interface of the GRE tunnel, thereby establishing the GRE tunnel. Where the second IP address is derived from the source address of L2 TP.
It can be understood that the tunnel interface is a logical interface, a mapping relationship from a private network IP to a public network IP is established after the local area network interface and the tunnel interface are bound, and when a data message passes through the local area network interface, the CPE can add a message header for encapsulation to the data message and send the data message to an opposite end specified by a destination address of the tunnel through the public network.
Thirdly, the tunnel configuration parameters comprise an NVGRE identifier, a first IP address and a second IP address of the network layer:
if the tunnel configuration parameters comprise the NVGRE identifier, the first IP address and the second IP address of the network layer, the CPE determines the source address of the NVGRE tunnel according to the first IP address, and determines the destination address of the NVGRE tunnel according to the second IP address, wherein the first IP address corresponds to the CPE, and the second IP address corresponds to the convergence equipment; and the CPE binds the local area network interface with the tunnel interface of the NVGRE tunnel.
Specifically, if the tunnel configuration parameter includes the NVGRE identifier, it indicates that the CPE can establish the NVGRE tunnel with the convergence device, and the CPE sets the first IP address of the network layer as the source address of the NVGRE tunnel, sets the second IP address of the network layer as the destination address of the NVGRE tunnel, and binds the local area network interface with the tunnel interface of the NVGRE tunnel, thereby establishing the NVGRE tunnel. The NVGRE identifier may be a Virtual Subnet identifier (Virtual Subnet ID, abbreviated as VSID).
Fourthly, the tunnel configuration parameters comprise VXLAN identification, a first IP address and a second IP address of the network layer:
if the tunnel configuration parameters comprise a VXLAN identifier, a first IP address and a second IP address of the network layer, the CPE determines a source address of the VXLAN tunnel according to the first IP address and determines a destination address of the VXLAN tunnel according to the second IP address, wherein the first IP address corresponds to the CPE, and the second IP address corresponds to the convergence equipment; and the CPE binds the local area network interface with the tunnel interface of the VXLAN tunnel.
Specifically, if the tunnel configuration parameter includes a VXLAN identifier, it indicates that the CPE can establish a VXLAN tunnel with the aggregation device, and after the CPE obtains the tunnel configuration parameter, the CPE sets the first IP address of the network layer as the source address of the VXLAN tunnel, sets the second IP address of the network layer as the destination address of the VXLAN tunnel, and binds the local network interface with the tunnel interface of the VXLAN tunnel, thereby establishing the VXLAN tunnel.
It should be noted that, after the CPE establishes the tunnel with the aggregation device, the PPP and L2TP may serve as management channels of the tunnel. In addition, the CPE and the convergence device may further add Internet Protocol Security (IPSec for short) inside and outside the management channel and/or the two-layer over three-layer tunnel to improve the Security of the management channel and the ethernet packet.
It can be understood that, since the CPE actively dials to the convergence device, even if the uplink IP address of the CPE is a dynamic IP address, the convergence device may determine the uplink IP address of the CPE, so as to identify the CPE, and further perform tunnel configuration on the CPE.
In practical application, the tunnel configuration is completed by the CPE and the aggregation device, and the method for automatically establishing a tunnel provided by the present application is described in detail below from the aggregation device side, referring to fig. 3, where the method includes:
s301, the convergence equipment receives a PPP connection request sent by the CPE and establishes PPP connection with the CPE according to the PPP connection request;
in this embodiment, after the CPE obtains the dialing configuration parameter, the CPE sends a PPP connection request to the convergence device, the convergence device establishes a PPP connection with the CPE, and starts PPP negotiation with the CPE, where the PPP negotiation process includes L2TP negotiation and LCP negotiation. The convergence device is similar to the convergence device in the embodiment shown in fig. 1, and is not described herein again.
S302, the convergence device acquires tunnel configuration parameters;
the LCP message comprises a tunnel configuration parameter, and when the convergence device negotiates with the CPE, the convergence device can acquire the LCP message and the tunnel configuration parameter in the LCP message.
S303, the convergence device sends the tunnel configuration parameters to the CPE through PPP connection;
after the convergence device obtains the LCP message carrying the tunnel configuration parameters, the convergence device sends the tunnel configuration parameters to the CPE through PPP connection.
S304, the convergence device establishes a tunnel with the CPE according to the tunnel configuration parameters.
The aggregation device may establish a tunnel with the CPE according to the tunnel configuration parameters, and a specific process of establishing the tunnel may include the following implementation manners:
firstly, the tunnel configuration parameters include L2TP identifiers:
if the tunnel configuration parameters include the L2TP identifier, the convergence device receives a BCP request sent by the CPE; the aggregation device establishes an L2TP tunnel with the CPE according to the BCP request.
Specifically, the tunnel configuration parameter includes an L2TP identifier, after the CPE sends a BCP request to the aggregation device, the aggregation device performs BCP negotiation with the CPE, and after the BCP negotiation is passed, the L2TP tunnel between the aggregation device and the CPE is established.
Secondly, the tunnel configuration parameters comprise a GRE identifier, a first IP address and a second IP address of a network layer:
if the tunnel configuration parameters comprise the GRE identification, the first IP address and the second IP address of the network layer, the convergence device determines the source address of the GRE tunnel according to the second IP address, and determines the destination address of the GRE tunnel according to the first IP address, wherein the first IP address corresponds to the CPE, and the second IP address corresponds to the convergence device.
Specifically, if the tunnel type parameter of the tunnel configuration parameter is a GRE identifier, it indicates that the convergence device can establish a GRE tunnel with the CPE. The convergence device sets the second IP address of the network layer as the source address of the GRE tunnel, and sets the first IP address of the network layer as the destination address of the GRE tunnel. Where the second IP address is derived from the source address of L2 TP. After the GRE tunnel is established, the convergence device may receive a two-layer ETH packet sent by the CPE through the GRE tunnel, decapsulate the two-layer ETH packet, and send the decapsulated two-layer ETH packet to the edge routing device on the operator side.
Thirdly, the tunnel configuration parameters comprise an NVGRE identifier, a first IP address and a second IP address of the network layer:
if the tunnel configuration parameters include the NVGRE identifier, the first IP address and the second IP address of the network layer, the convergence device determines the source address of the NVGRE tunnel according to the second IP address, and determines the destination address of the NVGRE tunnel according to the first IP address, wherein the first IP address corresponds to the CPE, and the second IP address corresponds to the convergence device.
Specifically, if the tunnel type parameter of the tunnel configuration parameter is the NVGRE identifier, it indicates that the convergence device can establish an NVGRE tunnel with the CPE. The convergence device sets the second IP address of the network layer as the source address of the NVGRE tunnel, and sets the first IP address of the network layer as the destination address of the NVGRE tunnel. Wherein NVGRE identification may be a VSID.
Fourthly, the tunnel configuration parameters comprise VXLAN identification, a first IP address and a second IP address of the network layer:
if the tunnel configuration parameters comprise a VXLAN identifier, a first IP address and a second IP address of the network layer, the convergence device determines a source address of the VXLAN according to the second IP address and determines a destination address of the VXLAN tunnel according to the first IP address, wherein the first IP address corresponds to the CPE, and the second IP address corresponds to the convergence device.
Specifically, if the tunnel type parameter of the tunnel configuration parameter is the VXLAN identifier, it indicates that the convergence device can establish the VXLAN tunnel with the CPE. The convergence device sets the second IP address of the network layer as the source address of the VXLAN tunnel, and sets the first IP address of the network layer as the destination address of the VXLAN tunnel.
Optionally, after the aggregation device establishes the tunnel with the CPE according to the tunnel configuration parameter, the method includes: the convergence equipment acquires a parameter modification instruction, wherein the parameter modification instruction is used for modifying the tunnel configuration parameters; and the convergence equipment disconnects the tunnel connected with the CPE according to the parameter modification instruction.
Specifically, when the tunnel configuration parameter in the aggregation device is modified, the aggregation device may obtain the parameter modification indication, and may disconnect the tunnel connection with the CPE and the session connection in the tunnel according to the parameter modification indication.
Further, the parameter modification instruction is used to instruct the tunnel configuration parameter to be modified from the first tunnel configuration parameter to the second tunnel configuration parameter, and the aggregation device, according to the parameter modification instruction, after disconnecting the tunnel connection with the CPE, includes: the convergence equipment acquires a second tunnel configuration parameter according to the parameter modification instruction; the convergence equipment sends a renegotiation request to the CPE so that the CPE sends a request for acquiring the tunnel configuration parameters to the convergence equipment; and the convergence equipment sends the second tunnel configuration parameter to the CPE so that the CPE establishes a tunnel with the convergence equipment according to the second tunnel configuration parameter.
Specifically, when the tunnel configuration parameter is modified from the first tunnel configuration parameter to the second tunnel configuration parameter, the aggregation device sends a PPP renegotiation request to the CPE, and the CPE triggers the tunnel establishment process in the embodiment shown in fig. 1 according to the renegotiation request, and establishes a second tunnel between the aggregation device and the CPE, where the second tunnel corresponds to the second tunnel configuration parameter.
The following describes a situation in which a convergence device may establish different types of tunnels with different CPEs in practical applications:
optionally, the convergence device stores at least two tunnel configuration parameters, and each tunnel configuration parameter corresponds to at least one L2TP group.
Specifically, the aggregation device stores at least two tunnel configuration parameters, and when a plurality of CPEs initiate L2TP negotiation to the aggregation device and require establishment of different types of tunnels, the aggregation device may establish a plurality of L2TP groups, each L2TP group corresponds to one tunnel, distribute the tunnel configuration parameters to the CPEs through the L2TP group, and respectively establish tunnels with the CPEs.
Optionally, the convergence device includes a Network Address Translation (NAT) device.
In practical applications, since the L2TP tunnel and the VXLAN tunnel can better support NAT, when the convergence device includes a NAT device, the tunnel configuration parameters acquired by the convergence device may be an L2TP tunnel identifier, or a VXLAN tunnel identifier, a first IP address, and a second IP address, so that the convergence device can establish an L2TP tunnel and a VXLAN tunnel with a CPE.
It should be noted that, because GRE encapsulation has no transport layer Port, and cannot perform Network Port Address Translation (NAPT) Translation, it cannot directly match with the tunnel Address of the CPE side, and needs to implement NAT traversal through VPN nesting, and therefore, when the convergence device includes the NAT device, it may not store the GRE tunnel configuration parameters.
Referring to fig. 4, describing an interaction process between a CPE and a convergence device, a method for automatically establishing a tunnel according to an embodiment of the present invention includes:
the method comprises the steps that a CPE sends a PPP connection request to a convergence device, the convergence device receives the PPP connection request sent by the CPE, and PPP connection with the CPE is established according to the PPP connection request;
the convergence equipment acquires the tunnel configuration parameters and establishes a tunnel with the CPE according to the tunnel configuration parameters;
the convergence device sends the tunnel configuration parameters to the CPE through the PPP connection, the CPE receives the tunnel configuration parameters sent by the convergence device through the PPP connection, and a tunnel with the convergence device is established according to the tunnel configuration parameters.
In this embodiment, the specific implementation process of establishing the tunnel between the CPE and the aggregation device may refer to the embodiments shown in fig. 1 and fig. 3, which is not described herein again.
For convenience of understanding, the following describes in detail a method for automatically establishing a tunnel according to an embodiment of the present invention in a specific application scenario:
the convergence device takes a router as an example, when a user of an enterprise branch wants to establish a communication tunnel with an enterprise headquarters, the user reports device information to an automatic configuration server of the enterprise headquarters through a CPE1, a device serial number takes an M01 as an example, the automatic configuration server acquires a dialing configuration parameter, then sends the dialing configuration parameter to the CPE1 according to M01, the CPE1 performs PPP negotiation with the router to establish a PPP link, the router sends the tunnel configuration parameter to the CPE1, and it is assumed that an IP address of the router is 192.168.1.2 and an IP address of the CPE1 is 192.168.1.10;
when the tunnel configuration parameters include the L2TP identifier, the CPE1 sends a BCP connection request to the router, the router and the CPE perform BCP negotiation, and an L2TP tunnel is established after the negotiation is passed;
when the tunnel configuration parameters comprise GRE identification, '192.168.1.10' and '192.168.1.2', the CPE takes '192.168.1.10' as the source address of the GRE tunnel, binds the local area network interface with '192.168.1.10' and takes '192.168.1.2' as the destination address of the GRE; the router takes '192.168.1.2' as the source address of the GRE tunnel and takes '192.168.1.10' as the destination address of the GRE tunnel;
when the tunnel configuration parameters include VSID, '192.168.1.10', '192.168.1.2', the CPE uses '192.168.1.10' as the source address of the NVGRE tunnel and binds the lan interface with '192.168.1.10', and uses '192.168.1.2' as the destination address of the NVGRE; the router takes '192.168.1.2' as the source address of the GRE tunnel and takes '192.168.1.10' as the destination address of the GRE tunnel;
when the tunnel configuration parameters include VNI, '192.168.1.10', '192.168.1.12' CPE takes '192.168.1.10' as the source address of the VXLAN tunnel and binds the local area network interface with '192.168.1.10', and takes '192.168.1.2' as the destination address of the VXLAN tunnel; the router takes '192.168.1.2' as the source address of the VXLAN tunnel and takes '192.168.1.10' as the destination address of the VXLAN tunnel;
when the enterprise branch further includes CPE2, CPE3, or other CPEs, the process of tunneling CPE2 and CPE3 is similar to the process of tunneling CPE1 and will not be described herein. The CPE can automatically acquire the tunnel configuration parameters from the router and establish the tunnel with the router, thereby saving the implementation process of configuring the tunnel by network configuration personnel, and greatly improving the efficiency of establishing the tunnel when the tunnel needs to be configured for a plurality of users.
Referring to fig. 5, based on the method for automatically establishing a tunnel provided in the present application, the present application provides a CPE for implementing the method for automatically establishing a tunnel shown in fig. 1 and 4, where the CPE includes:
a PPP connection establishing module 501, configured to send a PPP connection request to the convergence device according to the dialing configuration parameter to establish a PPP connection with the convergence device;
a receiving module 502, configured to receive a tunnel configuration parameter sent by a sink device through a PPP connection;
a tunnel establishing module 503, configured to establish a tunnel with the aggregation device according to the tunnel configuration parameter.
Optionally, the tunnel establishing module 503 is specifically configured to send a BCP request to the aggregation device if the tunnel configuration parameter includes a two-layer tunnel protocol L2TP identifier, so that the aggregation device establishes an L2TP tunnel with the CPE according to the BCP request.
Optionally, the tunnel establishing module 503 is specifically configured to, if the tunnel type parameter in the tunnel configuration parameter includes a GRE identifier, a first IP address of the network layer, and a second IP address, determine, by the CPE, a source address of the GRE tunnel according to the first IP address, determine, by the CPE, a destination address of the GRE tunnel according to the second IP address, where the first IP address corresponds to the CPE, and the second IP address corresponds to the convergence device, and bind the local area network interface with the tunnel interface of the GRE tunnel.
Optionally, the tunnel establishing module 503 is specifically configured to determine, if the tunnel configuration parameter includes the NVGRE identifier, the first IP address of the network layer, and the second IP address, the source address of the NVGRE tunnel according to the first IP address, and determine the destination address of the NVGRE tunnel according to the second IP address, where the first IP address corresponds to the CPE, and the second IP address corresponds to the convergence device, and binds the local area network interface with the tunnel interface of the NVGRE tunnel.
Optionally, the tunnel establishing module 503 is specifically configured to determine, if the tunnel configuration parameter includes a VXLAN identifier, a first IP address of the network layer, and a second IP address, a source address of the VXLAN tunnel according to the first IP address, and determine, according to the second IP address, a destination address of the VXLAN tunnel, where the first IP address corresponds to the CPE, and the second IP address corresponds to the convergence device, and binds the local area network interface with the tunnel interface of the VXLAN tunnel.
In practical applications, the CPE further includes a sending module, the PPP connection establishing module 501 and the tunnel establishing module 502 may be implemented by a central processing unit or an Application Specific Integrated Circuit (ASIC), and the receiving module 502 and the sending module may be implemented by a receiver and a sender, respectively, or a transceiver integrating a receiving function and a sending function.
Optionally, the CPE comprises a NAT device.
Based on the method for automatically establishing a tunnel provided by the present application, the present application provides a CPE600 for implementing the functions of the CPE in the method for automatically establishing a tunnel shown in fig. 1 and fig. 4 of the present application, as shown in fig. 6, the CPE600 includes a processor 601, a transmitter 602 and a receiver 603, wherein the processor 601, the transmitter 602 and the receiver 603 are connected to each other through a bus 604.
A transmitter 602, configured to send a PPP connection request to a sink device to establish a PPP connection with the sink device;
a receiver 603, configured to receive a tunnel configuration parameter sent by the sink device through the PPP connection;
and the processor 601 is configured to establish a tunnel with the aggregation device according to the tunnel configuration parameter.
The Processor 601 may be a general-purpose Processor, and includes a Central Processing Unit (CPU), a Network Processor (NP), and the like; the device may also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA), or other Programmable logic devices.
When the processor 601 is a CPU, the CPE600 may further include: the memory 605 stores programs. In particular, the program may include program code including computer operating instructions. The memory 605 may include a Random Access Memory (RAM), and may also include a non-volatile memory (non-volatile memory), such as at least one disk memory. The processor 601 executes the program code stored in the memory 605 to implement the above-described functions.
Optionally, the processor 601 is specifically configured to send a BCP request to the aggregation device if the tunnel configuration parameter includes an L2TP identifier, so that the aggregation device establishes an L2TP tunnel with the CPE according to the BCP request.
Optionally, the processor 601 is further specifically configured to, when the tunnel type parameter in the tunnel configuration parameter includes a tunnel type identifier, a first IP address of the network layer, and a second IP address, determine a source address of the tunnel according to the first IP address, determine a destination address of the tunnel according to the second IP address, and bind the local area network interface and the tunnel interface of the tunnel, where the first IP address corresponds to the CPE, the second IP address corresponds to the convergence device, and the tunnel corresponds to the tunnel type. In particular, the amount of the solvent to be used,
when the tunnel type identifier is a GRE identifier, the tunnel is a GRE tunnel;
when the tunnel type identifier is the NVGRE identifier, the tunnel is the NVGRE tunnel;
and when the tunnel type identifier is a VXLAN identifier, the tunnel is a VXLAN tunnel.
Referring to fig. 7, based on the above method for automatically establishing a tunnel provided by the present application, the present application provides a convergence device for implementing functions of the convergence device in the method for automatically establishing a tunnel shown in fig. 3 and 4 of the present application, where the convergence device includes:
the connection establishing module 701 is further configured to receive a PPP connection request sent by the CPE, and establish a PPP connection with the CPE according to the PPP connection request;
an obtaining module 702, configured to obtain a tunnel configuration parameter;
a sending module 703, configured to send the tunnel configuration parameter to the CPE through the PPP connection;
a tunnel establishing module 704, configured to establish a tunnel with the CPE according to the tunnel configuration parameters.
Optionally, the tunnel establishing module 704 is specifically configured to receive a BCP request sent by the CPE if the tunnel configuration parameter includes an L2TP identifier, and establish an L2TP tunnel with the CPE according to the BCP request.
Optionally, the tunnel establishing module 704 is specifically configured to determine, if the tunnel configuration parameter includes the GRE identifier, the first IP address of the network layer, and the second IP address, the source address of the GRE tunnel according to the second IP address, and determine the destination address of the GRE tunnel according to the first IP address, where the first IP address corresponds to the CPE, and the second IP address corresponds to the convergence device.
Optionally, the tunnel establishing module 704 is specifically configured to determine, if the tunnel configuration parameter includes the NVGRE identifier, the first IP address of the network layer, and the second IP address, the source address of the NVGRE tunnel according to the second IP address, and determine the destination address of the NVGRE tunnel according to the first IP address, where the first IP address corresponds to the CPE, and the second IP address corresponds to the convergence device.
Optionally, the tunnel establishing module 704 is specifically configured to determine, if the tunnel configuration parameter includes a VXLAN identifier, a first IP address of the network layer, and a second IP address, a source address of the VXLAN according to the second IP address, and determine, according to the first IP address, a destination address of the VXLAN tunnel, where the first IP address corresponds to the CPE, and the second IP address corresponds to the aggregation device.
Optionally, the obtaining module 702 is further configured to obtain a parameter modification instruction, where the parameter modification instruction is used to modify a tunnel configuration parameter; and disconnecting the tunnel connected with the CPE according to the parameter modification instruction.
Optionally, the obtaining module 702 is further configured to, when the parameter modification instruction is used to indicate that the tunnel configuration parameter is modified from the first tunnel configuration parameter to the second tunnel configuration parameter, obtain the second tunnel configuration parameter according to the parameter modification instruction;
the sending module 703 is further configured to send a renegotiation request to the CPE, so that the CPE initiates a request for acquiring a tunnel configuration parameter to the aggregation device;
the sending module 703 is further configured to send the second tunnel configuration parameter to the CPE, so that the CPE establishes a tunnel with the aggregation device according to the second tunnel configuration parameter.
Optionally, as shown in fig. 8, the convergence device 700 further includes:
a storage module 801, configured to store at least two tunnel configuration parameters, where each tunnel configuration parameter corresponds to at least one L2TP group.
Optionally, the convergence device 700 includes a NAT device.
In practical application, the convergence device further includes a receiving module, the connection establishing module 701, the obtaining module 702, and the tunnel establishing module 704 may be implemented by a central processing unit or an ASIC, the receiving module and the sending module 703 may be implemented by a receiver and a sender, respectively, or a transceiver integrating a receiving function and a sending function, and the storage module 801 may be implemented by a memory.
For convenience of understanding, the following describes in detail the interaction between the CPE and each module in the convergence device in an embodiment of the present invention in a specific application scenario:
taking a router as an example, when a user of an enterprise branch wants to establish a communication tunnel with an enterprise headquarters, the PPP connection establishing module 501 performs PPP negotiation with the connection establishing module 701 to establish a PPP link, the acquiring module 702 acquires a tunnel configuration parameter, the sending module 703 sends the tunnel configuration parameter to the receiving module 502, assuming that the IP address of the convergence device is 192.168.1.2 and the IP address of the CPE1 is 192.168.1.10;
when the tunnel configuration parameter includes the L2TP identifier, the tunnel establishing module 503 sends a BCP connection request to the aggregation device, the tunnel establishing module 704 performs BCP negotiation with the tunnel establishing module 503, and establishes an L2TP tunnel after the BCP negotiation is passed;
when the tunnel configuration parameters include the GRE identifier, '192.168.1.10', '192.168.1.2', the establishing tunnel module 503 uses '192.168.1.10' as the source address of the GRE tunnel, and binds the local area network interface with '192.168.1.10', and uses '192.168.1.2' as the destination address of the GRE; the tunnel establishing module 704 takes '192.168.1.2' as the source address of the GRE tunnel and '192.168.1.10' as the destination address of the GRE tunnel;
when the tunnel configuration parameters include VSID, '192.168.1.10', '192.168.1.2', the establish tunnel module 503 takes '192.168.1.10' as the source address of NVGRE tunnel, binds the lan interface with '192.168.1.10', and takes '192.168.1.2' as the destination address of NVGRE; the tunnel establishing module 704 takes '192.168.1.2' as the source address of the GRE tunnel and '192.168.1.10' as the destination address of the GRE tunnel;
when the tunnel configuration parameters include VNI, '192.168.1.10', '192.168.1.12', the tunnel establishing module 503 takes '192.168.1.10' as the source address of the VXLAN tunnel, binds the lan interface with '192.168.1.10', and takes '192.168.1.2' as the destination address of the VXLAN tunnel; tunnel establishment module 704 uses '192.168.1.2' as the source address of the VXLAN tunnel and '192.168.1.10' as the destination address of the VXLAN tunnel.
Based on the method for automatically establishing a tunnel provided by the present application, the present application provides an aggregation device, which is used for implementing the functions of the aggregation device in the method for automatically establishing a tunnel shown in fig. 3 and fig. 4 of the present application, as shown in fig. 9, an aggregation device 900 includes a processor 901, a transmitter 902 and a receiver 903, where the processor 901, the transmitter 902 and the receiver 903 are connected to each other through a bus 904.
A receiver 903, configured to receive a PPP connection request sent by a CPE, and establish a PPP connection with the CPE according to the PPP connection request;
a processor 901, configured to obtain a tunnel configuration parameter;
a transmitter 902, configured to send the tunnel configuration parameter to the CPE through the PPP connection;
the processor 901 is further configured to establish a tunnel with the CPE according to the tunnel configuration parameter.
Processor 901 may be a general purpose processor including a central processing unit, a network processor, etc.; but may also be a digital signal processor, an application specific integrated circuit, a field programmable gate array or other programmable logic device, etc.
When the processor 901 is a CPU, the convergence device 900 may further include: a memory 905 for storing programs. In particular, the program may include program code including computer operating instructions. The memory 905 may comprise random access memory, and may also include non-volatile memory, such as at least one disk memory. The processor 901 executes program code stored in the memory 905 to implement the above-described functions.
Optionally, the processor 901 is specifically configured to receive a BCP request sent by the CPE if the tunnel configuration parameter includes an L2TP identifier, and establish an L2TP tunnel with the CPE according to the BCP request.
Optionally, the processor 901 is specifically configured to determine, if the tunnel configuration parameter includes a GRE identifier, a first internet protocol IP address of the network layer, and a second IP address, a source address of the GRE tunnel according to the second IP address, and determine a destination address of the GRE tunnel according to the first IP address, where the first IP address corresponds to the CPE, and the second IP address corresponds to the convergence device.
Optionally, the processor 901 is specifically configured to determine, if the tunnel configuration parameter includes the NVGRE identifier, the first IP address of the network layer, and the second IP address, the source address of the NVGRE tunnel according to the second IP address, and determine, according to the first IP address, the destination address of the NVGRE tunnel, where the first IP address corresponds to the CPE, and the second IP address corresponds to the convergence device.
Optionally, the processor 901 is specifically configured to determine, if the tunnel configuration parameter includes a VXLAN identifier, a first IP address of the network layer, and a second IP address, a source address of the VXLAN according to the second IP address, and determine, according to the first IP address, a destination address of the VXLAN tunnel, where the first IP address corresponds to the CPE, and the second IP address corresponds to the convergence device.
Optionally, the processor 901 is further configured to obtain a parameter modification instruction, where the parameter modification instruction is used to modify a tunnel configuration parameter, and disconnect a tunnel connected to the CPE according to the parameter modification instruction.
Optionally, the processor 901 is specifically configured to, when the parameter modification instruction is used to indicate that the tunnel configuration parameter is modified from the first tunnel configuration parameter to the second tunnel configuration parameter, obtain the second tunnel configuration parameter according to the parameter modification instruction;
a transmitter 902, further configured to send a renegotiation request to the CPE, so that the CPE initiates a request for acquiring a tunnel configuration parameter to the aggregation device;
the transmitter 902 is further configured to transmit the second tunnel configuration parameter to the CPE, so that the CPE establishes a tunnel with the aggregation device according to the second tunnel configuration parameter.
Optionally, the memory 905 stores at least two tunnel configuration parameters, each tunnel configuration parameter corresponding to at least one L2TP set.
In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other manners. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present invention, and not for limiting the same; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.

Claims (20)

1. A method for automatically establishing a tunnel, comprising:
the method comprises the steps that user terminal equipment (CPE) sends a point-to-point protocol (PPP) connection request to convergence equipment to establish PPP connection with the convergence equipment;
the CPE receives a tunnel configuration parameter sent by the convergence equipment through the PPP connection, wherein the tunnel configuration parameter comprises a tunnel type identifier;
and the CPE establishes a tunnel with the convergence equipment according to the tunnel configuration parameters.
2. The method of claim 1, wherein the tunnel type identifier comprises a layer two tunneling protocol (L2 TP) identifier, and wherein the CPE establishing the tunnel with the aggregation device according to the tunnel configuration parameters comprises:
the CPE sends a BCP request to the convergence equipment, so that the convergence equipment establishes an L2TP tunnel with the CPE according to the BCP request.
3. The method of claim 1, wherein the tunnel configuration parameters further comprise a first internet protocol, IP, address and a second IP address of a network layer;
the establishing, by the CPE, a tunnel with the aggregation device according to the tunnel configuration parameter includes:
the CPE determines a source address of a tunnel according to the first IP address, and determines a destination address of the tunnel according to the second IP address, wherein the first IP address corresponds to the CPE, the second IP address corresponds to the convergence equipment, and the tunnel corresponds to the tunnel type identifier;
and the CPE binds a local area network interface with a tunnel interface of the tunnel.
4. The method of claim 3,
when the tunnel type identifier is a Generic Routing Encapsulation (GRE) identifier, the tunnel is a GRE tunnel;
when the tunnel type identifier is a general routing encapsulation virtual network NVGRE identifier, the tunnel is an NVGRE tunnel;
and when the tunnel type identifier is a virtual extensible local area network VXLAN identifier, the tunnel is a VXLAN tunnel.
5. A method for automatically establishing a tunnel, comprising:
the method comprises the steps that a convergence device receives a point-to-point protocol (PPP) connection request sent by a user terminal device (CPE), and establishes PPP connection with the CPE according to the PPP connection request;
the convergence device acquires a tunnel configuration parameter, wherein the tunnel configuration parameter comprises a tunnel type identifier;
the convergence device sends the tunnel configuration parameters to the CPE through the PPP connection;
and the convergence equipment establishes a tunnel with the CPE according to the tunnel configuration parameters.
6. The method according to claim 5, wherein the tunnel type identifier comprises a layer two tunneling protocol (L2 TP) identifier, and wherein the step of the aggregation device establishing the tunnel with the CPE according to the tunnel configuration parameters comprises:
the convergence equipment receives a BCP request sent by CPE;
and the convergence equipment establishes an L2TP tunnel with the CPE according to the BCP request.
7. The method of claim 5, wherein the tunnel configuration parameters further comprise a first Internet Protocol (IP) address and a second IP address of a network layer;
the step of the convergence device establishing the tunnel with the CPE according to the tunnel configuration parameters comprises the following steps:
the convergence device determines a source address of a tunnel according to the second IP address, and determines a destination address of the tunnel according to the first IP address, wherein the first IP address corresponds to the CPE, the second IP address corresponds to the convergence device, and the tunnel corresponds to the tunnel type identifier.
8. The method of claim 7,
when the tunnel type identifier is a Generic Routing Encapsulation (GRE) identifier, the tunnel is a GRE tunnel;
when the tunnel type identifier is a general routing encapsulation virtual network NVGRE identifier, the tunnel is an NVGRE tunnel;
and when the tunnel type identifier is a virtual extensible local area network VXLAN identifier, the tunnel is a VXLAN tunnel.
9. The method according to any of claims 5 to 8, wherein after the aggregation device establishes a tunnel with the CPE according to the tunnel configuration parameters, the method further comprises:
the convergence device obtains a parameter modification instruction, wherein the parameter modification instruction is used for modifying the tunnel configuration parameters;
and the convergence equipment disconnects the tunnel connected with the CPE according to the parameter modification instruction.
10. The method according to claim 9, wherein the parameter modification indication indicates that the tunnel configuration parameter is modified from a first tunnel configuration parameter to a second tunnel configuration parameter, and wherein the aggregation device, after disconnecting the first tunnel connected to the CPE according to the parameter modification indication, comprises:
the convergence device acquires a second tunnel configuration parameter according to the parameter modification instruction;
the convergence equipment sends a renegotiation request to the CPE so that the CPE sends a request for acquiring tunnel configuration parameters to the convergence equipment;
and the convergence equipment sends a second tunnel configuration parameter to the CPE so that the CPE establishes a tunnel with the convergence equipment according to the second tunnel configuration parameter.
11. A customer premises equipment, CPE, comprising:
a sender for sending a point-to-point protocol (PPP) connection request to a sink device to establish a PPP connection with the sink device;
a receiver, configured to receive a tunnel configuration parameter sent by the sink device through the PPP connection, where the tunnel configuration parameter includes a tunnel type identifier;
and the processor is used for establishing a tunnel with the convergence equipment according to the tunnel configuration parameters.
12. The CPE of claim 11, wherein the tunnel type identifier comprises a layer two tunneling protocol L2TP identifier, and wherein the processor is further configured to send a BCP (bridge control protocol) request to the aggregation device, so that the aggregation device establishes an L2TP tunnel with the CPE according to the BCP request.
13. The CPE of claim 11, wherein the processor is specifically configured to, when a tunnel type parameter in the tunnel configuration parameter further includes a first internet protocol IP address and a second IP address of a network layer, determine a source address of a tunnel according to the first IP address, determine a destination address of the tunnel according to the second IP address, and bind a local area network interface and a tunnel interface of the tunnel, where the first IP address corresponds to the CPE, the second IP address corresponds to the aggregation device, and the tunnel corresponds to the tunnel type identifier.
14. The CPE according to claim 13,
when the tunnel type identifier is a Generic Routing Encapsulation (GRE) identifier, the tunnel is a GRE tunnel;
when the tunnel type identifier is a general routing encapsulation virtual network NVGRE identifier, the tunnel is an NVGRE tunnel;
and when the tunnel type identifier is a virtual extensible local area network VXLAN identifier, the tunnel is a VXLAN tunnel.
15. A convergence device, comprising:
the system comprises a receiver and a client side, wherein the receiver is used for receiving a point-to-point protocol (PPP) connection request sent by user terminal equipment (CPE) and establishing PPP connection with the CPE according to the PPP connection request;
the processor is used for acquiring tunnel configuration parameters, and the tunnel configuration parameters comprise tunnel type identifiers;
a sender for sending the tunnel configuration parameters to the CPE over the PPP connection;
the processor is further configured to establish a tunnel with the CPE according to the tunnel configuration parameter.
16. The aggregation device according to claim 15, wherein the tunnel type identifier includes a layer two tunneling protocol L2TP identifier, and wherein the processor is specifically configured to receive a BCP (bridge control protocol) request sent by a CPE, and to establish an L2TP tunnel with the CPE according to the BCP request.
17. The convergence device of claim 15, wherein the processor is specifically configured to determine a source address of a tunnel according to a second IP address if the tunnel configuration parameter further includes a first internet protocol IP address and the second IP address of a network layer, and determine a destination address of the tunnel according to the first IP address, where the first IP address corresponds to the CPE, the second IP address corresponds to the convergence device, and the tunnel corresponds to the tunnel type identifier.
18. The convergence device of claim 17,
when the tunnel type identifier is a Generic Routing Encapsulation (GRE) identifier, the tunnel is a GRE tunnel;
when the tunnel type identifier is a general routing encapsulation virtual network NVGRE identifier, the tunnel is an NVGRE tunnel;
and when the tunnel type identifier is a virtual extensible local area network VXLAN identifier, the tunnel is a VXLAN tunnel.
19. The convergence device according to any one of claims 15 to 18 wherein the processor is further configured to obtain a parameter modification indication, wherein the parameter modification indication is configured to modify the tunnel configuration parameter;
the processor is further configured to disconnect a tunnel connected to the CPE according to the parameter modification indication.
20. The convergence device of claim 19 wherein,
the processor is specifically configured to, when the parameter modification indication is used to indicate that the tunnel configuration parameter is modified from a first tunnel configuration parameter to a second tunnel configuration parameter, obtain the second tunnel configuration parameter according to the parameter modification indication;
the sender is further configured to send a renegotiation request to the CPE, so that the CPE initiates a request for acquiring a tunnel configuration parameter to a convergence device;
the sender is further configured to send a second tunnel configuration parameter to the CPE, so that the CPE establishes a tunnel with the aggregation device according to the second tunnel configuration parameter.
CN201510790045.8A 2015-11-17 2015-11-17 A kind of method, CPE and convergence device for establishing tunnel automatically Active CN106713100B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510790045.8A CN106713100B (en) 2015-11-17 2015-11-17 A kind of method, CPE and convergence device for establishing tunnel automatically

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510790045.8A CN106713100B (en) 2015-11-17 2015-11-17 A kind of method, CPE and convergence device for establishing tunnel automatically

Publications (2)

Publication Number Publication Date
CN106713100A CN106713100A (en) 2017-05-24
CN106713100B true CN106713100B (en) 2019-11-29

Family

ID=58933344

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510790045.8A Active CN106713100B (en) 2015-11-17 2015-11-17 A kind of method, CPE and convergence device for establishing tunnel automatically

Country Status (1)

Country Link
CN (1) CN106713100B (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111182016B (en) * 2018-11-12 2022-12-27 中移(杭州)信息技术有限公司 PPPoE dialing message transmission method and device
CN111262721B (en) * 2018-11-30 2021-06-15 贵州白山云科技股份有限公司 Virtual intranet acceleration method, system, configuration method, device, equipment and medium
CN109743244A (en) * 2019-03-21 2019-05-10 山东华辰泰尔信息科技股份有限公司 A kind of system and method for realizing that high speed interconnects based on SDN and NFV technology
CN110572817B (en) 2019-07-30 2021-01-12 华为技术有限公司 Communication method and electronic equipment
CN110768891A (en) * 2019-11-04 2020-02-07 盛科网络(苏州)有限公司 Chip implementation method and device for DCI tunnel isolation based on VxLAN
CN113923110A (en) * 2020-06-22 2022-01-11 中兴通讯股份有限公司 MAP-E tunnel configuration management method, equipment, server and storage medium
CN111726367B (en) * 2020-06-30 2022-11-11 锐捷网络股份有限公司 Method, device, system and equipment for binding access of Customer Premises Equipment (CPE)
CN111884904B (en) * 2020-07-23 2021-09-24 中盈优创资讯科技有限公司 Method and device for dynamically managing vxlan tunnel based on equipment configuration
CN112187611B (en) * 2020-09-30 2022-03-25 瑞斯康达科技发展股份有限公司 Method, storage medium and device for establishing service tunnel
CN114513387A (en) * 2020-11-17 2022-05-17 中国移动通信有限公司研究院 Tunnel establishment method, device and equipment
CN114928474A (en) * 2022-04-24 2022-08-19 北京天融信网络安全技术有限公司 Method and system for IPsec automatic negotiation network access with resource and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1980174A (en) * 2005-12-08 2007-06-13 华为技术有限公司 Method and system for inter connecting wide-band wireless network and wired network
CN101227415A (en) * 2008-02-04 2008-07-23 华为技术有限公司 Multi business resource allocation method, system, gateway equipment and authentication server
CN101686180A (en) * 2008-09-28 2010-03-31 华为技术有限公司 Data transmission method, network node and data transmission system
CN101729534A (en) * 2009-05-31 2010-06-09 中兴通讯股份有限公司 Network access device, system and method based on PPPoE

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1980174A (en) * 2005-12-08 2007-06-13 华为技术有限公司 Method and system for inter connecting wide-band wireless network and wired network
CN101227415A (en) * 2008-02-04 2008-07-23 华为技术有限公司 Multi business resource allocation method, system, gateway equipment and authentication server
CN101686180A (en) * 2008-09-28 2010-03-31 华为技术有限公司 Data transmission method, network node and data transmission system
CN101729534A (en) * 2009-05-31 2010-06-09 中兴通讯股份有限公司 Network access device, system and method based on PPPoE

Also Published As

Publication number Publication date
CN106713100A (en) 2017-05-24

Similar Documents

Publication Publication Date Title
CN106713100B (en) A kind of method, CPE and convergence device for establishing tunnel automatically
US10122574B2 (en) Methods and apparatus for a common control protocol for wired and wireless nodes
CA2808648C (en) Method and system for layer-2 pseudo-wire rapid-deployment service over unknown internet protocol networks
US20170208032A1 (en) Method and apparatus for forwarding generic routing encapsulation packets at a network address translation gateway
US20210044456A1 (en) Method for implementing gre tunnel, access point and gateway
CN102694738B (en) Virtual private network (VPN) gateway and method for forwarding messages at VPN gateway
US20070165603A1 (en) Access network system, subscriber station device, and network terminal device
WO2015100585A1 (en) Fiber-to-the-distribution point device and communication method therefor
WO2023046006A1 (en) Network transmission method and device
CN116488958A (en) Gateway processing method, virtual access gateway, virtual service gateway and related equipment
CN111614539B (en) Service data processing method and device and communication transmission equipment
EP3294006B1 (en) Multilink-based data transmission method and device
CN115665008A (en) Message detection method, connectivity negotiation relationship establishment method and related equipment
US20230117218A1 (en) Cloud-edge forwarding in a network
RU2687217C1 (en) Method of preventing fragmentation of tcp/ip packets when using vpls in a packet switched network
CN218920438U (en) Internet access control system based on VXLAN
Khatri et al. Ethernet Communication over IP Transport for Industrial and Private Cellular Network
WO2024103738A1 (en) Ip address configuration method and related device
WO2022267875A1 (en) Packet transmission method and related device
Nykänen EVPN in Private Cellular Networks
CN115426217A (en) Internet access control system and method based on VXLAN
CN115396171A (en) Message transmission method, message transmission channel establishment method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant