CN107948075A - Effectively solve the method and system of public network and VPN route forwarding - Google Patents

Effectively solve the method and system of public network and VPN route forwarding Download PDF

Info

Publication number
CN107948075A
CN107948075A CN201711382412.6A CN201711382412A CN107948075A CN 107948075 A CN107948075 A CN 107948075A CN 201711382412 A CN201711382412 A CN 201711382412A CN 107948075 A CN107948075 A CN 107948075A
Authority
CN
China
Prior art keywords
route
public network
write
sub
vpn
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN201711382412.6A
Other languages
Chinese (zh)
Inventor
张超
何志川
赵茂聪
李磊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Centec Networks Suzhou Co Ltd
Original Assignee
Centec Networks Suzhou Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Centec Networks Suzhou Co Ltd filed Critical Centec Networks Suzhou Co Ltd
Priority to CN201711382412.6A priority Critical patent/CN107948075A/en
Publication of CN107948075A publication Critical patent/CN107948075A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/54Organization of routing tables
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/74Address processing for routing
    • H04L45/745Address table lookup; Address filtering

Abstract

The present invention provides a kind of method and system for effectively solving public network and VPN route forwarding, the described method includes:Establish route forwarding table;Route forwarding table includes:VPN route forwarding table and public network route forwarding table;The related route of private network includes:VPN route, private network default routes, the related route of public network include:Public network is route, public network default routes;For each route assigned priority stored in route forwarding table, the order of the priority of said write route is followed successively by from high to low:VPN route > private networks default route > public network route > public networks default route > default behaviors;It is synchronous to search public network route forwarding table and VPN route forwarding table during message searches routing forwarding, matched write-in route is obtained, and the path with limit priority is selected according to the priority that the write-in matched is route and is forwarded to.The present invention can be good at supporting the routing forwarding of public network and private network on border router, moreover it is possible to reach linear speed while the characteristics such as Rpf Check are supported.

Description

Effectively solve the method and system of public network and VPN route forwarding
Technical field
The present invention relates to network communication field, more particularly to a kind of method for effectively solving public network and VPN route forwarding and System.
Background technology
Message is in repeating process, and by the corresponding forwarding port of IP route queryings of its carrying, the IP routes are divided into Public network is route and VPN route;When Intranet needs to exchange information with outer net, the router in border just needs internal network By routeing the different forwarding behavior that uses from outer net, existing technology be typically public network is route, VPN route and default Route is placed in a routing table, and the public network route and VPN route press vrf (virtual Routing Forwarding, virtual flow-line forwarding) distinguish, vrfid is more than or equal to 1 and represents VPN route, and vrfid is equal to 0 and represents public network road By.
Since public network route and VPN route are placed in same routing table, cause the underaction in management, work as private When net routing inquiry is less than matched route, it is also necessary to inquire about a public network using vrfid 0 and route, particularly enabling During RPF-CHECK (Reverse Path Forwarding Check, reverse path forwarding detection), then the performance meeting of chip Drastically decline.
The content of the invention
It is an object of the invention to provide a kind of method and system for effectively solving public network and VPN route forwarding.
One of to achieve the above object, the method that an embodiment of the present invention effectively solves public network and VPN route forwarding, The described method includes:Establish route forwarding table;
The route forwarding table includes:For storing the VPN route forwarding of the related route of private network and/or default behaviors Table, for storing the public network route forwarding table of the related route of public network and/or default behaviors;
The related route of the private network includes:VPN route, private network default routes, the related route of the public network include:It is public Network is by public network default routes;
For each route assigned priority stored in route forwarding table, the order of the priority of said write route by height to It is low to be followed successively by:VPN route > private networks default route > public network route > public networks default route > default behaviors;
It is synchronous to search public network route forwarding table and VPN route forwarding table during message searches routing forwarding, obtain with Its matched write-in route, and the path with limit priority is selected according to the priority that the write-in matched is route and is turned Hair.
Further as an embodiment of the present invention is improved, and is established route forwarding table and is specifically included:
Corresponding VPN route table establishes the first sub- VPN route table and the second sub- VPN route table, the first sub- private network road The priority of second sub- VPN route table is more than by the priority of table;
Write in installation routing procedure, judging whether the prefix mask length of the related route of private network of write-in is greater than or equal to is The default private network prefix mask length threshold of system, if so, the related route of current private network is write the first sub- VPN route table;If It is no, by current private network the second sub- VPN route table of related route write-in.
Further as an embodiment of the present invention is improved, and the method further includes:
Write in installation routing procedure, judge whether the related route of private network of write-in saves as the route for solving hash conflicts, if It is to be written into the first sub- VPN route table or the second sub- VPN route table, and its priority is arranged in VPN route table Limit priority.
Further as an embodiment of the present invention is improved, and is established route forwarding table and is specifically included:
Corresponding public network routing table establishes the first sub- public network routing table and the second sub- public network routing table, the first sub- public network road The priority of second sub- public network routing table is more than by the priority of table;
Write in installation routing procedure, judging whether the prefix mask length of the related route of public network of write-in is greater than or equal to is The default public network prefix mask length threshold of system, if so, the related route of current public network is write the first sub- public network routing table;If It is no, by current public network the second sub- public network routing table of related route write-in.
Further as an embodiment of the present invention is improved, and the method further includes:
Write in installation routing procedure, judge whether the related route of public network of write-in saves as the route for solving hash conflicts, if It is to be written into the first sub- public network routing table or the second sub- public network routing table, and its priority is arranged in public network routing table Limit priority.
Another to achieve the above object, effective solution public network and VPN route forwarding of an embodiment of the present invention is System, the system comprises:Route establishment writing module, for establishing route forwarding table;
The route forwarding table includes:For storing the VPN route forwarding of the related route of private network and/or default behaviors Table, for storing the public network route forwarding table of the related route of public network and/or default behaviors;
The related route of the private network includes:VPN route, private network default routes, the related route of the public network include:It is public Network is by public network default routes;
Dissection process module, for respectively routeing assigned priority for what is stored in route forwarding table, said write route The order of priority is followed successively by from high to low:VPN route > private networks default route > public network route > public network default roads By > default behaviors;
Routing message searching module, it is synchronous to search public network route forwarding table and private during searching routing forwarding in message Net route forwarding table, obtains matched write-in route, and is selected according to the priority that the write-in matched is route with most The path of high priority is forwarded to.
Further as an embodiment of the present invention is improved, and the Route establishment writing module is specifically used for:It is corresponding private Net routing table establishes the first sub- VPN route table and the second sub- VPN route table, and the priority of the first sub- VPN route table is big In the priority of the second sub- VPN route table;
The dissection process module is specifically used in installation routing procedure is write, before the related route of private network for judging write-in Sew whether mask-length is greater than or equal to systemic presupposition private network prefix mask length threshold, if so, by current private network correlation road By writing the first sub- VPN route table;If it is not, the related route of current private network is write into the second sub- VPN route table.
Further as an embodiment of the present invention is improved, and the dissection process module is gone back in installation routing procedure is write For,
Judge whether the related route of private network of write-in saves as the route for solving hash conflicts, if so, being written into the first son VPN route table or the second sub- VPN route table, and its priority is arranged to the limit priority in VPN route table.
Further as an embodiment of the present invention is improved, and the Route establishment writing module is specifically used for:It is corresponding public Net routing table establishes the first sub- public network routing table and the second sub- public network routing table, and the priority of the first sub- public network routing table is big In the priority of the second sub- public network routing table;
The dissection process module is specifically used in installation routing procedure is write, before the related route of public network for judging write-in Sew whether mask-length is greater than or equal to systemic presupposition public network prefix mask length threshold, if so, by current public network correlation road By writing the first sub- public network routing table;If it is not, the related route of current public network is write into the second sub- public network routing table.
Further as an embodiment of the present invention is improved, and the dissection process module is gone back in installation routing procedure is write For,
Judge whether the related route of public network of write-in saves as the route for solving hash conflicts, if so, being written into the first son Public network routing table or the second sub- public network routing table, and its priority is arranged to the limit priority in public network routing table.
Compared with prior art, the beneficial effects of the invention are as follows:The effective of the present invention solves public network and VPN route forwarding Method and system, public network route and VPN route are separated using polylith TCAM memory, and make it have respective acquiescence Route, the priority for concurrently setting VPN route are higher than the priority of all public networks route;In this way, in the border routing of public and private net It can be good at supporting the routing forwarding of public network and private network on device, moreover it is possible to reach line while the characteristics such as Rpf-Check are supported Speed.
Brief description of the drawings
Fig. 1 is the flow chart for the method that public network and VPN route forwarding are effectively solved in an embodiment of the present invention;
Fig. 2 is the structural representation of the specific example for the method that present invention application effectively solves public network and VPN route forwarding Figure;
Fig. 3 is the module diagram for the system that public network and VPN route forwarding are effectively solved in an embodiment of the present invention.
Embodiment
Below with reference to embodiment shown in the drawings, the present invention will be described in detail.But these embodiments are simultaneously The present invention is not limited, structure that those of ordinary skill in the art are made according to these embodiments, method or functionally Conversion is all contained in protection scope of the present invention.
As shown in Figure 1, in an embodiment of the present invention, the method that public network and VPN route forward effectively is solved, including:
S1, establish route forwarding table;For each route assigned priority stored in route forwarding table.
The route forwarding table includes:For storing the VPN route forwarding of the related route of private network and/or default behaviors Table, for storing the public network route forwarding table of the related route of public network and/or default behaviors;The related route of the private network includes: VPN route, private network default routes, the related route of the public network include:Public network is route, public network default roads.
With reference to shown in Fig. 2, in the embodiment of the invention, by said write route priority order by height to It is low set gradually for:VPN route > private networks default route > public network route > public networks default route > default rows For.
Default behaviors are a kind of mode of operation of systemic presupposition, during message searches routing forwarding, are taken by it During the route querying route forwarding table of band, the route that message carries may not can find its matched route, when it fails When matching route, default behaviors may be matched;The message is uploaded to CPU by the default behavior guidings, or is lost The operation such as abandon, be not further described herein.
In the specific embodiment of the invention, route forwarding table supports that the network segment is route and Host routes, Host routes are adopted at the same time Stored with Hash, network segment route is then stored by the way of TCAM+SRAM;TCAM(ternarycontent addressable Memory, three-state content addressing memory) in place write-in route high Bit prefixes, by the network segment route the regularity of distribution can To set different prefix lengths, different prefix lengths divides TCAM resources using different schemes.
In one embodiment of the present invention, two TCAM memories are set, are respectively the first TCAM memory and second TCAM memory, the first TCAM memory is used to store the related route of private network and/default behaviors, the second TCAM memory are used In the related route of storage public network and/default behaviors;The priority of first TCAM memory is higher than the 2nd TCAM's Priority.
In the preferred embodiment for the present invention, corresponding VPN route table establishes the first sub- VPN route table and the second sub- private network road By table, the priority of the first sub- VPN route table is more than the priority of the second sub- VPN route table;Write installation routing procedure In, judge whether the prefix mask length of the related route of private network is greater than or equal to systemic presupposition private network prefix mask length threshold, If so, the related route of current private network is write into the first sub- VPN route table;If it is not, the related route of current private network is write second Sub- VPN route table.
Corresponding public network routing table establishes the first sub- public network routing table and the second sub- public network routing table, the first sub- public network road The priority of second sub- public network routing table is more than by the priority of table;Write in installation routing procedure, judge that the public network of write-in is related Whether the prefix mask length of route is greater than or equal to systemic presupposition public network prefix mask length threshold, if so, by current public network Correlation route the first sub- public network routing table of write-in;If it is not, the related route of current public network is write into the second sub- public network routing table.
Further, write in installation routing procedure, judge whether the related route of private network of write-in saves as and solve hash conflicts Route, if so, being written into the first sub- VPN route table or the second sub- VPN route table, and its priority is arranged to private network Limit priority in routing table.
Write in installation routing procedure, judge whether the related route of public network of write-in saves as the route for solving hash conflicts, if It is to be written into the first sub- public network routing table or the second sub- public network routing table, and its priority is arranged in public network routing table Limit priority.
The private network prefix mask length threshold of the systemic presupposition, and the public network prefix mask length threshold of systemic presupposition It is a fixed value, it can be specifically designated as needed, the number of significant digit in mask identifier route;Such as:Assisted in IPv4 Under view, route is usually 32, in this way, its mask-length is up to 32;Correspondingly, under such an arrangement, private network prefix mask length The maximum for spending threshold value and public network prefix mask length threshold is 32;It is understood that under other protocols, such as:IPv6, The length of route can increase, correspondingly, the length of its mask can also change therewith, the present invention no longer specifically repeats.
In the specific embodiment of the invention, 4 TCAM memories are set, are respectively the first private network TCAM memory, second Private network TCAM memory, the first public network TCAM memory, the second public network TCAM memory;Wherein, the first private network TCAM is deposited Reservoir is correspondingly formed the first sub- VPN route table, and the second private network TCAM memory is correspondingly formed the second sub- VPN route table, The first public network TCAM memory is correspondingly formed the first sub- public network routing table, and the second public network TCAM memory is correspondingly formed Second sub- public network routing table.
To write and install in routing procedure, the route for first determining whether write-in is the related route of private network or public network is related to be route, if The route of write-in is the related route of private network, then selection is written into the first private network TCAM memory or the second private network TCAM storages Device, if the route of write-in is the related route of public network, selection is written into the first public network TCAM memory, the second public network TCAM is deposited Reservoir;Further, it is according to the prefix mask length and current route of the related route of private network and the related route of public network The no route for solution hash conflicts, judges the specific write paths currently routeing.
, can be with when the related route of private network or the related route of public network is solve the route of hash conflicts in present embodiment One Bit is set in its storage location, to ensure its highest priority.
In order to facilitate understanding, one specific example of description illustrates.
Correspondingly, write-in route has 4, the 1st article is VPN route, its IP address is:10.10.100.0/15 the 2nd Bar is VPN route, its address is 10.10.100.0/23, and the 3rd article route for public network, its IP address is:10.10.100.0/ 15, the 4th article route for public network, its address is 10.10.100.0/23, the private network prefix mask length threshold and public affairs of systemic presupposition Net prefix mask length threshold is 16.By judging to understand, the prefix mask length of the 1st article of write-in route is 15, less than being Unite default private network prefix mask length threshold, the prefix mask length of the 2nd article of write-in route is 23, more than systemic presupposition Private network prefix mask length threshold;The prefix mask length of 3rd article of write-in route is 15, and the public network prefix less than systemic presupposition is covered Code length threshold value, the prefix mask length of the 4th article of write-in route is 23, more than the public network prefix mask length threshold of systemic presupposition Value;In this way, by the 1st bar of write-in route the second sub- VPN route table of write-in, the 2nd article of write-in is route the first sub- VPN route of write-in Table, by the 3rd article of write-in route the second sub- public network routing table of write-in, the first sub- public network routing table of write-in is route by the 4th article of write-in.
Further, the described method includes:S2:It is synchronous to search public network routing forwarding during message searches routing forwarding Table and VPN route forwarding table, obtain matched write-in route, and are selected according to the priority that the write-in matched is route Path with limit priority is forwarded to.
Continue above-mentioned example, it is assumed that the route that message carries is " 10.10.100.0 ", it synchronously searches public network routing forwarding After table and VPN route forwarding table, two write-in routes are matched, are respectively in the second sub- VPN route table " 10.10.100.0/15 " in " 10.10.100.0/15 ", and the second sub- public network routing table;Can by further inquiring about Know, the priority of " 10.10.100.0/15 " in the second sub- VPN route table is higher than in the second sub- public network routing table " 10.10.100.0/15 ", therefore, the road that most at last " 10.10.100.0/15 " in the second sub- VPN route table is carried with message Matched by " 10.10.100.0 ", and the forwarding that " 10.10.100.0/15 " in the second sub- VPN route table is directed toward Port forwards the message.
It is above-mentioned effectively solve public network and VPN route forwarding as a result of multistage TCAM resources, can support route Parallel search, merges lookup result by priority after the completion of lookup, greatly improves route querying efficiency.
With reference to shown in Fig. 3, in one embodiment of the present invention, public network and the system bag of VPN route forwarding are effectively solved Include:Route establishment writing module 100, dissection process module 200, and routing message searching module 300.
Route establishment writing module 100, for establishing route forwarding table;Dissection process module 200, for for routing forwarding Each route assigned priority stored in table.
The route forwarding table includes:For storing the VPN route forwarding of the related route of private network and/or default behaviors Table, for storing the public network route forwarding table of the related route of public network and/or default behaviors;The related route of the private network includes: VPN route, private network default routes, the related route of the public network include:Public network is route, public network default roads.
With reference to shown in Fig. 2, in the embodiment of the invention, said write route excellent by dissection process module 200 The order of first level set gradually from high to low for:VPN route > private networks default route > public network route > public networks default It route > default behaviors.
Default behaviors are a kind of mode of operation of systemic presupposition, during message searches routing forwarding, are taken by it During the route querying route forwarding table of band, the route that message carries may not can find its matched route, when it fails When matching route, default behaviors may be matched;The message is uploaded to CPU by the default behavior guidings, or is lost The operation such as abandon, be not further described herein.
In the specific embodiment of the invention, route forwarding table supports that the network segment is route and Host routes, Host routes are adopted at the same time Stored with Hash, network segment route is then stored by the way of TCAM+SRAM;The high Bit prefixes of write-in route are placed in TCAM, are led to Different prefix lengths can be set by crossing the regularity of distribution of network segment route, and different prefix lengths is divided using different schemes TCAM resources.
In one embodiment of the present invention, two TCAM memories are set, are respectively the first TCAM memory and second TCAM memory, the first TCAM memory is used to store the related route of private network and/default behaviors, the second TCAM memory are used In the related route of storage public network and/default behaviors;The priority of first TCAM memory is higher than the 2nd TCAM's Priority.
In the preferred embodiment for the present invention, the Route establishment writing module 100 is specifically used for:Corresponding VPN route table is built Vertical first sub- VPN route table and the second sub- VPN route table, the priority of the first sub- VPN route table are more than the second son private The priority of net routing table;Write in installation routing procedure, the dissection process module 200 is specifically used for:Judge private network correlation road By prefix mask length whether be greater than or equal to systemic presupposition private network prefix mask length threshold, if so, by current private network Correlation route the first sub- VPN route table of write-in;If it is not, the related route of current private network is write into the second sub- VPN route table.
The Route establishment writing module 100 is additionally operable to:Corresponding public network routing table establishes the first sub- public network routing table and the Two sub- public network routing tables, the priority of the first sub- public network routing table are more than the priority of the second sub- public network routing table;Write peace Fill in routing procedure, the prefix mask length that the dissection process module 200 is additionally operable to judge the related route of public network of write-in is It is no to be greater than or equal to systemic presupposition public network prefix mask length threshold, if so, related the first son of route write-in of current public network is public Net routing table;If it is not, the related route of current public network is write into the second sub- public network routing table.
Further, write in installation routing procedure, the dissection process module 200 is additionally operable to judge that the private network of write-in is related Whether route saves as the route for solving hash conflicts, if so, being written into the first sub- VPN route table or the second sub- VPN route Table, and its priority is arranged to the limit priority in VPN route table.
Write in installation routing procedure, the dissection process module 200 be additionally operable to judge the public network of write-in it is related route whether Save as the route for solving hash conflicts, if so, be written into the first sub- public network routing table or the second sub- public network routing table, and by its Priority is arranged to the limit priority in public network routing table.
The private network prefix mask length threshold of the systemic presupposition, and the public network prefix mask length threshold of systemic presupposition It is a fixed value, it can be specifically designated as needed, the number of significant digit in mask identifier route;Such as:Assisted in IPv4 Under view, route is usually 32, in this way, its mask-length is up to 32;Correspondingly, under such an arrangement, private network prefix mask length The maximum for spending threshold value and public network prefix mask length threshold is 32;It is understood that under other protocols, such as:IPv6, The length of route can increase, correspondingly, the length of its mask can also change therewith, the present invention no longer specifically repeats.
In the specific embodiment of the invention, 4 TCAM memories are set, are respectively the first private network TCAM memory, second Private network TCAM memory, the first public network TCAM memory, the second public network TCAM memory;Wherein, the first private network TCAM is deposited Reservoir is correspondingly formed the first sub- VPN route table, and the second private network TCAM memory is correspondingly formed the second sub- VPN route table, The first public network TCAM memory is correspondingly formed the first sub- public network routing table, and the second public network TCAM memory is correspondingly formed Second sub- public network routing table.
Write in installation routing procedure, dissection process module 200 first determine whether the route of write-in be private network it is related route or The related route of public network, if the route of write-in is the related route of private network, selection is written into the first private network TCAM memory or the Two private network TCAM memories, if the route of write-in is the related route of public network, selection be written into the first public network TCAM memory, Second public network TCAM memory;Further, according to the prefix mask length of the related route of private network and the related route of public network with And whether current route is the route for solving hash conflicts, judges the specific write paths currently routeing.
, can be with when the related route of private network or the related route of public network is solve the route of hash conflicts in present embodiment One Bit is set in its storage location, to ensure its highest priority.
In order to facilitate understanding, one specific example of description illustrates.
Correspondingly, write-in route has 4, the 1st article is VPN route, its IP address is:10.10.100.0/15 the 2nd Bar is VPN route, its address is 10.10.100.0/23, and the 3rd article route for public network, its IP address is:10.10.100.0/ 15, the 4th article route for public network, its address is 10.10.100.0/23, the private network prefix mask length threshold and public affairs of systemic presupposition Net prefix mask length threshold is 16.By judging to understand, the prefix mask length of the 1st article of write-in route is 15, less than being Unite default private network prefix mask length threshold, the prefix mask length of the 2nd article of write-in route is 23, more than systemic presupposition Private network prefix mask length threshold;The prefix mask length of 3rd article of write-in route is 15, and the public network prefix less than systemic presupposition is covered Code length threshold value, the prefix mask length of the 4th article of write-in route is 23, more than the public network prefix mask length threshold of systemic presupposition Value;In this way, by the 1st bar of write-in route the second sub- VPN route table of write-in, the 2nd article of write-in is route the first sub- VPN route of write-in Table, by the 3rd article of write-in route the second sub- public network routing table of write-in, the first sub- public network routing table of write-in is route by the 4th article of write-in.
Routing message searching module 300 is synchronous to search public network route forwarding table and private network during message searches routing forwarding Route forwarding table, obtains matched write-in route, and is selected according to the priority that the write-in matched is route with highest The path of priority is forwarded to.
Continue above-mentioned example, it is assumed that the route that message carries is " 10.10.100.0 ", it synchronously searches public network routing forwarding After table and VPN route forwarding table, two write-in routes are matched, are respectively in the second sub- VPN route table " 10.10.100.0/15 " in " 10.10.100.0/15 ", and the second sub- public network routing table;Can by further inquiring about Know, the priority of " 10.10.100.0/15 " in the second sub- VPN route table is higher than in the second sub- public network routing table " 10.10.100.0/15 ", therefore, the road that most at last " 10.10.100.0/15 " in the second sub- VPN route table is carried with message Matched by " 10.10.100.0 ", and the forwarding that " 10.10.100.0/15 " in the second sub- VPN route table is directed toward Port forwards the message.
In conclusion effective method and system for solving public network and VPN route forwarding of the present invention, utilize polylith TCAM Memory separates public network route and VPN route, and makes it have respective default route, concurrently sets the excellent of VPN route First level is higher than the priority of all public networks route;In this way, can be good on the border router of public and private net support public network and The routing forwarding of private network, moreover it is possible to reach linear speed while the characteristics such as Rpf-Check are supported.
For convenience of description, it is divided into various modules during description apparatus above with function to describe respectively.Certainly, this is being implemented The function of each module can be realized in same or multiple softwares and/or hardware during invention.
Device embodiments described above are only schematical, wherein the module illustrated as separating component It may or may not be physically separate, physics mould may or may not be as the component that module is shown Block, you can with positioned at a place, or can also be distributed on multiple mixed-media network modules mixed-medias.It can be selected according to the actual needs In some or all of module realize the purpose of present embodiment scheme.Those of ordinary skill in the art are not paying creation Property work in the case of, you can to understand and implement.
It should be appreciated that although the present specification is described in terms of embodiments, not each embodiment only includes one A independent technical solution, this narrating mode of specification is only that those skilled in the art will should say for clarity For bright book as an entirety, the technical solution in each embodiment may also be suitably combined to form those skilled in the art can With the other embodiment of understanding.
Those listed above is a series of to be described in detail only for feasibility embodiment of the invention specifically Bright, they simultaneously are not used to limit the scope of the invention, all equivalent implementations made without departing from skill spirit of the present invention Or change should all be included in the protection scope of the present invention.

Claims (10)

  1. A kind of 1. method for effectively solving public network and VPN route forwarding, it is characterised in that the described method includes:
    Establish route forwarding table;
    The route forwarding table includes:For storing the VPN route forwarding table of the related route of private network and/or default behaviors, For storing the public network route forwarding table of the related route of public network and/or default behaviors;
    The related route of the private network includes:VPN route, private network default routes, the related route of the public network include:Public network road By public network default routes;
    For each route assigned priority stored in route forwarding table, the order of the priority of said write route from high to low according to It is secondary to be:VPN route > private networks default route > public network route > public networks default route > default behaviors;
    It is synchronous to search public network route forwarding table and VPN route forwarding table during message searches routing forwarding, obtain and it The write-in route matched somebody with somebody, and the path with limit priority is selected according to the priority that the write-in matched is route and is forwarded to.
  2. 2. the method according to claim 1 for effectively solving public network and VPN route forwarding, it is characterised in that establish route Forwarding table specifically includes:
    Corresponding VPN route table establishes the first sub- VPN route table and the second sub- VPN route table, the first sub- VPN route table Priority be more than the second sub- VPN route table priority;
    Write in installation routing procedure, judge whether the prefix mask length of the related route of private network of write-in is pre- more than or equal to system If private network prefix mask length threshold, if so, the related route of current private network is write the first sub- VPN route table;If it is not, will Current private network the second sub- VPN route table of related route write-in.
  3. 3. the method according to claim 2 for effectively solving public network and VPN route forwarding, it is characterised in that the method Further include:
    Write in installation routing procedure, judge whether the related route of private network of write-in saves as the route for solving hash conflicts, if so, will It writes the first sub- VPN route table or the second sub- VPN route table, and its priority is arranged to the highest in VPN route table Priority.
  4. 4. the method according to claim 1 for effectively solving public network and VPN route forwarding, it is characterised in that establish route Forwarding table specifically includes:
    Corresponding public network routing table establishes the first sub- public network routing table and the second sub- public network routing table, the first sub- public network routing table Priority be more than the second sub- public network routing table priority;
    Write in installation routing procedure, judge whether the prefix mask length of the related route of public network of write-in is pre- more than or equal to system If public network prefix mask length threshold, if so, the related route of current public network is write the first sub- public network routing table;If it is not, will Current public network the second sub- public network routing table of related route write-in.
  5. 5. the method according to claim 4 for effectively solving public network and VPN route forwarding, it is characterised in that the method Further include:
    Write in installation routing procedure, judge whether the related route of public network of write-in saves as the route for solving hash conflicts, if so, will It writes the first sub- public network routing table or the second sub- public network routing table, and its priority is arranged to the highest in public network routing table Priority.
  6. A kind of 6. system for effectively solving public network and VPN route forwarding, it is characterised in that the system comprises:
    Route establishment writing module, for establishing route forwarding table;
    The route forwarding table includes:For storing the VPN route forwarding table of the related route of private network and/or default behaviors, For storing the public network route forwarding table of the related route of public network and/or default behaviors;
    The related route of the private network includes:VPN route, private network default routes, the related route of the public network include:Public network road By public network default routes;
    Dissection process module, for each route assigned priority to be stored in route forwarding table, said write is route preferential The order of level is followed successively by from high to low:VPN route > private networks default route > public network route > public networks default routes > Default behaviors;
    Routing message searching module, it is synchronous to search public network route forwarding table and private network road during searching routing forwarding in message By forwarding table, matched write-in route is obtained, and is selected according to the priority that the write-in matched is route excellent with highest The path of first level is forwarded to.
  7. 7. the system according to claim 6 for effectively solving public network and VPN route forwarding, it is characterised in that
    The Route establishment writing module is specifically used for:Corresponding VPN route table establishes the first sub- VPN route table and the second son is private Net routing table, the priority of the first sub- VPN route table are more than the priority of the second sub- VPN route table;
    The dissection process module is specifically used in installation routing procedure is write, and judges that the prefix of the related route of private network of write-in is covered Whether code length is greater than or equal to systemic presupposition private network prefix mask length threshold, if so, the related route of current private network is write Enter the first sub- VPN route table;If it is not, the related route of current private network is write into the second sub- VPN route table.
  8. 8. the system according to claim 7 for effectively solving public network and VPN route forwarding, it is characterised in that the parsing Processing module is additionally operable in installation routing procedure is write,
    Judge whether the related route of private network of write-in saves as the route for solving hash conflicts, if so, being written into the first sub- private network Routing table or the second sub- VPN route table, and its priority is arranged to the limit priority in VPN route table.
  9. 9. the system according to claim 6 for effectively solving public network and VPN route forwarding, it is characterised in that
    The Route establishment writing module is specifically used for:Corresponding public network routing table establishes the first sub- public network routing table and the second son is public Net routing table, the priority of the first sub- public network routing table are more than the priority of the second sub- public network routing table;
    The dissection process module is specifically used in installation routing procedure is write, and judges that the prefix of the related route of public network of write-in is covered Whether code length is greater than or equal to systemic presupposition public network prefix mask length threshold, if so, the related route of current public network is write Enter the first sub- public network routing table;If it is not, the related route of current public network is write into the second sub- public network routing table.
  10. 10. the system according to claim 9 for effectively solving public network and VPN route forwarding, it is characterised in that the solution Analysis processing module is additionally operable in installation routing procedure is write,
    Judge whether the related route of public network of write-in saves as the route for solving hash conflicts, if so, being written into the first sub- public network Routing table or the second sub- public network routing table, and its priority is arranged to the limit priority in public network routing table.
CN201711382412.6A 2017-12-20 2017-12-20 Effectively solve the method and system of public network and VPN route forwarding Withdrawn CN107948075A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711382412.6A CN107948075A (en) 2017-12-20 2017-12-20 Effectively solve the method and system of public network and VPN route forwarding

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711382412.6A CN107948075A (en) 2017-12-20 2017-12-20 Effectively solve the method and system of public network and VPN route forwarding

Publications (1)

Publication Number Publication Date
CN107948075A true CN107948075A (en) 2018-04-20

Family

ID=61941954

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711382412.6A Withdrawn CN107948075A (en) 2017-12-20 2017-12-20 Effectively solve the method and system of public network and VPN route forwarding

Country Status (1)

Country Link
CN (1) CN107948075A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112235197A (en) * 2020-10-23 2021-01-15 烽火通信科技股份有限公司 Parallel route searching method and system
CN113014494A (en) * 2021-02-18 2021-06-22 杭州迪普科技股份有限公司 Network access method and device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1863155A (en) * 2005-10-13 2006-11-15 华为技术有限公司 Method and system for synchronously for warding of forwarding information table
CN102484611A (en) * 2009-08-20 2012-05-30 瑞典爱立信有限公司 Link state identifier collision handling
CN102664811A (en) * 2012-05-04 2012-09-12 杭州华三通信技术有限公司 Message forwarding method and device
CN103856407A (en) * 2014-03-25 2014-06-11 重庆邮电大学 Accelerated data packet forwarding method and device based on NetFPGA (field programmable gate array) programmable virtual router
CN106713140A (en) * 2016-12-22 2017-05-24 武汉烽火网络有限责任公司 Forwarding method of supporting co-working of various label distribution protocols and MPLS equipment

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1863155A (en) * 2005-10-13 2006-11-15 华为技术有限公司 Method and system for synchronously for warding of forwarding information table
CN102484611A (en) * 2009-08-20 2012-05-30 瑞典爱立信有限公司 Link state identifier collision handling
CN102664811A (en) * 2012-05-04 2012-09-12 杭州华三通信技术有限公司 Message forwarding method and device
CN103856407A (en) * 2014-03-25 2014-06-11 重庆邮电大学 Accelerated data packet forwarding method and device based on NetFPGA (field programmable gate array) programmable virtual router
CN106713140A (en) * 2016-12-22 2017-05-24 武汉烽火网络有限责任公司 Forwarding method of supporting co-working of various label distribution protocols and MPLS equipment

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
腾讯云计算(北京)有限责任公司: "《私有网络产品简介产品文档》", 《HTTPS://CN.BING.COM/》 *
转载 CHEN YU: "《linux之路由知识之ip route 命令中的疑惑》", 《WWW.CSDN.COM》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112235197A (en) * 2020-10-23 2021-01-15 烽火通信科技股份有限公司 Parallel route searching method and system
CN113014494A (en) * 2021-02-18 2021-06-22 杭州迪普科技股份有限公司 Network access method and device

Similar Documents

Publication Publication Date Title
CN101834802B (en) Method and device for forwarding data packet
US9537793B2 (en) Ensuring any-to-any reachability with opportunistic layer 3 forwarding in massive scale data center environments
CN106470158B (en) Message forwarding method and device
US20100100671A1 (en) Double density content addressable memory (cam) lookup scheme
US9729447B2 (en) Apparatus and method for processing alternately configured longest prefix match tables
CN108718278B (en) Message transmission method and device
CN102857414A (en) Forwarding table writing method and device and message forwarding method and device
CN101505279A (en) Route searching method and apparatus
CN103763750B (en) Method for fast achieving packet forwarding in wireless ad hoc network of TDMA protocol
US9183322B2 (en) Increasing internet protocol version 6 host table scalability in top of rack switches for data center deployments
CN108494701A (en) Load sharing method and device
CN106209557A (en) Message forwarding method and device
CN102291472A (en) Network address lookup method and device
CN109921995A (en) A kind of network equipment of the method for configuration address table, the FPGA and application FPGA
CN106330719A (en) VXLAN message forwarding method and device
CN109981464A (en) A kind of TCAM circuit structure and its matching process realized in FPGA
CN106803809A (en) A kind of method and apparatus of message forwarding
CN107948075A (en) Effectively solve the method and system of public network and VPN route forwarding
CN102325077B (en) Communication method among branches and egress routers of branches
CN106453091B (en) The equivalent route management method and device of router Forwarding plane
US20080123663A1 (en) Method and apparatus for managing ternary content addressable memory entries for use in a data packet routing device
CN103457855B (en) Classless inter-domain routing table is established and the method and apparatus of message forwarding
CN106209554A (en) Message forwarding method and equipment across virtual expansible LAN
JP2006246488A (en) Network router, address processing method, and computer program
CN104780105A (en) Message forwarding method, routing bridge and forwarding chip

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication
WW01 Invention patent application withdrawn after publication

Application publication date: 20180420