CN108111385A - Message forwarding method and device - Google Patents
Message forwarding method and device Download PDFInfo
- Publication number
- CN108111385A CN108111385A CN201711463958.4A CN201711463958A CN108111385A CN 108111385 A CN108111385 A CN 108111385A CN 201711463958 A CN201711463958 A CN 201711463958A CN 108111385 A CN108111385 A CN 108111385A
- Authority
- CN
- China
- Prior art keywords
- tunnel
- mapping
- l2tp
- source
- data message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4633—Interconnection of networks using encapsulation techniques, e.g. tunneling
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/2854—Wide area networks, e.g. public data networks
- H04L12/2856—Access arrangements, e.g. Internet access
- H04L12/2858—Access network architectures
- H04L12/2859—Point-to-point connection between the data network and the subscribers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/2854—Wide area networks, e.g. public data networks
- H04L12/2856—Access arrangements, e.g. Internet access
- H04L12/2869—Operational details of access network equipments
- H04L12/287—Remote access server, e.g. BRAS
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
Abstract
This application provides message forwarding methods and device.In the application, BRAS equipment checks that there are the matched tunnel source IP mapping items of the first data message in local tunnel source IP mapping tables, then the mapping IP address according to tunnel source IP mapping items instruction encapsulates first data message and passes through the L2TP Tunnel and forwards, realize the IP address that the tunnel source IP address in the L2TP Tunnel head packaged by all data messages on the L2TP Tunnel is all not this BRAS equipment, so that even if the intermediary network device discovery on the L2TP Tunnel has a plurality of equivalent route forwarding data packets, as the tunnel source IP address in L2TP Tunnel head packaged by data message is different and realizes and shares mode forwarding data packets according to routing overhead.
Description
Technical field
This application involves network communication technologies, more particularly to message forwarding method and device.
Background technology
Layer 2 Tunneling Protocol (L2TP:2 Tunneling Protocol of Layer), it is Virtual Private Dial-up Network (VPDN:
Virtual Private Dial-up Network) tunnel protocol one kind.L2TP passes through at public network (such as Internet)
On establish L2TP Tunnel so that remote subscriber (such as institution functioning abroad of enterprise and employee on business trip) utilize point-to-point protocol (PPP:
Point-to-Point Protocol) access public network after communicated by L2TP Tunnel with Intranet, with access look forward to
Industry intranet resources so as to fulfill remote subscriber safety, economically and effectively access privately owned enterprise network.
After the l 2 tp tunnel establishment, the session being carried on L2TP Tunnel (Session) can also further be established.
Same L2TP Tunnel carries at least one Session.
The content of the invention
This application provides message forwarding method and device, to realize the intermediary network device on L2TP Tunnel according to routing
Load balancing mode forwarding data packets.
The technical solution that the application provides includes:
A kind of message forwarding method, this method are applied to Broadband Remote Access Server BRAS equipment, including:
Receive the first data message;
It determines that first data message is forwarded by established L2TP Tunnel between this equipment and opposite equip., then examines
It looks into and whether there is the matched tunnel source IP mapping items of first data message in local tunnel source IP mapping tables;
If so, the mapping IP address according to tunnel source IP mapping items instruction encapsulates first data message and leads to
Cross the L2TP Tunnel forwarding.
A kind of apparatus for forwarding message, the device are applied to Broadband Remote Access Server BRAS equipment, including:
Receiving unit, for receiving the first data message;
Determination unit, for determining first data message whether by established between this equipment and opposite equip.
L2TP Tunnel forwards;
Tunnel unit, for when the definitive result of the determination unit is to be, checking in local tunnel source IP mapping tables
With the presence or absence of the matched tunnel source IP mapping items of first data message;If so, according to the tunnel source IP mapping items
The mapping IP address of instruction encapsulates first data message and passes through the L2TP Tunnel and forwards.
A kind of network equipment, including:Processor and machine readable storage medium, the machine readable storage medium are stored with
The machine-executable instruction that can be executed by processor;The processor is for performing the machine-executable instruction, to realize
Above-mentioned method.
A kind of machine readable storage medium, the machine readable storage medium are stored with machine-executable instruction, the machine
For device executable instruction when being called and being performed by processor, it is above-mentioned that the machine-executable instruction promotes the processor to realize
Method.
As can be seen from the above technical solutions, in the application, BRAS equipment checks deposits in local tunnel source IP mapping tables
In the matched tunnel source IP mapping items of the first data message, then the mapping IP according to tunnel source IP mapping items instructions
Location, which encapsulates first data message and passes through the L2TP Tunnel, forwards rather than imposes uniformity without examining individual cases what ground encapsulated the first data message
Tunnel source IP address in L2TP Tunnel head is uniformly set to the IP address of this equipment, this realizes all on the L2TP Tunnel
The tunnel source IP address in L2TP Tunnel head packaged by data message is all not the IP address of this BRAS equipment so that described
Even if the intermediary network device discovery on L2TP Tunnel has a plurality of equivalent route forwarding data packets, as data message institute
Tunnel source IP address in the L2TP Tunnel head of encapsulation is different and realizes and shares mode forwarding data packets according to routing overhead.
Description of the drawings
Attached drawing herein is merged in specification and forms the part of this specification, shows the implementation for meeting the disclosure
Example, and for explaining the principle of the disclosure together with specification.
Fig. 1 is the application networking schematic diagram that the application provides;
Fig. 2 is the method flow diagram that the application provides;
Fig. 3 is tunnel source IP mapping tables product process figure provided by the embodiments of the present application;
Fig. 4 is another tunnel source IP mapping tables product process figure provided by the embodiments of the present application;
Fig. 5 is the method flow diagram that the application one embodiment provides;
Fig. 6 is the another method flow chart that the application one embodiment provides;
Fig. 7 is the method flow diagram that the application another embodiment provides;
Fig. 8 is the another method flow chart that the application another embodiment provides;
Fig. 9 is the apparatus structure schematic diagram that the application provides;
Figure 10 is the hardware unit structure diagram that the application provides.
Specific embodiment
In the networking (abbreviation L2TP networkings) of L2TP applications, L2TP Tunnel terminal device L2TP such as shown in FIG. 1 is visited
Ask concentrator (LAC:L2TP Access Concentrator) and L2TP Network Server LNS (L2TP Network
Server the network between) is usually three-layer network.In this way, even if an end equipment of L2TP Tunnel is first when sending datagram
Forwarding is encapsulated via L2TP Tunnel after encapsulating L2TP Tunnel head for data message, then when data message is reached in L2TP Tunnel
Between equipment such as router (ROUTER) shown in FIG. 1 when, if ROUTER discovery there is a plurality of equivalent route to forward the datagram
Text, ROUTER will according to data message encapsulate L2TP Tunnel source IP address, L2TP Tunnel purpose IP address carry out Hash fortune
It calculates, still, because being carried on all data messages on same L2TP Tunnel, the L2TP Tunnel in the L2TP Tunnel head of encapsulation
Source IP address, L2TP Tunnel purpose IP address are all identical, this results in ROUTER that can select a fixed routing always
Forwarding is carried on all data messages on same L2TP Tunnel, and the intermediary network device of L2TP Tunnel can not be realized according to routing
Load balancing mode forwarding data packets.
Based on this, in the application, mode is shared according to routing overhead for the intermediary network device for realizing L2TP Tunnel and turned
Data message is sent out, then when by L2TP Tunnel forwarding data packets, to the tunnel in the L2TP Tunnel head of data message encapsulation
Source IP address is modified, specifically flow as shown in Figure 2.
Referring to Fig. 2, Fig. 2 is the method flow diagram that the application provides.The flow is applied to Broadband Remote Access Server
(BRAS:Broadband Remote Access Server) equipment.Here, BRAS equipment is an end equipment of L2TP Tunnel,
For example be LAC or be LNS, the application does not limit specifically.
As shown in Fig. 2, the flow may include following steps:
Step 201, the first data message is received.
As one embodiment, the first data message here is PPPOE data messages.
Step 202, determine that first data message passes through established L2TP Tunnel between this equipment and opposite equip.
Forwarding then checks and whether there is the matched tunnel source IP mapping tables of first data message in local tunnel source IP mapping tables
, if so, performing step 203.
As one embodiment, in this step 202, determine the first data message by between this equipment and opposite equip.
The L2TP Tunnel forwarding of foundation includes:
Step a1, judges whether the first data message hits local authentication list item, recognizes when the hit of the first data message is local
List item is demonstrate,proved, determines that first data message is legal, performs step a2.
It should be noted that in this step a1, when the first data message miss local authentication list item, it is determined that the first number
It is illegal according to message, it can directly abandon the first data message.The situation of first data message miss local authentication list item is not
The emphasis of the application, not reinflated description.
As one embodiment, if BRAS equipment is LAC, then local authentication list item here is PPPOE user's list item.
The structure of PPPOE user's list item is repeated no more similar to existing PPPOE user's list item.
As another embodiment, if BRAS equipment is LNS, then local authentication list item here is fib table item.FIB
The structure of list item is repeated no more similar to existing fib table item.
Step a2 determines L2TP Tunnel ID, according to described according to the L2TP Tunnel association identification in local authentication list item
The Session ID that L2TP Tunnel ID and first data message carry are in local generated L2TP Tunnel encapsulating sheet
Corresponding L2TP Tunnel encapsulation list item is searched, if finding, it is determined that first data message is set by this equipment and opposite end
Established L2TP Tunnel forwarding corresponding with the L2TP Tunnel ID between standby.
So far, step a1 and step a2 are passed through, you can realize and determine that the first data message passes through this equipment and opposite equip.
Between the forwarding of established L2TP Tunnel.
As one embodiment, in this step 202, check in local generated tunnel source IP mapping tables and whether there is institute
Stating the matched tunnel source IP mapping items of the first data message includes:
Step b1 is checked in local tunnel source IP mapping tables with the presence or absence of the L2TP Tunnel for including the L2TP Tunnel determined
The Session ID that ID, the first data message carry and the tunnel source IP mapping items that type is the first specified type;If so,
Step b2 is performed, if it is not, performing step b3.
Step b2 determines that there are the matched tunnels of the first data message in local generated tunnel source IP mapping tables
Source IP mapping item.
Step b3 determines that the matched tunnel of the first data message is not present in local generated tunnel source IP mapping tables
Road source IP mapping item.
As one embodiment, in this step 202, however, it is determined that institute is not present in local generated tunnel source IP mapping tables
The matched tunnel source IP mapping items of the first data message are stated, then are directly forwarded via the L2TP Tunnel.
In one example, tunnel source IP mapping tables can be pre-configured with.
In another example, tunnel source IP mapping tables can before this method is performed dynamic generation.One can hereafter be passed through
The description of a specific embodiment how dynamic generation, wouldn't describe here.
In this application, each tunnel source IP mapping items are used to indicate its matched data message in tunnel source IP mapping tables
Tunnel source IP address (being denoted as mapping IP address) when being forwarded via L2TP Tunnel in packaged L2TP Tunnel head.
Step 203, the mapping IP address according to tunnel source IP mapping items instruction encapsulates first data message
And pass through the L2TP Tunnel and forward.
This step 203, which is that there are the matched tunnel source IP of first data message in local tunnel source IP mapping tables, to reflect
It is performed on the premise of firing table item.
In one example, this step 203 is specially:The first datagram is encapsulated according to existing L2TP Tunnel head encapsulation mechanism
Text, here, tunnel source IP address in L2TP Tunnel head is IP address such as loopback (Loopback) address of this equipment, tunnel
Purpose IP address is IP address such as loopback (Loopback) address of opposite equip., afterwards, by the encapsulation of the first data message
Tunnel source IP address in L2TP Tunnel head is revised as the mapping IP address indicated in the source IP mapping item and passes through described
L2TP Tunnel forwards.
In another example, this step 203 is specially:First is encapsulated according to similar existing L2TP Tunnel head encapsulation mechanism
Data message, the tunnel source IP address in L2TP Tunnel head are the mapping IP address indicated in the source IP mapping item, tunnel
Purpose IP address is IP address such as loopback (Loopback) address of opposite equip., afterwards, will encapsulate L2TP Tunnel head
First data message is forwarded by the L2TP Tunnel.
By step 203 as can be seen that in this application, BRAS equipment checks to be existed in local tunnel source IP mapping tables
The matched tunnel source IP mapping items of first data message, then the mapping IP address indicated according to the tunnel source IP mapping items
It encapsulates first data message and passes through the L2TP Tunnel and forward, this realizes all datagrams on the L2TP Tunnel
The tunnel source IP address in L2TP Tunnel head packaged by text is all not the IP address of this BRAS equipment so that the L2TP tunnels
Even if the intermediary network device discovery on road has a plurality of equivalent route forwarding data packets, as packaged by data message
Tunnel source IP address in L2TP Tunnel head is different and selects different routings, realizes that the intermediary network device on L2TP Tunnel is pressed
Mode forwarding data packets are shared according to routing overhead.
It should be noted that flow shown in above-mentioned Fig. 2 using by local non-L2TP Tunnel mouth receive the first data message as
Example, wherein, if BRAS equipment is used as LAC, local non-L2TP Tunnel mouth can be user-side port, if BRAS equipment as LNS,
Then local non-L2TP Tunnel mouth can be IP ports.
It should also be noted that, in this application, BRAS equipment can also be received by local L2TP Tunnel mouth and encapsulated
The data message (being denoted as the second data message) of L2TP Tunnel head, when BRAS equipment is encapsulated by the reception of local L2TP Tunnel mouth
During the second data message of L2TP Tunnel head, check in local generated tunnel source IP mapping tables with the presence or absence of the described second number
According to the matched tunnel source IP mapping items of message;If so, the L2TP Tunnel head that second data message is encapsulated unseals
It fills and forwards the data message after decapsulation.
As one embodiment, above-mentioned inspection is locally with the presence or absence of the described second number in generated tunnel source IP mapping tables
Include according to the matched tunnel source IP mapping items of message:
Step c1 parses the Session ID and L2TP encapsulated from the second data message from the second data message
L2TP Tunnel ID, L2TP Tunnel source IP address are parsed in tunnel head.
As one embodiment, the second data message here is also PPPOE data messages, carries Session ID.
Based on this, this step c1 is easy to parse Session ID from the second data message.
Step c2, if local according to the L2TP Tunnel source IP address, L2TP Tunnel ID, Session ID miss parsed
L2TP decapsulates list item, then checks and whether there is in local generated tunnel source IP mapping tables comprising the L2TP Tunnel parsed
Source IP address, L2TP Tunnel ID, session Session ID and type are the tunnel source IP mapping items of the second specified type, if
It is to determine that there are the matched tunnel source IP mapping tables of second data message in local generated tunnel source IP mapping tables
;If it is not, it determines that the matched tunnel source IP of second data message is not present in local generated tunnel source IP mapping tables
Mapping item.
It should be noted that in this step c2, if local according to L2TP Tunnel ID, Session the ID hit parsed
L2TP decapsulates list item, then directly decapsulates the L2TP Tunnel head that second data message encapsulates and forward decapsulation
Data message afterwards.
It realizes and is checked in local generated tunnel source IP mapping tables with the presence or absence of institute eventually by step c1 and step c2
State the matched tunnel source IP mapping items of the second data message.
Be described below in detail tunnel source IP mapping tables how dynamic generation:
As described above, in the application, BRAS equipment is an end equipment of L2TP Tunnel, for example for LAC or is LNS, under
Face first describes how to generate tunnel source IP mapping tables so that BRAS equipment is LAC as an example.
Referring to Fig. 3, Fig. 3 is tunnel source IP mapping tables product process figure provided by the embodiments of the present application.In the present embodiment,
BRAS equipment is LAC, and on the premise of being LAC based on BRAS equipment, in the present embodiment, the opposite equip. of BRAS equipment is LNS.Figure
The operation of the generation tunnel source IP mapping items of flow shown in 3 mainly includes:
After L2TP Tunnel between this LAC and opposite equip. LNS is successfully established, if find there is user to reach the standard grade, for T1,
S1 distributes a corresponding mapping IP address, is the according to T1, S1 and mapping IP address generation type corresponding with T1, S1
The tunnel source IP mapping items of one specified type, the T1 are:LAC is one end tunnel of the L2TP Tunnel distribution being successfully established
Road ID, S1 are:LAC is to be carried on the L2TP Tunnel being successfully established and divide with the Session of the user-association of reaching the standard grade
One end Session ID matched somebody with somebody;The T2 is:The LNS is the other end tunnel of the L2TP Tunnel distribution being successfully established
ID;And
T2, S2 of opposite equip. LNS feedbacks and mapping IP address corresponding with T2, S2 are received, according to what is received
T2, S2 and the tunnel source IP mapping items that mapping IP address generation type corresponding with T2, S2 is the second specified type, institute
Stating S2 is:The LNS is to be carried on the L2TP Tunnel being successfully established and divide with the Session of the user-association of reaching the standard grade
The other end Session ID matched somebody with somebody.
Flow is detailed below:
As shown in figure 3, the flow may include following steps:
Step 301, after L2TP Tunnel of the LAC between opposite equip. LNS is successfully established, if finding to there is user to reach the standard grade,
Then LAC sends T2, S1 to LNS.
In one example, T2 is:LNS is one end tunnel ID, S1 LAC of the above-mentioned L2TP Tunnel distribution being successfully established
One end Session ID for the Session distribution being carried on the above-mentioned L2TP Tunnel being successfully established.Here, it is carried on above-mentioned
The Session on L2TP Tunnel being successfully established and user-association of reaching the standard grade.
As one embodiment, in the present invention, LAC sends T2, S1 concretely to LNS:LAC carries T2, S1
It is sent in ICRQ messages to LNS.Specifically, LAC carries T2 in the L2TP Tunnel head of ICRQ messages, and S1 is carried in ICRQ
It is sent in the AVP fields of message and to LNS.
After LAC sends ICRQ messages to LNS, LNS can receive ICRQ messages, when LNS receives ICRQ messages, from ICRQ
Packet parsing goes out T2, S1, and it is that the above-mentioned Session being carried on the above-mentioned L2TP Tunnel being successfully established is distributed to determine this LNS
Other end Session ID (being denoted as S2).Afterwards, LNS is that definite T2, S2 distributes a corresponding IP address (referred to as mapping IP
Address is denoted as IP2).As one embodiment, LNS can calculate an IP address according to default algorithm and with reference to T2, S2
(referred to as mapping IP address, be denoted as IP2).Afterwards, LNS is first according to T2, S2 and IP2 corresponding with T2, S2 generation types
A tunnel source IP mapping item (being denoted as tunnel source IP mapping items 30) for specified type.Here, the first specified type is used for
It indicates that tunnel source IP mapping items generate to be local, is identified with L.The structure of tunnel source IP mapping items 30 has been shown in particular in table 1:
Table 1
Also, LNS can also feed back T2, S2 and IP2 corresponding with T2, S2 to LAC.As one embodiment, in this Shen
Please in, LNS can carry T2, S2 and IP2 corresponding with T2, S2 in ICRP messages (to carry the AVP in ICRP messages
Exemplified by field) and it is sent to LAC.Step 302 is performed afterwards.
Step 302, LAC receive LNS feedback T2, S2 and IP2 corresponding with T2, S2, according to receive T2, S2,
And IP2 generation types corresponding with T2, S2 (are denoted as tunnel source IP for a tunnel source IP mapping item of the second specified type
Mapping item 40), and perform step 303.
As described above, T2, S2 and IP2 corresponding with T2, S2 can be carried in ICRP messages and are sent to by LNS
LAC.In this way, after LAC receives ICRP messages, go out T2, S2 and IP2 corresponding with T2, S2 from ICRP packet parsings.It
Afterwards the tunnel source IP that type is the second specified type is generated according to T2, the S2 and IP2 corresponding with T2, S2 received
Mapping item (is denoted as tunnel source IP mapping items 40).Here the second specified type is used to indicate tunnel source IP mapping items
Distal end is sent, and is identified with R.Table 2 shows the structure of tunnel source IP mapping items 40:
Table 2
It should be noted that in this application, LNS can also further feed back T1, S1 to LAC.Wherein, S1 is by LNS bases
In above-mentioned steps 301 LAC send S1 determine, T1 be by LNS based in above-mentioned steps 301 LAC send T2 determine with
The other end tunnel ID of the L2TP Tunnel of T2 instructions.After LAC receives T1, S1, step 303 is performed.
Step 303, LAC is that T1, the S1 received distributes a corresponding IP address (referred to as mapping IP address, be denoted as IP1),
(remember for a tunnel source IP mapping item of the first specified type according to T1, S1 and IP1 corresponding with T1, S1 generation types
For tunnel source IP mapping items 41).
In the present embodiment, LAC can calculate an IP address (referred to as mapping IP according to default algorithm and with reference to T1, S1
Address is denoted as IP1).Afterwards, LAC is the first specified type according to T1, S1 and IP1 corresponding with T1, S1 generation types
One tunnel source IP mapping item (being denoted as tunnel source IP mapping items 41).Here, the first specified type is used to indicate tunnel source
IP mapping items generate to be local, are identified with L.On the basis of table 2, tunnel source IP mapping items 41 have been shown in particular in table 3
Structure:
Table 3
As one embodiment, the operation that tunnel source IP mapping items 41 are generated in this step 303 also can be in above-mentioned steps
It is performed in 301.Compared to tunnel source IP mapping items 41 are generated in step 301, generated after receiving T2, S2 after step 301
Tunnel source IP mapping items 41 can ensure that the tunnel source IP mapping items 41 of generation are available, and reason is:If in step
Tunnel source IP mapping items 41 are generated in 301, and if T1, S1 for being sent in step 301 do not reach LNS, the tunnel generated
Source IP mapping item 41 is useless, wastes list item resource.
In this way, LAC can generate tunnel source IP mapping items according to the operation of above-mentioned steps 301 to step 303, realize
The generation of tunnel source IP mapping tables.
So far, flow shown in Fig. 3 is completed.
It should be noted that in step 303, LAC can also be further anti-by T1, S1 and IP1 corresponding with T1, S1
Feed LNS.As one embodiment, in this application, LAC can carry T1, S1 and IP1 corresponding with T1, S1 in ICCN
In message and it is sent to LNS.When LNS receives T1, S1 of LAC feedbacks and IP1 corresponding with T1, S1, then foundation receives
T1, S1 and IP1 corresponding with T1, S1 generation types (are denoted as tunnel for a tunnel source IP mapping item of the second specified type
Road source IP mapping item 31), the second specified type here is used to indicate tunnel source IP mapping items as distal end transmission, is marked with R
Know.Based on the tunnel source IP mapping items 30 shown in table 1, table 4 shows the structure of tunnel source IP mapping items 31:
Table 4
It is above-mentioned to describe how to generate tunnel source IP mapping tables so that BRAS equipment is LAC as an example, below using BRAS equipment as LNS
Exemplified by describe how to generate tunnel source IP mapping tables:
Referring to Fig. 4, Fig. 4 is another tunnel source IP mapping tables product process figure provided by the embodiments of the present application.In this implementation
In example, BRAS equipment LNS, on the premise of being LNS based on BRAS equipment, in the present embodiment, the opposite equip. of BRAS equipment is
LAC.Tunnel source IP mapping table product processes shown in Fig. 4 mainly include:L2TP tunnels between this LNS and opposite equip. LAC
After road is successfully established, with receiving opposite equip. LAC T1, S1 for being sent after user reaches the standard grade and mapping IP corresponding with T1, S1
Location is the tunnel of the second specified type according to T1, the S1 and mapping IP address generation type corresponding with T1, S1 received
Source IP mapping item;The T1 is:LAC is that one end tunnel ID, S1 of the L2TP Tunnel distribution being successfully established are:LAC is
One end Session for being carried on the L2TP Tunnel being successfully established and being distributed with the Session of the user-association of reaching the standard grade
ID;And
A corresponding mapping IP address is distributed for T2, S2, according to T2, S2 and mapping IP address corresponding with T2, S2
Generate the tunnel source IP mapping items that type is the first specified type;The T2 is:The LNS is the L2TP being successfully established
The other end tunnel ID of tunnel distributing, the S2 are:The LNS be carried on the L2TP Tunnel being successfully established and with institute
State the other end Session ID of the Session distribution for user-association of reaching the standard grade.
Flow shown in Fig. 4 is specifically described below:
As shown in figure 4, flow specifically includes shown in Fig. 4:
Step 401, LNS receives T2, S1 that LAC is sent, and the Session distribution that this LNS is S1 instructions is determined according to S1
Other end Session ID (being denoted as S2) distribute a corresponding IP address (referred to as mapping IP address, be denoted as IP2) for T2, S2,
(remember for a tunnel source IP mapping item of the first specified type according to T2, S2 and IP2 corresponding with T2, S2 generation types
For tunnel source IP mapping items 30).
This step 401 is specifically shown in above-mentioned steps 301, is not detailed herein.
Step 402, LNS feeds back T2, S2 and IP2 corresponding with T2, S2 to LAC.
This step 402 feeds back T2, S2 and IP2 corresponding with T2, S2 to LAC, and the purpose is to be convenient for LAC generation such as tunnel
Tunnel source IP mapping items shown in road source IP mapping item 40.
Step 403, LNS receive LAC feedback T1, S1 and IP1 corresponding with T1, S1, according to receive T1, S1,
And IP1 generation types corresponding with T1, S1 (are denoted as tunnel source IP for a tunnel source IP mapping item of the second specified type
Mapping item 31).
The structure of tunnel source IP mapping items 31 is as shown in table 4, repeats no more.
In this way, LNS can generate tunnel source IP mapping items according to the operation of above-mentioned steps 401 to step 43, realize
The generation of tunnel source IP mapping tables.
So far, flow shown in Fig. 4 is completed.
The generation of tunnel source IP mapping tables is described above.
Below based on tunnel source IP mapping tables as described above, flow shown in above-mentioned Fig. 2 is carried out by two embodiments
Description:
In one of the embodiments:
Referring to Fig. 5, Fig. 5 is the method flow diagram that the one of embodiment of the application provides.The present embodiment is with BRAS equipment
For LAC, the opposite equip. of BRAS equipment is describes exemplified by LNS:
As shown in figure 5, the flow may include following steps:
Step 501, LAC receives data message (being denoted as message 50) by local user's side ports.
Step 502, LAC judges whether message 50 hits PPPOE user's list item, if being not hit by direct dropping packets 50,
If hit performs step 503.
Step 503, the L2TP Tunnel association identification in PPPOE user's list item that LAC is hit according to message 50 determines L2TP
Tunnel ID judges whether to hit L2TP Tunnel envelope according to definite L2TP Tunnel ID and message 50 the Session ID carried
List item is filled, if hit, step 504 is performed, if miss, E-Packets 50 in the way of non-L2TP Tunnel.
Step 504, LAC encapsulates L2TP Tunnel head in message 50, checks in local tunnel source IP mapping tables with the presence or absence of true
The Session ID that fixed L2TP Tunnel ID and message 50 carry and the tunnel IP mapping tables that type is the first specified type
, if so, step 505 is performed, if it is not, then directly E-Packeting 50 via the corresponding L2TP Tunnel of L2TP Tunnel ID.
In this step 504, in the L2TP Tunnel head of encapsulation tunnel source IP address be this LAC IP address, tunnel destination IP
Address is the IP address of opposite equip. LNS.
Step 505, tunnel source IP address in L2TP Tunnel head is revised as in the existing tunnel IP mapping items by LAC
IP address is simultaneously forwarded via the corresponding L2TP Tunnel of L2TP Tunnel ID.
This step 505 is that above-mentioned steps 504 determine that there is definite L2TP Tunnel ID and message 50 carries
It is performed on the premise of the tunnel IP mapping items of Session ID and type for the first specified type, if the existing tunnel
Road IP mapping items are the tunnel source IP mapping items 41 shown in above-mentioned table 3, then in this step 505, LAC will be in L2TP Tunnel head
Tunnel source IP address is revised as the IP address i.e. IP1 in tunnel IP mapping items 41 and via the corresponding L2TP tunnel of L2TP Tunnel ID
Road forwards.As described above, IP1 is LAC according to T1, S1 and is calculated according to certain algorithm, is not the IP address of this LAC,
It is all not the IP address of this LAC to realize via all data messages of L2TP Tunnel forwarding, can be to be calculated according to algorithm
Come IP address, even if in this way, on L2TP Tunnel intermediary network device discovery have a plurality of equivalent route forwarding data packets,
Different routings can be selected because the tunnel source IP address in the L2TP Tunnel head packaged by data message is different, realize L2TP
Intermediary network device on tunnel shares mode forwarding data packets according to routing overhead.
So far, flow shown in Fig. 5 is completed.
Flow shown in Fig. 5 is described so that LAC is sent datagram by L2TP Tunnel as an example.And when LAC passes through L2TP
When tunnel face receives the data message for encapsulating L2TP Tunnel head that opposite equip. LNS is sended over, it can perform shown in Fig. 6
Flow.
Referring to Fig. 6, Fig. 6 is the another method flow chart that the one of embodiment of the application provides.The application one of them
Embodiment is using BRAS equipment as LAC, and the opposite equip. of BRAS equipment is describes exemplified by LNS:
As shown in fig. 6, the flow may include following steps:
Step 601, LAC receives data message (being denoted as message 60) by local L2TP Tunnel mouth.
Message 60 is specially the PPPOE data messages for encapsulating L2TP Tunnel head.
Step 602, LAC judges whether message 60 hits fib table, if being not hit by directly abandoning, if hit, performs step
Rapid 603.
Step 603, LAC parses Session ID from message 60 and is solved from the L2TP Tunnel head that message 60 encapsulates
L2TP Tunnel ID is precipitated, is judged whether to hit L2TP Tunnel deblocking according to L2TP Tunnel ID and the Session ID parsed
List item is filled, if hit, L2TP Tunnel deblocking is directly directly carried out to message 60 according to the L2TP Tunnel decapsulation list item of hit
Dress, if miss, performs step 604.
In this step 603, when L2TP Tunnel ID and the Session ID that basis parses judge miss L2TP Tunnel
List item is decapsulated, then illustrates opposite equip. LNS when sending message 60 it is possible that having modified the L2TP Tunnel head of the encapsulation of message 60
In L2TP Tunnel source IP address, so also needing to further perform step 604.
Step 604, LAC parses L2TP Tunnel source IP address from the L2TP Tunnel head that message 60 encapsulates, and checks local
With the presence or absence of L2TP Tunnel source IP address, L2TP Tunnel ID, Session ID and the type parsed in tunnel source IP mapping tables
For the tunnel IP mapping items of the second specified type, if it is, step 605 is performed, if it is not, then dropping packets 60.
In this step 604, when LAC is checked in local tunnel source IP mapping tables in the presence of the L2TP Tunnel source IP parsed
Location, L2TP Tunnel ID, Session ID and type are the tunnel IP mapping items of the second specified type, then illustrate opposite equip.
LNS has modified the L2TP Tunnel source IP address in the L2TP Tunnel head of the encapsulation of message 60 when sending message 60, then can be by message
L2TP Tunnel source IP address in the L2TP Tunnel head of 60 encapsulation replaces with the IP address of opposite equip. LNS, afterwards according to L2TP
Tunnel ID, Session ID and replaced tunnel source IP address judge whether that hitting L2TP Tunnel decapsulates list item, if
It is to perform step 605.
Step 605, LAC directly directly carries out L2TP Tunnel decapsulation to message 60 and is forwarded by looking into PPPOE user's table
Message after L2TP Tunnel decapsulation.
Finally, the decapsulation of message 60 is realized by flow shown in Fig. 6.
So far, flow shown in Fig. 6 is completed.
One of embodiment is described above, other in which embodiment is described below:
In wherein another embodiment:
Using BRAS equipment as LNS, the opposite equip. of BRAS equipment is describes exemplified by LAC.
Referring to Fig. 7, Fig. 7 is the method flow diagram that the application another embodiment provides.As shown in fig. 7, the flow can wrap
Include following steps:
Step 701, LNS receives data message (being denoted as message 70) by non-L2TP Tunnel mouth.
Step 702, LNS judges whether message 70 hits fib table item, if being not hit by direct dropping packets 70, if life
In, perform step 703.
Step 703, the L2TP Tunnel association identification in the fib table item that LNS is hit according to message 50 determines L2TP Tunnel ID,
Judge whether to hit L2TP Tunnel encapsulation list item according to definite L2TP Tunnel ID and message 70 the Session ID carried,
If hit, step 704 is performed, if miss, E-Packets 70 in the way of non-L2TP Tunnel.
Step 704, LNS encapsulates L2TP Tunnel head in message 70, checks in local tunnel source IP mapping tables with the presence or absence of true
The Session ID that fixed L2TP Tunnel ID and message 70 carry and the tunnel IP mapping tables that type is the first specified type
, if so, step 705 is performed, if it is not, then directly E-Packeting 70 via the corresponding L2TP Tunnel of L2TP Tunnel ID.
In this step 704, in the L2TP Tunnel head of encapsulation tunnel source IP address be this LNS IP address, tunnel destination IP
Address is the IP address of opposite equip. LAC.
Step 705, tunnel source IP address in L2TP Tunnel head is revised as in the existing tunnel IP mapping items by LNS
IP address is simultaneously forwarded via the corresponding L2TP Tunnel of L2TP Tunnel ID.
This step 705 is that above-mentioned steps 704 determine that there is definite L2TP Tunnel ID and message 70 carries
It is performed on the premise of the tunnel IP mapping items of Session ID and type for the first specified type, if the existing tunnel
Road IP mapping items are the tunnel source IP mapping items 30 shown in above-mentioned table 4, then in this step 705, LNS will be in L2TP Tunnel head
Tunnel source IP address is revised as the IP address i.e. IP2 in tunnel IP mapping items 30 and via the corresponding L2TP tunnel of L2TP Tunnel ID
Road forwards.As described above, IP2 is LNS according to T2, S2 and is calculated according to certain algorithm, is not the IP address of this LNS,
It is all not the IP address of this LNS to realize via all data messages of L2TP Tunnel forwarding, can be to be calculated according to algorithm
Come IP address, even if in this way, on L2TP Tunnel intermediary network device discovery have a plurality of equivalent route forwarding data packets,
Different routings can be selected because the tunnel source IP address in the L2TP Tunnel head packaged by data message is different, realize L2TP
Intermediary network device on tunnel shares mode forwarding data packets according to routing overhead.
So far, flow shown in Fig. 7 is completed.
Flow shown in Fig. 7 is described so that LNS is sent datagram by L2TP Tunnel as an example.And when LNS passes through L2TP
When tunnel face receives the data message for encapsulating L2TP Tunnel head that opposite equip. LAC is sended over, it can perform shown in Fig. 8
Flow.
Referring to Fig. 8, Fig. 8 is the another method flow chart that the application another embodiment provides.As shown in figure 8, the flow
It may include following steps:
Step 801, LNS receives data message (being denoted as message 80) by local L2TP Tunnel mouth.
Message 80 is specially the PPPOE data messages for encapsulating L2TP Tunnel head.
Step 802, LNS judges whether message 80 hits fib table, if being not hit by directly abandoning, if hit, performs step
Rapid 803.
Step 803, LNS parses Session ID from message 80 and is solved from the L2TP Tunnel head that message 80 encapsulates
L2TP Tunnel ID is precipitated, is judged whether to hit L2TP Tunnel deblocking according to L2TP Tunnel ID and the Session ID parsed
List item is filled, if hit, L2TP Tunnel deblocking is directly directly carried out to message 80 according to the L2TP Tunnel decapsulation list item of hit
Dress, if miss, performs step 804.
In this step 803, when L2TP Tunnel ID and the Session ID that basis parses judge miss L2TP Tunnel
List item is decapsulated, then illustrates opposite equip. LAC when sending message 80 it is possible that having modified the L2TP Tunnel head of the encapsulation of message 80
In L2TP Tunnel source IP address, so also needing to further perform step 804.
Step 804, LNS parses L2TP Tunnel source IP address from the L2TP Tunnel head that message 80 encapsulates, and checks local
With the presence or absence of L2TP Tunnel source IP address, L2TP Tunnel ID, Session ID and the type parsed in tunnel source IP mapping tables
For the tunnel IP mapping items of the second specified type, if it is, step 805 is performed, if it is not, then dropping packets 80.
In this step 804, when LNS is checked in local tunnel source IP mapping tables in the presence of the L2TP Tunnel source IP parsed
Location, L2TP Tunnel ID, Session ID and type are the tunnel IP mapping items of the second specified type, then illustrate opposite equip.
LAC has modified the L2TP Tunnel source IP address in the L2TP Tunnel head of the encapsulation of message 80 when sending message 80, then can be by message
L2TP Tunnel source IP address in the L2TP Tunnel head of 80 encapsulation replaces with the IP address of opposite equip. LAC, afterwards according to L2TP
Tunnel ID, Session ID and replaced tunnel source IP address judge whether that hitting L2TP Tunnel decapsulates list item, if
It is to perform step 805.
Step 805, LNS directly directly carries out L2TP Tunnel decapsulation to message 80 and is forwarded by looking into PPPOE user's table
Message after L2TP Tunnel decapsulation.
The decapsulation of message 80 is realized eventually by flow shown in Fig. 8.
So far, flow shown in Fig. 8 is completed.
The method provided above the application is described.The device provided below the application is described:
Referring to Fig. 9, Fig. 9 is the structure drawing of device that itself please be provided.The device is applied to BRAS equipment, including:
Receiving unit, for receiving the first data message;
Determination unit, for determining first data message whether by established between this equipment and opposite equip.
L2TP Tunnel forwards;
Tunnel unit, for when the definitive result of the determination unit is to be, checking in local tunnel source IP mapping tables
With the presence or absence of the matched tunnel source IP mapping items of first data message;If so, according to the tunnel source IP mapping items
The mapping IP address of instruction encapsulates first data message and passes through the L2TP Tunnel and forwards.
As one embodiment, the tunnel unit is checked in local tunnel source IP mapping tables with the presence or absence of the described first number
Include according to the matched tunnel source IP mapping items of message:
It checks in local tunnel source IP mapping tables with the presence or absence of the L2TP Tunnel ID comprising the L2TP Tunnel, described first
Session Session ID and type that data message carries are the tunnel source IP mapping items of the first specified type;
If so, determine that there are the matched tunnel source IP mapping tables of first data message in the tunnel source IP mapping tables of local
;
If it is not, determine that there is no the matched tunnel source IP mappings of first data message in the tunnel source IP mapping tables of local
List item.
As one embodiment, the tunnel unit encapsulates institute according to the mapping IP address that the source IP mapping item indicates
Stating the first data message includes:
It is the L2TP Tunnel head of the mapping IP address in the first data message encapsulation tunnel source IP address.
As one embodiment, the receiving unit further encapsulates L2TP Tunnel by the reception of local L2TP Tunnel mouth
Second data message of head;
The tunnel unit, which further checks, whether there is second data message in local tunnel source IP mapping tables
The tunnel source IP mapping items matched somebody with somebody;If so, the L2TP Tunnel head that second data message is encapsulated is decapsulated and forwarded
Data message after decapsulation.
As one embodiment, the tunnel unit is checked in local tunnel source IP mapping tables with the presence or absence of the described second number
Include according to the matched tunnel source IP mapping items of message:
Session Session ID and the L2TP Tunnel encapsulated from the second data message are parsed from the second data message
L2TP Tunnel ID is parsed in head;
If decapsulating list item according to L2TP Tunnel ID, the session Session ID miss local L2TP parsed, from
L2TP Tunnel source IP address is parsed in the L2TP Tunnel head of second data message encapsulation, is checked in local tunnel source IP mapping tables
Refer to the presence or absence of comprising L2TP Tunnel source IP address, L2TP Tunnel ID, session Session ID and the type parsed for second
Determine the tunnel source IP mapping items of type;
If so, determine that there are the matched tunnel source IP mapping tables of second data message in the tunnel source IP mapping tables of local
;
If it is not, determine that there is no the matched tunnel source IP mappings of second data message in the tunnel source IP mapping tables of local
List item.
So far, the structure of Fig. 9 shown devices is completed.
The hardware unit provided below the application is described:
Referring to Figure 10, Figure 10 is the hardware unit structure chart that the application provides.As shown in Figure 10, including:Processor and machine
Device readable storage medium storing program for executing, the machine readable storage medium are stored with the machine-executable instruction that can be executed by processor;Institute
Processor is stated for performing the machine-executable instruction, to realize message forwarding method as described above.
In the application, machine readable storage medium can be any electronics, magnetism, optics or other physical storage devices,
Information can be included or store, such as executable instruction, data, etc..For example, machine readable storage medium can be:It deposits at random
Access to memory (English:Radom Access Memory, referred to as:RAM), volatile memory, nonvolatile memory, flash memory, deposit
Store up driver (such as hard disk drive), solid state disk, any kind of storage dish (such as CD, dvd) or similar storage
Medium or combination thereof.
So far, hardware configuration description shown in Fig. 10 is completed.
In this application, a kind of machine readable storage medium including machine-executable instruction, such as Figure 10 are additionally provided
In machine readable storage medium, the machine-executable instruction can by the processor in internal storage access device perform with realize with
The message forwarding method of upper description.
Specifically, can perform by calling and performing machine corresponding with memory pool access method in machine readable storage medium
Instruction, processor can perform the operation in more than message forwarding method.
The foregoing is merely the preferred embodiment of the application, not limiting the application, all essences in the application
God and any modification, equivalent substitution, improvement and etc. within principle, done, should be included within the scope of the application protection.
Claims (14)
1. a kind of message forwarding method, which is characterized in that this method is applied to Broadband Remote Access Server BRAS equipment, bag
It includes:
Receive the first data message;
It determines that first data message is forwarded by established L2TP Tunnel between this equipment and opposite equip., then checks this
It whether there is the matched tunnel source IP mapping items of first data message in ground tunnel source IP mapping tables;
If so, the mapping IP address according to tunnel source IP mapping items instruction encapsulates first data message and passes through institute
State L2TP Tunnel forwarding.
2. according to the method described in claim 1, it is characterized in that, described check whether there is in local tunnel source IP mapping tables
The matched tunnel source IP mapping items of first data message include:
It checks in local tunnel source IP mapping tables with the presence or absence of the L2TP Tunnel ID comprising the L2TP Tunnel, first data
Session Session ID and type that message carries are the tunnel source IP mapping items of the first specified type;
If so, determine that there are the matched tunnel source IP mapping items of first data message in the tunnel source IP mapping tables of local;
If it is not, it determines that the matched tunnel source IP mapping tables of first data message are not present in the tunnel source IP mapping tables of local
.
3. according to the method described in claim 1, it is characterized in that, the reflecting according to tunnel source IP mapping items instruction
Penetrating IP address encapsulation first data message includes:
It is the L2TP Tunnel head of the mapping IP address in the first data message encapsulation tunnel source IP address.
4. according to the method described in claim 1, it is characterized in that, this method further comprises:
The second data message of L2TP Tunnel head is encapsulated by the reception of local L2TP Tunnel mouth;
It checks in local tunnel source IP mapping tables and whether there is the matched tunnel source IP mapping items of second data message;
If so, the L2TP Tunnel head that second data message is encapsulated is decapsulated and forwards the datagram after decapsulation
Text.
5. according to the method described in claim 4, it is characterized in that, described check whether there is in local tunnel source IP mapping tables
The matched tunnel source IP mapping items of second data message include:
Session Session ID are parsed from the second data message and from the L2TP Tunnel head that the second data message encapsulates
Parse L2TP Tunnel ID;
If according to L2TP Tunnel ID, session Session ID miss local L2TP the decapsulation list item parsed, from second
Parse L2TP Tunnel source IP address in the L2TP Tunnel head of data message encapsulation, check in local tunnel source IP mapping tables whether
In the presence of comprising L2TP Tunnel source IP address, L2TP Tunnel ID, session Session ID and the type parsed class is specified for second
The tunnel source IP mapping items of type;
If so, determine that there are the matched tunnel source IP mapping items of second data message in the tunnel source IP mapping tables of local;
If it is not, it determines that the matched tunnel source IP mapping tables of second data message are not present in the tunnel source IP mapping tables of local
.
6. method according to any one of claims 1 to 5, which is characterized in that the BRAS equipment is L2TP Access Concentrator
LAC;
Tunnel source IP mapping items are generated before the method by following steps in local tunnel source IP mapping tables:
After L2TP Tunnel between this LAC and opposite equip. LNS is successfully established, if finding to there is user to reach the standard grade, for T1, S1 points
With a corresponding mapping IP address, refer to according to T1, S1 and mapping IP address generation type corresponding with T1, S1 for first
Determine the tunnel source IP mapping items of type, the T1 is:LAC is one end tunnel of the L2TP Tunnel distribution being successfully established
ID, S1 are:LAC is to be carried on the L2TP Tunnel being successfully established and distributed with the Session of the user-association of reaching the standard grade
One end Session ID;
Receive T2, S2 of opposite equip. LNS feedback and mapping IP address corresponding with T2, S2, according to the T2, S2 received,
And the tunnel source IP mapping items that mapping IP address generation type corresponding with T2, S2 is the second specified type, the T2 are:
The LNS is the other end tunnel ID of the L2TP Tunnel distribution being successfully established;The S2 is:The LNS is is carried on
The other end Session ID for stating on the L2TP Tunnel being successfully established and being distributed with the Session of the user-association of reaching the standard grade.
7. method according to any one of claims 1 to 5, which is characterized in that the BRAS equipment is L2TP Network Server
LNS;
Tunnel source IP mapping items are generated before the method by following steps in local tunnel source IP mapping tables:
After L2TP Tunnel between this LNS and opposite equip. LAC is successfully established, opposite equip. LAC is received after user reaches the standard grade
T1, S1 of transmission and mapping IP address corresponding with T1, S1 according to T1, S1 for receiving and corresponding with T1, S1 are reflected
Penetrate the tunnel source IP mapping items that IP address generation type is the second specified type;The T1 is:LAC is described to be successfully established
L2TP Tunnel distribution one end tunnel ID, S1 be:LAC is to be carried on the L2TP Tunnel being successfully established and reach the standard grade with described
One end Session ID of the Session distribution of user-association;
A corresponding mapping IP address is distributed for T2, S2, according to T2, S2 and mapping IP address generation corresponding with T2, S2
Type is the tunnel source IP mapping items of the first specified type;The T2 is:The LNS is the L2TP Tunnel being successfully established
The other end tunnel ID of distribution, the S2 are:The LNS be carried on the L2TP Tunnel being successfully established and with it is described on
The other end Session ID of the Session distribution of line user-association.
8. a kind of apparatus for forwarding message, which is characterized in that the device is applied to Broadband Remote Access Server BRAS equipment, bag
It includes:
Receiving unit, for receiving the first data message;
Determination unit, for determining first data message whether by established L2TP between this equipment and opposite equip.
Tunnel forwards;
Tunnel unit, during for being in the definitive result of the determination unit, check in local tunnel source IP mapping tables whether
There are the matched tunnel source IP mapping items of first data message;If so, it is indicated according to the tunnel source IP mapping items
Mapping IP address encapsulate first data message and pass through the L2TP Tunnel and forward.
9. device according to claim 7, which is characterized in that the tunnel unit is checked in local tunnel source IP mapping tables
Include with the presence or absence of the matched tunnel source IP mapping items of first data message:
It checks in local tunnel source IP mapping tables with the presence or absence of the L2TP Tunnel ID comprising the L2TP Tunnel, first data
Session Session ID and type that message carries are the tunnel source IP mapping items of the first specified type;
If so, determine that there are the matched tunnel source IP mapping items of first data message in the tunnel source IP mapping tables of local;
If it is not, it determines that the matched tunnel source IP mapping tables of first data message are not present in the tunnel source IP mapping tables of local
.
10. device according to claim 7, which is characterized in that the tunnel unit is according to the tunnel source IP mapping tables
The mapping IP address of item instruction, which encapsulates first data message, to be included:
It is the L2TP Tunnel head of the mapping IP address in the first data message encapsulation tunnel source IP address.
11. device according to claim 7, which is characterized in that the receiving unit further passes through local L2TP Tunnel
Mouth receives the second data message for encapsulating L2TP Tunnel head;
The tunnel unit further checks matched with the presence or absence of second data message in local tunnel source IP mapping tables
Tunnel source IP mapping items;If so, the L2TP Tunnel head that second data message is encapsulated is decapsulated and forwards deblocking
Data message after dress.
12. according to the devices described in claim 11, which is characterized in that the tunnel unit checks local tunnel source IP mapping tables
In include with the presence or absence of the matched tunnel source IP mapping items of second data message:
Session Session ID are parsed from the second data message and from the L2TP Tunnel head that the second data message encapsulates
Parse L2TP Tunnel ID;
If according to L2TP Tunnel ID, session Session ID miss local L2TP the decapsulation list item parsed, from second
Parse L2TP Tunnel source IP address in the L2TP Tunnel head of data message encapsulation, check in local tunnel source IP mapping tables whether
In the presence of comprising L2TP Tunnel source IP address, L2TP Tunnel ID, session Session ID and the type parsed class is specified for second
The tunnel source IP mapping items of type;
If so, determine that there are the matched tunnel source IP mapping items of second data message in the tunnel source IP mapping tables of local;
If it is not, it determines that the matched tunnel source IP mapping tables of second data message are not present in the tunnel source IP mapping tables of local
.
13. a kind of network equipment, which is characterized in that including:Processor and machine readable storage medium, the machine readable storage
Media storage has the machine-executable instruction that can be executed by processor;The processor can perform finger for performing the machine
Order, to realize any methods of claim 1-7.
14. a kind of machine readable storage medium, which is characterized in that the machine readable storage medium is stored with machine and can perform finger
Order, for the machine-executable instruction when being called and being performed by processor, the machine-executable instruction promotes the processor
Realize any methods of claim 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711463958.4A CN108111385B (en) | 2017-12-28 | 2017-12-28 | Message forwarding method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711463958.4A CN108111385B (en) | 2017-12-28 | 2017-12-28 | Message forwarding method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108111385A true CN108111385A (en) | 2018-06-01 |
| CN108111385B CN108111385B (en) | 2021-04-27 |
Family
ID=62214266
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711463958.4A Active CN108111385B (en) | 2017-12-28 | 2017-12-28 | Message forwarding method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108111385B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109981409A (en) * | 2019-03-26 | 2019-07-05 | 新华三技术有限公司 | Message forwarding method, device and forwarding device |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101478479A (en) * | 2008-12-31 | 2009-07-08 | 华为技术有限公司 | User access method, apparatus and system |
| CN102752221A (en) * | 2012-07-23 | 2012-10-24 | 杭州华三通信技术有限公司 | Method and device for sharing load of data message used for L2TP (layer 2 tunneling protocol) networking |
| CN103166846A (en) * | 2013-03-27 | 2013-06-19 | 杭州华三通信技术有限公司 | Message forwarding method and device |
| CN103368806A (en) * | 2012-03-26 | 2013-10-23 | 华为技术有限公司 | Method and system for processing data flow and device |
| US9577927B2 (en) * | 2014-06-30 | 2017-02-21 | Nicira, Inc. | Encoding control plane information in transport protocol source port field and applications thereof in network virtualization |
| CN107046503A (en) * | 2017-04-24 | 2017-08-15 | 新华三技术有限公司 | A kind of message transmitting method, system and its apparatus |
-
2017
- 2017-12-28 CN CN201711463958.4A patent/CN108111385B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101478479A (en) * | 2008-12-31 | 2009-07-08 | 华为技术有限公司 | User access method, apparatus and system |
| CN103368806A (en) * | 2012-03-26 | 2013-10-23 | 华为技术有限公司 | Method and system for processing data flow and device |
| CN102752221A (en) * | 2012-07-23 | 2012-10-24 | 杭州华三通信技术有限公司 | Method and device for sharing load of data message used for L2TP (layer 2 tunneling protocol) networking |
| CN103166846A (en) * | 2013-03-27 | 2013-06-19 | 杭州华三通信技术有限公司 | Message forwarding method and device |
| US9577927B2 (en) * | 2014-06-30 | 2017-02-21 | Nicira, Inc. | Encoding control plane information in transport protocol source port field and applications thereof in network virtualization |
| CN107046503A (en) * | 2017-04-24 | 2017-08-15 | 新华三技术有限公司 | A kind of message transmitting method, system and its apparatus |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109981409A (en) * | 2019-03-26 | 2019-07-05 | 新华三技术有限公司 | Message forwarding method, device and forwarding device |
| CN109981409B (en) * | 2019-03-26 | 2021-05-07 | 新华三技术有限公司 | Message forwarding method, device and forwarding equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108111385B (en) | 2021-04-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11671367B1 (en) | Methods and apparatus for improving load balancing in overlay networks | |
| US11438267B2 (en) | Method and system for service switching using service tags | |
| EP2579544B1 (en) | Methods and apparatus for a scalable network with efficient link utilization | |
| CN107104872B (en) | Access control method, device and system | |
| US7633921B2 (en) | Mobile network automatic tunnels | |
| CN107659485B (en) | Method and device for communication between equipment and server in Virtual Private Network (VPN) | |
| CN103188351B (en) | IPSec VPN traffic method for processing business and system under IPv6 environment | |
| US20120099602A1 (en) | End-to-end virtualization | |
| US20070058644A1 (en) | Service for NAT traversal using IPSEC | |
| CN104683210B (en) | A kind of automatic method and apparatus for establishing tunnel | |
| US10044841B2 (en) | Methods and systems for creating protocol header for embedded layer two packets | |
| CN106559292A (en) | A kind of broad band access method and device | |
| NZ553712A (en) | Methods and apparatus for efficient VPN server interface, address allocation, and signaling with a local addressing domain | |
| CN101030935B (en) | Method for crossing NAT-PT by IPSec | |
| CN109412927B (en) | Multi-VPN data transmission method and device and network equipment | |
| US20140294018A1 (en) | Protocol for layer two multiple network links tunnelling | |
| CN104426737B (en) | A kind of method and apparatus for realizing Dynamic VPN network link layer communications | |
| CN108390812B (en) | Message forwarding method and device | |
| Hassan et al. | Enhancing security for IPv6 neighbor discovery protocol using cryptography | |
| US9391951B2 (en) | Communication network with distributed network address translation functionality | |
| US8761007B1 (en) | Method and apparatus for preventing a mobile device from creating a routing loop in a network | |
| CN103067411B (en) | Prevent the DoS attack method and apparatus in DS-Lite networking | |
| CN108111385A (en) | Message forwarding method and device | |
| WO2019041332A1 (en) | Method and system for optimizing transmission of acceleration network | |
| CN107547621A (en) | A kind of message forwarding method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |