CN109067635B - Information processing method and device - Google Patents

Information processing method and device Download PDF

Info

Publication number
CN109067635B
CN109067635B CN201811149995.2A CN201811149995A CN109067635B CN 109067635 B CN109067635 B CN 109067635B CN 201811149995 A CN201811149995 A CN 201811149995A CN 109067635 B CN109067635 B CN 109067635B
Authority
CN
China
Prior art keywords
vtep
interface
target
esi
target client
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811149995.2A
Other languages
Chinese (zh)
Other versions
CN109067635A (en
Inventor
林姗
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou H3C Technologies Co Ltd
Original Assignee
Hangzhou H3C Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou H3C Technologies Co Ltd filed Critical Hangzhou H3C Technologies Co Ltd
Priority to CN201811149995.2A priority Critical patent/CN109067635B/en
Publication of CN109067635A publication Critical patent/CN109067635A/en
Application granted granted Critical
Publication of CN109067635B publication Critical patent/CN109067635B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0654Management of faults, events, alarms or notifications using network fault recovery
    • H04L41/0668Management of faults, events, alarms or notifications using network fault recovery by dynamic selection of recovery network elements, e.g. replacement by the most appropriate element after failure
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/74Address processing for routing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)

Abstract

The embodiment of the application provides an information processing method and device, wherein a first VTEP of an EVPN park network based on user identity establishes a first AC associated with target client information and a target VXLAN tunnel on a first interface after determining that a target client accessed to a local machine through the first interface passes authentication; and if the second VTEP is the backup device of the local machine, the first interface is configured with a first ESI, and sends a first routing message carrying the authentication information of the target client, the first ESI, the information of the target client and the identifier of the target VXLAN tunnel to the second VTEP. The second VTEP establishes a second AC associated with the target client information and the target VXLAN tunnel over a second interface configured with the first ESI based on the first routing message. By applying the embodiment of the application, the problem of off-line and cutoff of the client caused by VTEP failure or link failure of the connected client can be solved, and user experience is improved.

Description

Information processing method and device
Technical Field
The present application relates to the field of communications technologies, and in particular, to an information processing method and apparatus.
Background
An Ethernet Virtual Private Network (EVPN) is a Network with two-layer VPN technology. The control plane of the EVPN uses a Multiprotocol-Border Gateway Protocol (MP-BGP for short) to announce EVPN routing messages, and the data plane of the EVPN uses a Virtual Extensible Local Area network (VXLAN for short) to forward messages.
In an EVPN park network based on user identity, a VXLAN Tunnel End Point (VXLAN Tunnel End Point, called VTEP for short) authenticates a client according to an authentication message sent by the client, and after the client passes the authentication. The VTEP creates an Access Circuit (AC) associated with the client information on the VTEP according to information such as an interface connecting the client, a Virtual Local Area Network (VLAN) to which the client belongs, and a Media Access Control (MAC) address of the client, and associates the AC with a corresponding VXLAN tunnel. At this point, the client comes online. And after receiving the data message sent by the client, the VTEP determines a corresponding VXLAN tunnel through the AC, and then forwards the data message through the determined VXLAN tunnel.
When the VTEP where the AC is located fails or a link connecting the client fails, if the client needs to continue accessing the network, the client needs to send the authentication packet to the VTEP again for authentication, which may cause a problem of disconnection of the client, resulting in poor user experience.
Disclosure of Invention
An object of the embodiments of the present application is to provide an information processing method and apparatus, so as to solve the problem of client offline interruption caused by VTEP failure or link failure connecting a client, and improve user experience. The specific technical scheme is as follows:
in a first aspect, an embodiment of the present application provides an information processing method, applied to a first VTEP of an EVPN campus network based on a user identity, including:
after determining that the target client accessing the local machine through the first interface passes authentication, establishing a first AC associated with target client information on the first interface, and associating the first AC with a target VXLAN tunnel, wherein the target client information comprises: the VLAN to which the target client belongs, or the VLAN to which the target client belongs and the MAC address of the target client;
if it is determined that the second VTEP is a backup device of the local machine and the first interface is configured with a first Ethernet Segment Identifier (ESI), sending authentication information carrying a target client to the second VTEP, where the first ESI is a first routing message of the target client information and an Identifier of a target VXLAN tunnel, so that when the second VTEP determines that the first VTEP is the backup device of the local machine and the local machine has a second interface configured with the first ESI, the second VTEP establishes a second AC associated with the target client information on the second interface according to the first routing message and associates the second AC with the target VXLAN tunnel.
In a second aspect, an embodiment of the present application provides an information processing method, which is applied to a second VTEP of an EVPN campus network based on a user identity, where the method includes:
receiving a first routing message sent by a first VTEP, where the first routing message is a routing message sent by the first VTEP after determining that a target client accessing the local through a first interface passes authentication, establishing a first AC associated with target client information on the first interface, and associating the first AC with a target VXLAN tunnel, where the first routing message carries authentication information of the target client, a first ESI configured on the first interface, the target client information, and an identifier of the target VXLAN tunnel, and the target client information includes: the VLAN to which the target client belongs, or the VLAN to which the target client belongs and the MAC address of the target client;
and if the first VTEP is determined to be the backup device of the local machine and the local machine has a second interface configured with the first ESI, establishing a second AC associated with the target client information on the second interface according to the first routing message, and associating the second AC with the target VXLAN tunnel.
In a third aspect, an embodiment of the present application provides an information processing apparatus applied to a first VTEP of an EVPN campus network based on a user identity, where the apparatus includes:
the establishing unit is used for establishing a first AC associated with target client information on a first interface after the target client accessed to the local machine through the first interface is authenticated, and associating the first AC with a target VXLAN tunnel, wherein the target client information comprises: the VLAN to which the target client belongs, or the VLAN to which the target client belongs and the MAC address of the target client;
a sending unit, configured to send, to the second VTEP, first routing information carrying identification of the target client if it is determined that the second VTEP is a local backup device and the first interface is configured with a first ESI, where the first ESI, the target client information, and an identifier of the target VXLAN tunnel are carried, so that when the second VTEP determines that the first VTEP is a local backup device and a second interface configured with the first ESI exists, a second AC associated with the target client information is established on the second interface according to the first routing information, and the second AC is associated with the target VXLAN tunnel.
In a fourth aspect, an embodiment of the present application provides an information processing apparatus applied to a second VTEP of an EVPN campus network based on a user identity, where the apparatus includes:
a receiving unit, configured to receive a first routing message sent by a first VTEP, where the first routing message is a routing message sent by the first VTEP after determining that a target client accessing the local through a first interface passes authentication, establish a first AC associated with target client information on the first interface, and associate the first AC with a target VXLAN tunnel, where the first routing message carries authentication information of the target client, a first ESI configured by the first interface, the target client information and an identifier of the target VXLAN tunnel, and the target client information includes: the VLAN to which the target client belongs, or the VLAN to which the target client belongs and the MAC address of the target client;
and the establishing unit is used for establishing a second AC associated with the target client information on the second interface according to the first routing message and associating the second AC with the target VXLAN tunnel if the first VTEP is determined to be the backup device of the local machine and the local machine has a second interface configured with the first ESI.
In a fifth aspect, embodiments of the present application provide a VTEP that includes a processor and a machine-readable storage medium storing machine-executable instructions executable by the processor, the processor being caused by the machine-executable instructions to: implementing any of the information processing method steps provided in the first aspect above.
In a sixth aspect, embodiments of the present application provide a VTEP, including a processor and a machine-readable storage medium storing machine-executable instructions executable by the processor, the processor being caused by the machine-executable instructions to: implementing any of the information processing method steps provided in the second aspect above.
In a seventh aspect, an embodiment of the present application provides a machine-readable storage medium storing machine-executable instructions that, when invoked and executed by a processor, cause the processor to: implementing any of the information processing method steps provided in the first aspect above.
In an eighth aspect, embodiments of the present application provide a machine-readable storage medium storing machine-executable instructions that, when invoked and executed by a processor, cause the processor to: implementing any of the information processing method steps provided in the second aspect above.
In the technical solution provided in the embodiment of the present application, after determining that the target client accessing the local machine through the first interface is authenticated, the first VTEP establishes the first AC associated with the target client information, and associates the first AC with the target VXLAN tunnel. And then, if the second VTEP is determined to be the backup device of the local machine and the first interface is configured with the first ESI, sending a first routing message carrying the authentication information of the target client, the first ESI, the information of the target client and the identifier of the target VXLAN tunnel to the second VTEP. And when the second VTEP determines that the first VTEP is the backup device of the local machine and the local machine has a second interface configured with the first ESI, establishing a second AC associated with the target client information on the second interface according to the first routing message, and associating the second AC with the target VXLAN tunnel.
As can be seen, in the embodiment of the present application, the AC associated with the target client information may be backed up on multiple VTEPs. If the first VTEP fails or the link of the first VTEP connected with the target client fails, the target client does not need to send the authentication message to the VTEP for authentication again, the data message sent by the target client can be directly determined by the second VTEP through the second AC to determine the corresponding VXLAN tunnel, and then the data message is forwarded through the determined VXLAN tunnel, so that the problem of offline cutoff of the client caused by the failure of the VTEP or the link connected with the client is solved, and the user experience is improved.
Of course, it is not necessary for any product or method of the present application to achieve all of the above-described advantages at the same time.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a schematic diagram of an EVPN campus network based on user identity;
fig. 2 is a first flowchart of an information processing method according to an embodiment of the present application;
fig. 3 is a second flowchart of an information processing method according to an embodiment of the present application;
fig. 4 is a third schematic flowchart of an information processing method according to an embodiment of the present application;
fig. 5 is a fourth flowchart illustrating an information processing method according to an embodiment of the present application;
fig. 6 is a schematic diagram of a first structure of an information processing apparatus according to an embodiment of the present application;
fig. 7 is a schematic diagram of a second structure of an information processing apparatus according to an embodiment of the present application;
FIG. 8 is a schematic diagram of a first configuration of a VTEP provided in an embodiment of the present application;
fig. 9 is a schematic diagram of a second structure of a VTEP provided in an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Under the multi-attribution networking, when a user Edge device (CE) is connected to 2 or more service Provider Edge devices (PE) through different Ethernet links, the set of the Ethernet links forms 1 Ethernet Segment (ES), and a plurality of connected PEs form a redundancy backup group by the same ESI identifier. In the embodiment of the present application, different ESIs identify different ES.
Currently, an EVPN campus network based on subscriber identity is shown in fig. 1. The client may be connected directly to the VTEP, such as in the network shown in fig. 1, where client 110 is connected directly to VTEP 120. The client may also be connected to the VTEP through an access device, such as EVPN networking shown in fig. 1, the client 150 is connected to the access device 140, and the access device 140 is connected to the VTEP130, so that the client 150 is connected to the VTEP 130. Take client 110 as an example.
When client 110 needs to access the network, client 110 sends authentication message 1 to VTEP 120. The authentication message 1 includes authentication information 1 of the client 110. The authentication information 1 includes information such as a user name and a password of the client 110.
The VTEP120 receives the authentication message 1 sent by the client 110 through the interface 1, and authenticates the client 110 according to the authentication information 1 included in the authentication message 1. VTEP120 identifies VXLAN1 corresponding to interface 1 and the client information of client 110. The client information of the client 110 may at least include the VLAN 1 to which the client 110 belongs, or the client information of the client 110 may at least include the VLAN 1 to which the client 110 belongs and the MAC address 1 of the client 110. VTEP120 may obtain VLAN 1 to which client 110 belongs from authentication message 1.
Upon determining that client 110 is authenticated, VTEP120 establishes AC1 on interface 1 in association with the client information of client 110 and associates AC1 with VXLAN 1.
Then, when receiving the data packet 1 sent by the client 110, the VTEP120 determines the AC1 through the VLAN carried in the data packet 1, or the VLAN and MAC information, thereby determining the VXLAN1 corresponding to the AC1, and further forwarding the data packet 1 through the tunnel of the VXLAN 1.
Client 110 goes offline when VTEP120 fails, or when the link between VTEP120 and client 110 fails. If the client 110 needs to continue accessing the network, it needs to send the authentication message to other VTEPs again for authentication, which may cause the problem of offline of the client and result in poor user experience.
In order to solve the problem of client offline cutoff caused by VTEP failure or link failure of a connected client and improve user experience, the embodiment of the application provides an information processing method. The method can be applied to any VTEP in an EVPN campus network based on user identity, and for convenience of description, the first VTEP is taken as an example for illustration.
In the information processing method, after a first VTEP determines that a target client accessed to the local machine through a first interface passes authentication, a first AC associated with target client information is established on the first VTEP, and the first AC is associated with a target VXLAN tunnel. And then, if the second VTEP is determined to be the backup device of the local machine and the first interface is configured with the first ESI, sending a first routing message carrying the authentication information of the target client, the first ESI, the information of the target client and the identifier of the target VXLAN tunnel to the second VTEP. And when the second VTEP determines that the first VTEP is the backup device of the local machine and the local machine has a second interface configured with the first ESI, establishing a second AC associated with the target client information on the second interface according to the first routing message, and associating the second AC with the target VXLAN tunnel.
As can be seen, in the embodiment of the present application, the AC associated with the target client information may be backed up on multiple VTEPs. If the first VTEP fails or the link of the first VTEP connected with the target client fails, the target client does not need to send the authentication message to the VTEP for authentication again, the data message sent by the target client can be directly determined by the second VTEP through the second AC to determine the corresponding VXLAN tunnel, and then the data message is forwarded through the determined VXLAN tunnel, so that the problem of offline cutoff of the client caused by the failure of the VTEP or the link connected with the client is solved, and the user experience is improved.
The following description will be made by referring to specific examples.
Referring to fig. 2, fig. 2 is a first flowchart of an information processing method provided in an embodiment of the present application, where the method is applied to a first VTEP, and includes the following steps.
Step 201, after determining that the target client accessing the local machine through the first interface passes the authentication, establishing a first AC associated with the target client information on the first interface, and associating the first AC with the target VXLAN tunnel.
Wherein the target client information at least comprises: VLAN information to which the target client belongs, or VLAN information to which the target client belongs and MAC address information of the target client.
The target client accesses the first VTEP through the first interface, namely the first VTEP receives the authentication message or the data message sent by the target client through the first interface.
And when the target client needs to access the network, sending an authentication message to the first VTEP. The authentication message carries authentication information such as a user name and a password of the target client. And the first VTEP receives the authentication message through the first interface and authenticates the target client according to the authentication information of the target client, which is included in the authentication message. For example, the first VTEP sends authentication information of the target client to the authentication server. And the authentication server authenticates the target client according to the authentication information of the target client, and sends an authentication success message to the first VTEP after the target client is authenticated. And after receiving the authentication success message, the first VTEP determines that the target client side passes the authentication. And if the first VTEP does not receive the authentication success message or receives the authentication failure message, determining that the first client side is not authenticated.
After receiving the authentication message through the first interface, the first VTEP may determine a corresponding target VXLAN tunnel according to target client information carried in the authentication message.
After the target client is determined to pass the authentication, the first VTEP stores the authentication information of the target client, establishes a first AC associated with the information of the target client on the first interface, and associates the first AC with the target VXLAN tunnel.
In this way, when the first VTEP receives the data packet sent by the target client through the first interface, if the target client is determined to be a valid client, the target VXLAN tunnel corresponding to the target client information is determined through the first AC, and the data packet is forwarded through the target VXLAN tunnel.
Step 202, if it is determined that the second VTEP is the backup device of the local device and the first interface is configured with the first ESI, sending the first routing message carrying the authentication information of the target client, the first ESI, the information of the target client and the identifier of the target VXLAN tunnel to the second VTEP.
And after receiving the first routing message, the second VTEP establishes a second AC associated with the target client information on a second interface according to the first routing message when the first VTEP is determined to be the backup device of the local machine and the local machine has the second interface configured with the first ESI, and associates the second AC with the target VXLAN tunnel.
The first routing message may be an EVPN type routing message, such as an Auto-Discovery per EVPN Instance (english: a-D per EVI for short) routing message.
In order to avoid the problem of offline interruption of the target client after the failure of the first VTEP or the failure of the link between the first VTEP and the target client, a backup device can be configured on the first VTEP, and an interface configuration ESI of the first VTEP is configured. If the second VTEP is determined to be the backup device of the first VTEP, and the first interface is configured with the first ESI, a first AC associated with the target client information is established on the first interface, and after the first AC is associated with the target VXLAN tunnel, the first VTEP sends a first routing message carrying the authentication information of the target client, the first ESI, the target client information and the identifier of the target VXLAN tunnel to the second VTEP.
After receiving the first routing message, the second VTEP needs to determine whether the first VTEP sending the first routing message is a backup device of the local computer, if so, the second VTEP needs to acquire the first ESI from the first routing message, and further determines whether the local computer has a second interface configured with the first ESI, and if so, acquires the authentication information of the target client, the information of the target client, and the identifier of the target VXLAN tunnel from the first routing message. The second VTEP may determine that the target client is a client that passes authentication (i.e., a valid client) according to the authentication information of the target client included in the first routing message, save the authentication information of the target client, establish a second AC associated with the target client information on the second interface, and associate the second AC with the target VXLAN tunnel.
In this way, the target client may send a data message to the second VTEP upon failure of the first VTEP or failure of the link between the first VTEP and the target client. The second VTEP stores authentication information of the target client, and a second AC of the target client information is established on a second interface of the second VTEP. And when receiving the data message sent by the target client, the second VTEP determines that the target client passes the authentication according to the stored authentication information of the target client without re-authenticating the target client, determines the identifier of the target VXLAN tunnel corresponding to the information of the target client through the second AC, and further forwards the data message through the target VXLAN tunnel.
In an embodiment of the present application, after the first VTEP establishes the first AC associated with the target client information on the first interface and associates the first AC with the target VXLAN tunnel, if it is determined that the backup device is not configured on the local machine and/or there is no interface configured with ESI, the process flow is ended; if the backup device is configured on the local machine and the local machine has an interface configured with ESI, sending a first routing message to all the backup devices
Of course, after receiving the first routing message sent by the first VTEP, the second backup device discards the first routing message if the second VTEP determines that the first VTEP is not a local backup device and/or there is no second interface configured with the first ESI on the second VTEP.
In one embodiment of the present application, in the case where the first VTEP is not a backup device for the second VTEP, the flow of the information processing method may refer to fig. 3, and the method includes the following steps.
And step 301, receiving a second routing message carrying the second ESI sent by the second VTEP.
And the second routing message is a routing message sent by the second VTEP to the first VTEP when the first VTEP is configured as a local backup device, and the second ESI is an ESI configured on a third interface of the second VTEP.
And the second VTEP sends a second routing message carrying the second ESI to the first VTEP when the first VTEP is configured as a local backup device. The second ESI is an ESI configured on the third interface of the second VTEP. Wherein the third interface may be any interface on the second VTEP that is configured with ESI. The second routing message may be an Auto-Discovery per ES (hereinafter, referred to as a-D per ES) routing message of the ES.
Step 302, if it is determined that the second VTEP is a backup device of the local device and the local device has a fourth interface configured with the second ESI, a third routing message carrying the authentication information of the client corresponding to each AC established on the fourth interface, the second ESI, the client information, and the identifier of the VXLAN tunnel is sent to the second VTEP.
The third routing message may be an EVPN type routing message, such as an a-D per EVI routing message.
And after receiving the second routing message, the first VTEP judges whether the second VTEP is a backup device of the local computer, and judges whether a fourth interface configured with the second ESI exists on the local computer. And if the second VTEP is determined to be backup equipment of the local machine, and a fourth interface configured with the second ESI exists on the local machine, sending a third routing message to the second VTEP, wherein the third routing message carries the authentication information of the client corresponding to each AC established on the fourth interface, the second ESI, the client information and the identifier of the VXLAN tunnel. And the second VTEP respectively establishes the ACs associated with the client information on the third interface according to the third routing message, and respectively associates each AC with the corresponding VXLAN tunnel.
For example, VTEP1 obtains interface information configured with ESI locally when VTEP2 is configured as a backup device for VTEP1, such as obtaining interface 11 configured with ESI1 and interface 12 configured with ESI 2. VTEP1 sends ESI1 and ESI2 to VTEP2 in a second routing message.
VTEP2 determines that VTEP1 is a backup device of VTEP2 and that there is an interface 13 configured with ESI1, on which interface 13 is established an AC11 associated with client information 21 of client 21 and an AC12 associated with client information 22 of client 22. AC11 is associated with VXLAN tunnel 11 and AC12 is associated with VXLAN tunnel 12. In addition, VTEP2 determines that there is an interface 14 configured with ESI2, with an AC13 established on the interface 14 in association with the client information 23 of the client 23. AC13 is associated with VXLAN tunnel 13.
After receiving the second routing message sent by VTEP1, VTEP2 sends a third routing message 1 to VTEP1, where the third routing message carries the authentication information, ESI1, client information 21, and the identifier of the VXLAN tunnel 11 of the client 21 corresponding to AC 11; sending a third routing message 2 to VTEP1 carrying the authentication information, ESI1, client information 22, and the identity of the VXLAN tunnel 12 for the client 22 corresponding to AC 12; and sending a third routing message 3 carrying the authentication information, ESI2, client information 23 and the identifier of the VXLAN tunnel 13 of the client 23 corresponding to the AC13 to the VTEP1, wherein, of course, the authentication information, ESI, client information and the identifier of the VXLAN tunnel of the client corresponding to each of the multiple ACs may also be carried in the same third routing message for sending.
The VTEP1 stores the authentication information of the client 21, the authentication information of the client 22, and the authentication information of the client 23, establishes an AC21 associated with the client information 21 on the interface 11, associates an AC21 with the VXLAN tunnel 11, establishes an AC22 associated with the client information 22 on the interface 11, associates an AC22 with the VXLAN tunnel 12, establishes an AC23 associated with the client information 23 on the interface 12, and associates an AC23 with the VXLAN tunnel 13.
And if the first VTEP determines that the second VTEP is not the local backup device and/or a fourth interface configured with the second ESI does not exist on the first VTEP, discarding the second routing message.
In an embodiment of the present application, in a case where the first VTEP is a backup device of the second VTEP and the ESI is not configured on the fifth interface of the second VTEP, the flow of the information processing method may refer to fig. 4, and the method includes the following steps.
Step 401, receiving a fourth routing message carrying the third ESI sent by the second VTEP. And the fourth routing message is a routing message sent by the second VTEP to the first VTEP when the fifth interface of the second VTEP is configured with the third ESI under the condition that the first VTEP is configured as the local backup device.
The second VTEP is configured as a native backup device, and the fourth routing message is sent to the first VTEP when the fifth interface of the second VTEP is configured with the third ESI. The fifth interface may be any unconfigured ESI interface on the second VTEP. The fourth routing message may be an a-D per ES routing message or the like.
Step 402, if it is determined that the second VTEP is the backup device of the local device and the local device has a sixth interface configured with the third ESI, sending a fifth routing message to the second VTEP, where the fifth routing message carries the authentication information of the client corresponding to each AC established on the sixth interface, the third ESI, the client information, and the identifier of the VXLAN tunnel.
The fifth routing message may be an EVPN type routing message, such as an a-D per EVI routing message.
And after receiving the fifth routing message, the first VTEP judges whether the second VTEP is a backup device of the local machine and judges whether a sixth interface configured with a third ESI exists on the local machine. And if the second VTEP is determined to be the backup device of the local machine, and the local machine has a sixth interface configured with a third ESI, sending a fifth routing message to the second VTEP, wherein the fifth routing message carries the authentication information of the client corresponding to each AC established on the sixth interface, the third ESI, the client information and the identifier of the VXLAN tunnel. And the second VTEP establishes the ACs associated with the client information on the sixth interface respectively according to the fifth routing message, and associates the ACs with the corresponding VXLAN tunnels respectively.
For example, VTEP1 is a backup device for VTEP 2. VTEP2 sends a fourth routing message carrying ESI3 to VTEP1 when interface a1 is configured with ESI 3.
VTEP1 determines that VTEP2 is a backup device of VTEP1, and determines that interface a2 configured with ESI3 exists locally, and AC31 associated with client information a1 of client a1 and AC32 associated with client information a2 of client a2 are established on interface a 2. AC31 is associated with VXLAN tunnel 31 and AC32 is associated with VXLAN tunnel 32.
After receiving the fourth routing message sent by VTEP2, VTEP1 sends to VTEP2 a fifth routing message 1 carrying the authentication information, ESI3, client information a1, and the identifier of VXLAN tunnel 31 of client a1 corresponding to AC 11; and sending a fifth routing message 2 carrying the authentication information, ESI3, client information a2 and the identifier of the VXLAN tunnel 32 of the client a2 corresponding to the AC32 to the VTEP2, wherein, of course, the authentication information, ESI, client information and the identifier of the VXLAN tunnel of the client corresponding to each of the multiple ACs may also be carried in the same fifth routing message for sending.
VTEP2 stores authentication information of client a1 and authentication information of client a2, establishes AC41 associated with client information a1 on interface a1, associates AC41 with VXLAN tunnel 31, establishes AC42 associated with client information a2 on interface a1, and associates AC42 with VXLAN tunnel 32.
And if the first VTEP determines that the second VTEP is not the local backup device and/or a sixth interface configured with the third ESI does not exist on the first VTEP, discarding the fourth routing message.
Based on the same inventive concept, according to the above embodiment of the information processing method applied to the first VTEP, the embodiment of the present application further provides an information processing method applied to the second VTEP. Referring to fig. 5, fig. 5 is a fourth flowchart illustrating an information processing method according to an embodiment of the present application, where the second VTEP of the EVPN campus network based on the user identity is applied, and the method includes the following steps.
Step 501, a first routing message sent by a first VTEP is received.
The first routing message is a routing message sent by the first VTEP after the first VTEP determines that the target client accessed to the local machine through the first interface passes authentication, establishes a first AC associated with the information of the target client on the first interface, and associates the first AC with the target VXLAN tunnel. The first routing message carries authentication information of a target client, a first ESI configured by a first interface, target client information and an identifier of a target VXLAN tunnel, and the target client information includes: the VLAN to which the target client belongs, or the VLAN to which the target client belongs and the MAC address of the target client.
Step 502, if it is determined that the first VTEP is a backup device of the local device and the local device has a second interface configured with the first ESI, a second AC associated with the target client information is established on the second interface according to the first routing message, and the second AC is associated with the target VXLAN tunnel.
In one embodiment of the application, the step of establishing a second AC associated with the target client information on the second interface according to the first routing message and associating the second AC with the target VXLAN tunnel comprises:
determining a second interface of which ESI is matched with the first ESI;
and establishing an AC associated with the VLAN to which the target client belongs or the VLAN to which the target client belongs and the MAC address of the target client on the second interface, and establishing an association relation between the AC and the target VXLAN tunnel.
In an embodiment of the application, the AC associated with the target client information may be backed up on multiple VTEPs. If the first VTEP fails or the link of the first VTEP connected with the target client fails, the target client does not need to send the authentication message to the VTEP for authentication again, the data message sent by the target client can be directly determined by the second VTEP through the second AC to determine the corresponding VXLAN tunnel, and then the data message is forwarded through the determined VXLAN tunnel, so that the problem of offline cutoff of the client caused by the failure of the VTEP or the link connected with the client is solved, and the user experience is improved.
Based on the same inventive concept, according to the above-mentioned information processing method embodiment, the embodiment of the present application further provides an information processing apparatus applied to the first VTEP. Referring to fig. 6, fig. 6 is a schematic diagram of a first structure of an information processing apparatus according to an embodiment of the present application, which is applied to a first VTEP of an EVPN campus network based on a user identity, and includes the following units.
An establishing unit 601, configured to establish, on a first interface, a first AC associated with target client information after determining that a target client accessing the local through the first interface passes authentication, and associate the first AC with a target VXLAN tunnel, where the target client information includes: VLAN that the goal customer end belongs to, or, VLAN and MAC address of the goal customer end that the goal customer end belongs to;
a sending unit 602, configured to send, if it is determined that the second VTEP is a backup device of the local device and the first interface is configured with the first ESI, a first routing message carrying the authentication information of the target client, the first ESI, the target client information, and an identifier of the target VXLAN tunnel to the second VTEP, so that when the second VTEP determines that the first VTEP is the backup device of the local device and the local device has a second interface configured with the first ESI, the second AC associated with the target client information is established on the second interface according to the first routing message, and the second AC is associated with the target VXLAN tunnel.
In one embodiment, the information processing apparatus may further include: a receiving unit;
a receiving unit, configured to receive a second routing message sent by a second VTEP and carrying a second ESI, where the second routing message is a routing message sent by the second VTEP to the first VTEP when the first VTEP is configured as a local backup device, and the second ESI is an ESI configured on a third interface of the second VTEP;
the sending unit 602 may be further configured to send, if it is determined that the second VTEP is a backup device of the local computer and the local computer has a fourth interface configured with the second ESI, a third routing message to the second VTEP, where the third routing message carries authentication information of a client corresponding to each AC established on the fourth interface, the second ESI, client information, and an identifier of the VXLAN tunnel, so that the second VTEP establishes, on the third interface, an AC associated with each client information according to the third routing message, and associates each AC with a corresponding VXLAN tunnel.
In one embodiment, the information processing apparatus may further include: a receiving unit;
a receiving unit, configured to receive a fourth routing message carrying a third ESI and sent by a second VTEP, where the fourth routing message is a routing message sent by the second VTEP to the first VTEP when a fifth interface of the second VTEP is configured with the third ESI when the first VTEP is configured as a local backup device;
the sending unit 602 may be further configured to send, if it is determined that the second VTEP is a backup device of the local computer and the local computer has a sixth interface configured with a third ESI, a fifth routing message to the second VTEP, where the fifth routing message carries authentication information of a client corresponding to each AC established on the sixth interface, the third ESI, client information, and an identifier of the VXLAN tunnel, so that the second VTEP establishes, on the sixth interface, an AC associated with each client information according to the fifth routing message, and associates each AC with a corresponding VXLAN tunnel.
By applying the embodiment of the application, the AC associated with the target client information can be backed up on a plurality of VTEPs. If the first VTEP fails or the link of the first VTEP connected with the target client fails, the target client does not need to send the authentication message to the VTEP for authentication again, the data message sent by the target client can be directly determined by the second VTEP through the second AC to determine the corresponding VXLAN tunnel, and then the data message is forwarded through the determined VXLAN tunnel, so that the problem of offline cutoff of the client caused by the failure of the VTEP or the link connected with the client is solved, and the user experience is improved.
Based on the same inventive concept, according to the above-mentioned information processing method embodiment, the embodiment of the present application further provides an information processing apparatus applied to the second VTEP. Referring to fig. 7, fig. 7 is a schematic diagram of a second structure of an information processing apparatus according to an embodiment of the present application, which is applied to a second VTEP of an EVPN campus network based on a user identity, and includes the following units.
A receiving unit 701, configured to receive a first routing message sent by a first VTEP, where the first routing message is a routing message sent by the first VTEP after determining that a target client accessing the local through a first interface passes authentication, establish a first AC associated with target client information on the first interface, and associate the first AC with a target VXLAN tunnel, where the first routing message carries authentication information of the target client, a first ESI configured by the first interface, the target client information, and an identifier of the target VXLAN tunnel, and the target client information includes: VLAN that the goal customer end belongs to, or, VLAN that the goal customer end belongs to and media access control MAC address of the goal customer end;
and the establishing unit 702 is configured to, if it is determined that the first VTEP is a backup device of the local device and the local device has a second interface configured with the first ESI, establish a second AC associated with the target client information on the second interface according to the first routing message, and associate the second AC with the target VXLAN tunnel.
In an embodiment, the establishing unit 702 may specifically be configured to:
determining a second interface of which ESI is matched with the first ESI;
and establishing an AC associated with the VLAN to which the target client belongs or the VLAN to which the target client belongs and the MAC address of the target client on the second interface, and establishing an association relation between the AC and the target VXLAN tunnel.
By applying the embodiment of the application, the AC associated with the target client information can be backed up on a plurality of VTEPs. If the first VTEP fails or the link of the first VTEP connected with the target client fails, the target client does not need to send the authentication message to the VTEP for authentication again, the data message sent by the target client can be directly determined by the second VTEP through the second AC to determine the corresponding VXLAN tunnel, and then the data message is forwarded through the determined VXLAN tunnel, so that the problem of offline cutoff of the client caused by the failure of the VTEP or the link connected with the client is solved, and the user experience is improved.
Based on the same inventive concept, according to the above-mentioned embodiment of the information processing method, the embodiment of the present application further provides a VTEP, as shown in fig. 8, including a processor 801 and a machine-readable storage medium 802, where the machine-readable storage medium 802 stores machine-executable instructions that can be executed by the processor 801.
In addition, as shown in fig. 8, the VTEP may further include: a communication interface 803 and a communication bus 804; the processor 801, the machine-readable storage medium 802, and the communication interface 803 communicate with each other via the communication bus 804, and the communication interface 803 is used for communication between the VTEP and other devices.
In the embodiment of the present application, the processor 801 is caused by machine executable instructions to implement the above-mentioned information processing method applied to the first VTEP of the EVPN campus network based on the user identity, including the following steps:
after determining that the target client accessed to the local machine through the first interface passes authentication, establishing a first access circuit AC associated with target client information on the first interface, and associating the first AC with a target VXLAN tunnel, wherein the target client information comprises: VLAN that the goal customer end belongs to, or, VLAN and MAC address of the goal customer end that the goal customer end belongs to;
if the second VTEP is determined to be the backup device of the local machine and the first interface is configured with the first ESI, sending a first routing message carrying the authentication information of the target client, the first ESI, the target client information and the identification of the target VXLAN tunnel to the second VTEP, so that when the second VTEP determines that the first VTEP is the backup device of the local machine and the local machine has a second interface configured with the first ESI, a second AC associated with the target client information is established on the second interface according to the first routing message, and the second AC is associated with the target VXLAN tunnel.
By applying the embodiment of the application, the AC associated with the target client information can be backed up on a plurality of VTEPs. If the first VTEP fails or the link of the first VTEP connected with the target client fails, the target client does not need to send the authentication message to the VTEP for authentication again, the data message sent by the target client can be directly determined by the second VTEP through the second AC to determine the corresponding VXLAN tunnel, and then the data message is forwarded through the determined VXLAN tunnel, so that the problem of offline cutoff of the client caused by the failure of the VTEP or the link connected with the client is solved, and the user experience is improved.
Based on the same inventive concept, according to the above-mentioned information processing method embodiment, the present application further provides a VTEP, as shown in fig. 9, including a processor 901 and a machine-readable storage medium 902, where the machine-readable storage medium 902 stores machine-executable instructions that can be executed by the processor 901.
In one embodiment, as shown in fig. 9, the VTEP may further include: a communication interface 903 and a communication bus 904; the processor 901, the machine-readable storage medium 902, and the communication interface 903 are configured to communicate with each other via a communication bus 904, and the communication interface 903 is configured to communicate with other devices via the VTEP.
In the embodiment of the present application, the processor 901 is caused by machine executable instructions to implement the above-mentioned information processing method applied to the second VTEP of the EVPN campus network based on the user identity, including the following steps:
receiving a first routing message sent by a first VTEP, wherein the first routing message is a routing message sent by the first VTEP after the first VTEP determines that a target client accessed to the local machine through a first interface passes authentication, establishing a first AC associated with target client information on the first interface, and associating the first AC with a target VXLAN tunnel, and the first routing message carries authentication information of the target client, a first ESI configured by the first interface, the target client information and an identifier of the target VXLAN tunnel, and the target client information comprises: VLAN that the goal customer end belongs to, or, VLAN and MAC address of the goal customer end that the goal customer end belongs to;
and if the first VTEP is determined to be the backup device of the local machine and the local machine has a second interface configured with the first ESI, establishing a second AC associated with the target client information on the second interface according to the first routing message, and associating the second AC with the target VXLAN tunnel.
By applying the embodiment of the application, the AC associated with the target client information can be backed up on a plurality of VTEPs. If the first VTEP fails or the link of the first VTEP connected with the target client fails, the target client does not need to send the authentication message to the VTEP for authentication again, the data message sent by the target client can be directly determined by the second VTEP through the second AC to determine the corresponding VXLAN tunnel, and then the data message is forwarded through the determined VXLAN tunnel, so that the problem of offline cutoff of the client caused by the failure of the VTEP or the link connected with the client is solved, and the user experience is improved.
Based on the same inventive concept, according to the above-mentioned information processing method embodiment, the present application also provides a machine-readable storage medium storing machine-executable instructions, which, when invoked and executed by a processor, cause the processor to implement the above-mentioned information processing method applied to the first VTEP.
Based on the same inventive concept, according to the above-mentioned information processing method embodiment, the present application also provides a machine-readable storage medium storing machine-executable instructions, which, when invoked and executed by a processor, cause the processor to implement the above-mentioned information processing method applied to the second VTEP.
The communication bus may be a Peripheral Component Interconnect (PCI) bus or an Extended Industry Standard Architecture (EISA) bus. The communication bus may be divided into an address bus, a data bus, a control bus, etc.
The machine-readable storage medium may include a Random Access Memory (RAM) or a Non-Volatile Memory (NVM), such as at least one disk Memory. Additionally, the machine-readable storage medium may be at least one memory device located remotely from the aforementioned processor.
The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), etc.; the Integrated Circuit may also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other Programmable logic device, a discrete Gate or transistor logic device, or a discrete hardware component.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
All the embodiments in the present specification are described in a related manner, and the same and similar parts among the embodiments may be referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, as for the embodiments of the information processing apparatus, the VTEP, and the machine-readable storage medium, since they are substantially similar to the embodiments of the information processing method, the description is relatively simple, and for the relevant points, reference may be made to the partial description of the embodiments of the information processing method.
The above description is only for the preferred embodiment of the present application, and is not intended to limit the scope of the present application. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present application are included in the protection scope of the present application.

Claims (14)

1. An information processing method is characterized in that a first extensible virtual local area network tunnel endpoint VTEP applied to an Ethernet virtual private network EVPN park network based on user identity is provided, and the method comprises the following steps:
after determining that the authentication of a target client accessed to the local machine through a first interface is passed, establishing a first access circuit AC associated with target client information on the first interface, and associating the first AC with a target extensible virtual local area network VXLAN tunnel, wherein the target client information comprises: a virtual local area network VLAN to which the target client belongs, or the VLAN to which the target client belongs and a Media Access Control (MAC) address of the target client;
if it is determined that a second VTEP is a backup device of the local machine and the first interface is configured with a first ethernet segment identifier ESI, sending authentication information carrying a target client to the second VTEP, where the first ESI, the first routing message of the target client information and the identifier of the target VXLAN tunnel, so that when the second VTEP determines that the first VTEP is the backup device of the local machine and the local machine has a second interface configured with the first ESI, a second AC associated with the target client information is established on the second interface according to the first routing message, and the second AC is associated with the target VXLAN tunnel.
2. The method of claim 1, further comprising:
receiving a second routing message which is sent by the second VTEP and carries a second ESI, where the second routing message is a routing message sent by the second VTEP to the first VTEP when the first VTEP is configured as a local backup device, and the second ESI is an ESI configured on a third interface of the second VTEP;
if the second VTEP is determined to be a backup device of the local computer, and the local computer has a fourth interface configured with the second ESI, sending, to the second VTEP, a third routing message carrying authentication information of the client corresponding to each AC established on the fourth interface, where the second ESI, the client information, and an identifier of the VXLAN tunnel, so that the second VTEP establishes, on the third interface, an AC associated with each client information according to the third routing message, and associates each AC with a corresponding VXLAN tunnel.
3. The method of claim 1, further comprising:
receiving a fourth routing message which is sent by the second VTEP and carries a third ESI, wherein the fourth routing message is a routing message sent by the second VTEP to the first VTEP when a fifth interface of the second VTEP is configured with the third ESI under the condition that the first VTEP is configured as a local backup device;
if the second VTEP is determined to be a backup device of the local device and the local device has a sixth interface configured with the third ESI, sending, to the second VTEP, a fifth routing message carrying authentication information of the client corresponding to each AC established on the sixth interface, where the third ESI, the client information, and an identifier of the VXLAN tunnel, so that the second VTEP establishes, according to the fifth routing message, the ACs associated with each client information on the sixth interface, and associates each AC with the corresponding VXLAN tunnel.
4. An information processing method is characterized in that a second extensible virtual local area network tunnel endpoint VTEP applied to an Ethernet virtual private network EVPN park network based on user identity is provided, and the method comprises the following steps:
receiving a first routing message sent by a first VTEP, wherein the first routing message is a routing message sent by the first VTEP after a target client side accessed to a local machine through a first interface is determined to pass authentication, a first access circuit AC associated with target client side information is established on the first interface, and the first AC is associated with a target extensible virtual local area network VXLAN tunnel, the first routing message carries authentication information of the target client side, a first Ethernet segment identifier ESI configured on the first interface, the target client side information and an identifier of the target VXLAN tunnel, and the target client side information comprises: a virtual local area network VLAN to which the target client belongs, or the VLAN to which the target client belongs and a Media Access Control (MAC) address of the target client;
and if the first VTEP is determined to be the backup device of the local machine and the local machine has a second interface configured with the first ESI, establishing a second AC associated with the target client information on the second interface according to the first routing message, and associating the second AC with the target VXLAN tunnel.
5. The method of claim 4, wherein the step of establishing a second AC associated with the target client information on the second interface according to the first routing message and associating the second AC with the target VXLAN tunnel comprises:
determining said second interface having an ESI matching said first ESI;
and establishing an AC associated with the VLAN to which the target client belongs or the VLAN to which the target client belongs and the MAC address of the target client on the second interface, and establishing an association relationship between the AC and the target VXLAN tunnel.
6. An information processing apparatus, wherein a first extensible virtual local area network tunnel endpoint, VTEP, is applied to a user identity based ethernet virtual private network, EVPN, campus network, the apparatus comprising:
the device comprises an establishing unit, a first access circuit AC and a target extensible virtual local area network VXLAN tunnel, wherein the establishing unit is used for establishing a first access circuit AC associated with target client information on a first interface after the target client accessed to the local machine through the first interface is authenticated, and associating the first AC with the target extensible virtual local area network VXLAN tunnel, and the target client information comprises: a virtual local area network VLAN to which the target client belongs, or the VLAN to which the target client belongs and a Media Access Control (MAC) address of the target client;
a sending unit, configured to send, to a second VTEP, authentication information carrying a target client if it is determined that the second VTEP is a local backup device and the first interface is configured with a first ethernet segment identifier ESI, where the first ESI, first routing information of the target client information and an identifier of a target VXLAN tunnel, so that when the second VTEP determines that the first VTEP is the local backup device and a second interface configured with the first ESI exists locally, a second AC associated with the target client information is established on the second interface according to the first routing information, and the second AC is associated with the target VXLAN tunnel.
7. The apparatus of claim 6, further comprising: a receiving unit;
the receiving unit is configured to receive a second routing message that is sent by the second VTEP and carries a second ESI, where the second routing message is a routing message that is sent by the second VTEP to the first VTEP when the first VTEP is configured as a local backup device, and the second ESI is an ESI configured on a third interface of the second VTEP;
the sending unit is further configured to send, to the second VTEP, third routing messages that carry client-side authentication information corresponding to each AC established on the fourth interface, if it is determined that the second VTEP is a backup device of the local machine and the local machine has a fourth interface configured with the second ESI, where the second ESI, the client-side information, and an identifier of the VXLAN tunnel are respectively associated, so that the second VTEP establishes, on the third interface, ACs associated with each client-side information according to the third routing messages, and associates each AC with a corresponding VXLAN tunnel.
8. The apparatus of claim 6, further comprising: a receiving unit;
the receiving unit is configured to receive a fourth routing message that is sent by the second VTEP and carries a third ESI, where the fourth routing message is a routing message that is sent by the second VTEP to the first VTEP when the fifth interface of the second VTEP is configured with the third ESI when the first VTEP is configured as a local backup device;
the sending unit is further configured to send, to the second VTEP, a fifth routing message carrying client-side authentication information corresponding to each AC established on the sixth interface, where the third ESI, client-side information, and an identifier of a VXLAN tunnel, if it is determined that the second VTEP is a backup device of the local machine and the local machine has a sixth interface configured with the third ESI, so that the second VTEP establishes ACs associated with each client-side information on the sixth interface according to the fifth routing message, and associates each AC with a corresponding VXLAN tunnel.
9. An information processing apparatus, wherein a second extensible virtual local area network tunnel endpoint VTEP is applied to a user identity based ethernet virtual private network EVPN campus network, the apparatus comprising:
a receiving unit, configured to receive a first routing message sent by a first VTEP, where the first routing message is a routing message sent by the first VTEP after determining that a target client accessing a local machine through a first interface passes authentication, establishing a first access circuit AC associated with target client information on the first interface, and associating the first AC with a target extensible virtual local area network VXLAN tunnel, where the first routing message carries authentication information of the target client, a first ethernet segment identifier ESI configured on the first interface, the target client information and an identifier of the target VXLAN tunnel, and the target client information includes: a virtual local area network VLAN to which the target client belongs, or the VLAN to which the target client belongs and a Media Access Control (MAC) address of the target client;
and the establishing unit is used for establishing a second AC associated with the target client information on the second interface according to the first routing message and associating the second AC with the target VXLAN tunnel if the first VTEP is determined to be the backup device of the local machine and the local machine has a second interface configured with the first ESI.
10. The apparatus according to claim 9, wherein the establishing unit is specifically configured to:
determining said second interface having an ESI matching said first ESI;
and establishing an AC associated with the VLAN to which the target client belongs or the VLAN to which the target client belongs and the MAC address of the target client on the second interface, and establishing an association relationship between the AC and the target VXLAN tunnel.
11. An extensible virtual local area network tunnel endpoint, VTEP, comprising a processor and a machine-readable storage medium storing machine-executable instructions executable by the processor, the processor being caused by the machine-executable instructions to: carrying out the method steps of any one of claims 1 to 3.
12. An extensible virtual local area network tunnel endpoint, VTEP, comprising a processor and a machine-readable storage medium storing machine-executable instructions executable by the processor, the processor being caused by the machine-executable instructions to: -carrying out the method steps of any one of claims 4 to 5.
13. A machine-readable storage medium having stored thereon machine-executable instructions that, when invoked and executed by a processor, cause the processor to: carrying out the method steps of any one of claims 1 to 3.
14. A machine-readable storage medium having stored thereon machine-executable instructions that, when invoked and executed by a processor, cause the processor to: -carrying out the method steps of any one of claims 4 to 5.
CN201811149995.2A 2018-09-29 2018-09-29 Information processing method and device Active CN109067635B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811149995.2A CN109067635B (en) 2018-09-29 2018-09-29 Information processing method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811149995.2A CN109067635B (en) 2018-09-29 2018-09-29 Information processing method and device

Publications (2)

Publication Number Publication Date
CN109067635A CN109067635A (en) 2018-12-21
CN109067635B true CN109067635B (en) 2021-04-02

Family

ID=64767147

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811149995.2A Active CN109067635B (en) 2018-09-29 2018-09-29 Information processing method and device

Country Status (1)

Country Link
CN (1) CN109067635B (en)

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107404470A (en) * 2016-05-20 2017-11-28 新华三技术有限公司 Connection control method and device
US10237120B2 (en) * 2016-12-28 2019-03-19 Cisco Technology, Inc. Systems, devices, and methods for detecting Ethernet segment failure in an Ethernet virtual private network
CN108337158B (en) * 2018-01-23 2020-12-04 新华三技术有限公司 Unicast message forwarding method and device
CN108600109B (en) * 2018-03-19 2020-12-04 新华三技术有限公司 Message forwarding method and device
CN108199968B (en) * 2018-03-30 2020-12-25 新华三技术有限公司 Route processing method and device
CN108540386B (en) * 2018-04-19 2021-07-23 新华三技术有限公司 Method and device for preventing service flow interruption
CN108600075B (en) * 2018-04-23 2021-06-29 新华三技术有限公司 Fault processing method and device

Also Published As

Publication number Publication date
CN109067635A (en) 2018-12-21

Similar Documents

Publication Publication Date Title
US11902086B2 (en) Method and system of a dynamic high-availability mode based on current wide area network connectivity
CN106059994B (en) Data transmission method and network equipment
US11463304B2 (en) Service recovery in a software defined network
CN112039920B (en) Communication method, communication device, electronic device and storage medium
CN109474495B (en) Tunnel detection method and device
CN114143283B (en) Tunnel self-adaptive configuration method and device, central terminal equipment and communication system
CN106685817B (en) Method and device for switching flow of box end equipment
US20220408332A1 (en) Method for advertising route, network element, system, and device
US20220337506A1 (en) Method for multi-cloud interconnection and device
CN113938405B (en) Data processing method and device
CN108966363B (en) Connection establishing method and device
CN109768906A (en) A kind of subnet special line configuration method and device
CN107888467B (en) Message forwarding method and device based on PPPOE, BRAS and switch
CN109067635B (en) Information processing method and device
CN109462537B (en) Cross-network intercommunication method and device
CN113794641B (en) Message processing method and device
CN109327375B (en) Method, device and system for establishing VXLAN tunnel
CN110945835B (en) Message synchronization method and device
CN103109504B (en) The pseudo-wire of the band control channel using skew is provided
CN113992567A (en) Message forwarding method and device
CN113098825A (en) Access authentication method and system based on extended 802.1X
CN106856446B (en) Method and system for improving virtual network reliability
US11477643B2 (en) Systems and methods for access point device recovery using mobile devices
CN113014481B (en) Method, device, equipment and storage medium for transmitting link state notification
CN111385120B (en) Method and equipment for determining forwarding fault position

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant