CN109379268B - Virtual private network creating method and device and server - Google Patents
Virtual private network creating method and device and server Download PDFInfo
- Publication number
- CN109379268B CN109379268B CN201811432278.0A CN201811432278A CN109379268B CN 109379268 B CN109379268 B CN 109379268B CN 201811432278 A CN201811432278 A CN 201811432278A CN 109379268 B CN109379268 B CN 109379268B
- Authority
- CN
- China
- Prior art keywords
- virtual private
- private network
- vlan
- layer virtual
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0876—Aspects of the degree of configuration automation
- H04L41/0886—Fully automatic configuration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0893—Assignment of logical groups to network elements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/12—Discovery or management of network topologies
Abstract
The present disclosure provides a method, an apparatus and a server for creating a virtual private network; wherein, the method comprises the following steps: if node elements corresponding to a two-layer virtual private network and a three-layer virtual private network with dependency exist in a network topology template to be created, acquiring virtual local area network information set by a user; and then determining the VLAN ID according to the virtual local area network information and creating node elements corresponding to the two-layer virtual private network and the three-layer virtual private network. According to the method and the device, the required virtual local area network information is set before the node elements corresponding to the two-layer virtual private network and the three-layer virtual private network with the dependency relationship are created, and the manual query by workers in the creating process is not needed, so that the creating process of the combined network of the two-layer virtual private network and the three-layer virtual private network can be automatically carried out, and the free definition of the network topology according to the service scene is facilitated.
Description
Technical Field
The disclosure relates to the technical field of topology arrangement of cloud applications, and in particular to a method, a device and a server for creating a virtual private network.
Background
In a cloud computing environment, the number and types of services borne by cloud resources are increasing, and service processing is becoming more and more complex. The operation of a service may require the coordinated cooperation of various hardware and software resources. The process of arranging corresponding running resources for each service and coordinating resources among multiple services can be called cloud arrangement.
The cloud arrangement process can be realized by an NFV (Network Function Virtualization) orchestrator; the NFV orchestrator implements orchestration to define network topology templates. The network topology template can be arranged by a user using the NFV orchestrator described above. The network topology template arranged by the user usually comprises hardware resources and software resources required by the service; in the network topology template, these resources are embodied by different node elements, and the operation relationship, communication relationship, and the like between the resources are represented by the connection between the node elements.
After the network topology template is arranged, each node element in the template needs to be created, and after the creation is completed, the created configuration information is issued to network equipment, so that various resources required by the operation service can be obtained. Because each node element in the template often has a certain operation relationship or communication relationship, when a current node element is created, configuration information of the created node element in the template often needs to be acquired. For example, in some special service scenarios, it is necessary to arrange and create an L2VPN (Layer 2Virtual Private network) and L3VPN (Layer 3Virtual Private network) combined network, and in the existing creation mode of the L2VPN and L3VPN combined network, it is necessary to create a three-Layer Virtual Private network first, then manually query to obtain a VLAN after the three-Layer Virtual Private network is created, and further create a two-Layer Virtual Private network under the VLAN, so that the creation process of the combined network is difficult to be automatically implemented.
Disclosure of Invention
In view of the above, an object of the present disclosure is to provide a method, an apparatus, and a server for creating a virtual private network, so that a creation process of a combined network of a two-layer virtual private network and a three-layer virtual private network can be automatically implemented.
In order to achieve the above purpose, the technical scheme adopted by the disclosure is as follows:
in a first aspect, the present disclosure provides a method for creating a virtual private network, the method being applied to a device running an NFV orchestrator; the method comprises the following steps: when a network creating instruction triggered by a user is received, searching whether node elements corresponding to a two-layer virtual private network and node elements corresponding to a three-layer virtual private network exist in a network topology template to be created, wherein a dependency relationship exists between the node elements corresponding to the two-layer virtual private network and the node elements corresponding to the three-layer virtual private network; if the node elements exist, acquiring the virtual local area network information required by the node elements corresponding to the two-layer virtual private network and the node elements corresponding to the three-layer virtual private network which are set by a user; determining VLAN IDs of node elements corresponding to a two-layer virtual private network and node elements corresponding to a three-layer virtual private network according to the virtual local area network information; and establishing node elements corresponding to the two-layer virtual private network and node elements corresponding to the three-layer virtual private network according to the determined VLAN ID to obtain the virtual private network comprising the two-layer virtual private network and the three-layer virtual private network.
In a second aspect, the present disclosure provides an apparatus for creating a virtual private network, the apparatus being disposed in a device running an NFV orchestrator; the device includes: the node element searching module is used for searching whether a node element corresponding to a two-layer virtual private network and a node element corresponding to a three-layer virtual private network exist in a network topology template to be created or not when a network creating instruction triggered by a user is received, and a dependency relationship exists between the node element corresponding to the two-layer virtual private network and the node element corresponding to the three-layer virtual private network; the information acquisition module is used for acquiring the virtual local area network information required by the node elements corresponding to the two-layer virtual private network and the node elements corresponding to the three-layer virtual private network which are set by a user if the information exists; a VLAN ID determining module, which is used for determining the VLAN ID of the node element corresponding to the two-layer virtual private network and the node element corresponding to the three-layer virtual private network according to the virtual local area network information; and the network creating module is used for creating node elements corresponding to the two-layer virtual private network and node elements corresponding to the three-layer virtual private network according to the determined VLAN ID, so as to obtain the virtual private network comprising the two-layer virtual private network and the three-layer virtual private network.
In a third aspect, the present disclosure provides a server comprising a processor and a machine-readable storage medium, the machine-readable storage medium storing machine-executable instructions capable of being executed by the processor, the processor executing the machine-executable instructions to implement the method for creating a virtual private network described above.
In a fourth aspect, the present disclosure provides a machine-readable storage medium having stored thereon machine-executable instructions which, when invoked and executed by a processor, cause the processor to implement the above-described virtual private network creation method.
According to the virtual private network creating method, the virtual private network creating device, the server and the machine-readable storage medium, if node elements corresponding to a two-layer virtual private network and node elements corresponding to a three-layer virtual private network which have a dependency relationship exist in a network topology template to be created, virtual local area network information set by a user is acquired; then determining VLAN ID according to the virtual local area network information and creating node elements corresponding to the two-layer virtual private network and node elements corresponding to the three-layer virtual private network; in the method, the required virtual local area network information is set before the node elements corresponding to the two-layer virtual private network and the three-layer virtual private network with the dependency relationship are created, and the manual query by workers in the creating process is not needed, so that the creating process of the combined network of the two-layer virtual private network and the three-layer virtual private network can be automatically carried out, and the free definition of the network topology according to the service scene is facilitated.
Furthermore, the creation process of the combined network of the two-layer virtual private network and the three-layer virtual private network can be automated, so that the cost of manual operation and maintenance is reduced, and meanwhile, a user can conveniently arrange the combined network of the two-layer virtual private network and the three-layer virtual private network or other related networking forms without paying attention to the creation sequence of the two-layer virtual private network and the three-layer virtual private network.
Additional features and advantages of the disclosure will be set forth in the description which follows, or in part may be learned by the practice of the above-described techniques of the disclosure, or may be learned by practice of the disclosure.
In order to make the aforementioned and other objects, features and advantages of the present invention comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the embodiments of the present disclosure or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present disclosure, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a network structure relating to a two-layer virtual private network and a three-layer virtual private network combination network according to an embodiment of the present disclosure;
fig. 2 is a flowchart of a method for creating a virtual private network according to an embodiment of the present disclosure;
fig. 3 is a flowchart of another virtual private network creation method provided in the embodiments of the present disclosure;
fig. 4 is a flowchart of another virtual private network creation method provided in the embodiments of the present disclosure;
fig. 5 is a schematic structural diagram of a virtual private network creation apparatus according to an embodiment of the present disclosure;
fig. 6 is a schematic structural diagram of a server according to an embodiment of the present disclosure.
Detailed Description
To make the objects, technical solutions and advantages of the embodiments of the present disclosure more apparent, the embodiments of the present disclosure will be described clearly and completely with reference to the accompanying drawings, and it is to be understood that the described embodiments are some, but not all embodiments of the present disclosure. All other embodiments, which can be derived by one of ordinary skill in the art from the embodiments disclosed herein without making any creative effort, shall fall within the protection scope of the present disclosure.
For ease of understanding, the present embodiment first provides a network structure relating to a two-layer virtual private network and a three-layer virtual private network combination network; as illustrated in fig. 1, the two-layer vpn and the three-layer vpn combined network includes two-layer vpns and one three-layer vpns. Two-layer virtual private networks and one three-layer virtual private network may not have a communication relationship with each other before forming a combined network, or may need to pass through a more complicated path to realize data transmission between networks. The two-layer virtual private network and the three-layer virtual private network need to form a combined network according to the service requirements or networking requirements of some special service scenarios.
In the process of forming the combined network, firstly, a user needs to use equipment for operating the NFV orchestrator, and a related network topology template is designed through the NFV orchestrator, wherein the network topology template comprises node elements respectively corresponding to the two-layer virtual private networks and the three-layer virtual private network, and configuration information of each node element. After the network topology template is designed, each node element in the template is created through an NFV (network function virtualization) orchestrator; after the creation of each node element is completed, the NFV orchestrator synchronizes configuration information after the creation of the node element to controllers respectively corresponding to the two-layer virtual private network and the three-layer virtual private network through corresponding interfaces, and network devices of each network connected by the controllers, wherein the network devices may be network edge routers, customer premises equipment (CPE devices for short), core routers, and the like; after the information is synchronized, the network devices between the networks have a direct communication connection relationship, and a combined network of the two-layer virtual private networks and the three-layer virtual private network is obtained.
The process of creating the node element may also be referred to as a node element instantiation process, and may also be understood as a process of allocating network resources according to configuration information of each node element.
With continued reference to fig. 1, after the combined network is established, the network devices (e.g., edge routers) of the two layer two virtual private networks are respectively in communication connection with the network devices (e.g., edge routers) of the three layer virtual private network, so as to implement the fusion of the two layer two virtual private networks and the one layer three virtual private network, i.e., the combined network of the two layer two virtual private networks and the three layer virtual private network.
Generally, a two-layer Virtual private Network and a three-layer Virtual private Network need to be created in the same VLAN (Virtual Local Area Network) to realize Network interworking. Therefore, in the process of creating the existing virtual private network, affected by the difference in routing modes between the two-layer virtual private network and the three-layer virtual private network, the two-layer virtual private network device accessing the three-layer virtual private network needs to obtain the VLAN ID of the virtual local area network to which the three-layer virtual private network belongs in advance, and the VLAN ID can be obtained only after the creation of the three-layer virtual private network is completed; therefore, in order to implement the combined network of the two-layer vpn and the three-layer vpn, it is necessary to create the three-layer vpn, manually query the configuration information after the creation of the three-layer vpn to obtain the VLAN ID, and then continue to create the two-layer vpn under the VLAN corresponding to the VLAN ID. This approach requires an engineer to manually query the parameters, making the creation of the combined network difficult to automate.
Based on the above problem, the embodiments of the present disclosure provide a method, an apparatus, and a server for creating a virtual private network.
The embodiment of the present disclosure first provides a method for creating a virtual private network; the method is applied to equipment for operating an NFV orchestrator. The NFV Orchestrator may also be referred to as NFVO (Network Function Virtualization editor); the user may use TOSCA software in the process of designing the network topology template by using the NFV orchestrator, of course, may also use other software to perform the orchestration, and the specific way how the NVF orchestrator performs the network topology template orchestration is not limited in this embodiment. Referring to fig. 2, a flow chart of a method for creating a virtual private network is shown; the method comprises the following steps:
step S202, when a network creating instruction triggered by a user is received, searching whether a network topology template to be created has node elements corresponding to a two-layer virtual private network and node elements corresponding to a three-layer virtual private network, wherein the node elements corresponding to the two-layer virtual private network and the node elements corresponding to the three-layer virtual private network have a dependency relationship;
wherein the node elements of the network topology template typically include node names and configuration information. If the current service needs to realize a combined network of a two-layer virtual private network and a three-layer virtual private network, node elements corresponding to the two-layer virtual private network and node elements corresponding to the three-layer virtual private network appear on a network topology template at the same time, and at least one pair of node elements corresponding to the two-layer virtual private network and node elements corresponding to the three-layer virtual private network have a dependency relationship.
Specifically, among node elements having a dependency relationship, a configuration parameter after a dependent node element has been created may need to be acquired in a process of creating a certain node element; in the configuration information of the node element, part of the configuration information needs to be searched from the configuration information of the depended node element through a preset command; if the command is found from the configuration information of the node elements, and the node names of the dependent node elements are found from the command, it is indicated that the node elements corresponding to the node names have the dependency relationship with the node elements to which the command belongs. For example, between a node element corresponding to a two-layer virtual private network having a dependency relationship and a node element corresponding to a three-layer virtual private network, the node element corresponding to the two-layer virtual private network needs configuration information after the node element corresponding to the three-layer virtual private network is created in the creation process, and the node element corresponding to the two-layer virtual private network usually includes a preset command, and the command includes a node name of the node element corresponding to the three-layer virtual private network.
Therefore, it can be specifically determined whether a two-layer virtual private network node element and a three-layer virtual private network node element having a dependency relationship coexist in the template by searching the node element types of the node elements in the network topology template and the dependency relationship between the node elements.
When the network topology template needs to be created, a user can click a button for creating a service on a page of the NFV orchestrator, and select the network topology template, that is, a network creation instruction corresponding to the template can be triggered.
Step S204, if the node elements corresponding to the two-layer virtual private network and the node elements corresponding to the three-layer virtual private network which have dependency relationship exist in the network topology template to be created, acquiring the virtual local area network information required by the node elements corresponding to the two-layer virtual private network and the node elements corresponding to the three-layer virtual private network which are set by a user;
step S206, determining the VLAN ID of the node element corresponding to the two-layer virtual private network and the node element corresponding to the three-layer virtual private network according to the virtual local area network information;
if the user knows that the node elements corresponding to the two-layer virtual private network and the node elements corresponding to the three-layer virtual private network which have the dependency relationship exist in the network topology template in advance, the user can set the required virtual local area network information at the same time when triggering a network creation instruction; or after the NFV orchestrator queries that a node element corresponding to the second-layer virtual private network and a node element corresponding to the third-layer virtual private network having a dependency relationship exist in the network topology template, the NFV orchestrator prompts a user to input the virtual local area network information.
The VLAN information may include only a VLAN resource pool ID or a VLAN ID, or may include both a VLAN resource pool ID and a VLAN ID.
Specifically, in the first embodiment: if the virtual local area network information only comprises the VLAN resource pool ID, the NFV orchestrator can search the corresponding VLAN resource pool according to the VLAN resource pool ID, and the VLAN resource pool usually comprises a plurality of VLAN IDs; and allocating an available VLAN ID for the node element corresponding to the two-layer virtual private network and the node element corresponding to the three-layer virtual private network with the dependency relationship in the VLAN resource pool.
In the second embodiment, if the VLAN information includes both a VLAN resource pool ID and a VLAN ID, it is usually necessary to first determine whether the VLAN ID is available (or occupied), and if so, the VLAN ID may be directly used to create a node element corresponding to a two-layer virtual private network and a node element corresponding to a three-layer virtual private network; if not, an available VLAN ID can be allocated from the VLAN resource pool corresponding to the VLAN resource pool ID.
In addition, in the third embodiment, if the VLAN ID is only included in the VLAN information and the VLAN ID is confirmed to be available, the node element corresponding to the second-layer virtual private network and the node element corresponding to the third-layer virtual private network may be created using the VLAN ID.
Step S208, according to the determined VLAN ID, a node element corresponding to the two-layer virtual private network and a node element corresponding to the three-layer virtual private network are created, and the virtual private network comprising the two-layer virtual private network and the three-layer virtual private network is obtained.
In the existing method, if a node element corresponding to a two-layer virtual private network and a node element corresponding to a three-layer virtual private network having a dependency relationship exist in a network topology template, a node element corresponding to a three-layer virtual private network is generally created first, and configuration information of the created node elements of the three-layer virtual private network is synchronized to obtain a corresponding three-layer virtual private network service; and then selecting the established three-layer virtual private network service, acquiring a corresponding VLAN ID, establishing a node element corresponding to the two-layer virtual private network according to the VLAN ID, synchronizing configuration information after the establishment of the node element of the two-layer virtual private network, obtaining the corresponding two-layer virtual private network service, and further obtaining a final two-layer virtual private network and three-layer virtual private network combined network.
The existing mode is not only unfavorable for the establishment process of the combined network of the two-layer virtual private network and the three-layer virtual private network to be automatically carried out, if the user of the northbound interface of the NFV orchestrator does not know the flow, the combined network of the two-layer virtual private network and the three-layer virtual private network is difficult to successfully establish, and the networking requirements related to the combined network of the two-layer virtual private network and the three-layer virtual private network are difficult to realize, thus the convenience of networking arrangement and the user experience are influenced.
In the embodiment, before the combined network is created, the VLAN ID commonly used by the two-layer virtual private network and the three-layer virtual private network when the combined network is created is already determined, so that it is not necessary to create the three-layer virtual private network first in the creation process of the combined network, and it is also not necessary for a user to manually query the VLAN ID created by the three-layer virtual private network and then create the two-layer virtual private network. At this time, the combined network may be created according to the default order of each node element in the network topology template, and the creation process may also be automatically implemented.
For example, a two-layer virtual private network in the combined network may be created first, and then a three-layer virtual private network may be created; or a three-layer virtual private network in the combined network can be established first, and then a two-layer virtual private network can be established; or to create a two-layer virtual private network and a three-layer virtual private network in a combined network at the same time.
In the method for creating a virtual private network according to the embodiment of the present disclosure, if a node element corresponding to a two-layer virtual private network and a node element corresponding to a three-layer virtual private network having a dependency relationship exist in a network topology template to be created, virtual local area network information set by a user is acquired; then determining VLAN ID according to the virtual local area network information and creating node elements corresponding to the two-layer virtual private network and node elements corresponding to the three-layer virtual private network; in the method, the required virtual local area network information is set before the node elements corresponding to the two-layer virtual private network and the three-layer virtual private network with the dependency relationship are created, and the manual query by workers in the creating process is not needed, so that the creating process of the combined network of the two-layer virtual private network and the three-layer virtual private network can be automatically carried out, and the free definition of the network topology according to the service scene is facilitated.
Furthermore, the creation process of the combined network of the two-layer virtual private network and the three-layer virtual private network can be automated, so that the cost of manual operation and maintenance is reduced, and meanwhile, a user can conveniently arrange the combined network of the two-layer virtual private network and the three-layer virtual private network or other related networking forms without paying attention to the creation sequence of the two-layer virtual private network and the three-layer virtual private network.
The embodiment of the present disclosure further provides another method for creating a virtual private network; the method is realized based on the above embodiment; in the above embodiments, it is described that the virtual local area network information may include a variety of specific information; this embodiment further describes a determination process of specific information in the VLAN information, and a manner of determining a VLAN ID of a combined network of a two-layer vpn and a three-layer vpn when each specific information is included. As shown in fig. 3, the method comprises the steps of:
step S302, receiving a network creation instruction triggered by a user;
step S304, searching whether node elements corresponding to a two-layer virtual private network and node elements corresponding to a three-layer virtual private network with dependency exist in a network topology template to be created; if yes, executing step S306; if not, the process is finished.
Step S306, acquiring the virtual local area network information required by the node elements corresponding to the two-layer virtual private network and the node elements corresponding to the three-layer virtual private network which are set by a user;
step S308, judging whether the virtual local area network information comprises a VLAN resource pool ID; if the VLAN resource pool ID is included, executing the step S310; if not, executing step S318;
usually, a plurality of VLAN resource pools may be set in the current cloud resource, and each VLAN resource pool is identified by a VLAN resource pool ID; each VLAN resource pool contains a corresponding VLAN ID segment, which may consist of continuous or discontinuous VLAN IDs. Each VLAN resource pool ID and the VLAN ID included in the VLAN resource pool corresponding to each VLAN resource pool ID may be pre-stored in the NFV orchestrator in the form of a list or a database, so that a user may query and set corresponding virtual local area network information.
Step S310, judging whether the virtual local area network information also comprises VLAN ID; if the VLAN ID is included, go to step S312; if not, go to step S316;
step S312, judging whether the VLAN ID is occupied; if not, go to step S314; if occupied, go to step S324;
step S314, using VLAN ID as VLAN ID of node element corresponding to the two-layer virtual private network and node element corresponding to the three-layer virtual private network; step S326 is executed;
if the virtual local area network information simultaneously comprises the VLAN resource pool ID and the VLAN ID, the user designates the clear VLAN ID for the combined network; if a plurality of network topology templates are created in the network in a short time, the occupation status of each VLAN ID is not updated in time, and a user may not know that the preset VLAN ID is occupied; in order to avoid creating multiple virtual private networks under one VLAN ID, the NFV orchestrator may query the controller for the actual occupation status of the VLAN ID through a relevant interface before using the VLAN ID, so as to avoid causing network creation confusion.
If the VLAN ID is occupied, the user can be prompted that the VLAN ID is occupied, and the user is requested to input the virtual local area network information again; in another mode, because the VLAN resource pool ID is included in the VLAN information, the user may select whether to re-input the VLAN information or to allocate an unoccupied VLAN ID from the VLAN resource pool corresponding to the VLAN resource pool ID; or after inquiring that the VLAN ID is occupied, directly allocating an unoccupied VLAN ID from the VLAN resource pool corresponding to the VLAN resource pool ID, and informing the allocated VLAN ID to the user.
Step S316, distributing unoccupied VLAN IDs from VLAN resource pools corresponding to the VLAN resource pools IDs, and using the distributed VLAN IDs as VLAN IDs of node elements corresponding to the two-layer virtual private network and node elements corresponding to the three-layer virtual private network; step S326 is executed;
if the VLAN information only includes a VLAN resource pool ID, it indicates that the VLAN ID for creating the combined network only needs to be in a certain VLAN ID segment, and at this time, the user may only specify the VLAN resource pool ID corresponding to the VLAN ID segment for the node element corresponding to the two-layer virtual private network and the node element corresponding to the three-layer virtual private network. The occupation status of each VLAN ID may be recorded in the VLAN resource pool corresponding to the VLAN resource pool ID, and an unoccupied VLAN ID may be allocated to the node element corresponding to the two-layer virtual private network and the node element corresponding to the three-layer virtual private network according to the recorded occupation status. The specific allocation mode may be to randomly select an unoccupied VLAN ID from the VLAN resource pool, or to obtain the unoccupied VLAN IDs according to the sequence of the VLAN IDs.
As described above, the recorded occupation status may not be updated in time, and therefore, after the VLAN ID is allocated, the real occupation status of the VLAN ID may be queried from the controller through the relevant interface, and if the VLAN ID is not occupied, the VLAN ID may be determined as the final VLAN ID for creating the node element corresponding to the two-layer virtual private network and the node element corresponding to the three-layer virtual private network; if the VLAN ID is already occupied, a VLAN ID can be reassigned from the VLAN resource pool.
Step S318, judging whether the virtual local area network information includes VLAN ID; if the VLAN ID is included, executing step S320; if not, go to step S324;
step S320, judging whether the VLAN ID is occupied; if not, go to step S322; if occupied, go to step S324;
step S322, taking VLAN ID as VLAN ID of node element corresponding to the two-layer virtual private network and node element corresponding to the three-layer virtual private network; step S326 is performed.
If the VLAN resource pool ID is not included in the virtual local area network information, only the VLAN ID is included, and whether the VLAN ID is occupied or not needs to be inquired and determined; the specific query determination method may be as described above, and is not described herein again. Since the user does not specify the VLAN resource pool ID, the user may be notified to re-enter the virtual local area network information if the VLAN ID is already occupied.
Step S324, returning prompt information to the user to prompt the user to input the virtual local area network information again;
step S326, creating the node elements corresponding to the two-layer vpn and the node elements corresponding to the three-layer vpn according to the determined VLAN ID.
In this embodiment, first, it is determined whether the VLAN information includes a VLAN resource pool ID, so as to describe a processing manner in a case where the VLAN information includes the VLAN resource pool ID and a processing manner in a case where the VLAN information does not include the VLAN resource pool ID, respectively; in another mode, it may also be determined whether the VLAN ID is included in the VLAN information, and if the VLAN ID is included and the VLAN ID is not occupied, the node element corresponding to the two-layer virtual private network and the node element corresponding to the three-layer virtual private network are created by using the VLAN ID; if the VLAN ID is not included in the VLAN information but includes a VLAN resource pool ID, an unoccupied VLAN ID is allocated from a VLAN resource pool corresponding to the VLAN resource pool ID and is used for creating a node element corresponding to the two-layer virtual private network and a node element corresponding to the three-layer virtual private network.
In the method for creating the virtual private network, according to the specific content in the virtual local area network information set by a user, the required VLAN ID is determined in different modes, and the node element corresponding to the two-layer virtual private network and the node element corresponding to the three-layer virtual private network are created; in the method, the required virtual local area network information is set before the node elements corresponding to the two-layer virtual private network and the node elements corresponding to the three-layer virtual private network are created, and the manual inquiry by workers in the creating process is not needed, so that the creating process of the two-layer virtual private network and the three-layer virtual private network combined network can be automatically carried out, and the free definition of network topology according to a service scene is further facilitated.
The embodiment of the present disclosure further provides another method for creating a virtual private network; the method is realized based on the above embodiment; in this embodiment, after determining the VLAN ID of the combined network, a specific creation process and an information synchronization process of the combined network are mainly described; as shown in fig. 4, the method includes the steps of:
step S402, receiving a network creation instruction triggered by a user;
step S404, searching whether a node element corresponding to a two-layer virtual private network and a node element corresponding to a three-layer virtual private network with dependency exist in a network topology template to be created; if yes, go to step S406; if not, the process is finished.
Step S406, acquiring the virtual local area network information required by the node elements corresponding to the two-layer virtual private network and the node elements corresponding to the three-layer virtual private network which are set by the user;
step S408, judging whether the virtual local area network information comprises a VLAN resource pool ID; if the VLAN resource pool ID is included, executing the step S410; if not, go to step S418;
step S410, judging whether the virtual local area network information also comprises VLAN ID; if the VLAN ID is included, the step S412 is executed; if not, go to step S416;
step S412, judging whether the virtual local area network corresponding to the VLAN ID is occupied; if not, go to step S414; if occupied, go to step S424;
step S414, taking VLAN ID as VLAN ID of node element corresponding to the two-layer virtual private network and node element corresponding to the three-layer virtual private network; step S426 is performed;
step S416, distributing unoccupied VLAN IDs from VLAN resource pools corresponding to the VLAN resource pools IDs, and taking the distributed VLAN IDs as the VLAN IDs of the node elements corresponding to the two-layer virtual private network and the node elements corresponding to the three-layer virtual private network; step S426 is performed;
step S418, judging whether the virtual local area network information comprises VLAN ID; if the VLAN ID is included, executing step S420; if not, go to step S424;
step S420, judging whether the VLAN ID is occupied; if not, go to step S422; if occupied, go to step S424;
step S422, taking VLAN ID as VLAN ID of node element corresponding to the two-layer virtual private network and node element corresponding to the three-layer virtual private network; step S426 is performed.
Step S424, returning prompt information to the user to prompt the user to input the virtual local area network information again;
step S426, extracting node elements corresponding to a two-layer virtual private network and node elements corresponding to a three-layer virtual private network in the combined network from the network topology template;
the order of creating the node elements can be determined by the order of arrangement of the node elements in the network topology template. When a node element corresponding to a two-layer virtual private network and a node element corresponding to a three-layer virtual private network need to be created, the node element corresponding to the two-layer virtual private network and the node element corresponding to the three-layer virtual private network are extracted from a network topology template, and the node element corresponding to the two-layer virtual private network and the node element corresponding to the three-layer virtual private network usually contain the determined VLAN ID, and also contain other default configuration information required for creating the node elements or a command and a path for acquiring the configuration information.
Step S428, updating the configuration information of the node elements corresponding to the second layer virtual private network and the node elements corresponding to the third layer virtual private network according to the VLAN ID determined in step S422;
specifically, the VLAN ID may be added to corresponding fields in the configuration information of the node element corresponding to the two-layer virtual private network and the node element corresponding to the three-layer virtual private network.
Step S430, respectively creating node elements corresponding to the two-layer virtual private network and node elements corresponding to the three-layer virtual private network according to the updated configuration information, so as to obtain a virtual private network including the two-layer virtual private network and the three-layer virtual private network.
Because the corresponding VLAN ID is determined, the specific sequence of the node elements corresponding to the two-layer virtual private network and the node elements corresponding to the three-layer virtual private network created in the step is not limited by the parameter of the VLAN ID any more, and the creation is carried out according to the sequence of each node element in the network topology template.
The NFV orchestrator not only provides an operation interface for the design of the network topology template, but also provides a northbound interface and a southbound interface, which can be used for creating each node element in the network topology template, so as to realize the resource allocation of the current service scenario. The northbound interface may be an interface for providing resource management and scheduling for an OSS (Operation support system) or BSS (Business support system) system, a functional interface for fast scheduling, issuing, and monitoring of a service, and the like; the southbound interface may connect a VIM (Virtualized Infrastructure Manager) system, an SDN (Software Defined Network) controller, and a VNFM (Network Function Virtualization Manager) platform, etc.
After the network topology template is designed, each node element in the template needs to be created through the NFV orchestrator. The node elements corresponding to the two-layer virtual private network and the node elements corresponding to the three-layer virtual private network can be created in the following manner: taking the node element corresponding to the two-layer virtual private network as an example, the NFV orchestrator may calculate, through the VNFM, the resource requirement of the node element corresponding to the two-layer virtual private network, allocate, through the VIM, resources (the resources include computing resources, storage resources, network resources, and the like) to the node element corresponding to the two-layer virtual private network according to the calculation result of the resource requirement, and notify the NFV orchestrator after the VIM resources are successfully allocated. The NFV orchestrator then notifies the VNFM to configure the node elements corresponding to the two-layer virtual private network according to the configuration information of the node elements corresponding to the two-layer virtual private network by using the allocated resources, and after the configuration is completed, the NFV orchestrator is notified that the creation is successful, and then the NFV orchestrator notifies the user that the creation is successful.
Step S432, acquiring configuration information after the establishment of the node elements corresponding to the two-layer virtual private network and the node elements corresponding to the three-layer virtual private network is completed; and respectively sending the created configuration information to the node elements corresponding to the two-layer virtual private network and the controllers corresponding to the node elements corresponding to the three-layer virtual private network, so that the controllers carry out synchronous operation on the created configuration information in each regional network.
After the node elements corresponding to the second layer virtual private network and the node elements corresponding to the third layer virtual private network are successfully established, the NFV orchestrator issues configuration information of the established node elements corresponding to the second layer virtual private network and the established node elements corresponding to the third layer virtual private network to the controller, and the controller issues the configuration information to the bottom layer router. In designing a network topology template, a user sets a controller issued by configuration information of a node element in configuration information of a node element corresponding to the two-layer virtual private network and a node element corresponding to the three-layer virtual private network in advance, that is, an identifier of the issued controller is stored in the configuration information. By inquiring the controller identifier in the configuration information, the configuration information of the node elements corresponding to the two-layer virtual private network and the controller to which the configuration information of the node elements corresponding to the three-layer virtual private network needs to be issued can be determined.
With continued reference to fig. 1, both the design process of the network topology template and the creation process of each node element in the template are completed at the NFV orchestrator; in order to enable the created virtual private network including the two-layer virtual private network and the three-layer virtual private network to operate normally, it is necessary to make the relevant devices in the two-layer virtual private network and the three-layer virtual private network in the network know that the virtual private network has been created and assist in operating the virtual private network; based on the purpose, the NFV orchestrator needs to perform the synchronization operation of the configuration information, and specifically, the NFV orchestrator sends the created configuration information to controllers corresponding to the two-layer virtual private network and the three-layer virtual private network, respectively, and places the configuration information in network devices in each network under the controllers, such as an edge router of the two-layer virtual private network and the three-layer virtual private network, a client terminal device, a core router, and the like.
It should be noted that the NFV scheduler may operate as a stand-alone device or as a network device; under the condition of networking operation, a user can design a network topology template through an NFV (network function virtualization) orchestrator on terminal equipment, the network topology template is uploaded to a system server after the design is finished, the user controls the creation of each node element of the network topology template through the NFV orchestrator in the terminal equipment, and the system server completes the creation process of the node elements.
In the method for creating a virtual private network according to the embodiment of the present disclosure, after the VLAN ID is determined, configuration information of a node element corresponding to a two-layer virtual private network and a node element corresponding to a three-layer virtual private network is updated according to the determined VLAN ID, and the node elements are created, and then the created configuration information is synchronized; the method sets the required virtual local area network information before the node elements corresponding to the two-layer virtual private network and the node elements corresponding to the three-layer virtual private network are created, and does not need to be manually inquired by workers in the creating process, so that the creating process of the two-layer virtual private network and the three-layer virtual private network can be automatically carried out, and the free definition of network topology according to service scenes is facilitated.
It should be noted that the above method embodiments are all described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments may be referred to each other.
Corresponding to the above method implementation, refer to fig. 5, which is a schematic structural diagram of an apparatus for creating a virtual private network, where the apparatus is installed in a device running an NFV orchestrator; the device comprises the following steps:
a node element searching module 50, configured to search, when a network creation instruction triggered by a user is received, whether a node element corresponding to a two-layer virtual private network and a node element corresponding to a three-layer virtual private network exist in a network topology template to be created, where a dependency relationship exists between the node element corresponding to the two-layer virtual private network and the node element corresponding to the three-layer virtual private network;
an information obtaining module 51, configured to obtain, if the node element exists, virtual local area network information required by a node element corresponding to a second-layer virtual private network and a node element corresponding to a third-layer virtual private network that are set by a user;
a VLAN ID determining module 52, configured to determine, according to the VLAN information, VLAN IDs of node elements corresponding to the second-layer virtual private network and node elements corresponding to the third-layer virtual private network;
and a network creating module 53, configured to create a node element corresponding to the second-layer virtual private network and a node element corresponding to the third-layer virtual private network according to the determined VLAN ID, so as to obtain a virtual private network including the second-layer virtual private network and the third-layer virtual private network.
In the device for creating a virtual private network provided by the present disclosure, if a node element corresponding to a two-layer virtual private network and a node element corresponding to a three-layer virtual private network having a dependency relationship exist in a network topology template to be created, virtual local area network information set by a user is acquired; then determining VLAN ID according to the virtual local area network information and creating node elements corresponding to the two-layer virtual private network and node elements corresponding to the three-layer virtual private network; in the method, the required virtual local area network information is set before the node elements corresponding to the two-layer virtual private network and the three-layer virtual private network with the dependency relationship are created, and the manual query by workers in the creating process is not needed, so that the creating process of the combined network of the two-layer virtual private network and the three-layer virtual private network can be automatically carried out, and the free definition of the network topology according to the service scene is facilitated.
Further, the VLAN ID determining module 52 is further configured to: judging whether the virtual local area network information comprises a VLAN resource pool ID or not; if the VLAN resource pool ID is included, judging whether the virtual local area network information also includes the VLAN ID; if the VLAN ID is included and the VLAN ID is not occupied, the VLAN ID is used as the VLAN ID of the node element corresponding to the two-layer virtual private network and the node element corresponding to the three-layer virtual private network; if not, allocating unoccupied VLAN IDs from VLAN resource pools corresponding to the VLAN resource pools IDs, and taking the allocated VLAN IDs as VLAN IDs of node elements corresponding to the two-layer virtual private network and node elements corresponding to the three-layer virtual private network.
Further, the VLAN ID determining module 52 is further configured to: if the virtual local area network information does not include the VLAN resource pool ID, judging whether the virtual local area network information includes the VLAN ID; and if the VLAN ID is included and the VLAN ID is not occupied, the VLAN ID is used as the VLAN ID of the node element corresponding to the two-layer virtual private network and the node element corresponding to the three-layer virtual private network.
Further, the network creating module 53 is configured to: extracting node elements corresponding to a two-layer virtual private network and node elements corresponding to a three-layer virtual private network from a network topology template; updating configuration information of node elements corresponding to the two-layer virtual private network and node elements corresponding to the three-layer virtual private network according to the determined VLAN ID; and respectively creating node elements corresponding to the two-layer virtual private network and the three-layer virtual private network according to the updated configuration information.
Further, the above apparatus comprises: the system comprises an information acquisition module and an information sending module, wherein the information acquisition module is used for acquiring configuration information after the establishment of node elements corresponding to a two-layer virtual private network and node elements corresponding to a three-layer virtual private network is completed; the information sending module is used for sending the created configuration information to the node elements corresponding to the two-layer virtual private network and the controllers corresponding to the node elements corresponding to the three-layer virtual private network respectively, so that the controllers can perform synchronous operation on the created configuration information in each regional network.
The embodiment provides a server corresponding to the method embodiment. Fig. 6 is a schematic structural diagram of the server, and as shown in fig. 6, the server includes a processor 601 and a memory 600; the memory 600 is used for storing one or more computer instructions, which are executed by the processor to implement the above-mentioned virtual private network creation method.
The server shown in fig. 6 further comprises a bus 602 and a communication interface 603, the processor 601, the communication interface 603 and the memory 600 being connected by the bus 602. The server may be a network edge device.
The Memory 600 may include a high-speed Random Access Memory (RAM) and may also include a non-volatile Memory (non-volatile Memory), such as at least one disk Memory. Bus 602 can be an ISA bus, PCI bus, EISA bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one double-headed arrow is shown in FIG. 6, but that does not indicate only one bus or one type of bus.
The communication interface 603 is configured to connect to at least one user terminal and other network elements through a network interface, and send the packaged IPv4 message or IPv8 message to the user terminal through the network interface.
The processor 601 may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware or instructions in the form of software in the processor 601. The Processor 601 may be a general-purpose Processor, and includes a Central Processing Unit (CPU), a Network Processor (NP), and the like; the device can also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other Programmable logic device, a discrete Gate or transistor logic device, or a discrete hardware component. The various methods, steps and logic blocks disclosed in the embodiments of the present invention may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present invention may be directly implemented by a hardware decoding processor, or implemented by a combination of hardware and software modules in the decoding processor. The software module may be located in ram, flash memory, rom, prom, or eprom, registers, etc. storage media as is well known in the art. The storage medium is located in the memory 600, and the processor 601 reads the information in the memory 600 and completes the steps of the method of the foregoing embodiment in combination with the hardware thereof.
Embodiments of the present invention further provide a machine-readable storage medium, where the machine-readable storage medium stores machine-executable instructions, and when the machine-executable instructions are called and executed by a processor, the machine-executable instructions cause the processor to implement the method for creating a virtual private network, and specific implementation may refer to method embodiments, and is not described herein again.
The server provided by the embodiment of the present invention has the same implementation principle and technical effect as the method embodiments described above, and for the sake of brief description, reference may be made to the corresponding contents in the method embodiments described above where no apparatus embodiment is mentioned.
In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other manners. The apparatus embodiments described above are merely illustrative, and the flowcharts and block diagrams in the figures, for example, illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
Finally, it should be noted that: the above-mentioned embodiments are merely specific embodiments of the present disclosure, which are used for illustrating the technical solutions of the present disclosure and not for limiting the same, and the scope of the present disclosure is not limited thereto, and although the present disclosure is described in detail with reference to the foregoing embodiments, those skilled in the art should understand that: any person skilled in the art can modify or easily conceive of the technical solutions described in the foregoing embodiments or equivalent technical features thereof within the technical scope of the present disclosure; such modifications, changes or substitutions do not depart from the spirit and scope of the embodiments of the present disclosure, and should be construed as being included therein. Therefore, the protection scope of the present disclosure shall be subject to the protection scope of the claims.
Claims (10)
1. A method for creating a virtual private network, said method being applied to a device running an NFV orchestrator; the method comprises the following steps:
when a network creating instruction triggered by a user is received, searching whether node elements corresponding to a two-layer virtual private network and node elements corresponding to a three-layer virtual private network exist in a network topology template to be created, wherein the node elements corresponding to the two-layer virtual private network and the node elements corresponding to the three-layer virtual private network have a dependency relationship;
if the node elements exist, acquiring the node elements corresponding to the two-layer virtual private network and the virtual local area network information required by the node elements corresponding to the three-layer virtual private network, which are set by a user;
determining VLAN IDs of node elements corresponding to the two-layer virtual private network and node elements corresponding to the three-layer virtual private network according to the virtual local area network information;
creating node elements corresponding to the two-layer virtual private network and node elements corresponding to the three-layer virtual private network according to the determined VLAN ID, and obtaining a virtual private network comprising the two-layer virtual private network and the three-layer virtual private network;
wherein the node element comprises a node name and configuration information;
the step of creating the node elements corresponding to the two-layer virtual private network and the node elements corresponding to the three-layer virtual private network according to the determined VLAN ID includes:
extracting node elements corresponding to the two-layer virtual private network and node elements corresponding to the three-layer virtual private network from the network topology template;
updating configuration information of the node elements corresponding to the two-layer virtual private network and the node elements corresponding to the three-layer virtual private network according to the determined VLAN ID;
and respectively creating node elements corresponding to the two-layer virtual private network and node elements corresponding to the three-layer virtual private network according to the updated configuration information.
2. The method according to claim 1, wherein the step of determining the VLAN IDs of the node elements corresponding to the two-layer virtual private network and the node elements corresponding to the three-layer virtual private network according to the virtual local area network information comprises:
judging whether the virtual local area network information comprises a VLAN resource pool ID or not;
if the VLAN resource pool ID is included, judging whether the virtual local area network information further includes the VLAN ID;
if the VLAN ID is included and the VLAN ID is not occupied, the VLAN ID is used as the VLAN ID of the node element corresponding to the two-layer virtual private network and the node element corresponding to the three-layer virtual private network;
if not, allocating unoccupied VLAN IDs from VLAN resource pools corresponding to the VLAN resource pools IDs, and taking the allocated VLAN IDs as VLAN IDs of node elements corresponding to the two-layer virtual private network and node elements corresponding to the three-layer virtual private network.
3. The method according to claim 2, wherein the step of determining the VLAN IDs of the node element corresponding to the second layer virtual private network and the node element corresponding to the third layer virtual private network according to the virtual local area network information further comprises:
if the virtual local area network information does not include the VLAN resource pool ID, judging whether the virtual local area network information includes the VLAN ID;
and if the VLAN ID is not occupied, the VLAN ID is used as the VLAN ID of the node element corresponding to the two-layer virtual private network and the node element corresponding to the three-layer virtual private network.
4. The method of claim 1, wherein after the step of creating node elements corresponding to the layer two virtual private network and node elements corresponding to a layer three virtual private network based on the determined VLAN ID, the method comprises:
acquiring configuration information after the establishment of the node elements corresponding to the two-layer virtual private network and the node elements corresponding to the three-layer virtual private network is completed;
and respectively sending the created configuration information to the node elements corresponding to the two-layer virtual private network and the controllers corresponding to the node elements corresponding to the three-layer virtual private network, so that the controllers perform the synchronous operation of the created configuration information in each regional network.
5. An apparatus for creating a virtual private network, the apparatus being provided in a device running an NFV orchestrator; the device comprises:
the node element searching module is used for searching whether a node element corresponding to a two-layer virtual private network and a node element corresponding to a three-layer virtual private network exist in a network topology template to be created or not when a network creating instruction triggered by a user is received, and a dependency relationship exists between the node element corresponding to the two-layer virtual private network and the node element corresponding to the three-layer virtual private network;
an information obtaining module, configured to obtain, if the node element exists, virtual local area network information required by the node element corresponding to the second-layer virtual private network and the node element corresponding to the third-layer virtual private network, where the node element is set by a user;
a VLAN ID determining module, configured to determine, according to the VLAN information, a VLAN ID of a node element corresponding to the second-layer virtual private network and a VLAN ID of a node element corresponding to the third-layer virtual private network;
a network creating module, configured to create, according to the determined VLAN ID, a node element corresponding to the second-layer virtual private network and a node element corresponding to the third-layer virtual private network, so as to obtain a virtual private network including the second-layer virtual private network and the third-layer virtual private network;
wherein the node element comprises a node name and configuration information;
the network creation module is configured to:
extracting node elements corresponding to the two-layer virtual private network and node elements corresponding to the three-layer virtual private network from the network topology template;
updating the configuration information of the node elements corresponding to the two-layer virtual private network and the node elements corresponding to the three-layer virtual private network according to the determined VLAN ID;
and respectively creating node elements corresponding to a two-layer virtual private network and node elements corresponding to a three-layer virtual private network according to the updated configuration information.
6. The apparatus of claim 5, wherein the VLAN ID determination module is configured to:
judging whether the virtual local area network information comprises a VLAN resource pool ID or not;
if the VLAN resource pool ID is included, judging whether the virtual local area network information further includes the VLAN ID;
if the VLAN ID is included and the VLAN ID is not occupied, the VLAN ID is used as the VLAN ID of the node element corresponding to the two-layer virtual private network and the node element corresponding to the three-layer virtual private network;
if not, allocating unoccupied VLAN IDs from VLAN resource pools corresponding to the VLAN resource pools IDs, and taking the allocated VLAN IDs as VLAN IDs of node elements corresponding to the two-layer virtual private network and node elements corresponding to the three-layer virtual private network.
7. The apparatus of claim 6, wherein the VLAN ID determination module is configured to:
if the virtual local area network information does not include the VLAN resource pool ID, judging whether the virtual local area network information includes the VLAN ID;
and if the VLAN ID is not occupied, the VLAN ID is used as the VLAN ID of the node element corresponding to the two-layer virtual private network and the node element corresponding to the three-layer virtual private network.
8. The apparatus of claim 6, wherein the apparatus comprises:
an information acquisition module, configured to acquire configuration information after creation of the node elements corresponding to the two-layer virtual private network and the node elements corresponding to the three-layer virtual private network is completed;
and the information sending module is used for respectively sending the created configuration information to the node elements corresponding to the two-layer virtual private network and the controllers corresponding to the node elements corresponding to the three-layer virtual private network so that the controllers carry out synchronous operation on the created configuration information in each regional network.
9. A server comprising a processor and a machine-readable storage medium storing machine-executable instructions executable by the processor to perform the method of any one of claims 1 to 4.
10. A machine-readable storage medium having stored thereon machine-executable instructions which, when invoked and executed by a processor, cause the processor to implement the method of any of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811432278.0A CN109379268B (en) | 2018-11-27 | 2018-11-27 | Virtual private network creating method and device and server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811432278.0A CN109379268B (en) | 2018-11-27 | 2018-11-27 | Virtual private network creating method and device and server |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109379268A CN109379268A (en) | 2019-02-22 |
| CN109379268B true CN109379268B (en) | 2021-05-07 |
Family
ID=65377620
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811432278.0A Active CN109379268B (en) | 2018-11-27 | 2018-11-27 | Virtual private network creating method and device and server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109379268B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110502409A (en) * | 2019-08-23 | 2019-11-26 | 行吟信息科技(上海)有限公司 | A kind of method and system of visual control service operation situation |
| CN113395183B (en) * | 2021-08-18 | 2021-12-07 | 南京赛宁信息技术有限公司 | Virtual node scheduling method and system for network simulation platform VLAN interconnection |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101848161A (en) * | 2010-05-31 | 2010-09-29 | 杭州华三通信技术有限公司 | Communication method and equipment of MPLS L2VPN (Multiple protocol Label Switching Layer 2 Virtual Private Network) and MPLS L3VPN (Multiple protocol Label Switching Layer 3 Virtual Private Network) |
| CN102546416A (en) * | 2012-01-13 | 2012-07-04 | 中兴通讯股份有限公司 | Transmission method and device of L3VPN (layer 3 virtual private network) service message |
| CN102804693A (en) * | 2009-06-26 | 2012-11-28 | 阿瓦雅公司 | Method and apparatus for implementing L2 VPNs on an ip network |
| CN103546374A (en) * | 2012-07-10 | 2014-01-29 | 杭州华三通信技术有限公司 | Message forwarding method and device in two-layered edge network |
| CN104717119A (en) * | 2015-04-09 | 2015-06-17 | 烽火通信科技股份有限公司 | Method and system for realizing bridge connection between L2 VPN and L3 VPN |
| CN105190557A (en) * | 2012-10-16 | 2015-12-23 | 思杰系统有限公司 | Systems and methods for bridging between public and private clouds through multi-level api integration |
| CN107147509A (en) * | 2016-03-01 | 2017-09-08 | 中兴通讯股份有限公司 | Centrex service implementation method, device and communication system |
| CN107547333A (en) * | 2016-06-29 | 2018-01-05 | 华为技术有限公司 | For realizing the method and apparatus of combination virtual private network |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2009124591A1 (en) * | 2008-04-10 | 2009-10-15 | Telefonaktiebolaget Lm Ericsson (Publ) | Setting up a virtual private network using virtual lan identifiers |
-
2018
- 2018-11-27 CN CN201811432278.0A patent/CN109379268B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102804693A (en) * | 2009-06-26 | 2012-11-28 | 阿瓦雅公司 | Method and apparatus for implementing L2 VPNs on an ip network |
| CN101848161A (en) * | 2010-05-31 | 2010-09-29 | 杭州华三通信技术有限公司 | Communication method and equipment of MPLS L2VPN (Multiple protocol Label Switching Layer 2 Virtual Private Network) and MPLS L3VPN (Multiple protocol Label Switching Layer 3 Virtual Private Network) |
| CN102546416A (en) * | 2012-01-13 | 2012-07-04 | 中兴通讯股份有限公司 | Transmission method and device of L3VPN (layer 3 virtual private network) service message |
| CN103546374A (en) * | 2012-07-10 | 2014-01-29 | 杭州华三通信技术有限公司 | Message forwarding method and device in two-layered edge network |
| CN105190557A (en) * | 2012-10-16 | 2015-12-23 | 思杰系统有限公司 | Systems and methods for bridging between public and private clouds through multi-level api integration |
| CN104717119A (en) * | 2015-04-09 | 2015-06-17 | 烽火通信科技股份有限公司 | Method and system for realizing bridge connection between L2 VPN and L3 VPN |
| CN107147509A (en) * | 2016-03-01 | 2017-09-08 | 中兴通讯股份有限公司 | Centrex service implementation method, device and communication system |
| CN107547333A (en) * | 2016-06-29 | 2018-01-05 | 华为技术有限公司 | For realizing the method and apparatus of combination virtual private network |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109379268A (en) | 2019-02-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20200081731A1 (en) | Method, system and apparatus for creating virtual machine | |
| CN107786353B (en) | Service arranging method and device and service distributing method and device | |
| US9680706B2 (en) | Federated firewall management for moving workload across data centers | |
| EP2989749B1 (en) | Network resource monitoring | |
| WO2016155394A1 (en) | Method and device for establishing link between virtual network functions | |
| EP3300298B1 (en) | Method and apparatus for switching vnf | |
| US20170289060A1 (en) | Model driven process for automated deployment of domain 2.0 virtualized services and applications on cloud infrastructure | |
| JP6533475B2 (en) | Management device and network service management method | |
| US11641308B2 (en) | Software defined networking orchestration method and SDN controller | |
| CN111224821B (en) | Security service deployment system, method and device | |
| US20180034709A1 (en) | Method and Device for Asset Information Management | |
| JP6888078B2 (en) | Network function NF management method and NF management device | |
| CN105052078A (en) | Extending routing rules from external services | |
| CN111147370A (en) | Method and control device for determining forwarding path | |
| CN109189758B (en) | Operation and maintenance flow design method, device and equipment, operation method, device and host | |
| EP3806390B1 (en) | Network slice creation method and management and orchestration system | |
| CN109379268B (en) | Virtual private network creating method and device and server | |
| US9363294B2 (en) | Management server, tenant pattern validation method, and computer system | |
| US11588739B2 (en) | Enhanced management of communication rules over multiple computing networks | |
| CN107919975B (en) | Business resource allocation method and device | |
| WO2017182086A1 (en) | Management of network resources shared by multiple customers | |
| CN114157573A (en) | Method and device for deploying virtualized network function | |
| CN115209378A (en) | Service resource dynamic allocation method, system, management server and medium for vehicle | |
| CN115883283A (en) | Deployment method and device of containerization VNF | |
| CN112241293A (en) | Application management method, device, equipment and medium for industrial internet cloud platform |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |