CN110650077A - Method and system for separating control and forwarding of L2TP protocol - Google Patents
Method and system for separating control and forwarding of L2TP protocol Download PDFInfo
- Publication number
- CN110650077A CN110650077A CN201810674641.3A CN201810674641A CN110650077A CN 110650077 A CN110650077 A CN 110650077A CN 201810674641 A CN201810674641 A CN 201810674641A CN 110650077 A CN110650077 A CN 110650077A
- Authority
- CN
- China
- Prior art keywords
- l2tp
- lns
- protocol
- bng
- lac
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4633—Interconnection of networks using encapsulation techniques, e.g. tunneling
Abstract
The invention discloses a method and a system for separating control and forwarding of an L2TP protocol, wherein the method comprises the following steps: the LAC-U receives a PPPoE protocol message sent by a user terminal and forwards the PPPoE protocol message to a BNG/vBNG-C; the LAC-U receives a first L2TP protocol message fed back by the BNG/vBNG-C according to the PPPoE protocol message, and forwards the first L2TP protocol message to the LNS-U, wherein the first L2TP protocol message carries the IP address of the LNS-U; and the LAC-U receives a second L2TP protocol message fed back by the LNS-U according to the first L2TP protocol message, and establishes an L2TP tunnel and a session with the LNS-U according to the second L2TP protocol message.
Description
Technical Field
The invention relates to the technical field of communication, in particular to a method and a system for separating control and forwarding of an L2TP protocol.
Background
With the development of SDN (Software Defined Network) technology and NFV (Network Function Virtualization) technology, traditional Network element devices evolve from specialization to universalization. The evolution of the traditional network element equipment from specialization to generalization mainly solves two decouples: decoupling control and forwarding, and decoupling software and hardware.
BNG (broadband Network Gateway) is very important in user broadband access service and scenario as traditional broadband access Gateway device, and L2TP (Layer 2Tunnel Protocol) user access is an important function of BNG device. The main requirements on the BNG device L2TP for user access are user authentication, access control, etc. With the endless layer of various internet services, the number of L2TP user sessions supported by BNG devices is required to be increased, the access bandwidth of L2TP users is increased, and especially, the device has an increasingly higher requirement for providing open and programmable capability for services. Based on these factors, BNG devices are very necessary to implement the aforementioned two decouples based on the architecture of SDN/NFV.
The decoupling of BNG forwarding and control is a trend, after the decoupling of forwarding and control, a control plane can manage a plurality of forwarding planes, flexible scheduling of users, flow and resources among the plurality of forwarding planes is carried out, and the utilization rate and reliability of equipment can be greatly improved compared with a single machine. Therefore, with the implementation of BNG forwarding and control decoupling, L2TP user access protocol also performs forwarding and control decoupling.
Disclosure of Invention
The scheme provided by the embodiment of the invention solves the problem that the separation of the forwarding and the control of the L2TP protocol cannot be realized in the prior art.
The method for separating the control and the forwarding of the L2TP protocol provided by the embodiment of the invention comprises the following steps:
LAC-U (L2TP Access Concentrator-User Plane, L2TP Access rendezvous point-forwarding Plane) receives PPPoE protocol message sent by User terminal, and forwards the PPPoE protocol message to BNG/vBNG-C (BNG/vBNGControl Plane );
the LAC-U receives a first L2TP protocol message fed back by the BNG/vBNG-C according to the PPPoE protocol message, and forwards the first L2TP protocol message to an LNS-U (L2TP Network Server User Plane, L2TP Network Server-forwarding Plane), wherein the first L2TP protocol message carries an IP address of the LNS-U;
and the LAC-U receives a second L2TP protocol message fed back by the LNS-U according to the first L2TP protocol message, and establishes an L2TP tunnel and a session with the LNS-U according to the second L2TP protocol message.
Preferably, after the LAC-U establishes an L2TP tunnel and session with the LNS-U according to the second L2TP protocol packet, the method further includes:
the LAC-U sends the data forwarding flow to the LNS-U under the condition of receiving the data forwarding flow sent by a user terminal;
and the LAC-U forwards the control message to the BNG/vBNG-C through the LNS-U under the condition of receiving the control message sent by the user terminal, so that the BNG/vBNG-C performs session negotiation and address allocation, and sends a user table entry to the LNS-U after the session negotiation.
Preferably, after the LAC-U receives a PPPoE protocol packet sent by the user equipment and forwards the PPPoE protocol packet to the BNG/vBNG-C, the method further includes:
the BNG/vBNG-C judges whether the user terminal is an L2TP terminal or not according to the PPPoE protocol message;
and if so, constructing the first L2TP protocol message and sending the first protocol L2TP message to the LAC-U.
Preferably, after the LAC-U receives a first L2TP protocol packet fed back by the BNG/vBNG-C according to the PPPoE protocol packet, and forwards the first L2TP protocol packet to the LNS-U, the method further includes:
the LNS-U sends the first L2TP protocol message to the BNG/vBNG-C;
the BNG/vBNG-C constructs a second L2TP protocol message according to the first L2TP protocol message, and sends the second L2TP protocol message to the LNS-U;
and the LNS-U sends the second L2TP protocol message to the LAC-U.
The system for separating the control and the forwarding of the L2TP protocol provided by the embodiment of the invention comprises: LAC-U, LNS-U and BNG/vBNG-C;
the LAC-U is configured to forward a PPPoE protocol packet sent by a user terminal to a BNG/vBNG-C, receive a first L2TP protocol packet carrying an IP address of the LNS-U and fed back by the BNG/vBNG-C according to the PPPoE protocol packet, forward the first L2TP protocol packet to the LNS-U, receive a second L2TP protocol packet fed back by the LNS-U according to the first L2TP protocol packet, and establish an L2TP tunnel and a session with the LNS-U according to the second L2TP protocol packet;
the LNS-U is configured to receive the first L2TP protocol packet sent by the BNG/vBNG-C according to the LAC-U, construct a second L2TP protocol packet, and forward the second L2TP protocol packet to the LAC-U;
the BNG/vBNG-C is configured to construct the first L2TP protocol packet according to the PPPoE protocol packet, send the first L2TP protocol packet to the LAC-U, construct the second L2TP protocol packet according to the first L2TP protocol packet, and send the second L2TP protocol packet to the LNS-U.
Preferably, the LAC-U is further configured to:
under the condition of receiving a data forwarding stream sent by a user terminal, sending the data forwarding stream to the LNS-U;
and under the condition of receiving a control message sent by a user terminal, forwarding the control message to the BNG/vBNG-C through the LNS-U so that the BNG/vBNG-C can carry out session negotiation and address allocation, and issuing a user table entry to the LNS-U after the session negotiation.
Preferably, the BNG/vBNG-C is specifically configured to determine, according to the PPPoE protocol packet, whether the user terminal is an L2TP terminal, and if the determination result is yes, construct the first L2TP protocol packet, and send the first protocol L2TP packet to the LAC-U.
According to the device for separating L2TP protocol control and forwarding, provided by the embodiment of the invention, the device comprises: a processor, and a memory coupled to the processor; the memory is stored with a program of L2TP protocol control and forwarding separation which can run on the processor, and the program of L2TP protocol control and forwarding separation is executed by the processor to realize the steps of the method of L2TP protocol control and forwarding separation provided by the embodiment of the invention.
According to a computer storage medium provided by the embodiment of the invention, a program for separating control and forwarding of the L2TP protocol is stored, and when being executed by a processor, the program for separating control and forwarding of the L2TP protocol realizes the steps of the method for separating control and forwarding of the L2TP protocol provided by the embodiment of the invention.
According to the scheme provided by the embodiment of the invention, the decoupling of L2TP user access forwarding and control is realized, the separation of L2TP protocol control and forwarding is realized in the BNG/vBNG scene of separation of control and forwarding, the NFV cloud is realized by the L2TP protocol processing control plane, and the user bearing capacity and redundancy backup are enhanced.
Drawings
Fig. 1 is a flowchart of a method for separating L2TP protocol control from forwarding according to an embodiment of the present invention;
fig. 2 is a schematic diagram of a system in which L2TP protocol control and forwarding are separated according to an embodiment of the present invention;
fig. 3 is a structural diagram of a networking scenario diagram i according to an embodiment of the present invention;
fig. 4 is a structural diagram of a second device networking scenario provided in the embodiment of the present invention;
fig. 5 is a top-level flow chart of L2TP user access protocol control and forwarding provided by the embodiment of the present invention;
FIG. 6 is a refined timing diagram for an implementation provided by an example of the present invention;
FIG. 7 is a diagram of L2TP control, forwarding split system core components, according to an embodiment of the present invention;
fig. 8 is a flowchart of L2TP user access protocol control and forwarding according to an embodiment of the present invention.
Detailed Description
The preferred embodiments of the present invention will be described in detail below with reference to the accompanying drawings, and it should be understood that the preferred embodiments described below are only for the purpose of illustrating and explaining the present invention, and are not to be construed as limiting the present invention.
Fig. 1 is a flowchart of a method for separating L2TP protocol control from forwarding, as shown in fig. 1, including:
step S101: the LAC-U receives a PPPoE protocol message sent by a user terminal and forwards the PPPoE protocol message to a BNG/vBNG-C;
step S102: the LAC-U receives a first L2TP protocol message fed back by the BNG/vBNG-C according to the PPPoE protocol message, and forwards the first L2TP protocol message to the LNS-U, wherein the first L2TP protocol message carries the IP address of the LNS-U;
step S103: and the LAC-U receives a second L2TP protocol message fed back by the LNS-U according to the first L2TP protocol message, and establishes an L2TP tunnel and a session with the LNS-U according to the second L2TP protocol message.
Wherein, after the LAC-U establishes an L2TP tunnel and session with the LNS-U according to the second L2TP protocol packet, the method further includes: the LAC-U sends the data forwarding flow to the LNS-U under the condition of receiving the data forwarding flow sent by a user terminal; and the LAC-U forwards the control message to the BNG/vBNG-C through the LNS-U under the condition of receiving the control message sent by the user terminal, so that the BNG/vBNG-C performs session negotiation and address allocation, and sends a user table entry to the LNS-U after the session negotiation.
Wherein, after LAC-U receives PPPoE protocol message sent by user terminal and forwards the PPPoE protocol message to BNG/vBNG-C, the method also comprises: the BNG/vBNG-C judges whether the user terminal is an L2TP terminal or not according to the PPPoE protocol message; and if so, constructing the first L2TP protocol message and sending the first protocol L2TP message to the LAC-U.
Wherein, after the LAC-U receives the first L2TP protocol packet fed back by the BNG/vBNG-C according to the PPPoE protocol packet and forwards the first L2TP protocol packet to the LNS-U, the method further comprises: the LNS-U sends the first L2TP protocol message to the BNG/vBNG-C; the BNG/vBNG-C constructs a second L2TP protocol message according to the first L2TP protocol message, and sends the second L2TP protocol message to the LNS-U; and the LNS-U sends the second L2TP protocol message to the LAC-U.
Fig. 2 is a schematic diagram of a system for separating L2TP protocol control from forwarding according to an embodiment of the present invention, as shown in fig. 2, including: LAC-U, LNS-U and BNG/vBNG-C; the LAC-U is configured to forward a PPPoE protocol packet sent by a user terminal to a BNG/vBNG-C, receive a first L2TP protocol packet carrying an IP address of the LNS-U and fed back by the BNG/vBNG-C according to the PPPoE protocol packet, forward the first L2TP protocol packet to the LNS-U, receive a second L2TP protocol packet fed back by the LNS-U according to the first L2TP protocol packet, and establish an L2TP tunnel and a session with the LNS-U according to the second L2TP protocol packet; the LNS-U is configured to receive the first L2TP protocol packet sent by the BNG/vBNG-C according to the LAC-U, construct a second L2TP protocol packet, and forward the second L2TP protocol packet to the LAC-U; the BNG/vBNG-C is configured to construct the first L2TP protocol packet according to the PPPoE protocol packet, send the first L2TP protocol packet to the LAC-U, construct the second L2TP protocol packet according to the first L2TP protocol packet, and send the second L2TP protocol packet to the LNS-U.
Wherein the LAC-U is further configured to: under the condition of receiving a data forwarding stream sent by a user terminal, sending the data forwarding stream to the LNS-U; and under the condition of receiving a control message sent by a user terminal, forwarding the control message to the BNG/vBNG-C through the LNS-U so that the BNG/vBNG-C can carry out session negotiation and address allocation, and issuing a user table entry to the LNS-U after the session negotiation.
The BNG/vBNG-C is specifically configured to determine whether the user terminal is an L2TP terminal according to the PPPoE protocol packet, and if the determination result is yes, construct the first L2TP protocol packet, and send the first protocol L2TP packet to the LAC-U.
The device for separating control and forwarding of the L2TP protocol provided by the embodiment of the invention comprises: a processor, and a memory coupled to the processor; the memory stores a program of separating control and forwarding of the L2TP protocol, which can run on the processor, and the program of separating control and forwarding of the L2TP protocol is executed by the processor to realize the steps of the method of separating control and forwarding of the L2TP protocol provided by the embodiment of the invention.
The computer storage medium provided by the embodiment of the invention stores a program for separating control and forwarding of an L2TP protocol, and the program for separating control and forwarding of the L2TP protocol is executed by a processor to realize the steps of the method for separating control and forwarding of the L2TP protocol provided by the embodiment of the invention.
In the embodiment of the invention, under a BNG environment with separated control and forwarding, an L2TP protocol control plane adopts X86 server virtualization to realize strong cloud computing capacity, dynamic resource expansion and contraction can be performed according to the load condition of user access, the effect of improving the resource utilization rate is achieved, the redundant backup of an L2TP control plane component can be realized, and the bottleneck of traditional BNG L2TP user access is broken through. Meanwhile, the L2TP forwarding plane adopts traditional high-performance forwarding hardware equipment, so that the weakness of poor forwarding capability of the current X86 server can be avoided.
Fig. 3 is a structural diagram of a networking scenario diagram provided in the embodiment of the present invention, and as shown in fig. 3, a Network element and a Network module included in the Network element include a User equipment, a BNG/vBNG-C, BNG/vBNG-UBNG/vBNG-U (broadband Network Gateway/Virtual broadband Network Gateway-User Plane, broadband Network Gateway/Virtual broadband Network Gateway-forwarding Plane); AAA (authentication, authorization, accounting) module, access network; BNG/vBNG-C is composed of a plurality of components, including: an MP (Management Process) component, a PP (Protocol Process) component, an L2TP component, and an LB (Load Balance) component; BNG/vBNG-U consists of LAC-U and LNS-U.
The user Equipment includes an RG (Residential Gateway), a CPE (Customer Premise Equipment), a PC (Personal Computer), a handheld terminal, and the like.
The BNG/vBNG-C module includes a BNG control plane and a vBNG control plane, and mainly performs protocol negotiation, user authentication, access control, user management, and the like for L2TP user access. The BNG/vBNG-U module comprises a forwarding plane of the BNG and a forwarding plane of the vBNG, is divided into LAC-U and LNS-U, is communicated with each other through an L3 network, and is mainly responsible for forwarding L2TP user traffic and executing user-related flow strategies.
As shown in fig. 4, in the processing apparatus and system related to the processing method for separating L2TP protocol control and forwarding according to the present invention, LAC-U and LNS-U may further have respective independent BNG/vBNG-C control planes, which are BNG/vBNG-C-1 and BNG/vBNG-C-2, respectively.
Fig. 5 is a top-level flowchart of L2TP user access protocol control and forwarding provided by the embodiment of the present invention, as shown in fig. 5, including the following steps:
firstly, an LAC-U receives a PPPoE protocol message sent by a user terminal, packages the message in a VxLAN (Virtual Extensible LAN) tunnel and forwards the message to an LB load sharing component of a BNG/vBNG-C;
secondly, after receiving the PPPoE protocol message, the BNG/vBNG-C LB sends the PPPoE protocol message to each PP component according to a certain load sharing strategy, and the PP component processes the PPPoE protocol message;
thirdly, the PP component judges that the user is an L2TP user according to a user access domain name or AAA authorization result obtained by a LCP (Link Control Protocol) message of PPPoE, and notifies the L2TP component to perform Protocol processing, and a plurality of L2TP components may be deployed as load sharing (more than 2, completely sharing) or a master-slave mode (2 components, one master and one slave);
fourthly, the L2TP component searches a corresponding LNS address according to local related configuration information of L2TP, initiates negotiation processing of a tunnel and a session from LAC to LNS, constructs an L2TP protocol message, encapsulates the message in a VxLAN tunnel through an LB component, and sends the message to an LAC-U, wherein the target IP of the L2TP tunnel is LNS-U;
fifthly, the LAC-U receives a control message sent by the LB, the control message carries a tunnel destination IP and VPN (Virtual Private Network) information, the LAC-U analyzes a tunnel destination address and VPN information from the control message, and the tunnel destination address and the VPN information are forwarded to the LNS-U according to the IP address and a VPN routing;
sixthly, after receiving the L2TP protocol message, the LNS-U encapsulates the VxLAN tunnel and sends the VxLAN tunnel to an LB assembly of the BNG/vBNG-C;
seventhly, the BNG/vBNG-C sends the message to the L2TP component, carries out the processing of the L2TP protocol, constructs the L2TP protocol message, encapsulates the message in a VxLAN tunnel through an LB component and sends the message to an LNS-U;
eighthly, the LNS-U receives the control message (L2TP protocol message) sent by the LB, analyzes the tunnel destination address and the VPN information from the control message, and forwards the tunnel destination address and the VPN information to the LAC-U according to the IP address and the VPN routing;
and ninthly, after the L2TP tunnel and the session of the LAC and the LNS are established, the BNG/vBNG-C sends the tunnel and the session information to the LAC-U and the LNS-U through Openflow, and the establishment of the L2TP forwarding channel is completed between the LAC-U and the LNS-U. The user terminal directly carries out PPP (Point-to-Point Protocol) negotiation with the LNS, the LNS-U sends a PPP negotiation message of the user to LB of the BNG/vBNG-C through the VxLAN channel, then the L2TP component carries out PPP negotiation and address allocation, and after PPP session negotiation is finished, the BNG/vBNG-C sends a user table item to the LNS-U through Openflow.
Fig. 6 is a refined timing diagram of an embodiment provided by an example of the present invention, as shown in fig. 6, including refinement steps described below.
The first step comprises:
101, a user terminal sends a PPPoE dialing request, a message is sent to a BNG/vBNG-C control plane from LAC-U, and a PP component judges that the user is an L2TP user according to a domain name or AAA authorization result carried by a PPP LCP negotiation message;
the second step includes:
201, a BNG/vBNG-C control plane L2TP component constructs an L2TP protocol message and sends the message to a corresponding LAC-U through a VxLAN channel;
202, after receiving the L2TP protocol message, the LAC-U sends the L2TP protocol message to the corresponding LNS-U according to the route;
203, after receiving the L2TP protocol message, LNS-U sends the message to BNG/vBNG-C for processing;
204, after receiving the L2TP protocol message, the BNG/vBNG-C control plane sends the message to the L2TP component for processing, and the L2TP component constructs a new L2TP protocol message according to the L2TP related configuration information configured by the BNG/vBNG-C control plane and then sends the message to the LNS-U;
205, after receiving the L2TP protocol message, the LNS-U sends the L2TP protocol message to the corresponding LAC-U according to the route;
206, completing negotiation of L2TP tunnel and session control message between LAC and LNS, delivering tunnel and session table item by BNG/vBNG-C through openflow, and establishing the end point of the tunnel on LAC-U and LNS-U;
the third step includes:
301. the user terminal sends PPP LCP negotiation message to LAC-U, and the LAC-U encapsulates the tunnel head of L2TP according to the local L2TP user table entry and sends the tunnel head to LNS-U;
302. after receiving PPP LCP negotiation message, LNS-U sends it to BNG/vBNG-C control plane;
303. the BNG/vBNG-C Control plane sends the PPP LCP negotiation message to the L2TP component, the L2TP component completes the PPP LCP negotiation, and completes NCP (Network Control Protocol) negotiation with the user terminal, and allocates an internal address to the user. The BNG/vBNG-C control plane issues a user table item to the LNS-U through openflow;
304. after the user data forwarding message reaches LAC-U, the L2TP tunnel is directly encapsulated and forwarded to LNS-U, and the data forwarding message does not need to be sent to BNG/vBNG-C control plane for processing;
fig. 7 is a core component diagram of an L2TP control and forwarding separation system according to an embodiment of the present invention, as shown in fig. 7, S: an L2TP service access processing group, which is accessed for the L2TP users; p: the user access port specifically comprises:
the BNG/vBNG-C control plane L2TP processing component is in a master-slave deployment mode, and LAC-U1 and LAC-U2 are forwarding pools. First, specific examples of S are defined S1, S2, S3: the L2TP user access processing group S1 includes two forwarding plane devices, which are LAC-U1 and LNS-U1, respectively, and also includes a control plane L2TP processing component L2TP1, which is expressed as S1 in syntax (LAC-U1& P1, LNS-U1, and L2TP1), and P1 is a user access port; wherein the L2TP user access processing group S2 includes two forwarding plane devices, LAC-U2 and LNS-U1, respectively, and a control plane L2TP processing component L2TP1, which is expressed as S2 in syntax (LAC-U2& P2, LNS-U1, L2TP 1); wherein the L2TP user access processing group S3 includes two forwarding plane devices, LAC-U2 and LNS-U1, respectively, and a control plane L2TP processing component L2TP2, which is expressed as S2 in syntax (LAC-U2& P2, LNS-U1, L2TP 2);
further, when the LAC-U1 and the LAC-U2 receive the access request of the user L2TP at the same time, both forwarding planes will send the access request message to the BNG/vBNG-C control plane. The BNG/vBNG-C control plane PP component selects one active LAC-U1 for user access according to the configuration, and the active L2TP1 component performs L2TP access protocol processing, and the L2TP1 component selects to perform L2TP tunnel and session negotiation with the LNS-U1 according to the control plane configuration, that is, to execute the S1 access processing group. The BNG/vBNG-C control plane simultaneously issues the L2TP user table entry to LAC-U1 and LAC-U2, a P1 port of the LAC-U1 is used as a main port, and a P2 port of the LAC-U2 is used as a standby port;
further, when a P1 port of the LAC-U1 fails, the P2 port of the LAC-U2 is increased to be active, L2TP user traffic is sent to the LNS-U1 by the LAC-U2, and accesses of subsequent L2TP users are all sent to a BNG/vBNG-C control plane by the LAC-U2, that is, the L2TP user access processing group S2 is executed;
further, when the BNG/vBNG-C control plane L2TP1 processing component fails, the standby L2TP2 component takes over, and the subsequent L2TP protocol processing is taken over by the L2TP2 component, that is, the L2TP user access processing group S3 is executed;
fig. 8 is a flowchart of L2TP user access protocol control and forwarding provided by an embodiment of the present invention, as shown in fig. 8, including:
step 3, the PP component judges that the user is the L2TP user, and informs the main L2TP component to carry out protocol processing;
and step 4, the L2TP component initiates negotiation processing of a tunnel and a session from the LAC to the LNS, constructs an L2TP protocol message, and establishes an L2TP tunnel and a session between the LAC-U1 and the LNS-U1. User data forwarding flow is directly sent to LNS-U1 from an L2TP message encapsulated by LAC-U1, and a user dialing control message is uploaded to a BNG/vBNG-C control plane;
step 5, when the LAC-U1 access port fails, the user is accessed by the LAC-U2, and the control plane is still subjected to protocol processing by the main L2TP component;
step 6, when the BNG/vBNG-C control plane primary L2TP component fails, the standby L2TP component takes over, and the user service is not interrupted;
as described above, the BNG/vBNG control plane of the present invention processes the control protocol packet of L2TP by adding a new L2TP protocol processing component (VM virtual machine), and the L2TP protocol processing component may deploy multiple VMs to form active/standby or load sharing. The L2TP protocol processing component is responsible for the control message interaction of the L2TP tunnel and the session, and the end point of the tunnel is established on the BNG/vBNG forwarding plane. The L2TP control protocol message is identified by the BNG/vBNG forwarding plane and then is uploaded to the L2TP protocol processing component of the control plane for processing, and the L2TP data forwarding message is directly packaged by the BNG/vBNG forwarding plane into the header of the L2TP message for forwarding without being forwarded to the control plane for processing. The L2TP protocol control plane stores L2TP user table entries, when the BNG/vBNG forwarding plane accesses the user port or the whole equipment fails, the control plane can perform hot standby switching of the user and switch to the backup BNG/vBNG forwarding plane.
According to the scheme provided by the embodiment of the invention, the separation of the control and the forwarding of the L2TP user access protocol is realized, the control plane of the L2TP protocol adopts an X86 universal server, and the forwarding plane of the L2TP adopts traditional high-performance hardware, so that the processing capability of the control plane is improved, and the forwarding capability of the forwarding plane is also ensured. The technology has the advantages of self-adaptation and no additional requirement on peripheral networks; the capacity of the L2TP access user is improved, the capacity can be automatically expanded and contracted, the forwarding surface still adopts high-performance hardware, and various L2TP application scenes can be met.
Although the present invention has been described in detail hereinabove, the present invention is not limited thereto, and various modifications can be made by those skilled in the art in light of the principle of the present invention. Thus, modifications made in accordance with the principles of the present invention should be understood to fall within the scope of the present invention.
Claims (9)
1. A method for separating L2TP protocol control and forwarding is characterized by comprising the following steps:
the LAC-U receives a PPPoE protocol message sent by a user terminal and forwards the PPPoE protocol message to a BNG/vBNG-C;
the LAC-U receives a first L2TP protocol message fed back by the BNG/vBNG-C according to the PPPoE protocol message, and forwards the first L2TP protocol message to the LNS-U, wherein the first L2TP protocol message carries the IP address of the LNS-U;
the LAC-U receives a second L2TP protocol message fed back by the LNS-U according to the first L2TP protocol message, and establishes an L2TP tunnel and a session with the LNS-U according to the second L2TP protocol message;
wherein the L2TP refers to a layer two tunneling protocol; the BNG/vBNG-C refers to a bandwidth network gateway/virtual bandwidth network gateway-control plane; the LAC-U refers to the L2TP access convergence point-forwarding plane; the LNS-U refers to the L2TP network server-forwarding plane.
2. The method of claim 1, wherein after the LAC-U establishes an L2TP tunnel and session with the LNS-U according to the second L2TP protocol packet, further comprising:
the LAC-U sends the data forwarding flow to the LNS-U under the condition of receiving the data forwarding flow sent by a user terminal;
and the LAC-U forwards the control message to the BNG/vBNG-C through the LNS-U under the condition of receiving the control message sent by the user terminal, so that the BNG/vBNG-C performs session negotiation and address allocation, and sends a user table entry to the LNS-U after the session negotiation.
3. The method of claim 1, wherein after the LAC-U receives a PPPoE protocol packet sent by the user equipment and forwards the PPPoE protocol packet to the BNG/vBNG-C, the method further comprises:
the BNG/vBNG-C judges whether the user terminal is an L2TP terminal or not according to the PPPoE protocol message;
and if so, constructing the first L2TP protocol message and sending the first protocol L2TP message to the LAC-U.
4. The method of claim 1, wherein after the LAC-U receives a first L2TP protocol packet fed back by the BNG/vBNG-C according to the PPPoE protocol packet and forwards the first L2TP protocol packet to the LNS-U, the method further comprises:
the LNS-U sends the first L2TP protocol message to the BNG/vBNG-C;
the BNG/vBNG-C constructs a second L2TP protocol message according to the first L2TP protocol message, and sends the second L2TP protocol message to the LNS-U;
and the LNS-U sends the second L2TP protocol message to the LAC-U.
5. A system for separating L2TP protocol control and forwarding, comprising: LAC-U, LNS-U and BNG/vBNG-C;
the LAC-U is configured to forward a PPPoE protocol packet sent by a user terminal to a BNG/vBNG-C, receive a first L2TP protocol packet carrying an IP address of the LNS-U and fed back by the BNG/vBNG-C according to the PPPoE protocol packet, forward the first L2TP protocol packet to the LNS-U, receive a second L2TP protocol packet fed back by the LNS-U according to the first L2TP protocol packet, and establish an L2TP tunnel and a session with the LNS-U according to the second L2TP protocol packet;
the LNS-U is configured to receive the first L2TP protocol packet sent by the BNG/vBNG-C according to the LAC-U, construct a second L2TP protocol packet, and forward the second L2TP protocol packet to the LAC-U;
the BNG/vBNG-C is configured to construct the first L2TP protocol packet according to the PPPoE protocol packet, send the first L2TP protocol packet to the LAC-U, construct the second L2TP protocol packet according to the first L2TP protocol packet, and send the second L2TP protocol packet to the LNS-U;
wherein the L2TP refers to a layer two tunneling protocol; the BNG/vBNG-C refers to a bandwidth network gateway/virtual bandwidth network gateway-control plane; the LAC-U refers to the L2TP access convergence point-forwarding plane; the LNS-U refers to the L2TP network server-forwarding plane.
6. The system of claim 5, wherein the LAC-U is further configured to:
under the condition of receiving a data forwarding stream sent by a user terminal, sending the data forwarding stream to the LNS-U;
and under the condition of receiving a control message sent by a user terminal, forwarding the control message to the BNG/vBNG-C through the LNS-U so that the BNG/vBNG-C can carry out session negotiation and address allocation, and issuing a user table entry to the LNS-U after the session negotiation.
7. The system according to claim 5, wherein said BNG/vBNG-C is specifically configured to determine whether said ue is an L2TP ue according to said PPPoE protocol packet, and if so, construct said first L2TP protocol packet, and send said first protocol L2TP packet to said LAC-U.
8. An L2TP protocol control and forwarding separation device, characterized in that the device comprises: a processor, and a memory coupled to the processor; the memory has stored thereon an L2TP protocol control and forwarding separation program executable on the processor, the L2TP protocol control and forwarding separation program when executed by the processor implementing the method of any of claims 1-4.
9. A computer storage medium, characterized in that the computer storage medium stores a L2TP protocol control and forwarding separation program, and the L2TP protocol control and forwarding separation program, when executed by a processor, implements the steps of the L2TP protocol control and forwarding separation method according to any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810674641.3A CN110650077A (en) | 2018-06-27 | 2018-06-27 | Method and system for separating control and forwarding of L2TP protocol |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810674641.3A CN110650077A (en) | 2018-06-27 | 2018-06-27 | Method and system for separating control and forwarding of L2TP protocol |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110650077A true CN110650077A (en) | 2020-01-03 |
Family
ID=69008844
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810674641.3A Withdrawn CN110650077A (en) | 2018-06-27 | 2018-06-27 | Method and system for separating control and forwarding of L2TP protocol |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110650077A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113329454A (en) * | 2020-02-29 | 2021-08-31 | 华为技术有限公司 | Method, network element, system and equipment for releasing route |
| WO2021185253A1 (en) * | 2020-03-16 | 2021-09-23 | 华为技术有限公司 | Dialing message processing method, network elements, system, and network device |
| CN113691435A (en) * | 2021-08-23 | 2021-11-23 | 新华三信息安全技术有限公司 | Message processing method, system and device |
| WO2022105917A1 (en) * | 2020-11-23 | 2022-05-27 | 华为技术有限公司 | Method and apparatus for establishing communication |
| WO2023284366A1 (en) * | 2021-07-16 | 2023-01-19 | 中兴通讯股份有限公司 | Dbng-cp backup method and apparatus |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040165581A1 (en) * | 2002-11-20 | 2004-08-26 | Minoru Oogushi | Virtual access router |
| CN101426004A (en) * | 2007-10-29 | 2009-05-06 | 华为技术有限公司 | Three layer conversation access method, system and equipment |
| CN107566476A (en) * | 2017-08-25 | 2018-01-09 | 中国联合网络通信集团有限公司 | A kind of cut-in method, SDN controllers, forwarding unit and subscriber access system |
| CN107959603A (en) * | 2017-10-27 | 2018-04-24 | 新华三技术有限公司 | Transmission control method and device |
-
2018
- 2018-06-27 CN CN201810674641.3A patent/CN110650077A/en not_active Withdrawn
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040165581A1 (en) * | 2002-11-20 | 2004-08-26 | Minoru Oogushi | Virtual access router |
| CN101426004A (en) * | 2007-10-29 | 2009-05-06 | 华为技术有限公司 | Three layer conversation access method, system and equipment |
| CN107566476A (en) * | 2017-08-25 | 2018-01-09 | 中国联合网络通信集团有限公司 | A kind of cut-in method, SDN controllers, forwarding unit and subscriber access system |
| CN107959603A (en) * | 2017-10-27 | 2018-04-24 | 新华三技术有限公司 | Transmission control method and device |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113329454A (en) * | 2020-02-29 | 2021-08-31 | 华为技术有限公司 | Method, network element, system and equipment for releasing route |
| WO2021185253A1 (en) * | 2020-03-16 | 2021-09-23 | 华为技术有限公司 | Dialing message processing method, network elements, system, and network device |
| WO2022105917A1 (en) * | 2020-11-23 | 2022-05-27 | 华为技术有限公司 | Method and apparatus for establishing communication |
| WO2023284366A1 (en) * | 2021-07-16 | 2023-01-19 | 中兴通讯股份有限公司 | Dbng-cp backup method and apparatus |
| CN113691435A (en) * | 2021-08-23 | 2021-11-23 | 新华三信息安全技术有限公司 | Message processing method, system and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110650077A (en) | Method and system for separating control and forwarding of L2TP protocol | |
| CN105323136B (en) | Information processing method and device | |
| EP2840743B1 (en) | Method and system for realizing virtual network | |
| US20150124823A1 (en) | Tenant dhcp in an overlay network | |
| JP2018528725A (en) | Broadband access | |
| CN111510379A (en) | EVPN message processing method, device and system | |
| WO2017137008A1 (en) | Virtual network apparatus, and related method | |
| US20140068045A1 (en) | Network system and virtual node migration method | |
| US20140230044A1 (en) | Method and Related Apparatus for Authenticating Access of Virtual Private Cloud | |
| WO2013185715A1 (en) | Method for implementing virtual network and virtual network | |
| JP2019526983A (en) | Separation of control plane function and transfer plane function of broadband remote access server | |
| WO2019129236A1 (en) | Tunnel-based data transmission method and device | |
| CN107995083B (en) | Method, system and equipment for realizing intercommunication between L2VPN and VxLAN | |
| CN113872845B (en) | Method for establishing VXLAN tunnel and related equipment | |
| WO2017186122A1 (en) | Traffic scheduling | |
| CN108574613B (en) | Two-layer intercommunication method and device for SDN data center | |
| CN103490968A (en) | Method and device for interconnecting across data centers in FCoE network | |
| CN108200199A (en) | SiteServer LBS and method in IPV4 over IPV6 tunnels scene | |
| CN110752989A (en) | Method and device for forwarding east-west traffic | |
| US10623996B2 (en) | GTP tunnels for the support of anchorless backhaul | |
| CN111262762B (en) | vCPE tenant-based SFC service chain multi-WAN service realization method and system | |
| JP7298606B2 (en) | Communication system and communication method | |
| WO2018121443A1 (en) | Message transmission method and device | |
| CN105871676A (en) | Network connection method and system of far-end virtual machine in desktop cloud | |
| US20230336473A1 (en) | Overlay from on-premises router to cloud service provider environment for telecommunication network functions (nfs) to handle multiple virtual routing and forwarding (vrf) protocols |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20200103 |
|
| WW01 | Invention patent application withdrawn after publication |