CN110896377B - OSPF routing control method and device - Google Patents
OSPF routing control method and device Download PDFInfo
- Publication number
- CN110896377B CN110896377B CN201911131245.7A CN201911131245A CN110896377B CN 110896377 B CN110896377 B CN 110896377B CN 201911131245 A CN201911131245 A CN 201911131245A CN 110896377 B CN110896377 B CN 110896377B
- Authority
- CN
- China
- Prior art keywords
- lsa
- sent
- ospf
- routing control
- routing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/02—Topology update or discovery
- H04L45/04—Interdomain routing, e.g. hierarchical routing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/02—Topology update or discovery
- H04L45/08—Learning-based routing, e.g. using neural networks or artificial intelligence
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/12—Shortest path evaluation
Abstract
The embodiment of the invention discloses an OSPF (open shortest path first) routing control method and device, relates to the field of data communication, and realizes accurate control on an external route. The method comprises the following steps: configuring a routing control strategy for an OSPF area, wherein the routing control strategy comprises the OSPF area, a preset rule and routing control; acquiring a Link State Advertisement (LSA) to be sent; comparing the LSA to be sent with a preset rule in the routing control strategy, if the routing control strategy has the preset rule matched with the LSA to be sent, judging whether an OSPF area and routing control corresponding to the matched preset rule in the routing control strategy are contained in a table entry corresponding to the LSA to be sent in an OSPF database, if so, executing sending control on the LSA to be sent according to the corresponding OSPF area and routing control.
Description
Technical Field
The invention belongs to the field of data communication, and particularly relates to an OSPF routing control method and device.
Background
In the field of network communication, in order to implement IP network interconnection and interworking of enterprises, a network device usually runs a routing protocol, wherein an Open Shortest Path First (OSPF) routing protocol is widely applied by virtue of the characteristic of being capable of implementing stable learning and fast convergence of a route in a large-scale network networking.
In actual network deployment, different network access permissions are usually formulated for different services, or different network access permissions are formulated for different network point devices. In order to meet the requirement of network deployment, a routing control policy needs to be formulated to implement isolation and intercommunication between different networks, where an OSPF routing protocol is taken as an example, generally, the entire network deployment does not include only a single routing protocol, and external routes are introduced into different routing protocols. Therefore, external route filtering techniques are generally used in networks that deploy the OSPF routing protocol.
An existing external route filtering technology is mainly to formulate a route filtering policy to implement filtering of an external route when the external route is introduced on an Autonomous System Border Router (ASBR), but the external route filtering technology can generally perform route filtering only when the ASBR introduces the external route, that is, the route filtering of the external route can only perform route control at a source of route introduction, and once the external route is introduced into an OSPF area, it is difficult to perform route control for the external route, so the implementation method cannot flexibly implement route control for the external route.
Another conventional external route filtering technology is mainly configured by configuring a special Area, such as an NSSA (Not-So-Stub Area) Area or a Stub Area. The biggest defect of the method is that once special areas are configured, any external route cannot enter the special areas, the external route cannot be accurately controlled, the method can only be applied to some specific networking applications, and the application range is narrow.
The OSPF routing protocol is used as an example to illustrate the implementation of two external routing filtering techniques in the prior art. As shown in fig. 1, a networking scenario is schematically provided, in which 4 routers are schematically shown, R1, R3, and R4 are ASBRs, R2 is an Area Border Router (ABR), and an OSPF routing protocol runs on each router. Wherein, the Router ID of R1 is 1.1.1.1, the Router ID of R2 is 2.2.2.2, the Router ID of R3 is 3.3.3.3, the Router ID of R4 is 4.4.4.4, R1 and R2 belong to OSPF Area 0, R2 and R3 belong to OSPF Area1, and R3 and R4 belong to OSPF Area 2.
Suppose that the external route with the user requirement of R3 cannot be accessed with the external route of R4; but the external route of R3 or R4 can mutually access the external route of R1. An existing external route filtering policy may be to perform route control on an ASBR, for example, when route control is performed on R3, when an OSPF routing protocol of R3 introduces an external route, the introduced external route is filtered out on R3, so that R4 cannot learn the external route introduced by R3, but such route control will cause that R1 cannot learn the external route introduced by R3, so that R1 cannot access a network where the external route of R3 is located, and such route control policy cannot meet user requirements. Another existing external route filtering policy may also be to configure OSPF Area1 and OSPF Area 2 as a Stub Area or an NSSA Area; due to the characteristics of the Stub Area and the NSSA Area, once configured as the Stub Area or the NSSA Area, the Area cannot introduce any external route, and therefore cannot introduce the external route generated by Area 0, and R3 and R4 cannot access the network where the external route of R1 is located, so that such an external route filtering policy cannot meet the user requirement.
In summary, the existing external route filtering strategy cannot accurately implement isolation or intercommunication of external routes, which affects the flexibility of network device deployment, and the accuracy of external route control is not high, resulting in the problem that a large number of useless routes may exist on the network device and occupy network device system resources.
Disclosure of Invention
The embodiment of the invention provides an OSPF route filtering method and device, which are used for solving the problems that the isolation or intercommunication of external routes cannot be accurately realized by the conventional external route filtering strategy, the deployment flexibility of network equipment is influenced, the accuracy of external route control is not high, a large number of useless routes possibly exist on the network equipment, and the system resources of the network equipment are occupied.
Based on the above object, in a first aspect, an embodiment of the present invention provides an OSPF routing control method, which is applied to an area border router ABR, and the method includes:
configuring a routing control strategy for an Open Shortest Path First (OSPF) area, wherein the routing control strategy comprises the OSPF area, a preset rule and routing control.
And acquiring a Link State Advertisement (LSA) to be sent. Wherein, the LSAs to be sent comprise type 4 LSAs and type 5 LSAs.
Comparing the LSA to be sent with a preset rule in the routing control strategy, if the routing control strategy has the preset rule matched with the LSA to be sent, judging whether an OSPF area and routing control corresponding to the matched preset rule in the routing control strategy are contained in a table entry corresponding to the LSA to be sent in an OSPF database, if so, executing sending control on the LSA to be sent according to the corresponding OSPF area and routing control.
In a second aspect, an embodiment of the present invention provides an OSPF routing control apparatus, where the apparatus includes:
the system comprises a configuration module and a routing control module, wherein the configuration module is used for configuring a routing control strategy for an Open Shortest Path First (OSPF) area, and the routing control strategy comprises the OSPF area, a preset rule and routing control.
And the acquisition module is used for acquiring the Link State Advertisement (LSA) to be sent. Wherein, the LSAs to be sent comprise type 4 LSAs and type 5 LSAs.
And the processing module is used for comparing the LSA to be sent with a preset rule in the routing control strategy, if the preset rule matched with the LSA to be sent exists in the routing control strategy, judging whether an OSPF area and routing control corresponding to the matched preset rule in the routing control strategy are contained in an entry corresponding to the LSA to be sent in an OSPF database, and if so, executing sending control on the LSA to be sent according to the corresponding OSPF area and routing control.
The OSPF routing control method and device provided by the embodiment of the invention configure a routing control strategy based on an OSPF area, and utilize different combination modes of link state advertisement information in an LSA to realize accurate control of external routing; it is also possible to have precise routing control to any one designated external route generated by any one ASBR. The method has more flexible route control on the external route and more accurate route control; the method can control invalid and redundant LSAs in the network, reduce the transmission range of the LSAs, reduce the number of the LSAs of the OSPF database, improve the maintenance efficiency of the OSPF database and indirectly reduce the consumption of the OSPF to system resources.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to these drawings without creative efforts.
FIG. 1 is a schematic diagram of an exemplary OSPF routing protocol application scenario;
fig. 2 is a flowchart of a method of an OSPF route control method according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of an OSPF routing control device according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The system architecture and the service scenario described in the embodiment of the present invention are for more clearly illustrating the technical solution of the embodiment of the present invention, and do not form a limitation on the technical solution provided in the embodiment of the present invention, and it can be known by those skilled in the art that the technical solution provided in the embodiment of the present invention is also applicable to similar technical problems along with the evolution of the system architecture and the appearance of a new service scenario.
The above method is described in detail with reference to specific examples.
With the development of network communication technology, the network scale is gradually enlarged, the service demand is gradually increased, and the number of OSPF external routes in the network is also increased. In the OSPF routing protocol, when a router in an OSPF area calculates an external route, a type 4 Link-State Advertisement (LSA) and a type 5 LSA of the OSPF routing protocol are required, wherein the type 4 LSA provides router ID (router ID) information of the ASBR router generating the external route; the type 5 LSA provides information such as IP prefix and mask of external route, route attribute, etc., and the combination of the two can calculate the corresponding external route. The LSA of type 4 is mainly used for notifying an ASBR Router in the area, carries ASBR Router ID information, is generated by an ABR Router in a corresponding area and is notified in the whole OSPF area; therefore, the type 4 LSA information can be learned on any ABR Router, and the Router ID information of the corresponding ASBR Router can be acquired by acquiring the Link State ID field in the type 4 LSA. The OSPF external routes are advertised to all routers in the OSPF area via type 5 LSAs, which are generated by each ASBR, and each router in the OSPF area can learn type 5 LSAs (except for Stub and NSSA areas). The information carried by the type 5 LSA mainly includes: external routing IP prefix and mask information, notification router information, forwarding address information, routing TAG TAG and other link state notification information; the advertised Router information is the Router ID of ASBR, which is the ASBR Router ID, as well as the Link State ID carried in the LSA of type 4.
The embodiment of the invention provides an OSPF routing control method and a device, which can carry out combination matching aiming at any attribute of a type 4 LSA or a type 5 LSA, thereby realizing the routing control of external routing in an OSPF area; the routing control of any external route can be accurately achieved; it is also possible to have precise routing control to any external route generated by any ASBR. Compared with the existing OSPF external route filtering technology, the OSPF route control method and the OSPF route control device provided by the embodiment of the invention have the advantages that the route control of the external route is more flexible and the route control is more accurate; the method can control invalid and redundant LSAs of 4 types and 5 types in the network, reduce the transmission range of the LSAs, reduce the number of the LSAs of the OSPF database, improve the maintenance efficiency of the OSPF database and indirectly reduce the consumption of the OSPF to system resources.
The embodiment of the invention provides an OSPF routing control method, which controls a type 4 LSA and a type 5 LSA by issuing a routing control strategy on an ABR router so as to realize the routing control of OSPF external routing. In the embodiment of the invention, the routing control strategy is based on OSPF area to carry out routing control, therefore, when the routing control strategy is issued, the area ID is appointed, and the routing control strategy only takes effect on LSA of the OSPF area; other OSPF areas not configured with a routing control policy are not affected by the routing control policy.
Specifically, an embodiment of the present invention provides an OSPF routing control method, which is applied to an area border router ABR, and as shown in fig. 2, the method includes:
Illustratively, if the preset rule includes an ASBR Router ID, the routing control is enabled or disabled, so as to implement routing control based on an external route generated by any one ASBR. If the preset rule comprises external routing information, the external routing information can be one or more items of external routing IP prefix and mask information, forwarding address information and routing label TAG, and the routing is controlled to be enabled or disabled, so that the routing control accurate to any specified external routing is realized. Further, if the preset rule includes ASBR Router ID and external routing information, the external routing information may be one or more of external routing IP prefix and mask information, forwarding address information, and routing TAG, and the routing control is enabled or disabled, the routing control may be implemented to be accurate to any specified external route generated by any ASBR.
It should be particularly noted that, for the same OSPF area, when there are preset rules that overlap or conflict with each other, routing control may be implemented by taking effect of the last configured routing control policy in a pre-configuration and pre-configuration covering manner. The same OSPF area may be configured with a plurality of different routing control policies. The routing control strategies configured among different OSPF areas are not influenced mutually. All routing control policies are only in effect in the present OSPF area. If a plurality of ABR routers exist in the same OSPF area, the same routing control strategy is configured on each ABR router in the OSPF area, so that consistency of an OSPF database in the OSPF area can be ensured, and effectiveness of the routing control strategy in the OSPF area can be ensured.
Optionally, the OSPF route control method provided in the embodiment of the present invention further includes;
and if the table entry corresponding to the LSA to be sent in the OSPF database does not contain the OSPF area and the routing control corresponding to the matched preset rule in the routing control strategy, adding the corresponding OSPF area and the routing control into the table entry corresponding to the LSA to be sent in the OSPF database. In the embodiment of the present invention, after the corresponding OSPF area and the routing control are added to the entry corresponding to the LSA to be sent in the OSPF database, the sending control is performed on the LSA to be sent according to the corresponding OSPF area and the routing control. Specifically, when the routing control is prohibited, the corresponding OSPF area and the routing control are prohibited from being added to the entry corresponding to the LSA to be sent in the OSPF database. When the routing control is allowed, the corresponding OSPF area and the routing control are allowed to be added to the entry corresponding to the LSA to be sent in the OSPF database. The sending of the LSA to be sent to the OSPF neighbors in the corresponding OSPF area may also be directly allowed by default, without the need to allow the corresponding OSPF area and the routing control to be added to the entry corresponding to the LSA to be sent in the OSPF database.
In embodiments of the present invention, routing control includes enabling or disabling.
In this step, performing transmission control on the LSA to be transmitted according to the corresponding OSPF area and the routing control, including:
and if the routing control in the table entry corresponding to the LSA to be sent in the OSPF database is allowed, sending the LSA to be sent to an OSPF neighbor in the corresponding OSPF area. In the embodiment of the invention, for the LSA which does not match with the preset rule, the routing control is forbidden, and the LSA to be sent is not sent to the OSPF neighbor in the corresponding OSPF area.
And if the routing control in the table entry corresponding to the LSA to be sent in the OSPF database is forbidden, not sending the LSA to be sent to an OSPF neighbor in the corresponding OSPF area.
As a preferred implementation manner of the embodiment of the present invention, the preset rule may include an ASBR Router ID to implement routing control of all external routes generated based on a specified ASBR.
It can be understood that, since the type 4 LSA and the type 5 LSA each include ASBR Router ID information, when the preset rule includes only ASBR Router ID, the routing control policy will be valid for both type 4 LSA and type 5 LSA in the corresponding OSPF area.
Specifically, when the preset rule includes the ASBR Router ID, the LSA to be sent at this time mainly includes a type 4 LSA and a type 5 LSA. Comparing the LSA to be sent with a preset rule in a route control strategy, wherein the comparing comprises the following steps:
and comparing the ASBR Router ID in the LSA to be sent with the ASBR Router ID in the routing control strategy, and if the ASBR Router ID and the ASBR Router ID are the same, judging that a preset rule matched with the LSA to be sent exists in the routing control strategy.
As another preferred implementation manner of the embodiment of the present invention, the preset rule may further include external routing information, where the external routing information includes one or more items of external routing IP prefix and mask information, forwarding address information, and routing TAG; to achieve routing control to any specified external route. Further, the preset rule includes: the ASBR Router ID and the external routing information, where the external routing information may be one or more of external routing IP prefix and mask information, forwarding address information, and routing TAG, and the routing control is allowed or prohibited, and it may be implemented to perform routing control to any specified external route generated by any ASBR.
It can be understood that, since the type 4 LSAs only contain the ASBR Router ID information, the routing control policy will not be valid for the type 4 LSAs in the corresponding OSPF area, but will only be valid for the type 5 LSAs in the corresponding OSPF area that include the external routing information.
Specifically, when the preset rule includes external routing information, the LSA to be sent at this time mainly includes a type 5 LSA; wherein the external routing information comprises one or more items of external routing IP prefix and mask information, forwarding address information and routing TAG TAG.
Comparing the LSA to be sent with a preset rule in a route control strategy, wherein the comparing comprises the following steps:
and comparing the external routing information in the LSA to be sent with the external routing information in the preset rule, and if the external routing information in the LSA to be sent is the same as the external routing information in the preset rule, judging that the preset rule matched with the LSA to be sent exists in the routing control strategy.
It should be particularly noted that, in the embodiment of the present invention, a routing control policy may be issued through configuration, and the routing control policy needs to be implemented on a router having an ABR role, so that, when the router role is not ABR, the issued routing control policy does not take effect; when the router role is ABR, the issued control strategy will take effect. If the ABR router has announced need forbid LSA announced to this area to this OSPF area before configuring the route control tactics of a certain OSPF area, the default processing mode is waiting the route aging of LSA in the area, in order to realize the route convergence. Or another two ways can be adopted to accelerate the route convergence speed in the area: if the first processing mode is manual intervention, the neighbor resetting of the area is carried out; the second approach is to actively send an aging LSA to the area.
For example, referring to the networking scenario shown in fig. 1, the routers R1, R2, R3, and R4 all run an OSPF routing protocol, the routers R1, R3, and R4 are ASBRs, the routers R1 and R2 belong to OSPF Area 0, the routers R2 and R3 belong to OSPF Area1, the routers R3 and R4 belong to OSPF Area 2, the router R2 is an ABR, and the Area1 and the Area 2 are general areas. The Router ID of the Router R1 is 1.1.1.1, the external route IP prefix and mask of one external route of the R1 is 120.1.1.0/24, the external route IP prefix and mask of one external route of the R1 is 100.1.1.0/24, the Router ID of the Router R2 is 2.2.2.2, the Router ID of the Router R3 is 3.3.3.3, and the Router ID of the Router R4 is 4.4.4.4.
By taking the user requirement (the external route with the user requirement of R3 cannot be mutually accessed with the external route of R4; but the external route of R3 or R4 can be mutually accessed with the external route of R1) which is the same as the prior art as an example, the OSPF route control method provided by the embodiment of the present invention is further explained, and the specific details are as follows:
example 1
The OSPF routing control method provided by the embodiment of the invention is concretely realized as follows: configuring a routing control policy based on Area1 on R2, wherein the routing control policy aims to prevent all external routes of R4 from advertising to all OSPF neighbors in the OSPF Area where Area1 is located, and the preset rules of the routing control policy comprise that ASBR Router ID is 4.4.4.4 and routing control is prohibited.
For example, the Link State ID carried in a type 4 LSA is 4.4.4.4.
And R2 sends the LSA of 4 types to Area1, and compares the LSA of 4 types with a preset rule in a configured route control strategy, and because the Link State ID carried by the LSA of 4 types is 4.4.4.4 and the preset rule includes that the ASBR Router ID is 4.4.4.4, when the entry corresponding to the LSA of 4 types in the OSPF database is judged to contain Area1 and route control is forbidden, the LSA of 4 types is not sent to the OSPF neighbor of Area 1. And when judging that the table entry corresponding to the type 4 LSA in the OSPF database does not contain Area1 and the routing control is forbidden, adding the Area1 and the routing control to the table entry corresponding to the type 4 LSA in the OSPF database in a forbidden way, and then executing the OSPF neighbor that does not send the type 4 LSA to the Area 1.
For example, the Link State ID carried in a type 4 LSA is 1.1.1.1.
And the R2 sends the LSA of the 4 types to the Area1, and compares the LSA of the 4 types with a preset rule in a configured routing control strategy, and because the Link State ID carried by the LSA of the 4 types is 1.1.1.1 and the preset rule comprises that the ASBR Router ID is 4.4.4.4, the LSA of the 4 types is not processed at all, and the LSA of the 4 types is directly sent to an OSPF neighbor of the Area 1.
For example, the advertised router information carried in a type 5 LSA is 4.4.4.4.
And R2 sends the LSA of 5 types to Area1, and compares the LSA of 5 types with a preset rule in a configured routing control policy, and because the advertised Router information carried by the LSA of 5 types is 4.4.4.4, and the preset rule includes that ASBR Router ID is 4.4.4.4, when the entry corresponding to the LSA of 5 types in the OSPF database contains Area1 and routing control is prohibited, the LSA of 5 types is not sent to the OSPF neighbor of Area 1. And when judging that the table entry corresponding to the 5 types of LSAs in the OSPF database does not contain Area1 and the routing control is forbidden, adding the Area1 and the routing control to the table entry corresponding to the 5 types of LSAs in the OSPF database in a forbidden way, and then executing the OSPF neighbor that does not send the 5 types of LSAs to the Area 1.
The advertised router information carried in a LSA of class 5, for example, is 1.1.1.1.
The R2 sends the type 5 LSA to Area1, and compares with the preset rule in the configured routing control policy, because the advertised Router information carried by the type 5 LSA is 1.1.1.1 and the preset rule includes that ASBR Router ID is 4.4.4.4, the type 5 LSA is not processed, and the type 5 LSA is directly sent to the OSPF neighbor of Area 1.
It can be understood that, based on the foregoing, a routing control policy is configured on the R2 Router to implement routing control on Area1, and therefore, a routing control policy based on Area 2 may also be configured on the R2 Router, where the preset rule of the routing control policy includes that ASBR Router ID is 3.3.3.3, and routing control is prohibited, so as to implement prevention of all external routes of R3 from being advertised to all OSPF neighbors in the OSPF Area where Area 2 is located, and a specific routing control implementation manner is the same as the foregoing routing control implementation manner for Area1, and is not described herein again.
Therefore, the OSPF route control method provided by the embodiment of the invention can well meet the user requirements.
Example 2
Here, the user requirement is further detailed, for example, the external routes of R3 and R4 can only access the network where the external route IP prefix and the external route with mask 100.1.1.0/24 are located, and assuming that the external route is generated for R1, the specific implementation is as follows:
it should be noted that, since the network where the R3 can only access the external route of R1 (the IP prefix and the mask of the external route are 100.1.1.0/24) is similar to the routing control of the network where the R4 can only access the external route of R1, the detailed description is given by taking the network where the R3 can only access the external route of R1 as an example.
Specifically, an Area 1-based routing control policy is configured on R2, the routing control policy only allows an external route (the external route IP prefix and the mask are 100.1.1.0/24) of R1 to advertise to OSPF neighbors of Area1, the preset rule of the routing control policy includes that the external route IP prefix and the mask are 100.1.1.0/24, and the routing control is allowed.
For example, the Link State ID carried in a type 4 LSA is 1.1.1.1.
R2 sends the LSA of type 4 to Area1, and since the preset rule includes external route prefix information, the LSA of type 4 is not processed, and sending the LSA of type 4 to OSPF neighbor of Area1 is directly executed.
For example, the external route IP prefix and mask carried in a type 5 LSA is 100.1.1.0/24.
And R2 sends the LSA of 5 types to Area1, and compares the LSA of 5 types with a preset rule of a configured routing control policy, and since the external routing IP prefix and the mask carried by the LSA of 5 types are 100.1.1.0/24 and are the same as the external routing IP prefix and the mask of the preset rule are 100.1.1.0/24, when the entry corresponding to the LSA of 5 types in the OSPF database is judged to contain Area1 and routing control is allowed, the LSA of 5 types is sent to the OSPF neighbor of Area 1. When judging that the entry corresponding to the LSA of 5 types in the OSPF database does not contain Area1 and routing control is allowed, after the Area1 and the routing control are allowed to be added to the entry corresponding to the LSA of 5 types in the OSPF database, executing to send the LSA of 5 types to the OSPF neighbor of Area 1.
For example, the external route IP prefix and mask carried in a type 5 LSA is 120.1.1.0/24.
And R2 sends the LSA of 5 types to Area1, and compares the LSA of 5 types with a preset rule of a configured route control strategy, because the external route IP prefix and the mask carried by the LSA of 5 types are 120.1.1.0/24, and the external route IP prefix and the mask are different from 100.1.1.0/24 of the preset rule, when the table entry corresponding to the LSA of 5 types in the OSPF database contains Area1 and route control is forbidden, the OSPF neighbor of Area1 is executed not to send the LSA of 5 types. And when judging that the table entry corresponding to the 5 types of LSAs in the OSPF database does not contain Area1 and the routing control is forbidden, adding the Area1 and the routing control to the table entry corresponding to the 5 types of LSAs in the OSPF database in a forbidden way, and then executing the OSPF neighbor that does not send the 5 types of LSAs to the Area 1. Therefore, the network where the R3 can only access the external route (the external route IP prefix and the mask are 100.1.1.0/24) of the R1 is accurately realized.
Example 3
The user requirements are further refined here, for example, the external routes of R3 and R4 may be connected with other external routing networks of R1, but cannot access the network where the external routing IP prefix of R1 and the external routing with mask 120.1.1.0/24 are located, and the specific implementation is as follows:
it should be noted that, since the network where the external route (the external route IP prefix and the mask are 120.1.1.0/24) that the R3 cannot access the R1 is similar to the routing control of the network where the external route that the R4 cannot access the R1 is located, the detailed description is given by taking the network where the external route that the R3 cannot access the R1 is located as an example.
Specifically, an Area 1-based routing control policy is configured on R2, the routing control policy only prevents an external route (external route IP prefix and mask are 120.1.1.0/24) of R1 from advertising to OSPF neighbors of Area1, the preset rules of the routing control policy include that ASBR Router ID is 1.1.1.1 and external route IP prefix and mask are 120.1.1.0/24, and routing control is prohibited.
For example, the Link State ID carried in a type 4 LSA is 1.1.1.1.
R2 sends the LSA of type 4 to Area1, and since the preset rule includes external route prefix information, the LSA of type 4 is not processed, and sending the LSA of type 4 to OSPF neighbor of Area1 is directly executed.
For example, the advertised router information carried in a type 5 LSA is 1.1.1.1, and the external route IP prefix and mask are 120.1.1.0/24.
And R2 sends the LSA of 5 types to Area1, and compares the LSA of 5 types with a preset rule of a configured routing control policy, and since the advertised Router information carried by the LSA of 5 types is 1.1.1.1, the external routing IP prefix and mask are 120.1.1.0/24, and the ASBR Router ID 1.1.1 is the same as the external routing IP prefix and mask are 120.1.1.0/24, when judging that the entry corresponding to the LSA of 5 types in the OSPF database contains Area1 and routing control is forbidden, the OSPF neighbor of Area1 is executed not to send the LSA of 5 types. And when judging that the table entry corresponding to the 5 types of LSAs in the OSPF database does not contain Area1 and the routing control is forbidden, adding the Area1 and the routing control to the table entry corresponding to the 5 types of LSAs in the OSPF database in a forbidden way, and then executing the OSPF neighbor that does not send the 5 types of LSAs to the Area 1. Thereby accurately realizing the network where the R3 can not access the external route (the external route IP prefix and mask are 120.1.1.0/24) of the R1.
Compared with the existing external route filtering technology, the route control method can realize the route control based on the external route generated by any ASBR and can also accurately realize the route control to any specified external route; it is also possible to have precise routing control to any one designated external route generated by any one ASBR. The method has more flexible route control on the external route and more accurate route control; the method can control invalid and redundant LSAs in the network, reduce the transmission range of the LSAs, reduce the number of the LSAs of the OSPF database, improve the maintenance efficiency of the OSPF database and indirectly reduce the consumption of the OSPF to system resources.
An embodiment of the present invention provides an OSPF routing control apparatus, as shown in fig. 3, an apparatus 30 includes:
the configuration module 301 is configured to configure a routing control policy for an open shortest path first OSPF area, where the routing control policy includes the OSPF area, a preset rule, and routing control.
An obtaining module 302, configured to obtain a link state advertisement LSA to be sent. The LSA to be sent may include a type 4 LSA and a type 5 LSA; obviously, the LSA may also be other LSAs, such as a type 7 LSA, where the type 7 LSA is similar to the link-state information included in the type 5 LSA and is used to transmit the external routing information, and therefore, it is obvious to those skilled in the art that an OSPF routing control method applicable to the type 5 LSA may also be used for the type 7 LSA to implement control of the external routing of the NSSA area.
A processing module 303, configured to compare the LSA to be sent with a preset rule in the routing control policy, if a preset rule matching the LSA to be sent exists in the routing control policy, determine whether an entry corresponding to the LSA to be sent in an OSPF database includes an OSPF area and routing control corresponding to the matched preset rule in the routing control policy, and if so, execute sending control on the LSA to be sent according to the corresponding OSPF area and routing control.
The processing module 303 is further configured to add the corresponding OSPF area and routing control to the entry corresponding to the to-be-sent LSA in the OSPF database if it is determined that the entry corresponding to the to-be-sent LSA in the OSPF database does not include the OSPF area and routing control corresponding to the matched preset rule in the routing control policy.
The routing control includes enabling or disabling.
The processing module 303 is specifically configured to send the to-be-sent LSA to the OSPF neighbor in the corresponding OSPF area if the routing control in the entry corresponding to the to-be-sent LSA in the OSPF database is allowed.
And if the routing control in the table entry corresponding to the LSA to be sent in the OSPF database is forbidden, not sending the LSA to be sent to an OSPF neighbor in the corresponding OSPF area.
The preset rule comprises an ASBR Router ID; the LSA to be sent mainly comprises a type 4 LSA and a type 5 LSA.
The processing module 303 is specifically configured to compare the ASBR Router ID in the LSA to be sent with the ASBR Router ID in the routing control policy, and if the ASBR Router ID in the LSA to be sent is the same as the ASBR Router ID in the routing control policy, determine that a preset rule matching the LSA to be sent exists in the routing control policy.
The preset rule comprises external routing information; wherein the external routing information comprises one or more items of external routing IP prefix and mask information, forwarding address information and routing TAG TAG; the LSA to be sent mainly comprises a type 5 LSA.
The processing module 303 is specifically configured to compare the external routing information in the LSA to be sent with the external routing information in the preset rule, and if the external routing information in the LSA to be sent is the same as the external routing information in the preset rule, determine that the preset rule matching the LSA to be sent exists in the routing control policy.
Compared with the existing external route filtering technology, the route control device can realize the route control based on the external route generated by any ASBR and can also accurately realize the route control to any specified external route; it is also possible to have precise routing control to any one designated external route generated by any one ASBR. The method has more flexible route control on the external route and more accurate route control; the method can control invalid and redundant LSAs in the network, reduce the transmission range of the LSAs, reduce the number of the LSAs of the OSPF database, improve the maintenance efficiency of the OSPF database and indirectly reduce the consumption of the OSPF to system resources.
An embodiment of the present invention provides an electronic device, and specifically, the electronic device includes: the OSPF routing control method comprises a processor, a memory and a computer program stored on the memory and capable of running on the processor, wherein the computer program realizes the steps of the OSPF routing control method provided by any one of the above embodiments when the computer program is executed by the processor. Among other things, a processor may include one or more processing units. The memory may be used to store software programs as well as various data. The memory may include volatile memory, such as random access memory, and may also include non-volatile memory, such as read-only memory, flash memory, a hard disk, a solid state disk, or other non-volatile solid state memory devices. Combinations of the above categories of memory may also be included.
The embodiment of the present invention further provides a readable storage medium, where the readable storage medium stores computer program instructions, and when the computer program instructions are read and run by a processor, the computer program instructions execute a plurality of processes of the OSPF routing control method provided in the foregoing embodiment, and can achieve the same technical effect, and in order to avoid repetition, details are not repeated here. Examples of the computer-readable storage medium include a Random-Access Memory (RAM), a Read-Only Memory (ROM), a Flash Memory (Flash Memory), a Hard Disk Drive (HDD), a Solid-State Drive (SSD), and an optical disc.
It can be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described apparatuses and modules may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, a division of modules is merely a division of logical functions, and an actual implementation may have another division, for example, a plurality of modules or components may be combined or integrated into another system, or some features may be omitted, or not executed. Modules described as separate parts may or may not be physically separate, and parts displayed as modules may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the present invention.
Claims (10)
1. An OSPF routing control method applied to an Area Border Router (ABR), the method comprising:
configuring a routing control strategy for an Open Shortest Path First (OSPF) area, wherein the routing control strategy comprises the OSPF area, a preset rule and routing control; the preset rule comprises an autonomous system border Router (ASBR Router ID) and/or external routing information, and the routing control comprises permission or prohibition;
acquiring a Link State Advertisement (LSA) to be sent;
comparing the LSA to be sent with a preset rule in the routing control strategy, if the routing control strategy has the preset rule matched with the LSA to be sent, judging whether an OSPF area and routing control corresponding to the matched preset rule in the routing control strategy are contained in a table entry corresponding to the LSA to be sent in an OSPF database, if so, executing sending control on the LSA to be sent according to the corresponding OSPF area and routing control.
2. The method of claim 1, further comprising;
and if the table entry corresponding to the LSA to be sent in the OSPF database does not contain the OSPF area and the routing control corresponding to the matched preset rule in the routing control strategy, adding the corresponding OSPF area and the routing control into the table entry corresponding to the LSA to be sent in the OSPF database.
3. The method of claim 1 or 2, wherein performing routing control on the LSA to be sent according to the corresponding OSPF area and routing control comprises:
if the routing control in the table entry corresponding to the LSA to be sent in the OSPF database is allowed, sending the LSA to be sent to an OSPF neighbor in the corresponding OSPF area;
and if the routing control in the table entry corresponding to the LSA to be sent in the OSPF database is forbidden, not sending the LSA to be sent to an OSPF neighbor in the corresponding OSPF area.
4. The method of claim 3, wherein the preset rules include ASBRRouterID; the LSA to be sent comprises a type 4 LSA and a type 5 LSA;
comparing the LSA to be sent with a preset rule in the routing control policy, including:
and comparing the ASBR Router ID in the LSA to be sent with the ASBR Router ID in the routing control strategy, and if the ASBR Router ID and the ASBR Router ID are the same, judging that a preset rule matched with the LSA to be sent exists in the routing control strategy.
5. The method of claim 3, wherein the preset rule comprises external routing information; wherein the external routing information comprises one or more items of external routing IP prefix and mask information, forwarding address information and routing TAG TAG; the LSA to be sent comprises a 5-type LSA;
comparing the LSA to be sent with a preset rule in the routing control policy, including:
and comparing the external routing information in the LSA to be sent with the external routing information in the preset rule, and if the external routing information in the LSA to be sent is the same as the external routing information in the preset rule, judging that the preset rule matched with the LSA to be sent exists in the routing control strategy.
6. An OSPF routing control apparatus, comprising:
the system comprises a configuration module, a routing module and a routing module, wherein the configuration module is used for configuring a routing control strategy for an Open Shortest Path First (OSPF) area, and the routing control strategy comprises the OSPF area, a preset rule and routing control; the preset rule comprises an autonomous system border Router (ASBR Router ID) and/or external routing information, and the routing control comprises permission or prohibition;
the acquisition module is used for acquiring a Link State Advertisement (LSA) to be sent;
and the processing module is used for comparing the LSA to be sent with a preset rule in the routing control strategy, if the preset rule matched with the LSA to be sent exists in the routing control strategy, judging whether an OSPF area and routing control corresponding to the matched preset rule in the routing control strategy are contained in an entry corresponding to the LSA to be sent in an OSPF database, and if so, executing sending control on the LSA to be sent according to the corresponding OSPF area and routing control.
7. The apparatus of claim 6, wherein the processing module is further configured to add the corresponding OSPF area and routing control to the entry in the OSPF database corresponding to the LSA to be sent if it is determined that the entry in the OSPF database corresponding to the LSA to be sent does not include the OSPF area and routing control corresponding to the matched preset rule in the routing control policy.
8. The apparatus according to claim 6 or 7, wherein the processing module is specifically configured to send the LSA to be sent to an OSPF neighbor in the corresponding OSPF area if routing control in an entry in the OSPF database corresponding to the LSA to be sent is allowed;
and if the routing control in the table entry corresponding to the LSA to be sent in the OSPF database is forbidden, not sending the LSA to be sent to an OSPF neighbor in the corresponding OSPF area.
9. The apparatus of claim 8, wherein the preset rule comprises an ASBRRouterID; the LSA to be sent comprises a type 4 LSA and a type 5 LSA;
the processing module is specifically configured to compare the ASBR Router ID in the LSA to be sent with the ASBR Router ID in the routing control policy, and if the ASBR Router ID in the LSA to be sent is the same as the ASBR Router ID in the routing control policy, determine that a preset rule matching the LSA to be sent exists in the routing control policy.
10. The apparatus of claim 8, wherein the preset rule comprises external routing information; wherein the external routing information comprises one or more items of external routing IP prefix and mask information, forwarding address information and routing TAG TAG; the LSA to be sent comprises a 5-type LSA;
the processing module is specifically configured to compare the external routing information in the LSA to be sent with the external routing information in the preset rule, and if the external routing information in the LSA to be sent is the same as the external routing information in the preset rule, determine that the preset rule matching the LSA to be sent exists in the routing control policy.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911131245.7A CN110896377B (en) | 2019-11-19 | 2019-11-19 | OSPF routing control method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911131245.7A CN110896377B (en) | 2019-11-19 | 2019-11-19 | OSPF routing control method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110896377A CN110896377A (en) | 2020-03-20 |
CN110896377B true CN110896377B (en) | 2021-08-17 |
Family
ID=69786630
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201911131245.7A Active CN110896377B (en) | 2019-11-19 | 2019-11-19 | OSPF routing control method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110896377B (en) |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6473421B1 (en) * | 1999-03-29 | 2002-10-29 | Cisco Technology, Inc. | Hierarchical label switching across multiple OSPF areas |
CN100596117C (en) * | 2007-11-09 | 2010-03-24 | 杭州华三通信技术有限公司 | A route information spreading method and router |
CN101453412B (en) * | 2007-12-04 | 2012-09-05 | 华为技术有限公司 | Method and apparatus for automatic topology discovery and resource management in PBB network |
CN101282241B (en) * | 2008-05-04 | 2011-04-13 | 中国科学院计算技术研究所 | System for real time processing network route topological in autonomy system |
CN101572674A (en) * | 2009-06-12 | 2009-11-04 | 杭州华三通信技术有限公司 | Routing computation method and device thereof |
CN101588303B (en) * | 2009-06-22 | 2011-11-09 | 福建星网锐捷网络有限公司 | Link status notice information interaction method and OSPF device |
CN103023775B (en) * | 2012-12-26 | 2015-11-25 | 杭州华三通信技术有限公司 | Router in ospf network and processing method thereof |
CN109525491A (en) * | 2018-10-26 | 2019-03-26 | 北京网太科技发展有限公司 | Information processing method and device, the storage medium of open type shortest path priority protocol |
-
2019
- 2019-11-19 CN CN201911131245.7A patent/CN110896377B/en active Active
Also Published As
Publication number | Publication date |
---|---|
CN110896377A (en) | 2020-03-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP7332689B2 (en) | dynamic intent-based firewall | |
CN103023707B (en) | Method, management server and network system that a kind of strategy configures | |
US9077563B2 (en) | Switch for identifying extended group information of ports | |
US11863438B2 (en) | Method and apparatus for sending routing information for network nodes | |
CN108370368B (en) | Security policy deployment method and device | |
CN102137024B (en) | Message processing method, exit routing device and border routing device | |
EP4239973A1 (en) | Packet sending method, device, and system | |
CN111669367A (en) | Mimicry intranet and construction method thereof | |
CN114024900A (en) | Data processing method and related equipment | |
EP2991288A1 (en) | Method and device for determining next hop and distributing routing information | |
CN114465943B (en) | Topological information publishing method, network topology collecting method and equipment | |
US11343153B2 (en) | BGP logical topology generation method, and device | |
CN112187635B (en) | Message forwarding method and device | |
JP5393622B2 (en) | Network relay device and network relay method | |
CN110896377B (en) | OSPF routing control method and device | |
US11303567B2 (en) | Method and device for determining and sending priority of packet, and routing system | |
EP4294080A1 (en) | Route processing method and network device | |
EP4236245A1 (en) | Route advertisement method, apparatus, and system | |
US20210029015A1 (en) | Rapid and verifiable network configuration repair | |
CN114531360A (en) | Semantic name acquisition method, device, equipment and storage medium | |
JP6591844B2 (en) | Relay device and relay system | |
CN111726290B (en) | Route control method, device, border gateway and readable storage medium | |
US20230421499A1 (en) | Packet transmission method and apparatus | |
US10326685B1 (en) | Virtual routing tables for routers in a multi-tier network | |
CN114025025A (en) | SRv6SID issuing method and network equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CP02 | Change in the address of a patent holder |
Address after: 610041 nine Xing Xing Road 16, hi tech Zone, Sichuan, Chengdu Patentee after: MAIPU COMMUNICATION TECHNOLOGY Co.,Ltd. Address before: 610041 15-24 floor, 1 1 Tianfu street, Chengdu high tech Zone, Sichuan Patentee before: MAIPU COMMUNICATION TECHNOLOGY Co.,Ltd. |
|
CP02 | Change in the address of a patent holder |