CN110896377B - OSPF routing control method and device - Google Patents

OSPF routing control method and device Download PDF

Info

Publication number
CN110896377B
CN110896377B CN201911131245.7A CN201911131245A CN110896377B CN 110896377 B CN110896377 B CN 110896377B CN 201911131245 A CN201911131245 A CN 201911131245A CN 110896377 B CN110896377 B CN 110896377B
Authority
CN
China
Prior art keywords
lsa
sent
ospf
routing control
routing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911131245.7A
Other languages
Chinese (zh)
Other versions
CN110896377A (en
Inventor
沈波
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Maipu Communication Technology Co Ltd
Original Assignee
Maipu Communication Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Maipu Communication Technology Co Ltd filed Critical Maipu Communication Technology Co Ltd
Priority to CN201911131245.7A priority Critical patent/CN110896377B/en
Publication of CN110896377A publication Critical patent/CN110896377A/en
Application granted granted Critical
Publication of CN110896377B publication Critical patent/CN110896377B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/02Topology update or discovery
    • H04L45/04Interdomain routing, e.g. hierarchical routing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/02Topology update or discovery
    • H04L45/08Learning-based routing, e.g. using neural networks or artificial intelligence
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/12Shortest path evaluation

Abstract

The embodiment of the invention discloses an OSPF (open shortest path first) routing control method and device, relates to the field of data communication, and realizes accurate control on an external route. The method comprises the following steps: configuring a routing control strategy for an OSPF area, wherein the routing control strategy comprises the OSPF area, a preset rule and routing control; acquiring a Link State Advertisement (LSA) to be sent; comparing the LSA to be sent with a preset rule in the routing control strategy, if the routing control strategy has the preset rule matched with the LSA to be sent, judging whether an OSPF area and routing control corresponding to the matched preset rule in the routing control strategy are contained in a table entry corresponding to the LSA to be sent in an OSPF database, if so, executing sending control on the LSA to be sent according to the corresponding OSPF area and routing control.

Description

OSPF routing control method and device
Technical Field
The invention belongs to the field of data communication, and particularly relates to an OSPF routing control method and device.
Background
In the field of network communication, in order to implement IP network interconnection and interworking of enterprises, a network device usually runs a routing protocol, wherein an Open Shortest Path First (OSPF) routing protocol is widely applied by virtue of the characteristic of being capable of implementing stable learning and fast convergence of a route in a large-scale network networking.
In actual network deployment, different network access permissions are usually formulated for different services, or different network access permissions are formulated for different network point devices. In order to meet the requirement of network deployment, a routing control policy needs to be formulated to implement isolation and intercommunication between different networks, where an OSPF routing protocol is taken as an example, generally, the entire network deployment does not include only a single routing protocol, and external routes are introduced into different routing protocols. Therefore, external route filtering techniques are generally used in networks that deploy the OSPF routing protocol.
An existing external route filtering technology is mainly to formulate a route filtering policy to implement filtering of an external route when the external route is introduced on an Autonomous System Border Router (ASBR), but the external route filtering technology can generally perform route filtering only when the ASBR introduces the external route, that is, the route filtering of the external route can only perform route control at a source of route introduction, and once the external route is introduced into an OSPF area, it is difficult to perform route control for the external route, so the implementation method cannot flexibly implement route control for the external route.
Another conventional external route filtering technology is mainly configured by configuring a special Area, such as an NSSA (Not-So-Stub Area) Area or a Stub Area. The biggest defect of the method is that once special areas are configured, any external route cannot enter the special areas, the external route cannot be accurately controlled, the method can only be applied to some specific networking applications, and the application range is narrow.
The OSPF routing protocol is used as an example to illustrate the implementation of two external routing filtering techniques in the prior art. As shown in fig. 1, a networking scenario is schematically provided, in which 4 routers are schematically shown, R1, R3, and R4 are ASBRs, R2 is an Area Border Router (ABR), and an OSPF routing protocol runs on each router. Wherein, the Router ID of R1 is 1.1.1.1, the Router ID of R2 is 2.2.2.2, the Router ID of R3 is 3.3.3.3, the Router ID of R4 is 4.4.4.4, R1 and R2 belong to OSPF Area 0, R2 and R3 belong to OSPF Area1, and R3 and R4 belong to OSPF Area 2.
Suppose that the external route with the user requirement of R3 cannot be accessed with the external route of R4; but the external route of R3 or R4 can mutually access the external route of R1. An existing external route filtering policy may be to perform route control on an ASBR, for example, when route control is performed on R3, when an OSPF routing protocol of R3 introduces an external route, the introduced external route is filtered out on R3, so that R4 cannot learn the external route introduced by R3, but such route control will cause that R1 cannot learn the external route introduced by R3, so that R1 cannot access a network where the external route of R3 is located, and such route control policy cannot meet user requirements. Another existing external route filtering policy may also be to configure OSPF Area1 and OSPF Area 2 as a Stub Area or an NSSA Area; due to the characteristics of the Stub Area and the NSSA Area, once configured as the Stub Area or the NSSA Area, the Area cannot introduce any external route, and therefore cannot introduce the external route generated by Area 0, and R3 and R4 cannot access the network where the external route of R1 is located, so that such an external route filtering policy cannot meet the user requirement.
In summary, the existing external route filtering strategy cannot accurately implement isolation or intercommunication of external routes, which affects the flexibility of network device deployment, and the accuracy of external route control is not high, resulting in the problem that a large number of useless routes may exist on the network device and occupy network device system resources.
Disclosure of Invention
The embodiment of the invention provides an OSPF route filtering method and device, which are used for solving the problems that the isolation or intercommunication of external routes cannot be accurately realized by the conventional external route filtering strategy, the deployment flexibility of network equipment is influenced, the accuracy of external route control is not high, a large number of useless routes possibly exist on the network equipment, and the system resources of the network equipment are occupied.
Based on the above object, in a first aspect, an embodiment of the present invention provides an OSPF routing control method, which is applied to an area border router ABR, and the method includes:
configuring a routing control strategy for an Open Shortest Path First (OSPF) area, wherein the routing control strategy comprises the OSPF area, a preset rule and routing control.
And acquiring a Link State Advertisement (LSA) to be sent. Wherein, the LSAs to be sent comprise type 4 LSAs and type 5 LSAs.
Comparing the LSA to be sent with a preset rule in the routing control strategy, if the routing control strategy has the preset rule matched with the LSA to be sent, judging whether an OSPF area and routing control corresponding to the matched preset rule in the routing control strategy are contained in a table entry corresponding to the LSA to be sent in an OSPF database, if so, executing sending control on the LSA to be sent according to the corresponding OSPF area and routing control.
In a second aspect, an embodiment of the present invention provides an OSPF routing control apparatus, where the apparatus includes:
the system comprises a configuration module and a routing control module, wherein the configuration module is used for configuring a routing control strategy for an Open Shortest Path First (OSPF) area, and the routing control strategy comprises the OSPF area, a preset rule and routing control.
And the acquisition module is used for acquiring the Link State Advertisement (LSA) to be sent. Wherein, the LSAs to be sent comprise type 4 LSAs and type 5 LSAs.
And the processing module is used for comparing the LSA to be sent with a preset rule in the routing control strategy, if the preset rule matched with the LSA to be sent exists in the routing control strategy, judging whether an OSPF area and routing control corresponding to the matched preset rule in the routing control strategy are contained in an entry corresponding to the LSA to be sent in an OSPF database, and if so, executing sending control on the LSA to be sent according to the corresponding OSPF area and routing control.
The OSPF routing control method and device provided by the embodiment of the invention configure a routing control strategy based on an OSPF area, and utilize different combination modes of link state advertisement information in an LSA to realize accurate control of external routing; it is also possible to have precise routing control to any one designated external route generated by any one ASBR. The method has more flexible route control on the external route and more accurate route control; the method can control invalid and redundant LSAs in the network, reduce the transmission range of the LSAs, reduce the number of the LSAs of the OSPF database, improve the maintenance efficiency of the OSPF database and indirectly reduce the consumption of the OSPF to system resources.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to these drawings without creative efforts.
FIG. 1 is a schematic diagram of an exemplary OSPF routing protocol application scenario;
fig. 2 is a flowchart of a method of an OSPF route control method according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of an OSPF routing control device according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The system architecture and the service scenario described in the embodiment of the present invention are for more clearly illustrating the technical solution of the embodiment of the present invention, and do not form a limitation on the technical solution provided in the embodiment of the present invention, and it can be known by those skilled in the art that the technical solution provided in the embodiment of the present invention is also applicable to similar technical problems along with the evolution of the system architecture and the appearance of a new service scenario.
The above method is described in detail with reference to specific examples.
With the development of network communication technology, the network scale is gradually enlarged, the service demand is gradually increased, and the number of OSPF external routes in the network is also increased. In the OSPF routing protocol, when a router in an OSPF area calculates an external route, a type 4 Link-State Advertisement (LSA) and a type 5 LSA of the OSPF routing protocol are required, wherein the type 4 LSA provides router ID (router ID) information of the ASBR router generating the external route; the type 5 LSA provides information such as IP prefix and mask of external route, route attribute, etc., and the combination of the two can calculate the corresponding external route. The LSA of type 4 is mainly used for notifying an ASBR Router in the area, carries ASBR Router ID information, is generated by an ABR Router in a corresponding area and is notified in the whole OSPF area; therefore, the type 4 LSA information can be learned on any ABR Router, and the Router ID information of the corresponding ASBR Router can be acquired by acquiring the Link State ID field in the type 4 LSA. The OSPF external routes are advertised to all routers in the OSPF area via type 5 LSAs, which are generated by each ASBR, and each router in the OSPF area can learn type 5 LSAs (except for Stub and NSSA areas). The information carried by the type 5 LSA mainly includes: external routing IP prefix and mask information, notification router information, forwarding address information, routing TAG TAG and other link state notification information; the advertised Router information is the Router ID of ASBR, which is the ASBR Router ID, as well as the Link State ID carried in the LSA of type 4.
The embodiment of the invention provides an OSPF routing control method and a device, which can carry out combination matching aiming at any attribute of a type 4 LSA or a type 5 LSA, thereby realizing the routing control of external routing in an OSPF area; the routing control of any external route can be accurately achieved; it is also possible to have precise routing control to any external route generated by any ASBR. Compared with the existing OSPF external route filtering technology, the OSPF route control method and the OSPF route control device provided by the embodiment of the invention have the advantages that the route control of the external route is more flexible and the route control is more accurate; the method can control invalid and redundant LSAs of 4 types and 5 types in the network, reduce the transmission range of the LSAs, reduce the number of the LSAs of the OSPF database, improve the maintenance efficiency of the OSPF database and indirectly reduce the consumption of the OSPF to system resources.
The embodiment of the invention provides an OSPF routing control method, which controls a type 4 LSA and a type 5 LSA by issuing a routing control strategy on an ABR router so as to realize the routing control of OSPF external routing. In the embodiment of the invention, the routing control strategy is based on OSPF area to carry out routing control, therefore, when the routing control strategy is issued, the area ID is appointed, and the routing control strategy only takes effect on LSA of the OSPF area; other OSPF areas not configured with a routing control policy are not affected by the routing control policy.
Specifically, an embodiment of the present invention provides an OSPF routing control method, which is applied to an area border router ABR, and as shown in fig. 2, the method includes:
step 201, configuring a routing control policy for the OSPF area. The routing control strategy comprises an OSPF area, a preset rule and routing control. The preset rule may include various combinations.
Illustratively, if the preset rule includes an ASBR Router ID, the routing control is enabled or disabled, so as to implement routing control based on an external route generated by any one ASBR. If the preset rule comprises external routing information, the external routing information can be one or more items of external routing IP prefix and mask information, forwarding address information and routing label TAG, and the routing is controlled to be enabled or disabled, so that the routing control accurate to any specified external routing is realized. Further, if the preset rule includes ASBR Router ID and external routing information, the external routing information may be one or more of external routing IP prefix and mask information, forwarding address information, and routing TAG, and the routing control is enabled or disabled, the routing control may be implemented to be accurate to any specified external route generated by any ASBR.
It should be particularly noted that, for the same OSPF area, when there are preset rules that overlap or conflict with each other, routing control may be implemented by taking effect of the last configured routing control policy in a pre-configuration and pre-configuration covering manner. The same OSPF area may be configured with a plurality of different routing control policies. The routing control strategies configured among different OSPF areas are not influenced mutually. All routing control policies are only in effect in the present OSPF area. If a plurality of ABR routers exist in the same OSPF area, the same routing control strategy is configured on each ABR router in the OSPF area, so that consistency of an OSPF database in the OSPF area can be ensured, and effectiveness of the routing control strategy in the OSPF area can be ensured.
Step 202, obtaining a Link State Advertisement (LSA) to be sent. The LSA to be sent may include a type 4 LSA and a type 5 LSA; obviously, the LSA may also be other LSAs, such as a type 7 LSA, where the type 7 LSA is similar to the link-state information included in the type 5 LSA and is used to transmit the external routing information, and therefore, it is obvious to those skilled in the art that an OSPF routing control method applicable to the type 5 LSA may also be used for the type 7 LSA to implement control of the external routing of the NSSA area.
Step 203, comparing the LSA to be sent with a preset rule in the routing control policy, if a preset rule matching the LSA to be sent exists in the routing control policy, determining whether an entry corresponding to the LSA to be sent in the OSPF database contains an OSPF area and routing control corresponding to the matched preset rule in the routing control policy, if so, executing sending control on the LSA to be sent according to the corresponding OSPF area and routing control.
Optionally, the OSPF route control method provided in the embodiment of the present invention further includes;
and if the table entry corresponding to the LSA to be sent in the OSPF database does not contain the OSPF area and the routing control corresponding to the matched preset rule in the routing control strategy, adding the corresponding OSPF area and the routing control into the table entry corresponding to the LSA to be sent in the OSPF database. In the embodiment of the present invention, after the corresponding OSPF area and the routing control are added to the entry corresponding to the LSA to be sent in the OSPF database, the sending control is performed on the LSA to be sent according to the corresponding OSPF area and the routing control. Specifically, when the routing control is prohibited, the corresponding OSPF area and the routing control are prohibited from being added to the entry corresponding to the LSA to be sent in the OSPF database. When the routing control is allowed, the corresponding OSPF area and the routing control are allowed to be added to the entry corresponding to the LSA to be sent in the OSPF database. The sending of the LSA to be sent to the OSPF neighbors in the corresponding OSPF area may also be directly allowed by default, without the need to allow the corresponding OSPF area and the routing control to be added to the entry corresponding to the LSA to be sent in the OSPF database.
In embodiments of the present invention, routing control includes enabling or disabling.
In this step, performing transmission control on the LSA to be transmitted according to the corresponding OSPF area and the routing control, including:
and if the routing control in the table entry corresponding to the LSA to be sent in the OSPF database is allowed, sending the LSA to be sent to an OSPF neighbor in the corresponding OSPF area. In the embodiment of the invention, for the LSA which does not match with the preset rule, the routing control is forbidden, and the LSA to be sent is not sent to the OSPF neighbor in the corresponding OSPF area.
And if the routing control in the table entry corresponding to the LSA to be sent in the OSPF database is forbidden, not sending the LSA to be sent to an OSPF neighbor in the corresponding OSPF area.
As a preferred implementation manner of the embodiment of the present invention, the preset rule may include an ASBR Router ID to implement routing control of all external routes generated based on a specified ASBR.
It can be understood that, since the type 4 LSA and the type 5 LSA each include ASBR Router ID information, when the preset rule includes only ASBR Router ID, the routing control policy will be valid for both type 4 LSA and type 5 LSA in the corresponding OSPF area.
Specifically, when the preset rule includes the ASBR Router ID, the LSA to be sent at this time mainly includes a type 4 LSA and a type 5 LSA. Comparing the LSA to be sent with a preset rule in a route control strategy, wherein the comparing comprises the following steps:
and comparing the ASBR Router ID in the LSA to be sent with the ASBR Router ID in the routing control strategy, and if the ASBR Router ID and the ASBR Router ID are the same, judging that a preset rule matched with the LSA to be sent exists in the routing control strategy.
As another preferred implementation manner of the embodiment of the present invention, the preset rule may further include external routing information, where the external routing information includes one or more items of external routing IP prefix and mask information, forwarding address information, and routing TAG; to achieve routing control to any specified external route. Further, the preset rule includes: the ASBR Router ID and the external routing information, where the external routing information may be one or more of external routing IP prefix and mask information, forwarding address information, and routing TAG, and the routing control is allowed or prohibited, and it may be implemented to perform routing control to any specified external route generated by any ASBR.
It can be understood that, since the type 4 LSAs only contain the ASBR Router ID information, the routing control policy will not be valid for the type 4 LSAs in the corresponding OSPF area, but will only be valid for the type 5 LSAs in the corresponding OSPF area that include the external routing information.
Specifically, when the preset rule includes external routing information, the LSA to be sent at this time mainly includes a type 5 LSA; wherein the external routing information comprises one or more items of external routing IP prefix and mask information, forwarding address information and routing TAG TAG.
Comparing the LSA to be sent with a preset rule in a route control strategy, wherein the comparing comprises the following steps:
and comparing the external routing information in the LSA to be sent with the external routing information in the preset rule, and if the external routing information in the LSA to be sent is the same as the external routing information in the preset rule, judging that the preset rule matched with the LSA to be sent exists in the routing control strategy.
It should be particularly noted that, in the embodiment of the present invention, a routing control policy may be issued through configuration, and the routing control policy needs to be implemented on a router having an ABR role, so that, when the router role is not ABR, the issued routing control policy does not take effect; when the router role is ABR, the issued control strategy will take effect. If the ABR router has announced need forbid LSA announced to this area to this OSPF area before configuring the route control tactics of a certain OSPF area, the default processing mode is waiting the route aging of LSA in the area, in order to realize the route convergence. Or another two ways can be adopted to accelerate the route convergence speed in the area: if the first processing mode is manual intervention, the neighbor resetting of the area is carried out; the second approach is to actively send an aging LSA to the area.
For example, referring to the networking scenario shown in fig. 1, the routers R1, R2, R3, and R4 all run an OSPF routing protocol, the routers R1, R3, and R4 are ASBRs, the routers R1 and R2 belong to OSPF Area 0, the routers R2 and R3 belong to OSPF Area1, the routers R3 and R4 belong to OSPF Area 2, the router R2 is an ABR, and the Area1 and the Area 2 are general areas. The Router ID of the Router R1 is 1.1.1.1, the external route IP prefix and mask of one external route of the R1 is 120.1.1.0/24, the external route IP prefix and mask of one external route of the R1 is 100.1.1.0/24, the Router ID of the Router R2 is 2.2.2.2, the Router ID of the Router R3 is 3.3.3.3, and the Router ID of the Router R4 is 4.4.4.4.
By taking the user requirement (the external route with the user requirement of R3 cannot be mutually accessed with the external route of R4; but the external route of R3 or R4 can be mutually accessed with the external route of R1) which is the same as the prior art as an example, the OSPF route control method provided by the embodiment of the present invention is further explained, and the specific details are as follows:
example 1
The OSPF routing control method provided by the embodiment of the invention is concretely realized as follows: configuring a routing control policy based on Area1 on R2, wherein the routing control policy aims to prevent all external routes of R4 from advertising to all OSPF neighbors in the OSPF Area where Area1 is located, and the preset rules of the routing control policy comprise that ASBR Router ID is 4.4.4.4 and routing control is prohibited.
For example, the Link State ID carried in a type 4 LSA is 4.4.4.4.
And R2 sends the LSA of 4 types to Area1, and compares the LSA of 4 types with a preset rule in a configured route control strategy, and because the Link State ID carried by the LSA of 4 types is 4.4.4.4 and the preset rule includes that the ASBR Router ID is 4.4.4.4, when the entry corresponding to the LSA of 4 types in the OSPF database is judged to contain Area1 and route control is forbidden, the LSA of 4 types is not sent to the OSPF neighbor of Area 1. And when judging that the table entry corresponding to the type 4 LSA in the OSPF database does not contain Area1 and the routing control is forbidden, adding the Area1 and the routing control to the table entry corresponding to the type 4 LSA in the OSPF database in a forbidden way, and then executing the OSPF neighbor that does not send the type 4 LSA to the Area 1.
For example, the Link State ID carried in a type 4 LSA is 1.1.1.1.
And the R2 sends the LSA of the 4 types to the Area1, and compares the LSA of the 4 types with a preset rule in a configured routing control strategy, and because the Link State ID carried by the LSA of the 4 types is 1.1.1.1 and the preset rule comprises that the ASBR Router ID is 4.4.4.4, the LSA of the 4 types is not processed at all, and the LSA of the 4 types is directly sent to an OSPF neighbor of the Area 1.
For example, the advertised router information carried in a type 5 LSA is 4.4.4.4.
And R2 sends the LSA of 5 types to Area1, and compares the LSA of 5 types with a preset rule in a configured routing control policy, and because the advertised Router information carried by the LSA of 5 types is 4.4.4.4, and the preset rule includes that ASBR Router ID is 4.4.4.4, when the entry corresponding to the LSA of 5 types in the OSPF database contains Area1 and routing control is prohibited, the LSA of 5 types is not sent to the OSPF neighbor of Area 1. And when judging that the table entry corresponding to the 5 types of LSAs in the OSPF database does not contain Area1 and the routing control is forbidden, adding the Area1 and the routing control to the table entry corresponding to the 5 types of LSAs in the OSPF database in a forbidden way, and then executing the OSPF neighbor that does not send the 5 types of LSAs to the Area 1.
The advertised router information carried in a LSA of class 5, for example, is 1.1.1.1.
The R2 sends the type 5 LSA to Area1, and compares with the preset rule in the configured routing control policy, because the advertised Router information carried by the type 5 LSA is 1.1.1.1 and the preset rule includes that ASBR Router ID is 4.4.4.4, the type 5 LSA is not processed, and the type 5 LSA is directly sent to the OSPF neighbor of Area 1.
It can be understood that, based on the foregoing, a routing control policy is configured on the R2 Router to implement routing control on Area1, and therefore, a routing control policy based on Area 2 may also be configured on the R2 Router, where the preset rule of the routing control policy includes that ASBR Router ID is 3.3.3.3, and routing control is prohibited, so as to implement prevention of all external routes of R3 from being advertised to all OSPF neighbors in the OSPF Area where Area 2 is located, and a specific routing control implementation manner is the same as the foregoing routing control implementation manner for Area1, and is not described herein again.
Therefore, the OSPF route control method provided by the embodiment of the invention can well meet the user requirements.
Example 2
Here, the user requirement is further detailed, for example, the external routes of R3 and R4 can only access the network where the external route IP prefix and the external route with mask 100.1.1.0/24 are located, and assuming that the external route is generated for R1, the specific implementation is as follows:
it should be noted that, since the network where the R3 can only access the external route of R1 (the IP prefix and the mask of the external route are 100.1.1.0/24) is similar to the routing control of the network where the R4 can only access the external route of R1, the detailed description is given by taking the network where the R3 can only access the external route of R1 as an example.
Specifically, an Area 1-based routing control policy is configured on R2, the routing control policy only allows an external route (the external route IP prefix and the mask are 100.1.1.0/24) of R1 to advertise to OSPF neighbors of Area1, the preset rule of the routing control policy includes that the external route IP prefix and the mask are 100.1.1.0/24, and the routing control is allowed.
For example, the Link State ID carried in a type 4 LSA is 1.1.1.1.
R2 sends the LSA of type 4 to Area1, and since the preset rule includes external route prefix information, the LSA of type 4 is not processed, and sending the LSA of type 4 to OSPF neighbor of Area1 is directly executed.
For example, the external route IP prefix and mask carried in a type 5 LSA is 100.1.1.0/24.
And R2 sends the LSA of 5 types to Area1, and compares the LSA of 5 types with a preset rule of a configured routing control policy, and since the external routing IP prefix and the mask carried by the LSA of 5 types are 100.1.1.0/24 and are the same as the external routing IP prefix and the mask of the preset rule are 100.1.1.0/24, when the entry corresponding to the LSA of 5 types in the OSPF database is judged to contain Area1 and routing control is allowed, the LSA of 5 types is sent to the OSPF neighbor of Area 1. When judging that the entry corresponding to the LSA of 5 types in the OSPF database does not contain Area1 and routing control is allowed, after the Area1 and the routing control are allowed to be added to the entry corresponding to the LSA of 5 types in the OSPF database, executing to send the LSA of 5 types to the OSPF neighbor of Area 1.
For example, the external route IP prefix and mask carried in a type 5 LSA is 120.1.1.0/24.
And R2 sends the LSA of 5 types to Area1, and compares the LSA of 5 types with a preset rule of a configured route control strategy, because the external route IP prefix and the mask carried by the LSA of 5 types are 120.1.1.0/24, and the external route IP prefix and the mask are different from 100.1.1.0/24 of the preset rule, when the table entry corresponding to the LSA of 5 types in the OSPF database contains Area1 and route control is forbidden, the OSPF neighbor of Area1 is executed not to send the LSA of 5 types. And when judging that the table entry corresponding to the 5 types of LSAs in the OSPF database does not contain Area1 and the routing control is forbidden, adding the Area1 and the routing control to the table entry corresponding to the 5 types of LSAs in the OSPF database in a forbidden way, and then executing the OSPF neighbor that does not send the 5 types of LSAs to the Area 1. Therefore, the network where the R3 can only access the external route (the external route IP prefix and the mask are 100.1.1.0/24) of the R1 is accurately realized.
Example 3
The user requirements are further refined here, for example, the external routes of R3 and R4 may be connected with other external routing networks of R1, but cannot access the network where the external routing IP prefix of R1 and the external routing with mask 120.1.1.0/24 are located, and the specific implementation is as follows:
it should be noted that, since the network where the external route (the external route IP prefix and the mask are 120.1.1.0/24) that the R3 cannot access the R1 is similar to the routing control of the network where the external route that the R4 cannot access the R1 is located, the detailed description is given by taking the network where the external route that the R3 cannot access the R1 is located as an example.
Specifically, an Area 1-based routing control policy is configured on R2, the routing control policy only prevents an external route (external route IP prefix and mask are 120.1.1.0/24) of R1 from advertising to OSPF neighbors of Area1, the preset rules of the routing control policy include that ASBR Router ID is 1.1.1.1 and external route IP prefix and mask are 120.1.1.0/24, and routing control is prohibited.
For example, the Link State ID carried in a type 4 LSA is 1.1.1.1.
R2 sends the LSA of type 4 to Area1, and since the preset rule includes external route prefix information, the LSA of type 4 is not processed, and sending the LSA of type 4 to OSPF neighbor of Area1 is directly executed.
For example, the advertised router information carried in a type 5 LSA is 1.1.1.1, and the external route IP prefix and mask are 120.1.1.0/24.
And R2 sends the LSA of 5 types to Area1, and compares the LSA of 5 types with a preset rule of a configured routing control policy, and since the advertised Router information carried by the LSA of 5 types is 1.1.1.1, the external routing IP prefix and mask are 120.1.1.0/24, and the ASBR Router ID 1.1.1 is the same as the external routing IP prefix and mask are 120.1.1.0/24, when judging that the entry corresponding to the LSA of 5 types in the OSPF database contains Area1 and routing control is forbidden, the OSPF neighbor of Area1 is executed not to send the LSA of 5 types. And when judging that the table entry corresponding to the 5 types of LSAs in the OSPF database does not contain Area1 and the routing control is forbidden, adding the Area1 and the routing control to the table entry corresponding to the 5 types of LSAs in the OSPF database in a forbidden way, and then executing the OSPF neighbor that does not send the 5 types of LSAs to the Area 1. Thereby accurately realizing the network where the R3 can not access the external route (the external route IP prefix and mask are 120.1.1.0/24) of the R1.
Compared with the existing external route filtering technology, the route control method can realize the route control based on the external route generated by any ASBR and can also accurately realize the route control to any specified external route; it is also possible to have precise routing control to any one designated external route generated by any one ASBR. The method has more flexible route control on the external route and more accurate route control; the method can control invalid and redundant LSAs in the network, reduce the transmission range of the LSAs, reduce the number of the LSAs of the OSPF database, improve the maintenance efficiency of the OSPF database and indirectly reduce the consumption of the OSPF to system resources.
An embodiment of the present invention provides an OSPF routing control apparatus, as shown in fig. 3, an apparatus 30 includes:
the configuration module 301 is configured to configure a routing control policy for an open shortest path first OSPF area, where the routing control policy includes the OSPF area, a preset rule, and routing control.
An obtaining module 302, configured to obtain a link state advertisement LSA to be sent. The LSA to be sent may include a type 4 LSA and a type 5 LSA; obviously, the LSA may also be other LSAs, such as a type 7 LSA, where the type 7 LSA is similar to the link-state information included in the type 5 LSA and is used to transmit the external routing information, and therefore, it is obvious to those skilled in the art that an OSPF routing control method applicable to the type 5 LSA may also be used for the type 7 LSA to implement control of the external routing of the NSSA area.
A processing module 303, configured to compare the LSA to be sent with a preset rule in the routing control policy, if a preset rule matching the LSA to be sent exists in the routing control policy, determine whether an entry corresponding to the LSA to be sent in an OSPF database includes an OSPF area and routing control corresponding to the matched preset rule in the routing control policy, and if so, execute sending control on the LSA to be sent according to the corresponding OSPF area and routing control.
The processing module 303 is further configured to add the corresponding OSPF area and routing control to the entry corresponding to the to-be-sent LSA in the OSPF database if it is determined that the entry corresponding to the to-be-sent LSA in the OSPF database does not include the OSPF area and routing control corresponding to the matched preset rule in the routing control policy.
The routing control includes enabling or disabling.
The processing module 303 is specifically configured to send the to-be-sent LSA to the OSPF neighbor in the corresponding OSPF area if the routing control in the entry corresponding to the to-be-sent LSA in the OSPF database is allowed.
And if the routing control in the table entry corresponding to the LSA to be sent in the OSPF database is forbidden, not sending the LSA to be sent to an OSPF neighbor in the corresponding OSPF area.
The preset rule comprises an ASBR Router ID; the LSA to be sent mainly comprises a type 4 LSA and a type 5 LSA.
The processing module 303 is specifically configured to compare the ASBR Router ID in the LSA to be sent with the ASBR Router ID in the routing control policy, and if the ASBR Router ID in the LSA to be sent is the same as the ASBR Router ID in the routing control policy, determine that a preset rule matching the LSA to be sent exists in the routing control policy.
The preset rule comprises external routing information; wherein the external routing information comprises one or more items of external routing IP prefix and mask information, forwarding address information and routing TAG TAG; the LSA to be sent mainly comprises a type 5 LSA.
The processing module 303 is specifically configured to compare the external routing information in the LSA to be sent with the external routing information in the preset rule, and if the external routing information in the LSA to be sent is the same as the external routing information in the preset rule, determine that the preset rule matching the LSA to be sent exists in the routing control policy.
Compared with the existing external route filtering technology, the route control device can realize the route control based on the external route generated by any ASBR and can also accurately realize the route control to any specified external route; it is also possible to have precise routing control to any one designated external route generated by any one ASBR. The method has more flexible route control on the external route and more accurate route control; the method can control invalid and redundant LSAs in the network, reduce the transmission range of the LSAs, reduce the number of the LSAs of the OSPF database, improve the maintenance efficiency of the OSPF database and indirectly reduce the consumption of the OSPF to system resources.
An embodiment of the present invention provides an electronic device, and specifically, the electronic device includes: the OSPF routing control method comprises a processor, a memory and a computer program stored on the memory and capable of running on the processor, wherein the computer program realizes the steps of the OSPF routing control method provided by any one of the above embodiments when the computer program is executed by the processor. Among other things, a processor may include one or more processing units. The memory may be used to store software programs as well as various data. The memory may include volatile memory, such as random access memory, and may also include non-volatile memory, such as read-only memory, flash memory, a hard disk, a solid state disk, or other non-volatile solid state memory devices. Combinations of the above categories of memory may also be included.
The embodiment of the present invention further provides a readable storage medium, where the readable storage medium stores computer program instructions, and when the computer program instructions are read and run by a processor, the computer program instructions execute a plurality of processes of the OSPF routing control method provided in the foregoing embodiment, and can achieve the same technical effect, and in order to avoid repetition, details are not repeated here. Examples of the computer-readable storage medium include a Random-Access Memory (RAM), a Read-Only Memory (ROM), a Flash Memory (Flash Memory), a Hard Disk Drive (HDD), a Solid-State Drive (SSD), and an optical disc.
It can be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described apparatuses and modules may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, a division of modules is merely a division of logical functions, and an actual implementation may have another division, for example, a plurality of modules or components may be combined or integrated into another system, or some features may be omitted, or not executed. Modules described as separate parts may or may not be physically separate, and parts displayed as modules may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the present invention.

Claims (10)

1. An OSPF routing control method applied to an Area Border Router (ABR), the method comprising:
configuring a routing control strategy for an Open Shortest Path First (OSPF) area, wherein the routing control strategy comprises the OSPF area, a preset rule and routing control; the preset rule comprises an autonomous system border Router (ASBR Router ID) and/or external routing information, and the routing control comprises permission or prohibition;
acquiring a Link State Advertisement (LSA) to be sent;
comparing the LSA to be sent with a preset rule in the routing control strategy, if the routing control strategy has the preset rule matched with the LSA to be sent, judging whether an OSPF area and routing control corresponding to the matched preset rule in the routing control strategy are contained in a table entry corresponding to the LSA to be sent in an OSPF database, if so, executing sending control on the LSA to be sent according to the corresponding OSPF area and routing control.
2. The method of claim 1, further comprising;
and if the table entry corresponding to the LSA to be sent in the OSPF database does not contain the OSPF area and the routing control corresponding to the matched preset rule in the routing control strategy, adding the corresponding OSPF area and the routing control into the table entry corresponding to the LSA to be sent in the OSPF database.
3. The method of claim 1 or 2, wherein performing routing control on the LSA to be sent according to the corresponding OSPF area and routing control comprises:
if the routing control in the table entry corresponding to the LSA to be sent in the OSPF database is allowed, sending the LSA to be sent to an OSPF neighbor in the corresponding OSPF area;
and if the routing control in the table entry corresponding to the LSA to be sent in the OSPF database is forbidden, not sending the LSA to be sent to an OSPF neighbor in the corresponding OSPF area.
4. The method of claim 3, wherein the preset rules include ASBRRouterID; the LSA to be sent comprises a type 4 LSA and a type 5 LSA;
comparing the LSA to be sent with a preset rule in the routing control policy, including:
and comparing the ASBR Router ID in the LSA to be sent with the ASBR Router ID in the routing control strategy, and if the ASBR Router ID and the ASBR Router ID are the same, judging that a preset rule matched with the LSA to be sent exists in the routing control strategy.
5. The method of claim 3, wherein the preset rule comprises external routing information; wherein the external routing information comprises one or more items of external routing IP prefix and mask information, forwarding address information and routing TAG TAG; the LSA to be sent comprises a 5-type LSA;
comparing the LSA to be sent with a preset rule in the routing control policy, including:
and comparing the external routing information in the LSA to be sent with the external routing information in the preset rule, and if the external routing information in the LSA to be sent is the same as the external routing information in the preset rule, judging that the preset rule matched with the LSA to be sent exists in the routing control strategy.
6. An OSPF routing control apparatus, comprising:
the system comprises a configuration module, a routing module and a routing module, wherein the configuration module is used for configuring a routing control strategy for an Open Shortest Path First (OSPF) area, and the routing control strategy comprises the OSPF area, a preset rule and routing control; the preset rule comprises an autonomous system border Router (ASBR Router ID) and/or external routing information, and the routing control comprises permission or prohibition;
the acquisition module is used for acquiring a Link State Advertisement (LSA) to be sent;
and the processing module is used for comparing the LSA to be sent with a preset rule in the routing control strategy, if the preset rule matched with the LSA to be sent exists in the routing control strategy, judging whether an OSPF area and routing control corresponding to the matched preset rule in the routing control strategy are contained in an entry corresponding to the LSA to be sent in an OSPF database, and if so, executing sending control on the LSA to be sent according to the corresponding OSPF area and routing control.
7. The apparatus of claim 6, wherein the processing module is further configured to add the corresponding OSPF area and routing control to the entry in the OSPF database corresponding to the LSA to be sent if it is determined that the entry in the OSPF database corresponding to the LSA to be sent does not include the OSPF area and routing control corresponding to the matched preset rule in the routing control policy.
8. The apparatus according to claim 6 or 7, wherein the processing module is specifically configured to send the LSA to be sent to an OSPF neighbor in the corresponding OSPF area if routing control in an entry in the OSPF database corresponding to the LSA to be sent is allowed;
and if the routing control in the table entry corresponding to the LSA to be sent in the OSPF database is forbidden, not sending the LSA to be sent to an OSPF neighbor in the corresponding OSPF area.
9. The apparatus of claim 8, wherein the preset rule comprises an ASBRRouterID; the LSA to be sent comprises a type 4 LSA and a type 5 LSA;
the processing module is specifically configured to compare the ASBR Router ID in the LSA to be sent with the ASBR Router ID in the routing control policy, and if the ASBR Router ID in the LSA to be sent is the same as the ASBR Router ID in the routing control policy, determine that a preset rule matching the LSA to be sent exists in the routing control policy.
10. The apparatus of claim 8, wherein the preset rule comprises external routing information; wherein the external routing information comprises one or more items of external routing IP prefix and mask information, forwarding address information and routing TAG TAG; the LSA to be sent comprises a 5-type LSA;
the processing module is specifically configured to compare the external routing information in the LSA to be sent with the external routing information in the preset rule, and if the external routing information in the LSA to be sent is the same as the external routing information in the preset rule, determine that the preset rule matching the LSA to be sent exists in the routing control policy.
CN201911131245.7A 2019-11-19 2019-11-19 OSPF routing control method and device Active CN110896377B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911131245.7A CN110896377B (en) 2019-11-19 2019-11-19 OSPF routing control method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911131245.7A CN110896377B (en) 2019-11-19 2019-11-19 OSPF routing control method and device

Publications (2)

Publication Number Publication Date
CN110896377A CN110896377A (en) 2020-03-20
CN110896377B true CN110896377B (en) 2021-08-17

Family

ID=69786630

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911131245.7A Active CN110896377B (en) 2019-11-19 2019-11-19 OSPF routing control method and device

Country Status (1)

Country Link
CN (1) CN110896377B (en)

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6473421B1 (en) * 1999-03-29 2002-10-29 Cisco Technology, Inc. Hierarchical label switching across multiple OSPF areas
CN100596117C (en) * 2007-11-09 2010-03-24 杭州华三通信技术有限公司 A route information spreading method and router
CN101453412B (en) * 2007-12-04 2012-09-05 华为技术有限公司 Method and apparatus for automatic topology discovery and resource management in PBB network
CN101282241B (en) * 2008-05-04 2011-04-13 中国科学院计算技术研究所 System for real time processing network route topological in autonomy system
CN101572674A (en) * 2009-06-12 2009-11-04 杭州华三通信技术有限公司 Routing computation method and device thereof
CN101588303B (en) * 2009-06-22 2011-11-09 福建星网锐捷网络有限公司 Link status notice information interaction method and OSPF device
CN103023775B (en) * 2012-12-26 2015-11-25 杭州华三通信技术有限公司 Router in ospf network and processing method thereof
CN109525491A (en) * 2018-10-26 2019-03-26 北京网太科技发展有限公司 Information processing method and device, the storage medium of open type shortest path priority protocol

Also Published As

Publication number Publication date
CN110896377A (en) 2020-03-20

Similar Documents

Publication Publication Date Title
JP7332689B2 (en) dynamic intent-based firewall
CN103023707B (en) Method, management server and network system that a kind of strategy configures
US9077563B2 (en) Switch for identifying extended group information of ports
US11863438B2 (en) Method and apparatus for sending routing information for network nodes
CN108370368B (en) Security policy deployment method and device
CN102137024B (en) Message processing method, exit routing device and border routing device
EP4239973A1 (en) Packet sending method, device, and system
CN111669367A (en) Mimicry intranet and construction method thereof
CN114024900A (en) Data processing method and related equipment
EP2991288A1 (en) Method and device for determining next hop and distributing routing information
CN114465943B (en) Topological information publishing method, network topology collecting method and equipment
US11343153B2 (en) BGP logical topology generation method, and device
CN112187635B (en) Message forwarding method and device
JP5393622B2 (en) Network relay device and network relay method
CN110896377B (en) OSPF routing control method and device
US11303567B2 (en) Method and device for determining and sending priority of packet, and routing system
EP4294080A1 (en) Route processing method and network device
EP4236245A1 (en) Route advertisement method, apparatus, and system
US20210029015A1 (en) Rapid and verifiable network configuration repair
CN114531360A (en) Semantic name acquisition method, device, equipment and storage medium
JP6591844B2 (en) Relay device and relay system
CN111726290B (en) Route control method, device, border gateway and readable storage medium
US20230421499A1 (en) Packet transmission method and apparatus
US10326685B1 (en) Virtual routing tables for routers in a multi-tier network
CN114025025A (en) SRv6SID issuing method and network equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP02 Change in the address of a patent holder

Address after: 610041 nine Xing Xing Road 16, hi tech Zone, Sichuan, Chengdu

Patentee after: MAIPU COMMUNICATION TECHNOLOGY Co.,Ltd.

Address before: 610041 15-24 floor, 1 1 Tianfu street, Chengdu high tech Zone, Sichuan

Patentee before: MAIPU COMMUNICATION TECHNOLOGY Co.,Ltd.

CP02 Change in the address of a patent holder