CN111131092A - Power grid process switch and configuration method - Google Patents

Power grid process switch and configuration method Download PDF

Info

Publication number
CN111131092A
CN111131092A CN201911408575.6A CN201911408575A CN111131092A CN 111131092 A CN111131092 A CN 111131092A CN 201911408575 A CN201911408575 A CN 201911408575A CN 111131092 A CN111131092 A CN 111131092A
Authority
CN
China
Prior art keywords
port
cpu
mms1
data
vlan100
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911408575.6A
Other languages
Chinese (zh)
Inventor
陈守卫
嵇成友
唐俊雄
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Wintop Optical Technology Co ltd
Original Assignee
Shenzhen Wintop Optical Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Wintop Optical Technology Co ltd filed Critical Shenzhen Wintop Optical Technology Co ltd
Priority to CN201911408575.6A priority Critical patent/CN111131092A/en
Publication of CN111131092A publication Critical patent/CN111131092A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/10Packet switching elements characterised by the switching fabric construction
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/10Packet switching elements characterised by the switching fabric construction
    • H04L49/109Integrated on microchip, e.g. switch-on-chip
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/35Switches specially adapted for specific applications
    • H04L49/354Switches specially adapted for specific applications for supporting virtual local area networks [VLAN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks

Abstract

The invention provides a power grid process switch and a configuration method, wherein the power grid process layer switch comprises a CPU (central processing unit), a switch chip and an extension switch chip, the CPU is respectively connected with the switch chip and the extension switch chip, the switch chip is provided with a plurality of service ports, the extension switch chip is provided with a plurality of MMS (multimedia messaging service) ports, and the plurality of MMS ports are mutually isolated by a VLAN (virtual local area network) method. The invention has the beneficial effects that: the invention realizes that the power grid switch needs a plurality of MMS ports, physically isolates the MMS ports from the common service ports of the switch, can realize a plurality of MMS ports by expanding the switch chip, and realizes data isolation among the MMS ports by using the VLAN technology, thereby realizing the safety of the power grid data network.

Description

Power grid process switch and configuration method
Technical Field
The invention relates to the technical field of switches, in particular to a power grid process switch and a configuration method.
Background
At present, some switches in the smart grid support IEC61850 protocols, but most 61850 protocol data and remote management data are managed through an out-of-band port of a CPU or a common service port of the switch.
The two methods have the disadvantages that the method I comprises the following steps: management data and switch data physical isolation can be achieved through CPU out-of-band port management, but the number of the CPU out-of-band ports on the market is only one, and simultaneous access of different network segments cannot be met. The second method comprises the following steps: the common service port of the switch is managed, a plurality of ports and a plurality of network segments can be realized, but the physical isolation of the service port and the management port cannot be realized, the remote data can influence the service port data of the switch, and the potential safety hazard of the network exists.
Disclosure of Invention
The invention provides a power grid process layer switch which comprises a CPU, a switch chip and an extension switch chip, wherein the CPU is respectively connected with the switch chip and the extension switch chip, the switch chip is provided with a plurality of service ports, the extension switch chip is provided with a plurality of MMS ports, and the MMS ports are mutually isolated by a VLAN method.
As a further improvement of the present invention, the MMS ports include an MMS1 port, an MMS2 port, a.right.mmsn port, an MMS1 port, an MMS2 port of the expansion switch chip, and a.right.mmsn port is respectively configured with a VLAN100, a VLAN200, a.right.vlan n, and a VLAN n, and a port where the expansion switch chip is connected to the CPU is defined as a CPU port, and the CPU port is respectively added with the VLAN100, the VLAN200, the.right.vlan n.
As a further improvement of the invention, an MMS1 port and a CPU port are configured as VLAN100 members, an MMS1 port PVID is configured as VLAN100, an MMS1 outlet direction is configured as an untagged mode, and the CPU port is a tagged port; the configuration method of the MMSn port is the same as that of the MMS1 port.
As a further improvement of the invention, an MMS2 port and a CPU port are configured as VLAN200 members, an MMS2 port PVID is configured as VLAN200, the exit direction of MMS2 is configured as an untagged mode, and the CPU port is a tagged port; the MMSn port and the CPU port are configured as VLANn members, the PVID of the MMSn port is configured as VLANn, the outlet direction of the MMSn is configured as an untagged mode, and the CPU port is a tagged port.
As a further improvement of the invention, when an untagged data packet enters the MMS1 port, the expansion switching chip will put the data on the tag of VLAN100, because only the MMS1 port and the CPU port are in VLAN100, the data entering from MMS1 port can only be forwarded to the CPU port, the CPU port exit is in tagged mode, therefore the data entering from MMS1 port can only exit from the CPU port, and with VLAN100, the data is sent to the CPU protocol stack.
As a further improvement of the invention, a CPU protocol stack adopts a linux tcp/ip protocol stack, a VLAN virtual network interface is created by using vconfig, and a single Ethernet eth0 device is virtualized into a plurality of network interfaces eth0.100(VLAN100) based on VLAN number.
As a further improvement of the invention, the CPU protocol stack finds out matched virtual network equipment according to IP address network segment according to data sent out by IP address, the virtual network equipment inserts the data sent out by the protocol stack into corresponding VLAN tag, when the data is sent to the CPU port of the extended exchange chip, the chip sends the data to the corresponding MMS port according to the VLAN tag in the data.
The invention also provides a configuration method of the power grid process layer switch, wherein the MMS1 port and the MMS2 port of the expansion switch chip are respectively configured with VLAN100, VLAN200 and VLANn, the port of the expansion switch chip connected with the CPU is defined as a CPU port, and the CPU port is respectively added with VLAN100 and VLAN 200.
As a further improvement of the present invention, the configuration method of the MMS1 port is to configure the MMS1 port and the CPU port as VLAN100 members, and configure the MMS1 port with PVID of VLAN100, the MMS1 exit direction is configured as an untagged mode, and the CPU port is a tagged port; the configuration method of the MMSn port is the same as that of the MMS1 port.
As a further improvement of the present invention, the configuration method comprises the steps of:
the step of sending data to the CPU protocol stack by the MMS port: when an untagged data packet enters an MMS1 port, the expansion switching chip can print data on a tag of a VLAN100, and because only an MMS1 port and a CPU port are in the VLAN100, the data entering from the MMS1 port can only be forwarded to the CPU port, and the CPU port outlet is in a tagged mode, the data entering from the MMS1 port can only exit from the CPU port, is provided with the VLAN100 and is sent to a CPU protocol stack;
CPU protocol stack processing step: the CPU protocol stack adopts a linux tcp/ip protocol stack, a VLAN virtual network interface is created by using vconfig, and a single Ethernet eth0 device is virtualized into a plurality of network interfaces eth0.100(VLAN100) based on VLAN number.
The step of sending data to the MMS port by the CPU protocol stack: the CPU protocol stack finds out matched virtual network equipment according to IP address network segment, the virtual network equipment inserts the data sent out by the protocol stack into corresponding VLAN tag, when the data is sent to the CPU port of the expansion exchange chip, the chip sends the data to the corresponding MMS port according to the VLAN tag in the data.
The invention has the beneficial effects that: the invention realizes that the power grid switch needs a plurality of MMS ports, physically isolates the MMS ports from the common service ports of the switch, can realize a plurality of MMS ports by expanding the switch chip, and realizes data isolation among the MMS ports by using the VLAN technology, thereby realizing the safety of the power grid data network.
Drawings
FIG. 1 is a schematic diagram of the principles of the present invention;
fig. 2 is a schematic diagram of a vlan-based extended virtual ethernet device according to the present invention.
Detailed Description
At present, some switches in the smart grid need to support the IEC61850 protocol through an MMS (manufacturing MessageSpecification) interface. Through the IEC61850 protocol, remote monitoring and management of the switch by the intelligent power grid can be realized.
Aiming at an IEC61850 protocol of a power grid process layer switch, the invention designs a plurality of MMS management ports to realize 61850 communication, successfully realizes physical isolation between the MMS ports and common service ports of the switch, and realizes mutual isolation between the MMS ports in a port isolation mode. The invention can realize safe and reliable transmission of power grid data and can physically isolate remote management data and power grid service data.
Aiming at the requirements of a plurality of MMS management ports with physical isolation of a power grid process layer switch, the invention designs an expanded MMS port technology to realize the physical isolation of the MMS ports and the port of a common service end of the switch, and simultaneously, the plurality of MMS ports can also realize the isolation of management data of different network segments by a VLAN method.
As shown in fig. 1, the present invention discloses a power grid process layer switch, which includes a CPU, a switch chip, and an extended switch chip, wherein the switch chip includes 1,2,3.. n service ports, an extended switch chip is mounted under an ethernet port of the CPU, and the service port of the extended switch chip is used as an extended MMS port, so that physical isolation between MMS port data and a switch chip port can be realized. Meanwhile, the number of MMS ports can be expanded by expanding the exchange chip, and data can be isolated among each MMS port through VLAN technology.
The detailed design is as follows:
the MMS ports comprise an MMS1 port, an MMS2 port, an MMSn port, an MMS1 port and an MMS2 port of the expansion switching chip, the MMSn port is respectively provided with a VLAN100, a VLAN200, a.
Specifically, the configuration takes an MMS1 port as an example, an MMS1 port and a CPU port are configured as members of a VLAN100, a PVID of an MMS1 port is configured as a VLAN100, an MMS1 exit direction is configured as an untagged mode, and a CPU port is a tagged port.
The procedure of sending data to a CPU protocol stack by an MMS port is as follows: when an untagged data packet enters the MMS1 port, the expansion switching chip will print the data on the tag of VLAN100, because only the MMS1 port and the CPU port are in VLAN100, the data entering from the MMS1 port can only be forwarded to the CPU port, the CPU port exit is in tagged mode, therefore, the data entering from the MMS1 port can only exit from the CPU port, and is sent to the CPU protocol stack with VLAN 100.
CPU protocol stack processing flow: the CPU protocol stack adopts a linux tcp/ip protocol stack, a VLAN virtual network interface is created by using vconfig, and a single Ethernet eth0 device can be virtualized into a plurality of network interfaces eth0.100(VLAN100) based on VLAN number.
The procedure of sending data to an MMS interface by a CPU protocol stack is as follows: the CPU protocol stack will find the matched virtual network device according to the IP address network segment, the virtual network device will insert the data sent by the protocol stack into the corresponding VLAN tag, and when the data is sent to the CPU port of the extended switching chip, the chip will send the data to the corresponding MMS port according to the VLAN tag in the data, as shown in fig. 2.
By integrating the three data processing flows, a plurality of extended MMS ports can be realized through the extended exchange chip, and data among the MMS ports are mutually isolated through the VLAN technology.
The invention also discloses a configuration method of the power grid process layer switch, wherein the MMS1 port and the MMS2 port of the expansion switching chip are respectively configured with VLAN100, VLAN200 and VLANn through the MMSn port, the port of the expansion switching chip connected with the CPU is defined as a CPU port, and the CPU port is respectively added with VLAN100, VLAN200 and VLANn.
The configuration method of the MMS1 port is that the MMS1 port and the CPU port are configured as VLAN100 members, the PVID of the MMS1 port is configured as VLAN100, the outlet direction of the MMS1 port is configured as an untagged mode, and the CPU port is a tagged port; the configuration method of the MMSn port is the same as that of the MMS1 port.
The configuration method comprises the following steps:
the step of sending data to the CPU protocol stack by the MMS port: when an untagged data packet enters an MMS1 port, the expansion switching chip can print data on a tag of a VLAN100, and because only an MMS1 port and a CPU port are in the VLAN100, the data entering from the MMS1 port can only be forwarded to the CPU port, and the CPU port outlet is in a tagged mode, the data entering from the MMS1 port can only exit from the CPU port, is provided with the VLAN100 and is sent to a CPU protocol stack;
CPU protocol stack processing step: the CPU protocol stack adopts a linux tcp/ip protocol stack, a VLAN virtual network interface is created by using vconfig, and a single Ethernet eth0 device is virtualized into a plurality of network interfaces eth0.100(VLAN100) based on VLAN number.
The step of sending data to the MMS port by the CPU protocol stack: the CPU protocol stack finds out matched virtual network equipment according to IP address network segment, the virtual network equipment inserts the data sent out by the protocol stack into corresponding VLAN tag, when the data is sent to the CPU port of the expansion exchange chip, the chip sends the data to the corresponding MMS port according to the VLAN tag in the data.
The invention realizes that the power network switch needs a plurality of MMS ports, physically isolates the MMS ports from the common service ports of the switch, can realize a plurality of MMS ports by expanding the switch chip, and realizes the data isolation between the MMS ports by using the VLAN technology, thereby realizing the safety of the power network data network
The foregoing is a more detailed description of the invention in connection with specific preferred embodiments and it is not intended that the invention be limited to these specific details. For those skilled in the art to which the invention pertains, several simple deductions or substitutions can be made without departing from the spirit of the invention, and all shall be considered as belonging to the protection scope of the invention.

Claims (10)

1. A grid process layer switch, characterized by: the system comprises a CPU, an exchange chip and an extension exchange chip, wherein the CPU is respectively connected with the exchange chip and the extension exchange chip, the exchange chip is provided with a plurality of service ports, the extension exchange chip is provided with a plurality of MMS ports, and the plurality of MMS ports are mutually isolated by a VLAN method.
2. The grid process layer switch of claim 1, wherein: the MMS ports comprise an MMS1 port, an MMS2 port, an MMSn port, an MMS1 port and an MMS2 port of the expansion switching chip, the MMSn port is respectively provided with a VLAN100, a VLAN200, a.
3. The grid process layer switch of claim 2, wherein: configuring an MMS1 port and a CPU port as VLAN100 members, configuring an MMS1 port PVID as VLAN100, configuring an MMS1 outlet direction as an untagged mode, and configuring the CPU port as a tagged port;
the configuration method of the MMSn port is the same as that of the MMS1 port.
4. The grid process layer switch of claim 3, wherein: configuring an MMS2 port and a CPU port as VLAN200 members, configuring an MMS2 port PVID as VLAN200, configuring an MMS2 outlet direction as an untagged mode, and configuring the CPU port as a tagged port;
the MMSn port and the CPU port are configured as VLANn members, the PVID of the MMSn port is configured as VLANn, the outlet direction of the MMSn is configured as an untagged mode, and the CPU port is a tagged port.
5. The grid process layer switch of claim 3, wherein: when an untagged data packet enters the MMS1 port, the expansion switching chip will print the data on the tag of VLAN100, because only the MMS1 port and the CPU port are in VLAN100, the data entering from the MMS1 port can only be forwarded to the CPU port, the CPU port exit is in tagged mode, therefore, the data entering from the MMS1 port can only exit from the CPU port, and is sent to the CPU protocol stack with VLAN 100.
6. The grid process layer switch of claim 3, wherein: the CPU protocol stack adopts a linux tcp/ip protocol stack, creates a VLAN virtual network interface by using vconfig, virtualizes a single Ethernet eth0 device into a plurality of network interfaces eth0.100(VLAN100) based on VLAN number.
7. The grid process layer switch of claim 3, wherein: the CPU protocol stack finds out matched virtual network equipment according to IP address network segment, the virtual network equipment inserts the data sent out by the protocol stack into corresponding VLAN tag, when the data is sent to the CPU port of the expansion exchange chip, the chip sends the data to the corresponding MMS port according to the VLAN tag in the data.
8. A method for configuring a grid process layer switch according to claim 1, wherein the method comprises: the ports of the expansion switching chip connected with the CPU are defined as CPU ports, and the CPU ports are respectively added with the VLAN100, the VLAN 200.
9. The configuration method according to claim 8, characterized in that: the configuration method of the MMS1 port is that the MMS1 port and the CPU port are configured as VLAN100 members, the PVID of the MMS1 port is configured as VLAN100, the outlet direction of the MMS1 port is configured as an untagged mode, and the CPU port is a tagged port; the configuration method of the MMSn port is the same as that of the MMS1 port.
10. The configuration method according to claim 9, characterized in that it comprises the steps of:
the step of sending data to the CPU protocol stack by the MMS port: when an untagged data packet enters an MMS1 port, the expansion switching chip can print data on a tag of a VLAN100, and because only an MMS1 port and a CPU port are in the VLAN100, the data entering from the MMS1 port can only be forwarded to the CPU port, and the CPU port outlet is in a tagged mode, the data entering from the MMS1 port can only exit from the CPU port, is provided with the VLAN100 and is sent to a CPU protocol stack;
CPU protocol stack processing step: the CPU protocol stack adopts a linux tcp/ip protocol stack, a VLAN virtual network interface is created by using vconfig, and a single Ethernet eth0 device is virtualized into a plurality of network interfaces eth0.100(VLAN100) based on VLAN number.
The step of sending data to the MMS port by the CPU protocol stack: the CPU protocol stack finds out matched virtual network equipment according to IP address network segment, the virtual network equipment inserts the data sent out by the protocol stack into corresponding VLAN tag, when the data is sent to the CPU port of the expansion exchange chip, the chip sends the data to the corresponding MMS port according to the VLAN tag in the data.
CN201911408575.6A 2019-12-31 2019-12-31 Power grid process switch and configuration method Pending CN111131092A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911408575.6A CN111131092A (en) 2019-12-31 2019-12-31 Power grid process switch and configuration method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911408575.6A CN111131092A (en) 2019-12-31 2019-12-31 Power grid process switch and configuration method

Publications (1)

Publication Number Publication Date
CN111131092A true CN111131092A (en) 2020-05-08

Family

ID=70506285

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911408575.6A Pending CN111131092A (en) 2019-12-31 2019-12-31 Power grid process switch and configuration method

Country Status (1)

Country Link
CN (1) CN111131092A (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101741664A (en) * 2009-12-21 2010-06-16 中兴通讯股份有限公司 Method and device for realizing Ethernet interface system
CN204539379U (en) * 2015-05-12 2015-08-05 国网智能电网研究院 A kind of optical network unit of supporting business isolation
CN106160227A (en) * 2016-07-28 2016-11-23 全球能源互联网研究院 A kind of intelligent substation entirely stand communication network unified management method
CN108282462A (en) * 2017-12-25 2018-07-13 曙光信息产业(北京)有限公司 A kind of device of isolation service network and management net

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101741664A (en) * 2009-12-21 2010-06-16 中兴通讯股份有限公司 Method and device for realizing Ethernet interface system
CN204539379U (en) * 2015-05-12 2015-08-05 国网智能电网研究院 A kind of optical network unit of supporting business isolation
CN106160227A (en) * 2016-07-28 2016-11-23 全球能源互联网研究院 A kind of intelligent substation entirely stand communication network unified management method
CN108282462A (en) * 2017-12-25 2018-07-13 曙光信息产业(北京)有限公司 A kind of device of isolation service network and management net

Similar Documents

Publication Publication Date Title
CN104753710B (en) The active-standby switch system and method for double WAN mouthfuls of network equipments
US8559302B2 (en) Systems and methods for distributed service protection across plug-in units
CN102742228A (en) Ethernet node port virtualizer
CN108282462B (en) Device for isolating service network and management network
CN100563205C (en) The implementation method of user-isolated virtual local area network (LAN) and the network equipment of application thereof
CN101577711A (en) Method for realizing network security platform of IP software router by utilizing VLAN technology
US10050830B2 (en) Work mode negotiation
CN105871614A (en) Protection method and device of board cards in communication device
CN104144130B (en) Method, system and the access switch of virtual machine system interconnection
CN100397844C (en) Method for sending virtual LAN data
CN102957588A (en) Method and system for protecting looped network from broadcast storm
CN103457782A (en) VLAN-based loopback detection method and network equipment
CN111131092A (en) Power grid process switch and configuration method
CN105812152B (en) A kind of ethernet ring network failure notification method
CN112910734B (en) Method and system for switching link aggregation group
CN203135573U (en) Relay protection device
CN2907103Y (en) Dual-network electronic switch
CN107306248A (en) A kind of light quantum interchanger and its communication means
CN106921672B (en) Protocol conversion device of many net gaps many CPUs based on exchange chip
CN103780444A (en) Loop automatic detection device and method in EoC network
CN105099820A (en) Local area network switch monitoring device and method
CN103888316A (en) Automatic monitoring method of computer network with multiple network segments and multiple VLANs
CN109831365B (en) Multicast protocol precision load control system and Ethernet communication stream construction method
CN110557296B (en) Dual cell server redundant network system
CN218941122U (en) Hundred mega Ethernet industrial switch with built-in message identification function

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20200508

RJ01 Rejection of invention patent application after publication