CN113079076B - Message forwarding method and device - Google Patents

Message forwarding method and device Download PDF

Info

Publication number
CN113079076B
CN113079076B CN202110309025.XA CN202110309025A CN113079076B CN 113079076 B CN113079076 B CN 113079076B CN 202110309025 A CN202110309025 A CN 202110309025A CN 113079076 B CN113079076 B CN 113079076B
Authority
CN
China
Prior art keywords
vlan
entry
acl
forwarding
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110309025.XA
Other languages
Chinese (zh)
Other versions
CN113079076A (en
Inventor
包灵犀
李光
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xinhua Three Software Co ltd
Original Assignee
Xinhua Three Software Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xinhua Three Software Co ltd filed Critical Xinhua Three Software Co ltd
Priority to CN202110309025.XA priority Critical patent/CN113079076B/en
Publication of CN113079076A publication Critical patent/CN113079076A/en
Application granted granted Critical
Publication of CN113079076B publication Critical patent/CN113079076B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Small-Scale Networks (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The application provides a message forwarding method and a message forwarding device, and the method comprises the following steps: when receiving a user side message from a client through a user side port, the network equipment determines an ACL table item corresponding to a user side VLAN carried by the user side message; based on the configured VLAN mapping information, the user side VLAN carried by the user side message is modified into a corresponding network side VLAN, a forwarding table from the network equipment to the client is learned based on the modified network side VLAN, and the forwarding table is associated with the ACL table; wherein, the ACL table entry is used for indicating that a network side VLAN carried by a network side message sent to the client is modified into a user side VLAN; and forwarding the user side message through the port corresponding to the modified network side VLAN, thereby modifying the network side VLAN carried by the network side message into the user side VLAN, and sending the network side message to the client corresponding to the user side VLAN.

Description

Message forwarding method and device
Technical Field
The present application relates to the field of computer communications, and in particular, to a method and an apparatus for forwarding a packet.
Background
In a forwarding Network, in order to isolate different clients from each other, different user-side VLANs (Virtual Local Area networks) are usually allocated to the different clients, and in order to save VLAN resources on a switch, VLAN mapping techniques may be used to map the different user-side VLANs to the same Network-side VLAN on the switch. Specifically, when the network device receives a user-side message sent by the client, the user-side VLAN carried in the user-side message is modified into a network-side VLAN, and the network-side VLAN is forwarded.
However, when the network device receives the network side packet, because the network side VLAN carried by the network side packet corresponds to a plurality of different user side VLANs, the user side VLAN where the destination address of the network side packet is located cannot be determined only by the network side VLAN, and thus the network side packet cannot be forwarded to the corresponding client.
Disclosure of Invention
In view of this, the present application provides a method and an apparatus for forwarding a packet, which are used to modify a network-side VLAN carried by a network-side packet into a user-side VLAN, and send the network-side packet to a client corresponding to the user-side VLAN.
Specifically, the method is realized through the following technical scheme:
according to a first aspect of the present application, a method for forwarding a packet is provided, where the method is applied to a network device, and the method includes:
when a user side message from a client is received through a user side port, determining a table item identifier of an ACL table item corresponding to a user side VLAN carried by the user side message in a preset ACL table;
based on VLAN mapping information configured on the user side port, the user side VLAN carried by the user side message is modified into a corresponding network side VLAN, a forwarding table from the network equipment to the client side is learned based on the modified network side VLAN, and the forwarding table is associated with the ACL table; the ACL table entry is used for indicating that the network side VLAN carried by a network side message sent to the client is modified into the user side VLAN;
and forwarding the user side message through the modified port corresponding to the network side VLAN.
Optionally, the method further includes:
when a network side message sent to the client is received, determining the forwarding table entry used for forwarding the network side message to the client, modifying a network side VLAN carried by the network side message into a user side VLAN according to an ACL table entry associated with the forwarding table entry, and forwarding the user side VLAN through the forwarding table entry.
Optionally, the associating the forwarding table entry with the ACL table entry includes:
writing the item identifier of the ACL item into the forwarding item;
when a network side message sent to the client is received, the ACL table associated with the forwarding table is determined in the following way:
and searching the ACL list item in the ACL list according to the list item identifier recorded by the forwarding list item.
Optionally, the writing the entry identifier of the ACL entry into the forwarding entry includes:
and writing the entry identifier of the ACL entry into a reserved field reserved for the forwarding entry or an extended field extended for the forwarding entry.
Optionally, the ACL table is generated as follows:
receiving VLAN mapping information configured for any user side port; the VLAN mapping information records the corresponding relation between the user side VLAN configured on the user side port and the network side VLAN;
generating an ACL table item corresponding to a user side VLAN configured on the arbitrary user side port, wherein the ACL table item is used for indicating that the VLAN of the network side message matched with the ACL table item is modified into the user side VLAN configured on the arbitrary user side port;
checking whether the generated ACL table item exists in the ACL table;
and if not, adding the ACL table entry to the ACL table.
According to a second aspect of the present application, there is provided a packet forwarding apparatus, where the apparatus is applied to a network device, and the apparatus includes:
the system comprises a determining unit, a sending unit and a receiving unit, wherein the determining unit is used for determining the table item identification of an ACL table item corresponding to a user side VLAN carried by a user side message in a preset ACL table when the user side message from a client is received through a user side port;
the association unit is used for modifying the user side VLAN carried by the user side message into a corresponding network side VLAN based on VLAN mapping information configured on the user side port, learning a forwarding table item from the network equipment to the client based on the modified network side VLAN, and associating the forwarding table item with the ACL table item; the ACL table entry is used for indicating that the network side VLAN carried by a network side message sent to the client is modified into the user side VLAN;
and the sending unit is used for forwarding the user side message through the modified port corresponding to the network side VLAN.
Optionally, the apparatus further comprises:
and the receiving unit is used for determining the forwarding table entry used for forwarding the network side message to the client when receiving the network side message sent to the client, modifying the network side VLAN carried by the network side message into the user side VLAN according to the ACL table entry associated with the forwarding table entry, and forwarding the user side VLAN through the forwarding table entry.
Optionally, the associating unit is configured to, when associating the forwarding entry with the ACL entry, write an entry identifier of the ACL entry into the forwarding entry;
and the receiving unit is used for searching the ACL table item in the ACL table according to the table item identifier recorded by the forwarding table item when the ACL table item associated with the forwarding table item is determined.
Optionally, the associating unit is configured to, when writing the entry identifier of the ACL entry into the forwarding entry, write the entry identifier of the ACL entry into a reserved field reserved for the forwarding entry or an extended field extended for the forwarding entry.
Optionally, the apparatus further includes a generating unit, configured to receive VLAN mapping information configured for any user-side port; the VLAN mapping information records the corresponding relation between the user side VLAN configured on the user side port and the network side VLAN; generating an ACL table item corresponding to a user side VLAN configured on the arbitrary user side port, wherein the ACL table item is used for indicating that the VLAN of the network side message matched with the ACL table item is modified into the user side VLAN configured on the arbitrary user side port; checking whether the generated ACL table item exists in the ACL table; and if not, adding the ACL table entry to the ACL table.
As can be seen from the above description, according to the present application, the ACL entries corresponding to the user-side VLANs are configured, where the ACL entries are used to indicate that a VLAN in a network-side message matching the ACL entry is modified into a user-side VLAN corresponding to the ACL entry, and when a user-side message from a client is received, a forwarding entry learned based on the user-side message is associated with the ACL entry corresponding to the VLAN carried in the user-side message, so that when a network-side message sent to the client is received, a network device can modify the VLAN carried in the network-side message into a VLAN corresponding to the client according to the ACL associated with the forwarding entry matched by the network-side message, and forward the VLAN carried in the network-side message according to the forwarding entry, thereby implementing sending the network-side message to the client.
Drawings
Fig. 1 is a schematic networking diagram of a forwarding system according to an embodiment of the present application;
fig. 2 is a flowchart illustrating a message forwarding method according to an exemplary embodiment of the present application;
fig. 3 is a flowchart illustrating a network-side message forwarding method according to an exemplary embodiment of the present application;
fig. 4 is a schematic diagram illustrating a message forwarding method according to an exemplary embodiment of the present application;
FIG. 5 is a diagram illustrating a hardware configuration of a network device in accordance with an exemplary embodiment of the present application;
fig. 6 is a block diagram of a message forwarding apparatus according to an exemplary embodiment of the present application.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. The following description refers to the accompanying drawings in which the same numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present application, as detailed in the appended claims.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this application and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It should be understood that although the terms first, second, third, etc. may be used herein to describe various information, such information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present application. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.
Referring to fig. 1, fig. 1 is a schematic networking diagram of a forwarding system according to an embodiment of the present application.
As shown in fig. 1, the network includes a network device, a server, and a client.
The network device may be a switch, a router, or other device with forwarding capability.
In practical applications, different VLANs are usually allocated to different clients in order to isolate different users (for convenience of description, the VLAN allocated to a client is referred to as a user-side VLAN). To conserve VLAN resources, a VLAN is also typically configured for a network-side port on a network device (for convenience of description, a VLAN configured for a network-side port on a network device is referred to herein as a network-side VLAN)
For example, the user-side VLAN assigned to the client 101 is VLAN100, and the user-side VLAN assigned to the client 102 is VLAN 200. The client 101 is connected to a Port101 on the network device. The client 102 is connected to a Port103 on the network device.
Also configured on the network device is a network-side Port102, Port102 being configured with a network-side VLAN of VLAN 10. The VLAN mapping information preconfigured on Port101 on the network device is: VLAN100 is mapped to VLAN 10. The VLAN mapping information preconfigured on Port103 on the network device is: VLAN200 is mapped to VLAN 10.
It is assumed that a client 101 sends a message 101 (the message is sent from the client and is also referred to as a user-side message) to a server, and a user-side VLAN carried by the message 101 is a VLAN 100. When the network device receives the message 101 sent by the client 101 to the server, the network device may modify the VLAN100 in the message 101 to the VLAN10 based on the preconfigured VLAN mapping, and then the network device may send the VLAN modified message 101 to the server.
However, when the network device receives the network-side packet 102 returned from the server to the client 101, since the VLAN carried by the network-side packet 102 is the VLAN10, and the VLAN10 corresponds to at least one user-side VLAN, such as the VLAN10 corresponds to the VLAN100 and the VLAN200 at the same time, the network device cannot determine whether the network-side packet 102 is addressed to the VLAN100 or the VLAN200 only through the VLAN10, so that the network device cannot forward the network-side packet 102 to the client 101.
In view of this, the present application aims to provide a message forwarding method, where an Access Control List (ACL) entry is allocated to each user side VLAN (that is, a VLAN corresponding to a client connected to the network device), and each ACL entry is used to indicate that a VLAN carried by a network side message matching the ACL entry is modified into a user side VLAN corresponding to the ACL entry.
When receiving a user side message from a client, a network device determines an ACL table corresponding to a user side VLAN carried by the user side message in a preset ACL table, maps the user side VLAN carried by the user side message into a network side VLAN based on user side VLAN mapping information configured on a user side port for receiving the user side message, learns a forwarding table from the network device to the client based on the modified network side VLAN, associates the forwarding table with the ACL table, and forwards the user side message through a port corresponding to the modified network side VLAN.
The ACL table entry is used for indicating that a network side VLAN carried by a network side message sent to the client is modified into the user side VLAN;
on one hand, according to the method and the device, the ACL items corresponding to the user side VLANs are configured, the ACL items are used for indicating that the VLAN in the network side message matched with the ACL items is modified into the user side VLAN corresponding to the ACL items, and when the user side message from the client is received, the forwarding items learned based on the user side message are associated with the ACL items corresponding to the VLAN carried in the user side message, so that when the network side message sent to the client is received, the network equipment can modify the VLAN carried in the network side message into the VLAN corresponding to the client according to the ACL items associated with the forwarding items matched with the network side message and forwards the VLAN carried in the network side message according to the forwarding items, and the network side message is sent to the client.
On the other hand, because the ACL entries corresponding to each user-side VLAN are pre-configured, and the learned forwarding entries are associated with the corresponding ACL entries after the user-side messages are received, one ACL entry can be associated with at least one forwarding entry.
Before introducing the present application, the ACL table proposed in the present application is introduced.
In the scenario proposed in the present application, VLAN mapping information is typically configured on the user-side port to which the client is connected. The VLAN mapping information records a mapping relationship between a user-side VLAN (herein, simply referred to as a user-side VLAN) configured on the user-side port and a network-side VLAN.
When the network device receives the VLAN mapping information configured for any user side port, an ACL table item corresponding to the user side VLAN configured on the user side port is generated. And the ACL table entry is used for indicating that the VLAN of the network side message matched with the ACL table entry is modified into the user side VLAN configured on the user side port.
Wherein, the ACL table entry comprises a matching entry and an action entry.
The matching entry of the ACL may be an entry identifier of the ACL entry. The entry identifier is a flag that uniquely identifies an ACL entry. For example, in the present application, the network device may assign an identifier (e.g., CLASS ID) to each customer-side VLAN, where the identifier CLASS ID may be an identifier of a reserved field in the forwarding chip. Different forwarding chips have different reserved fields. The entry identifier of the ACL entry corresponding to each user-side VLAN may be a CLASS ID allocated to the user-side VLAN. The table entry identifier is only exemplary and is not specifically limited.
The action items of the ACL table entry are: and modifying the VLAN carried by the network side message matched with the ACL table item into the VLAN on the user side configured on the port of any user side.
Then, the network device can detect whether the generated ACL entry exists in the preset ACL table, and if the generated ACL entry does not exist in the preset ACL table, the ACL entry is added to the ACL table. And if the generated ACL table item exists in the preset ACL table, the ACL table item is not repeatedly added into the ACL table.
For example, assume that two user-side ports and one network-side port are included on a switch. The two user-side ports are G1/0/1 and G1/0/2, respectively, and the network-side port is G1/0/3.
1) For user-side ports G1/0/1, assume that VLAN mapping information configured on user-side ports G1/0/1 is:
[ Switch ] interface gigabit Ethernet 1/0/1; (Inlet port G1/0/1 configuration)
[ Switch-gigabit Ethernet1/0/1] port link-type trunk; (indicating the type of user-side port connection is trunk type)
[ Switch-gigabit Ethernet1/0/1] port trunk permit vlan 100; (the user-side VLAN indicated as a user-side port configuration is VLAN100)
[ Switch-Gigabitetet 1/0/1] vlan mapping 100translated-vlan 10; (indicating that user-side VLAN100 configured on a user-side port is mapped to VLAN 10).
When the switch receives VLAN mapping information for user-side ports G1/0/1, it generates ACL entries corresponding to user-side VLANs 100 configured on the user-side ports.
Specifically, the network device assigns an identifier to the user-side VLAN configured on each user-side port, and assuming that the identifier of VLAN100 is CLASS1, the network device may use CLASS1 as the entry identifier of the ACL entry corresponding to VLAN 100.
Therefore, the generated ACL entry has a match of CLASS1, and the action modifies VLAN to VLAN 100.
The network device may then detect whether the ACL entry exists in the ACL table, and since the ACL entry does not exist in the ACL table, the network device may add the generated ACL entry in the ACL table.
At this time, the ACL table is shown in table 1:
matching items Action item
CLASS1 Modification of VLAN to VLAN100
TABLE 1
2) For user-side ports G1/0/2, assume that VLAN mapping information configured on user-side ports G1/0/2 is:
[ Switch ] interface gigabit Ethernet 1/0/2; (configuration of subscriber-side ports G1/0/2 on ingress switch)
[ Switch-gigabit Ethernet1/0/2] port link-type trunk; (indicating the type of user-side port connection is trunk type)
[ Switch-gigabit Ethernet1/0/2] port trunk permit vlan 100; (VLAN shown as configured for a user-side port is VLAN100)
[ Switch-Gigabitetet 1/0/2] vlan mapping 100translated-vlan 10; (indicating that user-side VLAN100 configured on a user-side port is mapped to VLAN 10).
When the switch receives VLAN mapping information for user-side ports G1/0/2, it generates ACL entries corresponding to user-side VLANs 100 configured on the user-side ports. The generated matching item of the ACL table entry is CLASS1, and the action item modifies the VLAN into VLAN 100.
The network device may then detect whether the ACL entry exists in the ACL table as shown in table 1, and the network device may not repeatedly add the ACL entry to the ACL table because the ACL entry already exists in the ACL table.
According to the method and the device, when the user performs VLAN mapping configuration on the port, the ACL table items corresponding to the VLAN at each user side are generated, and in the subsequent process, the learned forwarding table items can be associated with the ACL table items, so that one ACL table item can be associated with at least one forwarding table item, and the storage space occupied by the ACL table items is effectively saved.
After the ACL table is introduced, the following details describe the message forwarding method provided in the present application.
Referring to fig. 2, fig. 2 is a flowchart illustrating a message forwarding method according to an exemplary embodiment of the present application, where the method may be applied to a network device and may include the following steps.
Step 201: when receiving a user side message from a client through a user side port, the network equipment determines the list item identification of an ACL list item corresponding to a user side VLAN carried by the user side message in a preset ACL list.
In an optional implementation manner, an ACL entry corresponding to the user-side VLAN carried in the user-side message in a preset ACL table is determined, and in fact, an entry identifier of the ACL entry corresponding to the user-side VLAN carried in the user-side message is determined.
Specifically, the network device records a corresponding relationship between a user-side VLAN and an ACL entry identifier. When the network device receives a user side message from the client through the user side port, the network device can search the ACL table entry identifier corresponding to the user side VLAN carried by the user side message in the corresponding relationship.
Of course, in practical application, the ACL entry corresponding to the user-side VLAN may also be determined in other manners. For example, in the ACL table, the direct lookup action item includes the entry identifier of the ACL entry of the user-side VLAN. This is merely an example and is not particularly limited.
Step 202: the network equipment modifies the user side VLAN carried by the user side message into a corresponding network side VLAN based on user side VLAN mapping information configured on the user side port, learns a forwarding table item from the network equipment to the client based on the modified network side VLAN, and associates the forwarding table item with the ACL table item; wherein, the forwarding table entry and the ACL table entry are used to indicate that the network side VLAN carried by the network side message sent to the client is modified to the user side VLAN.
Step 202 is explained in detail below through step 2021 to step 2023.
Step 2021: and the network equipment maps the user side VLAN carried by the user side message into a corresponding network side VLAN based on the VLAN mapping information configured on the user side port.
In the scenario provided by the present application, VLAN mapping information may be configured on a user-side port, where the VLAN mapping information is used to instruct a network device to modify a user-side VLAN carried in a user-side message into a corresponding network-side VLAN.
In step 2021, the network device may read the VLAN mapping information configured on the user side port, and then modify the user side VLAN carried in the user side packet into the network side VLAN recorded in the VLAN mapping information according to the VLAN mapping information.
For example, suppose a network device receives a user-side packet from user-side port G1/0/1, and the user-side VLAN carried by the user-side packet is VLAN 100. Assume that VLAN mapping information configured on G1/0/1 is to map VLAN100 (user-side VLAN) to VLAN10 (network-side VLAN).
In addition, the network device can modify the VLAN100 carried by the user-side packet into VLAN10 based on the VLAN mapping information on the user-side port G1/0/1.
Step 2022: and the network equipment learns the forwarding table item from the network equipment to the client based on the modified network side VLAN.
When the method is implemented, the network equipment can perform source address learning on the user side message with the modified VLAN, and generates a forwarding table from the network equipment to the client.
Wherein, the forwarding table entry at least comprises: destination address, egress interface and VLAN identification. The destination address is a client address (i.e. a source address of the user-side message), the output interface is a user-side port for receiving the user-side message, and the VLAN identifier is a modified network-side VLAN.
Step 2023: and the network equipment associates the forwarding table entry with the ACL table entry.
In an optional implementation manner, in order to save storage resources in the network device, the network device may associate the ACL entry and the forwarding entry in a manner of writing an entry identifier of the ACL entry into the forwarding entry, so that a storage space does not need to be separately allocated to store a corresponding relationship between the ACL entry and the forwarding entry.
Specifically, most forwarding table entries have a reserved field reserved in advance, and the network device may write the entry identifier of the ACL table entry into the reserved field. Alternatively, the network device may write the entry identifier of the ACL entry into the extended field. Of course, in practical applications, the network device may also write the entry identifier of the ACL entry into other fields of the forwarding entry, which is only exemplary and not specifically limited herein.
Of course, in practical application, the network device may also associate the forwarding table entry with the ACL table entry in other manners. For example, the network device may separately allocate a storage space to store the corresponding relationship between the forwarding entry identifier and the ACL entry identifier. Here, the manner of associating the forwarding entry and the ACL entry is only exemplarily described, and is not specifically limited.
Step 203: and the network equipment forwards the user side message through the modified port corresponding to the network side VLAN.
The network device can forward the user side message with the modified VLAN through the port corresponding to the modified network side VLAN.
For example, assuming that the network device includes ports G1/0/1, the VLAN mapping configured on ports G1/0/1 is to map the user-side VLAN100 to the network-side VLAN 10. The network device also comprises a port G1/0/3 and a network side VLAN10 configured on the port G1/0/3.
Suppose that the network device receives a user-side packet from the client on port G1/01/1, the user-side packet carrying VLAN 100. The network device can modify the VLAN100 carried by the user-side packet into a VLAN10 according to the VLAN mapping information configured on the port G1/01/1. Then the network device can determine the port G1/0/3 corresponding to the VLAN10, and then send the VLAN-modified user-side message out through the port G1/0/3.
In addition, the application also provides a forwarding mode of the network equipment to the network side message.
Referring to fig. 3, fig. 3 is a flowchart of a network-side packet forwarding method according to an exemplary embodiment of the present application, where the method may be applied to a network device and may include the following steps.
Step 301: when receiving a network side message sent to the client, the network device determines the forwarding table entry for forwarding the network side message to the client.
When the method is realized, the network equipment can receive and transmit the network side message to the client. The destination address carried by the network side message is the address of the client, and the VLAN carried by the network side message is the network side VLAN.
The network device may search a forwarding table for a destination address as the client address, where the VLAN identifier is a forwarding table entry of the network-side VLAN, and the searched forwarding table entry is the forwarding table entry for forwarding the network-side packet to the client.
Step 302: and the network equipment modifies the network side VLAN carried by the network side message into the user side VLAN according to the ACL table associated with the forwarding table and forwards the user side VLAN through the forwarding table.
Step 302 is described in detail below through step 3021 to step 3022.
Step 3021: the network device determines an ACL entry associated with the forwarding entry.
In an optional implementation manner, the forwarding table entry records an entry identifier of the ACL entry associated therewith, and the network device may obtain the entry identifier of the ACL entry associated therewith from the forwarding table entry.
Then, the network device can search the ACL table entry corresponding to the entry identifier in the ACL table according to the entry identifier. For example, the entry identifier of the ACL entry is a matching entry of the ACL, and the network device can search the ACL entry whose matching entry is the entry identifier, and use the ACL entry as the ACL entry associated with the forwarding entry.
Step 3022: and the network equipment modifies the network side VLAN carried by the network side message into the user side VLAN according to the ACL table and forwards the user side VLAN through the forwarding table.
As shown above, the action item of the ACL entry associated with the forwarding entry is: the VLAN in the message is modified into the user side VLAN corresponding to the ACL table item.
Therefore, the network device can modify the network side VLAN carried by the network side message into the user side VLAN according to the ACL entry.
Then, the network device may forward the network-side packet with the VLAN modification to the client through the egress interface in the forwarding table entry.
As can be seen from the above description, on one hand, according to the present application, an ACL entry corresponding to each user-side VLAN is configured, where the ACL entry is used to indicate that a VLAN in a network-side message matching the ACL entry is modified into a user-side VLAN corresponding to the ACL entry, and when a user-side message from a client is received, a forwarding entry learned based on the user-side message is associated with the ACL entry corresponding to the VLAN carried in the user-side message, so that when the network-side message sent to the client is received, a network device can modify the VLAN carried in the network-side message into the VLAN corresponding to the client according to the ACL entry associated with the forwarding entry matched to the network-side message, and forward the VLAN carried in the network-side message according to the forwarding entry, thereby sending the network-side message to the client.
On the other hand, in the prior art, after a forwarding table entry is obtained by performing source address learning on a user-side message, an ACL table entry corresponding to the forwarding table entry is generated. This is disadvantageous in that the number of ACL entries generated is related to the number of entries of the forwarding entries, causing the network device to generate a large number of ACL entries.
And because the ACL table items corresponding to each user side VLAN are pre-configured, after the user side message is received, the learned forwarding table items are associated with the corresponding ACL table items, so that one ACL table item can be associated with at least one forwarding table item.
The following describes the message forwarding method provided in the present application in detail by referring to fig. 4 through a specific example.
Referring to fig. 4, fig. 4 is a schematic diagram illustrating a packet forwarding method according to an exemplary embodiment of the present application.
The following describes the message forwarding method in detail from the formation of the ACL table and the forwarding of the user-side message and the network-side message.
1) ACL table formation
Assume that client 401 is connected to port G1/0/1 on switch 401, client 402 is connected to port G1/0/2 on switch 401, and client 403 is connected to port G1/0/3 on switch. The servers are connected to ports G1/0/4 on the switch.
It is assumed that the port G1/0/1 is configured with the customer-side VLAN100, and the configured VLAN mapping information is to map the customer-side VLAN100 to the network-side VLAN 10.
The port G1/0/2 is configured with a user side VLAN200, and the configured VLAN mapping information is that the user side VLAN200 is mapped into a network side VLAN 10;
the port G1/0/3 is configured with a user-side VLAN100, and the configured VLAN mapping information is that the user-side VLAN100 is mapped to a network-side VLAN 10;
the port G1/0/4 is configured with a network side VLAN 10.
In addition, when the switch receives the VLAN mapping information of any port, the switch may assign an identifier to the user-side VLAN configured on the VL on the any port. In other words, in the present application, the switch assigns an identifier only to the customer-side VLAN with VLAN mapping, and the customer-side VLAN without VLAN mapping does not assign an identifier. For example, the switch assigns CLASS1 for VLAN100 and CLASS2 for VLAN 200.
For port G1/0/1, when the switch 401 receives VLAN mapping information configured for port G1/0/1, the switch 401 may generate an ACL entry corresponding to the user-side VLAN 100. The matching item of the ACL table entry 1 is CLASS1, and the action item is to modify the VLAN in the message to VLAN 100.
The switch may then detect whether an ACL entry corresponding to the user-side VLAN100 exists in the ACL table, and add the ACL entry to the ACL table because the ACL entry does not exist in the preset ACL table, where the ACL table is shown in table 3.
Matching items Action item
CLASS1 Modification of VLAN to VLAN100
TABLE 3
For port G1/0/2, when the switch 401 receives VLAN mapping information configured for port G1/0/2, the switch 401 may generate an ACL entry corresponding to the user-side VLAN 200. The network device may identify CLASS2 corresponding to VLAN200 as an entry for the ACL entry. At this time, the matching item of the ACL table entry is CLASS2, and the action item is to modify the VLAN in the message into VLAN 200.
The switch can then detect whether an ACL entry corresponding to the customer VLAN200 exists in the ACL table, and since the ACL entry does not exist, the ACL entry is added to the ACL table, which is shown in table 4.
Matching items Action item
CLASS1 Modification of VLAN to VLAN100
CLASS2 Modification of VLAN to VLAN200
TABLE 4
For port G1/0/3, when the switch 401 receives VLAN mapping information configured for port G1/0/3, the switch 401 may generate an ACL entry corresponding to the user-side VLAN 100. The network device may identify CLASS1 corresponding to VLAN100 as an entry of an ACL entry. At this time, the matching item of the ACL table entry is CLASS1, and the action item is to modify the VLAN in the message to VLAN 100.
The switch can then detect whether an ACL entry corresponding to the customer VLAN100 exists in the ACL table, and since the ACL entry exists, the ACL table is not added to the ACL table, and the ACL table is still as shown in table 4.
2) And forwarding the user side message and the network side message.
2.1) suppose that the client 401 sends a user-side message 1 to the server, where the user-side message 1 carries the MAC address 0000 + 0001 of the client 401 and also carries the user-side VLAN 100.
When the switch 401 receives the user-side message 1 sent by the client 401 from the port G1/0/1, the switch can search the ACL table identifier (i.e. CLASS 1) corresponding to the user-side VLAN100 carried in the user-side message 1 in the correspondence between the user-side VLAN and the ACL table identifier (i.e. CLASS ID)
On the other hand, the switch 401 may modify the user-side VLAN100 carried in the user-side packet 1 into the network-side VLAN10 based on the VLAN mapping information on the port G1/0/1.
Then, the switch 401 may perform source address learning on the VLAN-modified user-side message 1, and generate a forwarding table 1 with the client 401.
The switch 401 may write CLASS1 into the reserved field of the generated forwarding entry 1, where the destination address of the forwarding entry 1 is the MAC address of the client 401 (i.e., 0000-0001), the output interface is the port G1/0/1, the VLAN identifier is VLAN10, the reserved field is CLASS1, and add the forwarding entry 1 to the forwarding table. At this time, the forwarding table configured on the switch 401 is as shown in table 5.
Destination address VLAN identification Outlet interface Reserved field
0000-0000-0001 VLAN10 G1/0/1 CLASS1
TABLE 5
Of course, in practical applications, the forwarding table entry further includes other fields, such as an aging field, a status field, and the like, and the forwarding table entry is only exemplarily illustrated and not specifically limited herein.
2.2) suppose that the client 402 sends a user-side message 2 to the server, where the user-side message 2 carries the MAC address 0000-.
When the switch 401 receives the user-side packet 2 sent by the client 402 from the port G1/0/2, the switch can search the ACL entry identifier (i.e. CLASS 2) corresponding to the user-side VLAN200 carried in the user-side packet 2 in the correspondence between the user-side VLAN and the ACL entry identifier (i.e. CLASS ID)
On the other hand, the switch 401 may modify the user-side VLAN200 carried in the user-side packet 2 into the network-side VLAN10 based on the VLAN mapping information on the port G1/0/2.
Then, the switch 401 may perform source address learning on the VLAN-modified user-side message 2, and generate a forwarding table entry 2 with the client 402.
The switch 401 may write CLASS2 into the reserved field of the generated forwarding table entry 2, where the destination address of the forwarding table entry 2 is the MAC address of the client 402 (i.e., 0000-. At this time, the forwarding table configured on the switch 401 is as shown in table 6.
Destination address VLAN identification Outlet interface Reserved field
0000-0000-0001 VLAN10 G1/0/1 CLASS1
0000-0000-0002 VLAN10 G1/0/2 CLASS2
TABLE 6
2.3) suppose that the client 403 sends a user-side packet 3 to the server, where the user-side packet 3 carries the MAC address of the client 403 of 0000-.
On one hand, when the switch 401 receives the user-side message 3 sent by the client 403 from the port G1/0/3, the switch can search the ACL table entry identifier (i.e. CLASS 1) corresponding to the user-side VLAN100 carried in the user-side message 3 in the corresponding relationship between the user-side VLAN and the ACL table entry identifier (i.e. CLASS ID)
On the other hand, the switch 401 may modify the user-side VLAN100 carried in the user-side packet 3 into the network-side VLAN10 based on the VLAN mapping information on the port G1/0/3.
Then, the switch 401 may perform source address learning on the VLAN-modified user-side message 3, and generate a forwarding table entry 3 with the client 403.
The switch 401 may write CLASS1 into the reserved field of the generated forwarding entry 3, where the destination address of the forwarding entry 3 is the MAC address of the client 403 (i.e., 0000-. At this time, the forwarding table configured on the switch 401 is as shown in table 7.
Destination address VLAN identification Outlet interface Reserved field
0000-0000-0001 VLAN10 G1/0/1 CLASS1
0000-0000-0002 VLAN10 G1/0/2 CLASS2
0000-0000-0003 VLAN10 G1/0/3 CLASS1
TABLE 7
2.4) the server returns a network side message 1 to the client 401, where the destination address of the network side message 1 is the address of the client 401, and the carried network side VLAN is VLAN 10.
When the switch 401 receives the network-side packet 1 sent by the server from the port G1/0/4, the switch 401 may search, in the forwarding table shown in table 7, the destination address as the address of the client 401 (i.e., 0000-. The out interface of the searched forwarding table entry is G1/0/1, and the reserved field is CLASS 1.
The switch 401 may then look up the ACL entry associated with the forwarding entry in the ACL table. Specifically, the switch 401 may search the ACL table shown in table 4 for the ACL entry of CLASS1 as the matching entry. As shown in table 4, the action item of the found ACL entry is to modify VLAN to VLAN 100.
Therefore, the switch 401 can modify the network-side VLAN10 carried in the network-side packet 1 into the user-side VLAN100, and then the switch 401 can forward the VLAN-modified network-side packet 1 to the client 401 through the egress interface G1/0/1.
2.5) the server returns a network side message 2 to the client 402, where the destination address of the network side message 2 is the address of the client 402, and the carried network side VLAN is VLAN 10.
When the switch 401 receives the network-side packet 2 sent by the server from the port G1/0/4, the switch 401 may search, in the forwarding table shown in table 7, the destination address as the address of the client 402 (i.e. 0000-. The out interface of the searched forwarding table entry is G1/0/2, and the reserved field is CLASS 2.
The switch 401 may then look up the ACL entry associated with the forwarding entry in the ACL table. Specifically, the switch 401 may search the ACL table shown in table 4 for the ACL entry whose matching entry is CLASS 2. As shown in table 4, the action item of the found ACL entry is to modify VLAN to VLAN 200.
Therefore, the switch 401 can modify the network-side VLAN10 carried in the network-side packet 2 into the user-side VLAN200, and then the switch 401 can forward the VLAN-modified network-side packet 2 to the client 402 through the egress interface G1/0/2.
2.6) the server returns a network side message 3 to the client 403, where the destination address of the network side message 3 is the address of the client 403, and the carried network side VLAN is VLAN 10.
When the switch 401 receives the network-side packet 3 sent by the server from the port G1/0/4, the switch 401 may search, in the forwarding table shown in table 7, the destination address as the address of the client 403 (i.e. 0000-. The out interface of the searched forwarding table entry is G1/0/3, and the reserved field is CLASS 1.
The switch 401 may then look up the ACL entry associated with the forwarding entry in the ACL table. Specifically, the switch 401 may search the ACL table shown in table 4 for the ACL entry whose matching entry is CLASS 1. As shown in table 4, the action item of the found ACL entry is to modify the VLAN to VLAN 100.
Therefore, the switch 401 can modify the network-side VLAN10 carried in the network-side packet 3 into the user-side VLAN100, and then the switch 401 can forward the VLAN-modified network-side packet 3 to the client 403 through the egress interface G1/0/3.
As can be seen from the above description, on one hand, according to the present application, an ACL entry corresponding to each user-side VLAN is configured, where the ACL entry is used to indicate that a VLAN in a network-side message matching the ACL entry is modified into a user-side VLAN corresponding to the ACL entry, and when a user-side message from a client is received, a forwarding entry learned based on the user-side message is associated with the ACL entry corresponding to the VLAN carried in the user-side message, so that when the network-side message sent to the client is received, an exchanger can modify the VLAN carried in the network-side message into the VLAN corresponding to the client according to the association of the forwarding entry matched with the network-side message, and forward the VLAN carried in the network-side message according to the forwarding entry, thereby realizing sending the network-side message to the client.
On the other hand, because the ACL entries corresponding to each user-side VLAN are pre-configured, and the learned forwarding entries are associated with the corresponding ACL entries after the user-side messages are received, one ACL entry can be associated with at least one forwarding entry.
The above is an exemplary description of the packet forwarding method provided in the present application.
Referring to fig. 5, fig. 5 is a hardware structure diagram of a network device according to an exemplary embodiment of the present application.
The network device includes: a communication interface 501, a processor 502, a machine-readable storage medium 503, and a bus 504; wherein the communication interface 501, the processor 502 and the machine-readable storage medium 503 are in communication with each other via a bus 504. The processor 502 may perform the message forwarding method described above by reading and executing machine-executable instructions in the machine-readable storage medium 503 corresponding to the message forwarding control logic.
The machine-readable storage medium 503 referred to herein may be any electronic, magnetic, optical, or other physical storage device that can contain or store information such as executable instructions, data, and the like. For example, the machine-readable storage medium may be: volatile memory, non-volatile memory, or similar storage media. In particular, the machine-readable storage medium 503 may be a RAM (random Access Memory), a flash Memory, a storage drive (e.g., a hard disk drive), a solid state disk, any type of storage disk (e.g., a compact disk, a DVD, etc.), or similar storage medium, or a combination thereof.
Referring to fig. 6, fig. 6 is a block diagram of a message forwarding apparatus according to an exemplary embodiment of the present application. The device can be applied to network equipment and can comprise the following units.
A determining unit 601, configured to determine, when a user-side message from a client is received through a user-side port, an entry identifier of an ACL entry in a preset ACL table, where the ACL entry corresponds to a user-side VLAN carried in the user-side message;
an associating unit 602, configured to modify a user-side VLAN carried in the user-side message into a corresponding network-side VLAN based on VLAN mapping information configured on the user-side port, learn a forwarding entry from the local network device to the client based on the modified network-side VLAN, and associate the forwarding entry with the ACL entry; the ACL table entry is used for indicating that the network side VLAN carried by a network side message sent to the client is modified into the user side VLAN;
a sending unit 603, configured to forward the user-side packet through the modified port corresponding to the network-side VLAN.
Optionally, the apparatus further comprises:
a receiving unit 604, configured to determine, when receiving a network-side packet sent to the client, the forwarding table entry used for forwarding the network-side packet to the client, modify a network-side VLAN carried by the network-side packet into the user-side VLAN according to an ACL table entry associated with the forwarding table entry, and forward the user-side VLAN through the forwarding table entry.
Optionally, the associating unit 602 is configured to, when associating the forwarding entry with the ACL entry, write an entry identifier of the ACL entry into the forwarding entry;
the receiving unit 604 is configured to search the ACL entry in the ACL table according to the entry identifier recorded in the forwarding entry when determining the ACL entry associated with the forwarding entry.
Optionally, the associating unit 602 is configured to, when writing the entry identifier of the ACL entry into the forwarding entry, write the entry identifier of the ACL entry into a reserved field reserved for the forwarding entry or an extended field extended for the forwarding entry.
Optionally, the apparatus further includes a generating unit 605, configured to receive VLAN mapping information configured for any user-side port; the VLAN mapping information records the corresponding relation between the user side VLAN configured on the user side port and the network side VLAN; generating an ACL table item corresponding to the user side VLAN configured on the arbitrary user side port, wherein the ACL table item is used for indicating that the VLAN of the network side message matched with the ACL table item is modified into the user side VLAN configured on the arbitrary user side port; checking whether the generated ACL table item exists in the ACL table; and if not, adding the ACL table entry to the ACL table.
The implementation process of the functions and actions of each unit in the above device is specifically described in the implementation process of the corresponding step in the above method, and is not described herein again.
For the device embodiment, since it basically corresponds to the method embodiment, reference may be made to the partial description of the method embodiment for relevant points. The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules can be selected according to actual needs to achieve the purpose of the scheme of the application. One of ordinary skill in the art can understand and implement it without inventive effort.
The above description is only exemplary of the present application and should not be taken as limiting the present application, as any modification, equivalent replacement, or improvement made within the spirit and principle of the present application should be included in the scope of protection of the present application.

Claims (10)

1. A message forwarding method is applied to network equipment, and is characterized in that the method comprises the following steps:
when a user side message from a client is received through a user side port, determining an ACL table item corresponding to a user side VLAN carried by the user side message in a preset ACL table; the identification of the ACL table item of the matching item of the ACL table item is CLASSID allocated to a user side VLAN; the ACL table item action item is to modify the VLAN in the message into a user side VLAN corresponding to the ACL table item;
based on VLAN mapping information configured on the user side port, a user side VLAN carried by the user side message is modified into a corresponding network side VLAN, a forwarding table item from the network equipment to the client side is learned based on the modified network side VLAN, and CLASS ID serving as table item identification of the ACL table item is written into the forwarding table item, so that the forwarding table item is associated with the ACL table item; the ACL table entry is used for indicating that the network side VLAN carried by a network side message sent to the client is modified into the user side VLAN;
and forwarding the user side message through the modified port corresponding to the network side VLAN.
2. The method of claim 1, further comprising:
when a network side message sent to the client is received, determining the forwarding table entry used for forwarding the network side message to the client, modifying a network side VLAN carried by the network side message into a user side VLAN according to an ACL table entry associated with the forwarding table entry, and forwarding the user side VLAN through the forwarding table entry.
3. The method of claim 2,
when a network side message sent to the client is received, the ACL table associated with the forwarding table is determined in the following way:
and searching the ACL table item in the ACL table according to the CLASS ID which is recorded by the forwarding table item and used as the table item identifier of the ACL table item.
4. The method of claim 3, wherein writing the CLASS ID as the entry identifier of the ACL entry to the forwarding entry comprises:
and writing the entry identifier of the ACL entry into a reserved field reserved for the forwarding entry or an extended field extended for the forwarding entry.
5. The method of claim 1, wherein the ACL table is generated by:
receiving VLAN mapping information configured for any user side port; the VLAN mapping information records the corresponding relation between the user side VLAN configured on the user side port and the network side VLAN;
generating an ACL table item corresponding to a user side VLAN configured on the arbitrary user side port, wherein the ACL table item is used for indicating that the VLAN of the network side message matched with the ACL table item is modified into the user side VLAN configured on the arbitrary user side port;
checking whether the generated ACL table item exists in the ACL table;
and if not, adding the ACL table entry to the ACL table.
6. A message forwarding apparatus, wherein the apparatus is applied to a network device, and the apparatus comprises:
the system comprises a determining unit, a sending unit and a receiving unit, wherein the determining unit is used for determining the table item identification of an ACL table item corresponding to a user side VLAN carried by a user side message in a preset ACL table when the user side message from a client is received through a user side port; the identification of the ACL list item of the matching item of the ACL list item is CLASSID allocated to a user side VLAN; the ACL table item action item is to modify the VLAN in the message into a user side VLAN corresponding to the ACL table item;
an association unit, configured to modify a user-side VLAN carried by the user-side message into a corresponding network-side VLAN based on VLAN mapping information configured on the user-side port, learn a forwarding entry from a local network device to the client based on the modified network-side VLAN, and write a CLASS ID, which is an entry identifier of the ACL entry, into the forwarding entry, so that the forwarding entry is associated with the ACL entry; the ACL table entry is used for indicating that the network side VLAN carried by a network side message sent to the client is modified into the user side VLAN;
and the sending unit is used for forwarding the user side message through the modified port corresponding to the network side VLAN.
7. The apparatus of claim 6, further comprising:
and the receiving unit is used for determining the forwarding table entry used for forwarding the network side message to the client when receiving the network side message sent to the client, modifying the network side VLAN carried by the network side message into the user side VLAN according to the ACL table entry associated with the forwarding table entry, and forwarding the user side VLAN through the forwarding table entry.
8. The apparatus of claim 7,
and the receiving unit is used for searching the ACL table item in the ACL table according to the table item identifier recorded by the forwarding table item when the ACL table item associated with the forwarding table item is determined.
9. The apparatus of claim 8, wherein the associating unit, when writing the CLASS ID as the entry identifier of the ACL entry into the forwarding entry, is configured to write the entry identifier of the ACL entry into a reserved field reserved for the forwarding entry or an extended field extended for the forwarding entry.
10. The apparatus according to claim 6, further comprising a generation unit configured to receive VLAN mapping information configured for any user-side port; the VLAN mapping information records the corresponding relation between the user side VLAN configured on the user side port and the network side VLAN; generating an ACL table item corresponding to the user side VLAN configured on the arbitrary user side port, wherein the ACL table item is used for indicating that the VLAN of the network side message matched with the ACL table item is modified into the user side VLAN configured on the arbitrary user side port; checking whether the generated ACL table item exists in the ACL table; and if not, adding the ACL table entry to the ACL table.
CN202110309025.XA 2021-03-23 2021-03-23 Message forwarding method and device Active CN113079076B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110309025.XA CN113079076B (en) 2021-03-23 2021-03-23 Message forwarding method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110309025.XA CN113079076B (en) 2021-03-23 2021-03-23 Message forwarding method and device

Publications (2)

Publication Number Publication Date
CN113079076A CN113079076A (en) 2021-07-06
CN113079076B true CN113079076B (en) 2022-09-30

Family

ID=76613661

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110309025.XA Active CN113079076B (en) 2021-03-23 2021-03-23 Message forwarding method and device

Country Status (1)

Country Link
CN (1) CN113079076B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007025451A1 (en) * 2005-09-01 2007-03-08 Zte Corporation Msystem and method for realizing multi-service stack virtual local area network
CN101141279A (en) * 2006-09-04 2008-03-12 中兴通讯股份有限公司 Device for accessing control listing through virtual LAN and its implementing method

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100586088C (en) * 2006-07-20 2010-01-27 杭州华三通信技术有限公司 Method for realizing virtual LAN aggregation and aggregation exchanger
CN101237378B (en) * 2008-03-11 2012-11-28 杭州华三通信技术有限公司 Mapping method and device of virtual LAN
CN101707562B (en) * 2009-11-27 2012-01-25 中兴通讯股份有限公司 Method and device for realizing access of virtual local area network (VLAN) stacking in virtual private wire service (VPWS)

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007025451A1 (en) * 2005-09-01 2007-03-08 Zte Corporation Msystem and method for realizing multi-service stack virtual local area network
CN101141279A (en) * 2006-09-04 2008-03-12 中兴通讯股份有限公司 Device for accessing control listing through virtual LAN and its implementing method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
虚拟局域网(VLAN)技术在网络管理中的应用;宋要兵等;《吉林交通科技》;20040325(第01期);全文 *

Also Published As

Publication number Publication date
CN113079076A (en) 2021-07-06

Similar Documents

Publication Publication Date Title
US7496052B2 (en) Automatic VLAN ID discovery for ethernet ports
US6731599B1 (en) Automatic load sharing-trunking
CN108259347B (en) Message transmission method and device
US20040003292A1 (en) User identifying technique on networks having different address systems
US10212069B2 (en) Forwarding of multicast packets in a network
US20180241608A1 (en) Forwarding ethernet packets
CA2412916A1 (en) Tunneling scheme optimized for use in virtual private networks
US8478891B1 (en) Employing socket ranges to ascertain layer 2 addresses
US8472420B2 (en) Gateway device
CN110505621B (en) Terminal migration processing method and device
US8250189B1 (en) Employing IP version fields to determine data-link layer addresses
CN107800549B (en) Method and device for realizing multi-tenant equipment environment MDC (media data center) based on port of switching equipment
CN108600074A (en) The retransmission method and device of multicast data message
CN103581022A (en) MAC address finding and transmitting method and device
CN102291472A (en) Network address lookup method and device
WO2020181735A1 (en) Method for providing network address translation (nat) service and controller
CN108199947B (en) Designated forwarder DF election method and device
CN108718276B (en) Message forwarding method and device
CN110661713B (en) Message forwarding method and device
CN107517129B (en) Method and device for configuring uplink interface of equipment based on OpenStack
CN108259348B (en) Message transmission method and device
CN109768909B (en) Message forwarding method and device
CN113079076B (en) Message forwarding method and device
CN115396401B (en) Method, system and medium for constructing flexible extension network based on IPv6 characteristic
CN109039902B (en) Method and device for forwarding multicast message

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant