CN113676391A - Data transmission method, device, communication node and storage medium - Google Patents

Data transmission method, device, communication node and storage medium Download PDF

Info

Publication number
CN113676391A
CN113676391A CN202110945716.9A CN202110945716A CN113676391A CN 113676391 A CN113676391 A CN 113676391A CN 202110945716 A CN202110945716 A CN 202110945716A CN 113676391 A CN113676391 A CN 113676391A
Authority
CN
China
Prior art keywords
node
network
message
tunnel
virtual circuit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110945716.9A
Other languages
Chinese (zh)
Inventor
胡益明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Dimiantong Information Network Co ltd
Original Assignee
Shanghai Dimiantong Information Network Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Dimiantong Information Network Co ltd filed Critical Shanghai Dimiantong Information Network Co ltd
Priority to CN202110945716.9A priority Critical patent/CN113676391A/en
Publication of CN113676391A publication Critical patent/CN113676391A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/004Arrangements for detecting or preventing errors in the information received by using forward error control
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/004Arrangements for detecting or preventing errors in the information received by using forward error control
    • H04L1/0056Systems characterized by the type of code used
    • H04L1/0061Error detection codes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/50Routing or path finding of packets in data switching networks using label swapping, e.g. multi-protocol label switch [MPLS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a data transmission method, a data transmission device, a communication node and a storage medium. The method comprises the following steps: acquiring a message; determining a virtual circuit for forwarding the message according to the virtual circuit identification information of the message; generating a network label according to the forwarding table corresponding to the virtual circuit; and sending the message to a second communication node through a network tunnel according to the network label so as to realize long-distance data transmission, wherein the network tunnel is a routing encapsulation protocol tunnel which encapsulates a label distribution protocol tunnel. The method can realize the cross-region and long-distance data transmission of point-to-point services by utilizing the network tunnel.

Description

Data transmission method, device, communication node and storage medium
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a data transmission method, an apparatus, a communication node, and a storage medium.
Background
In recent years, an Internet Protocol (IP) network has been rapidly developed by virtue of its advantages such as upgrading, expansion, and high flexibility of interworking. Conventional communication networks are limited in the manner of transmission and the type of traffic resulting in relatively poor flexibility.
In the prior art, a traditional communication network, such as a point-to-point ethernet service, can only transmit data within a city range, but cannot transmit data for a long-distance network across regions.
Therefore, how to effectively solve the problem that the point-to-point service cannot realize the cross-region remote data transmission is a technical problem to be solved urgently at present.
Disclosure of Invention
The embodiment of the invention provides a data transmission method, a data transmission device, a communication node and a storage medium, which can realize cross-region remote data transmission of point-to-point services by using a network tunnel.
In a first aspect, an embodiment of the present invention provides a data transmission method, including:
acquiring a message;
determining a virtual circuit for forwarding the message according to the virtual circuit identification information of the message;
generating a network label according to the forwarding table corresponding to the virtual circuit;
and sending the message to a second communication node through a network tunnel according to the network label so as to realize long-distance data transmission, wherein the network tunnel is a routing encapsulation protocol tunnel which encapsulates a label distribution protocol tunnel.
In a second aspect, an embodiment of the present invention further provides a data transmission method, including:
and receiving the message through a network tunnel to realize remote data transmission, wherein the network tunnel is a routing encapsulation protocol tunnel which encapsulates a label distribution protocol tunnel.
In a third aspect, an embodiment of the present invention further provides a data transmission apparatus, including:
the acquisition module is used for acquiring the message;
a determining module, configured to determine a virtual circuit for forwarding the packet according to the virtual circuit identification information of the packet;
the generating module is used for generating a network label according to the forwarding table corresponding to the virtual circuit;
and the sending module is used for sending the message to a second communication node through a network tunnel according to the network label so as to realize long-distance data transmission, and the network tunnel is a routing encapsulation protocol tunnel which encapsulates a label distribution protocol tunnel.
In a fourth aspect, an embodiment of the present invention further provides a data transmission apparatus, including:
and the receiving module is used for receiving the message through a network tunnel to realize remote data transmission, and the network tunnel is a routing encapsulation protocol tunnel which encapsulates a label distribution protocol tunnel.
In a fifth aspect, an embodiment of the present invention further provides a communication node, as a first communication node or a second communication node, including:
one or more processors;
storage means for storing one or more programs;
the one or more programs are executed by the one or more processors, so that the one or more processors are used for implementing the data transmission method in any embodiment of the present invention.
In a sixth aspect, the embodiments of the present invention further provide a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the data transmission method provided in any embodiment of the present invention.
The embodiment of the invention provides a data transmission method, a data transmission device, a communication node and a storage medium, wherein a message is obtained firstly, then a virtual circuit for forwarding the message is determined according to virtual circuit identification information of the message, and finally a network label is generated according to a forwarding table corresponding to the virtual circuit; and sending the message to a second communication node through a network tunnel according to the network label so as to realize long-distance data transmission, wherein the network tunnel is a routing encapsulation protocol tunnel which encapsulates a label distribution protocol tunnel. By using the technical scheme, the point-to-point service can be used for realizing cross-region remote data transmission by using the network tunnel.
Drawings
Fig. 1 is a schematic view of a scene of two-layer point-to-point data transmission in a data transmission method according to a first embodiment of the present invention;
fig. 2 is a flowchart illustrating a data transmission method according to an embodiment of the present invention;
fig. 3 is a flowchart illustrating a data transmission method according to a second embodiment of the present invention;
fig. 4 is a schematic view of a scenario of a data transmission method according to a second embodiment of the present invention;
fig. 5 is a schematic structural diagram of a data transmission device according to a third embodiment of the present invention;
fig. 6 is a schematic structural diagram of a data transmission apparatus according to a fourth embodiment of the present invention;
fig. 7 is a schematic structural diagram of a communication node according to a fifth embodiment of the present invention.
Detailed Description
Embodiments of the present invention will be described in more detail below with reference to the accompanying drawings. While certain embodiments of the present invention are shown in the drawings, it should be understood that the present invention may be embodied in various forms and should not be construed as limited to the embodiments set forth herein, but rather are provided for a more thorough and complete understanding of the present invention. It should be understood that the drawings and the embodiments of the present invention are illustrative only and are not intended to limit the scope of the present invention.
It should be understood that the various steps recited in the method embodiments of the present invention may be performed in a different order and/or performed in parallel. Moreover, method embodiments may include additional steps and/or omit performing the illustrated steps. The scope of the invention is not limited in this respect.
The term "include" and variations thereof as used herein are open-ended, i.e., "including but not limited to". The term "based on" is "based, at least in part, on". The term "one embodiment" means "at least one embodiment"; the term "another embodiment" means "at least one additional embodiment"; the term "some embodiments" means "at least some embodiments". Relevant definitions for other terms will be given in the following description.
It should be noted that the terms "first", "second", and the like in the present invention are only used for distinguishing different devices, modules or units, and are not used for limiting the order or interdependence relationship of the functions performed by the devices, modules or units.
It is noted that references to "a", "an", and "the" modifications in the present invention are intended to be illustrative rather than limiting, and that those skilled in the art will recognize that reference to "one or more" unless the context clearly dictates otherwise.
The names of messages or information exchanged between devices in the embodiments of the present invention are for illustrative purposes only, and are not intended to limit the scope of the messages or information.
Example one
According to the data transmission method provided by the embodiment of the invention, the existing or public network resources can be fully utilized by combining the traditional communication network with the existing broadband internet by utilizing a circuit simulation technology.
Circuit emulation is generally applied in a broadband metropolitan access network or a mobile bearer network, and is used to carry various types of services such as ethernet, Asynchronous Transfer Mode (ATM), time-division multiplexing (TDM), and the like.
Fig. 1 is a schematic view of a scenario of two-layer point-to-point data transmission in a data transmission method according to an embodiment of the present invention, as shown in fig. 1, a network where a company headquarters and a company branch office are located is a conventional communication network, such as an ethernet, an ATM, and a virtual two-layer tunnel is established between a PE1 node, i.e., an operator boundary device node at a sending end, and a PE2 node, i.e., an operator boundary device node at a receiving end, through a circuit simulation technique, so that data transmission between the company headquarters and the company branch office can be achieved through a two-layer tunnel technique. Therefore, the original access mode and the existing broadband internet can be well integrated, and the problem that the traditional communication network is poor in flexibility and cannot carry out cross-regional remote transmission is effectively solved.
Fig. 2 is a flowchart of a data transmission method according to a first embodiment of the present invention, which may be adapted to solve a situation of carrying cross-regional two-tier point-to-point data transmission in the internet, and the method may be executed by a data transmission apparatus, where the apparatus may be implemented by software and/or hardware and is generally integrated on a communication node, where the communication node in this embodiment includes but is not limited to: a first communication node.
As shown in fig. 2, a data transmission method provided in an embodiment of the present invention includes the following steps:
and S110, acquiring the message.
In this embodiment, the first communication node may be a communication node of a sending end, a signaling Protocol of the first communication node may be a Label Distribution Protocol (LDP), and the LDP is a control Protocol of Multi-Protocol Label Switching (MPLS).
The message may be a data unit exchanged and transmitted in the network, the message may include complete data information to be sent, and the length of the message is not limited and may be variable. In this embodiment, the user edge device may obtain the message from the third party, and for example, the user edge device may obtain the message from the third party such as the server, the user lan, and the computer by connecting the user lan, the server, and the computer.
Here, the method of obtaining the message is not limited, and the message may be obtained in other manners, and the above description may be one method of obtaining the message.
And S120, determining a virtual circuit for forwarding the message according to the virtual circuit identification information of the message.
In this embodiment, virtual circuit identification information corresponding to the packet may be obtained according to a header of the packet, where the virtual circuit identification information may be understood as information for identifying a virtual circuit, the virtual circuit identification information may be an Identification (ID) number of the virtual circuit identified by the header of the packet, and the virtual circuit corresponding to the ID number may be determined according to the ID number of the virtual circuit.
The virtual circuit may be one of two transmission modes of packet switching, the virtual circuit is a connection-oriented communication service provided by packet switching communication, and after a logical connection or virtual circuit is established between two nodes or application processes, each packet may be sequentially transmitted between the two nodes.
It can be understood that, after the virtual circuit for forwarding the packet is determined according to the virtual circuit identification information, the packet can be forwarded through the virtual circuit.
And S130, generating a network label according to the forwarding table corresponding to the virtual circuit.
In this embodiment, the packets belonging to the same virtual circuit are forwarded according to a uniform route, each packet is forwarded by an independent router, and the router for forwarding the packet can be determined by a forwarding table.
The network label may be a two-layer MPLS label, and the network label may include two layers of labels, where an inner layer label is a private network label and an outer layer label is a public network label. The public network label is triggered by LDP and used for guiding virtual private network (virtual private networks) data message to be forwarded in MPLS domain, and the private network label is triggered by multicast protocol border gateway protocol and used for guiding VPN data to be forwarded in private network VPN.
And S140, sending the message to a second communication node through a network tunnel according to the network label so as to realize long-distance data transmission.
In this embodiment, after a network Label is marked on a packet, a first layer Label, that is, a private network Label, may be exchanged inside a backbone network, and after the private network Label is marked on the packet, the packet may reach a PE of an opposite end along a Label Switched Path (LSP), and a second layer Label, that is, a public network Label, is used to indicate which CE the packet should reach. Thus, when the message reaches PE, the public network label is stripped, and at this time, the forwarding interface can be found according to the private network label.
It can be understood that the virtual circuit can be identified according to the public network tag in the network tags, and the interface of the network tunnel can be found according to the private network tag, so as to pass through the network tunnel to reach the opposite end.
Wherein the network tunnel is a routing encapsulation protocol tunnel encapsulating a label distribution protocol tunnel. The network tunnel may be a two-layer tunnel, i.e. the outer layer is a routing encapsulation protocol tunnel and the inner layer is a label distribution protocol tunnel. The message can reach the opposite end through the network tunnel, and further long-distance data transmission can be achieved. It can be understood that the virtual circuit can be identified by the private network label in the label distribution protocol tunnel, and the virtual circuit can reach the operator boundary device of the opposite end by the public network label passing through the routing encapsulation protocol tunnel.
In a data transmission method provided in an embodiment of the present invention, a message is first obtained; then, according to the virtual circuit identification information of the message, determining a virtual circuit for forwarding the message; then generating a network label according to the forwarding table corresponding to the virtual circuit; and finally, sending the message to a second communication node through a network tunnel according to the network label so as to realize long-distance data transmission, wherein the network tunnel is a routing encapsulation protocol tunnel which encapsulates a label distribution protocol tunnel. The method can realize the cross-region and long-distance data transmission of the point-to-point service by utilizing the network tunnel.
Further, the first communication node includes a first user boundary device sub-node and a first operator boundary device sub-node, the network tag includes a private network tag and a public network tag, correspondingly, according to the virtual circuit identification information of the packet, a virtual circuit for forwarding the packet is determined, and according to a forwarding table corresponding to the virtual circuit, a network tag is generated, including: sending the message to a first operator boundary equipment sub-node through a first user boundary equipment sub-node and a first optical fiber link; determining a virtual circuit for forwarding the message according to the virtual circuit identification information by the first operator boundary equipment child node; and generating a private network label and a public network label by the first operator boundary equipment child node according to the forwarding table of the virtual circuit.
The first user edge device sub-node may be a routing sub-node in the first communication node, and the first user edge device sub-node may be a user edge device router at the sending end. The first operator edge device sub-node may be a routing sub-node in the first communication node, and the first operator edge device sub-node may be a PE operator edge device router supporting MPLS functionality at the sending end.
In this embodiment, the first communication node may include a first user edge device sub-node and a first operator device sub-node. Specifically, the message may be sent to the first operator boundary device sub-node through the first optical fiber link at the first user boundary device sub-node; the first operator boundary equipment child node can determine a virtual circuit for forwarding the message according to the virtual circuit identification information of the message header; the first operator edge device child node may generate a private network label and a public network label from the forwarding table.
The first optical fiber link may be a local optical fiber link of the transmitting end, and the first optical fiber link may be a local optical fiber between the first user edge device sub-node and the first operator device sub-node.
Further, the sending the packet to the second communication node through the network tunnel according to the network tag includes: identifying the virtual circuit by the first operator boundary equipment child node according to the private network label so that the second communication node determines the corresponding virtual circuit according to the private network label; and sending the message to a second communication node through the network tunnel according to the public network label through the first operator boundary equipment child node.
The second communication node may be a communication node of an opposite end, and in this embodiment, the second communication node may be a communication node of a receiving end.
And determining the corresponding virtual circuit by the second communication node according to the private network label can be understood as determining the virtual circuit corresponding to the message according to the private network label popped up by the system after the message is received by the second communication node.
In this embodiment, the private network label may be used to identify the virtual circuit in the label distribution protocol tunnel, and the public network label may be used to traverse the routing encapsulation protocol tunnel to reach the opposite end.
Further, before the obtaining the packet, the method further includes: establishing a network tunnel between a first operator boundary device sub-node and a second operator boundary device sub-node; establishing a label distribution protocol session between the first operator edge device sub-node and a second operator edge device sub-node in the network tunnel; establishing a virtual circuit between the first operator edge device sub-node and a second operator edge device sub-node.
The second customer edge device sub-node may be a customer edge device router located at the receiving end, and the second operator edge device sub-node may be an operator edge device router supporting the MPLS function located at the receiving end.
It can be understood that, before data transmission is performed between the sending end and the receiving end, a network tunnel may be established, where the network tunnel is located between the first operator boundary device sub-node and the second operator boundary device sub-node, and the first operator boundary device sub-node of the sending end may forward the packet to the second operator boundary device sub-node through the established network tunnel. After establishing the label distribution protocol session between the first operator edge device sub-node and the second operator edge device sub-node, a virtual circuit between the first operator edge device sub-node and the second operator edge device sub-node may be established.
For example, establishing a virtual circuit between a first operator edge device sub-node and a second operator edge device sub-node may include:
1. and the first operator boundary equipment child node sends a Request and a Mapping message to the second operator boundary equipment child node, wherein the Mapping message carries a private network label of a home terminal and related attributes.
2. And after receiving the Request sent by the first operator boundary equipment child node, the second operator boundary equipment child node triggers the second operator boundary equipment child node to send a Mapping message to the first operator boundary equipment child node.
3. The second operator boundary device sub-node receives the Mapping message to check whether the same virtual circuit is configured locally, and if the negotiation results such as enable and the like of the locally configured virtual circuit parameters are consistent, the second operator boundary device sub-node can set the state of the virtual circuit of the local terminal to be an UP state.
4. After receiving the Mapping message of the second operator boundary device child node, the first operator boundary device child node needs to check the locally configured virtual circuit parameters, and if the circuit parameters at the two ends are consistent, the first operator boundary device child node can set the state of the local virtual circuit to be the UP state.
At this time, the dynamic virtual circuit between the first operator boundary device sub-node and the second operator boundary device sub-node is established. After the virtual circuit is established, the first operator edge device sub-node and the second operator edge device sub-node can notify each other of the states through Notification messages.
Further, the network tunnel includes a network security protocol tunnel, and the security protocol tunnel is used for protecting the security of the packet when the packet is sent to the second communication node through the network tunnel.
It should be noted that the network security Protocol tunnel may be a tunnel established between two devices through some network security protocols, for example, the network security Protocol tunnel may be a tunnel of an ipsec (internet Protocol security) Protocol, and the packet is forwarded through the network security Protocol tunnel to protect the security of the data.
In this embodiment, the network security protocol tunnel may ensure the secure transmission of the user service data in the internet from the following aspects through encryption, authentication, and the like:
1. data, namely message source verification: the receiving end can verify whether the identity of the sending end is legal or not.
2. Data encryption: the sender encrypts the data and transmits the data on the internet in a ciphertext mode, and the receiver can process the data or forward the data after decrypting the received encrypted data.
3. Data integrity: the receiving end verifies the received data to judge whether the data is tampered.
4. Anti-replay: the receiving end refuses to receive the old or repeated data packet, and in this way, the malicious user attacks by repeatedly sending the captured datagram.
Further, the data transmission method further includes: the integrity of message transmission is ensured through a wide area network optimization technology; the method for ensuring the integrity of message transmission through the wide area network optimization technology comprises the following steps: coding and generating a redundant packet of the message based on an original packet of the message according to a preset algorithm at a first communication node; sending the redundant packet and the original packet to a second communication node; and the second communication node decodes the original packet and the redundant packet to recover the lost packet.
The Wide Area Network (WAN) optimization is to improve the performance of an application or a Wide Area Network (WAN) by using technologies such as stream reduction, stream compression, stream caching, and protocol acceleration.
The Forward Error Correction (FEC) in the wide area network optimization may optimize packet loss by configuring a flow policy. The forward error correction code intercepts the appointed data stream through stream classification, adds a redundant packet carrying check information, and checks at a receiving end. If packet loss or message damage occurs in the network, the message is restored through the redundant packet. The forward error correction code optimization technology can be used for generating a redundant packet by encoding according to a preset algorithm, such as an RS (Reed-Solomon) algorithm, on the basis of an original packet at a transmitting end, transmitting both the original packet and the redundant packet to a link, and decoding and recovering packet loss at a receiving end according to an actually received data packet.
Specifically, the process of ensuring the integrity of the message transmission by using the wide area network optimization technology is as follows:
1. a Customer Premise Equipment (CPE) at a sending end receives a packet from a local area network side, and performs packet loss resistance optimization on traffic to be optimized, which is specified by flow classification on a control tunnel, for example, an Ethernet VPN tunnel.
2. And accumulating a plurality of original messages as an encoding block by the CPE at the transmitting end, and carrying out FEC encoding on the original messages in the encoding block to generate an FEC redundant packet. The encoding side may generate a plurality of redundant packets for the plurality of packets according to an encoding matrix algorithm.
3. And the CPE of the sending end encapsulates the FEC private header to the original message and sends the packet.
4. When a message is transmitted in a network, packet loss can occur in both the message and the redundant packet in the coding block.
5. The CPE at the receiving end may receive the data packet from the network, detect packet loss information, and strip off the private header of the data packet.
6. And the receiving end carries out FEC decoding, calculates a decoding matrix according to the coding matrix, the actually received packet and the FEC redundant packet, and decodes the lost original packet according to the decoding matrix, the received original packet and the received redundant packet. As long as the packet loss number in a coding block does not exceed the redundant packet number, the packet loss in the coding block can be recovered.
7. And the CPE of the receiving end sends a packet to the local area network side of the receiving end and sends the error-corrected messages to the receiving end in sequence.
Example two
Fig. 3 is a flowchart of a data transmission method according to a second embodiment of the present invention, which may be adapted to solve a situation of carrying cross-regional two-tier point-to-point data transmission in the internet, and the method may be executed by a data transmission apparatus, where the apparatus may be implemented by software and/or hardware and is generally integrated on a communication node, where the communication node in this embodiment includes but is not limited to: a second communication node.
As shown in fig. 3, a data transmission method provided by the second embodiment of the present invention includes the following steps:
s210, receiving the message through a network tunnel to realize long-distance data transmission, wherein the network tunnel is a routing encapsulation protocol tunnel which encapsulates a label distribution protocol tunnel.
In this embodiment, the message may be a two-layer ethernet message. The second communication node may be a communication node of the receiving end, and the signaling protocol of the second communication node may be an MPLS LDP protocol. The second communication node can receive the message sent by the opposite terminal through the network tunnel, thereby realizing the remote transmission of data.
Further, the second communication node includes a second user edge device sub-node and a second operator edge device sub-node, and the receiving the packet through the network tunnel includes: receiving the message through the second operator boundary equipment child node and the network tunnel, and acquiring a private network label; determining a virtual circuit corresponding to the private network label through the second operator boundary device child node; determining a second optical fiber link for forwarding the message according to the virtual circuit identification information by the second operator boundary equipment child node; forwarding the packet to the second user edge device node through the second operator edge device sub-node and the second optical fiber link.
The second user edge device sub-node may be a sub-node in the second communication node, and the second user edge device sub-node may be a user edge device router located at the receiving end. The second operator edge device sub-node may be a sub-node in the second communication node, and the second operator edge device sub-node may be a PE operator edge device router supporting MPLS functionality at the receiving end. The second optical fiber link may be a local optical fiber at the receiving end, and the second optical fiber link may be an optical fiber link between a second user edge device sub-node and a second operator edge device sub-node.
Specifically, the receiving, by the second communication node, the packet through the network tunnel may include: the second operator boundary device sub-node receives the message through the network tunnel, the second operator boundary device sub-node can determine a virtual circuit corresponding to a private network label according to the private network label popped up by the system, the second operator boundary device sub-node selects an optical fiber link for forwarding the message, and the second operator boundary device sub-node forwards the stripes to the second user boundary device node through the optical fiber link.
The data transmission method provided by the second embodiment of the invention can realize remote data transmission by receiving the message through the network tunnel, and can realize cross-regional remote data transmission of point-to-point services by utilizing the network tunnel.
Fig. 4 is a scene schematic diagram of a data transmission method according to a second embodiment of the present invention, and as shown in fig. 4, when the headquarters of the company a transmits data, that is, sends a message, to the branch office of the company a, the headquarters of the company a serves as a sending end, and the branch office of the company a serves as a receiving end. Sending a second-layer Ethernet message at a sending end through a CE1 (a first user boundary equipment sub-node), and accessing a PE1 (a first operator boundary equipment sub-node) through a local optical fiber access (a first optical fiber link); after receiving the message, the PE1 selects a virtual circuit for forwarding the message, and the PE1 generates a two-layer MPLS label, i.e., a network label, according to a forwarding table entry of the virtual circuit, where the private network label is used to identify the virtual circuit, and the public network label is used to traverse a Routing Encapsulation protocol (GRE) tunnel, i.e., a Routing Encapsulation protocol tunnel, to reach the PE2, i.e., a second operator boundary device child node; after the message passes through Ldp over GRE over IPSec, namely a network tunnel, and reaches PE2, a private network label is popped up by the system; the PE2 selects the optical fiber link for forwarding the packet, i.e., the second optical fiber link, and forwards the received packet to the CE2, i.e., the second operator edge device child node.
The data transmission method provided by the embodiment of the invention mainly solves the technical scheme that a special line is used for bearing cross-regional two-layer point-to-point data in the internet, and compared with the traditional point-to-point service or Software Defined Wide Area Network (SD-WAN) product, the technical scheme has the following advantages:
1. the two-layer point-to-point data special line service of an enterprise can be well constructed by utilizing the existing optical fiber width network by deploying the two-layer point-to-point data special line service by utilizing the Internet. And the SD-WAN can only realize three-layer service penetration, needs to carry the intranet IP address of a user, has large workload, brings inconvenience to the service of the user and the like.
2. Compared with the traditional Ethernet service, the method can be used for the existing broadband Internet infrastructure to bear the two-layer network technology, and saves the investment of newly laid optical fiber communication. In addition, the traditional Ethernet can only realize data transmission within a city range, can not carry out trans-regional remote data transmission, and the scheme can carry out remote data transmission.
3. The traditional MPLS LDP tunnel can not encrypt the data in the channel, so that the data is easy to steal, and the scheme not only supports the encryption of the data of the user application layer, but also can encrypt the two-layer tunnel outside the GRE tunnel through the IPSEC protocol, so that the data security level of the user is higher.
4. The scheme adopts wide area wireless network optimization technology to ensure the service quality of end-to-end data transmission and avoids the problem of packet loss in the data transmission process.
EXAMPLE III
Fig. 5 is a schematic structural diagram of a data transmission apparatus according to a third embodiment of the present invention, which is applicable to solve the problem of carrying cross-regional two-tier point-to-point data transmission in the internet, wherein the apparatus can be implemented by software and/or hardware and is generally integrated on a first communication node.
As shown in fig. 5, the apparatus includes: an acquisition module 510, a determination module 520, a generation module 530, and a transmission module 540.
An obtaining module 510, configured to obtain a message by a user;
a determining module 520, configured to determine a virtual circuit for forwarding the packet according to the virtual circuit identifier information of the packet;
a generating module 530, configured to generate a network tag according to the forwarding table corresponding to the virtual circuit;
a sending module 540, configured to send the packet to a second communication node through a network tunnel according to the network tag, so as to implement remote data transmission, where the network tunnel is a routing encapsulation protocol tunnel in which a tag distribution protocol tunnel is encapsulated.
In this embodiment, the apparatus first passes through an acquisition module 510; secondly, determining a virtual circuit for forwarding the message according to the virtual circuit identification information of the message by a determining module 520; then, a network tag is generated by a generating module 530 according to the forwarding table corresponding to the virtual circuit; and finally, the sending module 540 sends the message to a second communication node through a network tunnel according to the network tag, so as to realize long-distance data transmission.
The embodiment provides a data transmission device, which can realize cross-region and long-distance data transmission of point-to-point services by using a network tunnel.
Further, the first communication node includes a first user boundary device sub-node and a first operator boundary device sub-node, the network tag includes a private network tag and a public network tag, correspondingly, according to the virtual circuit identification information of the packet, a virtual circuit for forwarding the packet is determined, and according to a forwarding table corresponding to the virtual circuit, a network tag is generated, including: sending the message to a first operator boundary equipment sub-node through a first user boundary equipment sub-node and a first optical fiber link; determining a virtual circuit for forwarding the message according to the virtual circuit identification information by the first operator boundary equipment child node; and generating a private network label and a public network label by the first operator boundary equipment child node according to the forwarding table of the virtual circuit.
Further, the sending module 540 is specifically configured to identify the virtual circuit according to the private network tag by the first operator boundary device child node, so that the second communication node determines the corresponding virtual circuit according to the private network tag; and sending the message to a second communication node through the network tunnel according to the public network label through the first operator boundary equipment child node.
Further, before the obtaining the packet, the method further includes: establishing a network tunnel between a first operator boundary device sub-node and a second operator boundary device sub-node; establishing a label distribution protocol session between the first operator edge device sub-node and a second operator edge device sub-node in the network tunnel; establishing a virtual circuit between the first operator edge device sub-node and a second operator edge device sub-node.
Further, the network tunnel includes a network security protocol tunnel, and the security protocol tunnel is used for protecting the security of the packet when the packet is sent to the second communication node through the network tunnel.
Furthermore, the integrity of message transmission is ensured through a wide area network optimization technology; the method for ensuring the integrity of message transmission through the wide area network optimization technology comprises the following steps: coding and generating a redundant packet of the message based on an original packet of the message according to a preset algorithm at a first communication node; sending the redundant packet and the original packet to a second communication node; and the second communication node decodes the original packet and the redundant packet to recover the lost packet.
The data transmission device can execute the data transmission method provided by any embodiment of the invention, and has corresponding functional modules and beneficial effects of the execution method.
Example four
Fig. 6 is a schematic structural diagram of a data transmission apparatus according to a fourth embodiment of the present invention, which is applicable to solve the problem of carrying cross-regional two-tier point-to-point data transmission in the internet, wherein the apparatus can be implemented by software and/or hardware and is generally integrated on a second communication node.
As shown in fig. 6, the apparatus includes: and a receiving end 610.
The receiving module 610 is configured to receive a packet through a network tunnel to implement remote data transmission, where the network tunnel is a routing encapsulation protocol tunnel in which a label distribution protocol tunnel is encapsulated.
In this embodiment, the apparatus receives a packet through a network tunnel by using the receiving module 610, so as to implement remote data transmission, where the network tunnel is a routing encapsulation protocol tunnel encapsulating a label distribution protocol tunnel.
The embodiment provides a data transmission device, which can realize cross-region and long-distance data transmission of point-to-point services by using a network tunnel.
Further, the second communication node includes a second user edge device sub-node and a second operator edge device sub-node, and the receiving the packet through the network tunnel includes: receiving the message through the second operator boundary equipment child node and the network tunnel, and acquiring a private network label; determining a virtual circuit corresponding to the private network label through the second operator boundary device child node; determining a second optical fiber link for forwarding the message according to the virtual circuit identification information by the second operator boundary equipment child node; forwarding the packet to the second user edge device node through the second operator edge device sub-node and the second optical fiber link.
The data transmission device can execute the data transmission method provided by any embodiment of the invention, and has corresponding functional modules and beneficial effects of the execution method.
EXAMPLE five
Fig. 7 is a schematic structural diagram of a communication node according to a fifth embodiment of the present invention. As shown in fig. 7, a communication node according to a fifth embodiment of the present invention includes: one or more processors 71 and storage 72; the processor 71 in the communication node may be one or more, and fig. 7 exemplifies one processor 71; the storage device 72 is used to store one or more programs; the one or more programs are executed by the one or more processors 71, so that the one or more processors 71 implement the data transmission method according to any one of the embodiments of the present invention.
The communication node may further include: an input device 73 and an output device 74.
The processor 71, the storage means 72, the input means 73 and the output means 74 in the communication node may be connected by a bus or other means, which is exemplified in fig. 7.
The storage device 72 in the communication node is used as a computer-readable storage medium for storing one or more programs, which may be software programs, computer-executable programs, and modules, such as program instructions/modules corresponding to the data transmission method provided in one or two embodiments of the present invention (for example, the modules in the data transmission device shown in fig. 5 include the obtaining module 510, the determining module 520, the generating module 530, and the sending module 540, and the modules in the data transmission device shown in fig. 6 include the receiving module 610). The processor 71 executes various functional applications of the communication node and data processing by executing software programs, instructions and modules stored in the storage device 72, namely, implements the method in the above-described method embodiment.
The storage device 72 may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created according to use of the communication node, and the like. Further, the storage device 72 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid state storage device. In some examples, the storage 72 may further include memory located remotely from the processor 71, which may be connected to the device over a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The input device 73 may be used to receive entered numeric or character information and to generate key signal inputs relating to user settings and function control of the communication node. The output device 74 may include a display device such as a display screen.
And, when the one or more programs included in the above communication node are executed by the one or more processors 71, the programs perform operations corresponding to the first communication node or perform operations corresponding to the second communication node.
And executing the operation corresponding to the first communication node, wherein the operation comprises the following steps:
acquiring a message;
determining a virtual circuit for forwarding the message according to the virtual circuit identification information of the message;
generating a network label according to the forwarding table corresponding to the virtual circuit;
and sending the message to a second communication node through a network tunnel according to the network label so as to realize long-distance data transmission, wherein the network tunnel is a routing encapsulation protocol tunnel which encapsulates a label distribution protocol tunnel.
And executing the operation corresponding to the second communication node, wherein the operation comprises the following steps:
and receiving the message through a network tunnel to realize remote data transmission, wherein the network tunnel is a routing encapsulation protocol tunnel which encapsulates a label distribution protocol tunnel.
EXAMPLE seven
An embodiment of the present invention provides a computer-readable storage medium, on which a computer program is stored, which, when executed by a processor, is configured to perform a data transmission method.
A data transmission method as applied to a first communication node, the method comprising:
acquiring a message;
determining a virtual circuit for forwarding the message according to the virtual circuit identification information of the message;
generating a network label according to the forwarding table corresponding to the virtual circuit;
and sending the message to a second communication node through a network tunnel according to the network label so as to realize long-distance data transmission, wherein the network tunnel is a routing encapsulation protocol tunnel which encapsulates a label distribution protocol tunnel.
A data transmission method as applied to a second communications node, the method comprising:
and receiving the message through a network tunnel to realize remote data transmission, wherein the network tunnel is a routing encapsulation protocol tunnel which encapsulates a label distribution protocol tunnel.
Optionally, the program, when executed by the processor, may be further configured to perform the data transmission method provided in any embodiment of the present invention.
Computer storage media for embodiments of the invention may employ any combination of one or more computer-readable media. The computer readable medium may be a computer readable signal medium or a computer readable storage medium. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a Read Only Memory (ROM), an Erasable Programmable Read Only Memory (EPROM), a flash Memory, an optical fiber, a portable CD-ROM, an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. A computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
A computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take a variety of forms, including, but not limited to: an electromagnetic signal, an optical signal, or any suitable combination of the foregoing. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, Radio Frequency (RF), etc., or any suitable combination of the foregoing.
Computer program code for carrying out operations for aspects of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
It is to be noted that the foregoing is only illustrative of the preferred embodiments of the present invention and the technical principles employed. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present invention has been described in greater detail by the above embodiments, the present invention is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present invention, and the scope of the present invention is determined by the scope of the appended claims.

Claims (12)

1. A data transmission method, applied to a first communication node, comprising:
acquiring a message;
determining a virtual circuit for forwarding the message according to the virtual circuit identification information of the message;
generating a network label according to the forwarding table corresponding to the virtual circuit;
and sending the message to a second communication node through a network tunnel according to the network label so as to realize long-distance data transmission, wherein the network tunnel is a routing encapsulation protocol tunnel which encapsulates a label distribution protocol tunnel.
2. The method of claim 1, wherein the first communication node comprises a first user edge device sub-node and a first operator edge device sub-node, the network label comprises a private network label and a public network label, and accordingly, the method determines a virtual circuit for forwarding the packet according to the virtual circuit identification information of the packet, and generates the network label according to a forwarding table corresponding to the virtual circuit, comprising:
sending the message to a first operator boundary equipment sub-node through a first user boundary equipment sub-node and a first optical fiber link;
determining a virtual circuit for forwarding the message according to the virtual circuit identification information by the first operator boundary equipment child node;
and generating a private network label and a public network label by the first operator boundary equipment child node according to the forwarding table of the virtual circuit.
3. The method of claim 2, wherein the tunneling the packet to the second communication node according to the network label comprises:
identifying the virtual circuit by the first operator boundary equipment child node according to the private network label so that the second communication node determines the corresponding virtual circuit according to the private network label;
and sending the message to a second communication node through the network tunnel according to the public network label through the first operator boundary equipment child node.
4. The method of claim 1, further comprising, prior to said obtaining the packet:
establishing a network tunnel between a first operator boundary device sub-node and a second operator boundary device sub-node;
establishing a label distribution protocol session between the first operator edge device sub-node and a second operator edge device sub-node in the network tunnel;
establishing a virtual circuit between the first operator edge device sub-node and a second operator edge device sub-node.
5. The method of claim 1, wherein the network tunnel comprises a network security protocol tunnel, and wherein the security protocol tunnel is configured to protect security of the packet when the packet is sent to the second communication node through the network tunnel.
6. The method of claim 1, further comprising: the integrity of message transmission is ensured through a wide area network optimization technology;
the method for ensuring the integrity of message transmission through the wide area network optimization technology comprises the following steps:
coding and generating a redundant packet of the message based on an original packet of the message according to a preset algorithm at a first communication node;
sending the redundant packet and the original packet to a second communication node;
and the second communication node decodes the original packet and the redundant packet to recover the lost packet.
7. A data transmission method, applied to a second communication node, comprising:
and receiving the message through a network tunnel to realize remote data transmission, wherein the network tunnel is a routing encapsulation protocol tunnel which encapsulates a label distribution protocol tunnel.
8. The method of claim 7, wherein the second communication node comprises a second user edge device sub-node and a second operator edge device sub-node, and wherein receiving the packet through the network tunnel comprises:
receiving the message through the second operator boundary equipment child node and the network tunnel, and acquiring a private network label;
determining a virtual circuit corresponding to the private network label through the second operator boundary device child node;
determining a second optical fiber link for forwarding the message according to the virtual circuit identification information by the second operator boundary equipment child node;
forwarding the packet to the second user edge device node through the second operator edge device sub-node and the second optical fiber link.
9. A data transmission apparatus, comprising:
the acquisition module is used for acquiring the message;
a determining module, configured to determine a virtual circuit for forwarding the packet according to the virtual circuit identification information of the packet;
the generating module is used for generating a network label according to the forwarding table corresponding to the virtual circuit;
and the sending module is used for sending the message to a second communication node through a network tunnel according to the network label so as to realize long-distance data transmission, and the network tunnel is a routing encapsulation protocol tunnel which encapsulates a label distribution protocol tunnel.
10. A data transmission apparatus, comprising:
and the receiving module is used for receiving the message through a network tunnel to realize remote data transmission, and the network tunnel is a routing encapsulation protocol tunnel which encapsulates a label distribution protocol tunnel.
11. A communication node, being a first communication node or a second communication node, comprising:
one or more processors;
storage means for storing one or more programs;
the one or more programs are executable by the one or more processors to cause the one or more processors to perform the data transmission method of any of claims 1-8.
12. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the data transmission method according to any one of claims 1 to 8.
CN202110945716.9A 2021-08-16 2021-08-16 Data transmission method, device, communication node and storage medium Pending CN113676391A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110945716.9A CN113676391A (en) 2021-08-16 2021-08-16 Data transmission method, device, communication node and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110945716.9A CN113676391A (en) 2021-08-16 2021-08-16 Data transmission method, device, communication node and storage medium

Publications (1)

Publication Number Publication Date
CN113676391A true CN113676391A (en) 2021-11-19

Family

ID=78543389

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110945716.9A Pending CN113676391A (en) 2021-08-16 2021-08-16 Data transmission method, device, communication node and storage medium

Country Status (1)

Country Link
CN (1) CN113676391A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114422431A (en) * 2021-12-23 2022-04-29 网络通信与安全紫金山实验室 Network tunnel configuration method and device, computer equipment and storage medium
CN115276720A (en) * 2022-09-26 2022-11-01 北京智芯半导体科技有限公司 High-speed carrier data transmission device and method and electronic equipment
CN118264617A (en) * 2024-05-31 2024-06-28 济南浪潮数据技术有限公司 Method, system, equipment and storage medium for transmitting data of overlay network

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1507230A (en) * 2002-12-10 2004-06-23 ��Ϊ�������޹�˾ Method of realizing special multiple-protocol label exchanging virtual network
US20050018605A1 (en) * 2002-07-22 2005-01-27 Richard Foote Multiprotocol label switching (MPLS) edge service extraction
CN101645836A (en) * 2009-08-25 2010-02-10 杭州华三通信技术有限公司 Packet transmission method and device in multi-protocol label switching network
CN103685022A (en) * 2012-09-17 2014-03-26 杭州华三通信技术有限公司 Message forwarding method and service provider network edge equipment

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050018605A1 (en) * 2002-07-22 2005-01-27 Richard Foote Multiprotocol label switching (MPLS) edge service extraction
CN1507230A (en) * 2002-12-10 2004-06-23 ��Ϊ�������޹�˾ Method of realizing special multiple-protocol label exchanging virtual network
CN101645836A (en) * 2009-08-25 2010-02-10 杭州华三通信技术有限公司 Packet transmission method and device in multi-protocol label switching network
CN103685022A (en) * 2012-09-17 2014-03-26 杭州华三通信技术有限公司 Message forwarding method and service provider network edge equipment

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114422431A (en) * 2021-12-23 2022-04-29 网络通信与安全紫金山实验室 Network tunnel configuration method and device, computer equipment and storage medium
CN114422431B (en) * 2021-12-23 2023-11-28 网络通信与安全紫金山实验室 Network tunnel configuration method, device, computer equipment and storage medium
CN115276720A (en) * 2022-09-26 2022-11-01 北京智芯半导体科技有限公司 High-speed carrier data transmission device and method and electronic equipment
CN115276720B (en) * 2022-09-26 2023-01-20 北京智芯半导体科技有限公司 High-speed carrier data transmission device and method and electronic equipment
CN118264617A (en) * 2024-05-31 2024-06-28 济南浪潮数据技术有限公司 Method, system, equipment and storage medium for transmitting data of overlay network

Similar Documents

Publication Publication Date Title
US10356054B2 (en) Method for establishing a secure private interconnection over a multipath network
CN113676391A (en) Data transmission method, device, communication node and storage medium
US11595359B2 (en) Method for establishing a secure private interconnection over a multipath network
US8555056B2 (en) Method and system for including security information with a packet
US7724732B2 (en) Secure multipoint internet protocol virtual private networks
CN103188351B (en) IPSec VPN traffic method for processing business and system under IPv6 environment
CN104283701A (en) Method, system and device for issuing configuration information
WO2009012688A1 (en) Method, system and apparatus for forwarding message in three-layer virtual private network
CN110858822B (en) Media access control security protocol message transmission method and related device
WO2017211164A1 (en) Method, apparatus, and system for determining inter-as label switched path tunnel
CN110752979B (en) Tunnel transmission method, device and network equipment of message
CN113726795B (en) Message forwarding method and device, electronic equipment and readable storage medium
US9106618B2 (en) Control plane encryption in IP/MPLS networks
CN114844730A (en) Network system constructed based on trusted tunnel technology
CN107135152B (en) Security reinforcing method for transmitting key information in packet transport network
CN114915583A (en) Message processing method, client device, server device, and medium
CN101741552A (en) Message transmitting method, equipment and system
CN105635154A (en) Flexible MACSec message encryption and authentication implementation method and device on chip
CN113556273A (en) Data transmission method of three-network cloud intercommunication system
JP6371399B2 (en) Interface parameter synchronization method and apparatus
CN114338116B (en) Encryption transmission method and device and SD-WAN network system
CN111866865B (en) Data transmission method, 5G private network establishment method and system
Zhang et al. Application research of MPLS VPN all-in-one campus card network based on IPSec
CN113965462A (en) Service transmission method, device, network equipment and storage medium
US20210092103A1 (en) In-line encryption of network data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20211119