CN114422431B - Network tunnel configuration method, device, computer equipment and storage medium - Google Patents

Network tunnel configuration method, device, computer equipment and storage medium Download PDF

Info

Publication number
CN114422431B
CN114422431B CN202111588414.7A CN202111588414A CN114422431B CN 114422431 B CN114422431 B CN 114422431B CN 202111588414 A CN202111588414 A CN 202111588414A CN 114422431 B CN114422431 B CN 114422431B
Authority
CN
China
Prior art keywords
user equipment
tunnel
operator
equipment
coloring
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202111588414.7A
Other languages
Chinese (zh)
Other versions
CN114422431A (en
Inventor
苗青
王磊
张晨
黄韬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Network Communication and Security Zijinshan Laboratory
Original Assignee
Network Communication and Security Zijinshan Laboratory
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Network Communication and Security Zijinshan Laboratory filed Critical Network Communication and Security Zijinshan Laboratory
Priority to CN202111588414.7A priority Critical patent/CN114422431B/en
Publication of CN114422431A publication Critical patent/CN114422431A/en
Application granted granted Critical
Publication of CN114422431B publication Critical patent/CN114422431B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/302Route determination based on requested QoS
    • H04L45/306Route determination based on the nature of the carried application
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/24Traffic characterised by specific attributes, e.g. priority or QoS
    • H04L47/2425Traffic characterised by specific attributes, e.g. priority or QoS for supporting services specification, e.g. SLA
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation
    • H04L47/82Miscellaneous aspects
    • H04L47/825Involving tunnels, e.g. MPLS
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • H04W76/12Setup of transport tunnels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • H04W76/15Setup of multiple wireless link connections

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The application relates to a network tunnel configuration method, a network tunnel configuration device, a computer device, a storage medium and a computer program product. The method comprises the following steps: when the network tunnel is a tunnel from user equipment to operator equipment, configuring a flow strategy at an input interface of a coloring private network route of the user equipment, configuring an output interface as a GRE tunnel, configuring a corresponding flow strategy at the input interface of the coloring private network route of the operator equipment, and configuring the output interface as an SR tunnel; when the network tunnel is a tunnel from the operator equipment to the user equipment, configuring a strategy for generating an END.DT4C type SID at a coloring private network route of the operator equipment, wherein D is a decapsulation of a message, and T4C is a coloring private network route for inquiring IPV 4; the colored private network routing at the user equipment configures a GRE tunnel from the user equipment to the operator equipment. By adopting the method, the end-to-end communication of the first user equipment and the second user equipment can be realized.

Description

Network tunnel configuration method, device, computer equipment and storage medium
Technical Field
The present application relates to the field of network communications technologies, and in particular, to a network interworking method, a device, a computer device, and a storage medium.
Background
In a SDWAN (Software-Defined WAN) scenario, a micro service controller framework may be introduced, through which an end-to-end optimal forwarding path is opened between CPEs (Customer Provide Edge, user-side devices): a GRE (Generic Routing Encapsulation ) tunnel (GRE over IPSec (Internet Protocol Security entensions, IP protocol security extension) tunnel, if any, is deployed between CPE and VPE (Virtual Provide Edge, virtual PE device), and a controller computes an optimal SR (Segment Routing, source Routing mechanism) tunnel between VPEs (Virtual Private Network ). However, there is a problem with SR and GRE tunneling interworking in the end-to-end path. In the related art, CISCO proposes a series of standards for the problem of SR and LDP (Label Distribution Protocol ) tunnel interworking, but these standards are not applicable to SDWAN scenarios.
Disclosure of Invention
In view of the foregoing, it is desirable to provide a network tunnel configuration method, apparatus, computer device, and storage medium capable of end-to-end communication between a first user device and a second user device.
In a first aspect, the present application provides a network tunnel configuration method, which includes:
when the network tunnel is a tunnel from the user equipment to the operator equipment, configuring a flow strategy at an input interface of the coloring private network route of the user equipment, configuring an output interface as a GRE tunnel, configuring a corresponding flow strategy at the input interface of the coloring private network route of the operator equipment, and configuring the output interface as an SR tunnel;
when the network tunnel is a tunnel from the operator equipment to the user equipment, configuring a strategy for generating an end.DT4C type SID at a coloring private network route of the operator equipment, wherein D is a decapsulation of the message, and T4C is a coloring private network route for inquiring IPV 4; the colored private network routing at the user equipment configures a GRE tunnel from the user equipment to the operator equipment.
In a second aspect, the present application provides a network tunnel establishment method, which includes:
determining a first user equipment and a second user equipment of a message;
calculating an optimal path from the first user equipment to the second user equipment, wherein the optimal path comprises GRE tunnels between the first user equipment and the operator equipment, SR tunnels between the operator equipment and GRE tunnels between the operator equipment and the second user equipment;
According to the network tunnel configuration method in any one of the embodiments, network tunnel configuration is performed on the GRE tunnel between the first user equipment and the operator equipment and the GRE tunnel between the operator equipment and the second user equipment.
In one embodiment, the method further comprises:
and configuring the SR tunnel among the operator equipment.
In one embodiment, before determining the first user equipment and the second user equipment of the message, the method includes:
acquiring all user equipment and operator equipment of a current access network, and generating a network topology graph according to all user equipment and operator equipment;
calculating an optimal path from a first user device to a second user device, comprising:
according to the network topology, an optimal path from the first user equipment to the second user equipment is calculated.
In a third aspect, the present application further provides a network traffic sending method, where the method includes:
based on any one of the above network tunnel establishment methods, establishing a network tunnel between the first user equipment and the second user equipment;
and when the first user equipment receives the service flow to be sent to the second user equipment, sending the service flow received by the first user equipment to the second user equipment according to the established network tunnel.
In one embodiment, sending the traffic received by the first ue to the second ue according to the established network tunnel includes:
forwarding the service traffic received by the first user equipment to the operator equipment according to a pre-configured flow strategy;
forwarding the service traffic received by the operator equipment among the operator equipment according to a pre-configured SR tunnel strategy;
and sending the service flow received by the last operator equipment to the second user equipment according to the strategy of the pre-configured generated end.DT4C type SID.
In one embodiment, forwarding traffic received by the first user device to the operator device according to a pre-configured flow policy comprises:
and matching the service traffic received by the first user equipment with a pre-configured flow strategy to determine a corresponding coloring private network route of the first user equipment, and transmitting the service traffic to the operator equipment through the GRE tunnel by the coloring private network route of the first user equipment.
In one embodiment, after forwarding the traffic received by the first user equipment to the operator equipment according to a pre-configured flow policy, the method comprises:
analyzing the service traffic received by the operator equipment to obtain an input interface of a coloring private network route of the operator equipment, obtaining a flow strategy of the input interface of the coloring private network route of the operator equipment to color the service traffic again, inquiring the coloring private network route of the operator equipment according to a coloring result, and forwarding the service traffic among the operator equipment according to an SR tunnel configured by an output interface of the coloring private network route of the operator equipment.
In one embodiment, forwarding traffic received by an operator device between operator devices according to a pre-configured SR tunnel policy includes:
and acquiring the SID of the service flow received by the operator equipment, and forwarding the service flow according to the outlet interface designated by the SID until the last operator equipment is reached.
In one embodiment, sending the traffic received by the last operator device to the second user device according to the policy of the end.dt4c type SID generated in advance comprises:
and acquiring the received service flow of the last operator equipment, identifying the END.DT4C type SID in the service flow, re-coloring the service flow according to the SID, inquiring the coloring private network route of the operator equipment corresponding to the coloring result, and forwarding the service flow to the GRE tunnel according to the coloring private network route of the operator equipment.
In one embodiment, the method further comprises:
and acquiring the service flow received by the second user equipment, processing the service flow, and forwarding the service flow through a private network route of the second user equipment.
In a fourth aspect, the present application further provides a network tunnel configuration device, where the device includes:
The SR tunnel configuration module is used for configuring a flow strategy at an input interface of the coloring private network route of the user equipment when the network tunnel is a tunnel from the user equipment to the operator equipment, configuring an output interface as a GRE tunnel, configuring a corresponding flow strategy at the input interface of the coloring private network route of the operator equipment, and configuring the output interface as an SR tunnel;
the GRE tunnel configuration module is used for configuring a strategy for generating an END.DT4C type SID at a coloring private network route of the operator equipment when the network tunnel is a tunnel from the operator equipment to the user equipment, wherein D is the decapsulation of the message, and T4C is the coloring private network route for inquiring IPV 4; the colored private network routing at the user equipment configures a GRE tunnel from the user equipment to the operator equipment.
In a fifth aspect, the present application further provides a network tunnel establishment apparatus, which includes:
the message determining module is used for determining a first user equipment and a second user equipment of the message;
the optimal path calculation module is used for calculating an optimal path from the first user equipment to the second user equipment, wherein the optimal path comprises GRE tunnels between the first user equipment and the operator equipment, SR tunnels between the operator equipment and GRE tunnels between the operator equipment and the second user equipment;
And the tunnel configuration module is used for carrying out network tunnel configuration on the GRE tunnel between the first user equipment and the operator equipment and the GRE tunnel between the operator equipment and the second user equipment according to the network tunnel configuration method in any one of the embodiments.
In a sixth aspect, the present application further provides a network traffic sending apparatus, where the apparatus includes:
the network tunnel establishment module is configured to establish a network tunnel between the first user equipment and the second user equipment based on the network tunnel establishment method in any one of the above embodiments;
and the traffic forwarding module is used for sending the traffic received by the first user equipment to the second user equipment according to the established network tunnel when the first user equipment receives the traffic to be sent to the second user equipment.
In a seventh aspect, the present application also provides a computer device comprising a memory storing a computer program and a processor implementing the steps of the method of any one of the embodiments described above when the computer program is executed by the processor.
In an eighth aspect, the present application also provides a computer readable storage medium having stored thereon a computer program which when executed by a processor performs the steps of the method of any of the embodiments described above.
In a ninth aspect, the application also provides a computer program product comprising a computer program which, when executed by a processor, implements the steps of the method of any of the embodiments described above.
The network tunnel configuration method, the device, the computer equipment and the storage medium respectively configure the equipment at two ends of different network tunnels through judging the network tunnels so as to realize the intercommunication from the user equipment to the operator equipment, namely GRE to SR, and from the operator equipment to the user equipment, namely SR to GRE.
Drawings
FIG. 1 is an application environment diagram of a network tunnel configuration method in one embodiment;
FIG. 2 is a schematic diagram of a micro service controller architecture in one embodiment;
FIG. 3 is a flow diagram of a network tunnel configuration method in one embodiment;
FIG. 4 is a flow chart of a method of network tunnel establishment in one embodiment;
FIG. 5 is a flow chart of a method for sending network traffic in one embodiment;
FIG. 6 is a schematic diagram illustrating SR and GRE tunnel interworking in an SDWAN scenario in one embodiment;
FIG. 7 is a block diagram of a network tunnel configuration device in one embodiment;
FIG. 8 is a block diagram of a network tunnel establishment device in one embodiment;
FIG. 9 is a block diagram of a network traffic transmitting apparatus in one embodiment;
fig. 10 is an internal structural view of a computer device in one embodiment.
Detailed Description
The present application will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present application more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the application.
The network tunnel configuration method provided by the embodiment of the application can be applied to an application environment shown in figure 1. Including a controller 102, a first user device 104, at least one operator device 106, and a second user device 108. In the SDWAN scenario, the first user device 104 accesses the tenant service, and the first user device 104 and the second user device 108 access the operator network through at least one operator device 106. In this scenario, a micro service controller architecture is introduced, as shown in fig. 2, fig. 2 is a schematic diagram of the micro service controller architecture in one embodiment, where an end-to-end optimal forwarding path is opened between the first user equipment 104 and the second user equipment 106 through the controller; a GRE tunnel is deployed between the first user device 102 and the operator device 106, where it is to be noted that if there is a security need, a GRE over IPSec tunnel needs to be deployed, and the controller calculates the optimal SR tunnel between the operator device and the operator device. Thus, in the end-to-end path, there is a problem of SR and GRE tunnel interworking.
In summary, referring to fig. 3, the present application provides a network tunnel configuration method, which is applied to the controller 102 in fig. 1 for illustration, and includes the following steps:
s302, when the network tunnel is a tunnel from the user equipment to the operator equipment, the flow strategy is configured at the input interface of the coloring private network route of the user equipment, the output interface is configured as a GRE tunnel, the corresponding flow strategy is configured at the input interface of the coloring private network route of the operator equipment, and the output interface is configured as an SR tunnel.
The network tunnel is a channel for information transmission between different devices; the user equipment (Customer Premise Equipment, CPE) refers to equipment where the front end of the user directly interfaces with the operator network, for example, a network tunnel between the user equipment and the operator equipment is a GRE tunnel, and a network tunnel between the operator equipment is an SR tunnel; the carrier device (Virtual Premises Equipment, VPE) is a special carrier device, which may be a virtualizer; the flow strategy is a control tool which can be configured for any communication equipment and is used for forwarding the flow, for example, the flow can be matched through acl, and the data can be matched and controlled to be accessed by using flow classification and popularity; the private network route is the route of the user equipment, the private network route comprises the paths from the user equipment to other equipment, the coloring private network route is to color the network slice, and the coloring private network route is introduced to the paths of the corresponding network slice according to the characteristics of the service, such as red network slice, and the delay in the network is particularly concerned; of the yellow slices of the network, there is a particular concern about bandwidth in the network.
Specifically, firstly, judging a network tunnel between devices, when the network tunnel is a tunnel from the CPE to the VPE, configuring a flow strategy at an input interface of a coloring private network route of the CPE device, and configuring an output interface as a GRE tunnel, so that the traffic of the CPE can be forwarded from the GRE tunnel. Wherein optionally the flow policy coloring red may be configured at the ingress interface by message feature matching and generating a coloring private network route, e.g., red/vpn1:192.168.2.0/24. Specifically, the controller configures a corresponding flow strategy at an input interface of a coloring private network route of the VPE, an output interface is configured as an SR tunnel, and traffic is introduced into the SR tunnel through the coloring route, so that the intercommunication from the GRE tunnel to the SR tunnel is realized.
S304, when the network tunnel is a tunnel from the operator equipment to the user equipment, configuring a strategy for generating END.DT4C type SID at a coloring private network route of the operator equipment, wherein D is a message decapsulation, and T4C is a coloring private network route for inquiring IPV 4; the colored private network routing at the user equipment configures a GRE tunnel from the user equipment to the operator equipment.
Specifically, end.dt4c is a SID policy, through which traffic can be introduced from SR tunnel to GRE tunnel, where D is decapsulating the message, T4C is querying the colored private network route of IPV4, and an interface can be found by querying the colored private network route.
Specifically, when the network tunnel is a tunnel from the operator device to the user device, a policy for generating end.dt4c type SID is configured at the coloring private network route of the VPE and a GRE tunnel from the user device to the operator device is configured, so that traffic can be introduced from the SR tunnel to the GRE tunnel through the end.dt4c, thereby realizing interworking from the SR tunnel to the GRE tunnel.
In the network tunnel configuration method, the devices at two ends of different network tunnels are respectively configured through judging the network tunnels so as to realize the intercommunication from CPE to VPE, namely GRE to SR, and from VPE to CPE, namely SR to GRE.
In one embodiment, a network tunnel establishment method is provided, as shown in fig. 4, and the method includes the following steps:
s402, determining a first user equipment and a second user equipment of the message.
The first user equipment refers to CPE of the transmitting end, and the second user equipment refers to CPE of the receiving end. Wherein optionally, the controller may implement interworking between the first user device and the second user device by confirming the first user device and the second user device, then calculating routes of the first user device and the second user device, and configuring between the first user device, the VPE, and the second user device.
S404, calculating an optimal path from the first user equipment to the second user equipment, wherein the optimal path comprises GRE tunnels between the first user equipment and the operator equipment, SR tunnels between the operator equipment and the second user equipment.
The optimal path refers to a path between the first device and the second device for realizing the user service quality, and may be a shortest path, that is, the path between the first user device and the second user device is realized through the least routing device. The routing device is referred to as VPE in this embodiment.
Specifically, after determining the first ue and the second ue, the controller may generate a dynamic topology map, and calculate an optimal path according to the dynamic topology map, where the optimal path includes a GRE tunnel between the first ue and the operator, an SR tunnel between each operator, and a GRE tunnel between each operator and the second ue, because the first ue and the first VPE are in communication through the GRE tunnel, the VPEs are in communication through the SR tunnel, and the last VPE and the second ue are in communication through the SR tunnel, so that the optimal path between the first ue and the second ue includes the GRE tunnel between the first ue and the VPE, the SR tunnel between each VPE, and the GRE tunnel between the VPE and the second ue.
S406, according to the network tunnel configuration method in any of the above embodiments, the GRE tunnel between the first user equipment and the operator equipment and the GRE tunnel between the operator equipment and the second user equipment are configured.
Specifically, after the optimal paths of the first ue and the second ue are obtained, the GRE tunnels between the first ue and the VPE and the GRE tunnels between the VPE and the second ue, which are respectively related on the optimal paths, are configured, and the specific configuration may be set by referring to the above embodiments, and details are not described herein.
In the above embodiment, after the first ue and the second ue are determined, an optimal path from the first ue to the second ue is calculated, and finally, a GRE tunnel between the first ue and the operator device and a GRE tunnel between the operator device and the second ue, which are related to the optimal path, are configured, so as to implement interworking between the first ue and the second ue.
In one embodiment, the network tunnel establishment method further includes: and configuring the SR tunnel among the operator equipment.
In particular, since at least one VPE is included between the first user equipment and the second user equipment, the SR tunnel between the VPEs needs to be configured as well. Illustratively, policies for generating end.x type SIDs may be configured at the coloring private network route of each VPE device, where end.x type inherits end.x type actions in the legacy SR, forwarding messages according to the specified egress interface.
In the above embodiment, the SR tunnels between the operator devices involved in the optimal path are configured to implement interworking between the VPEs.
In one embodiment, before determining the first user equipment and the second user equipment of the message, the method includes: acquiring all user equipment and operator equipment of a current access network, and generating a network topology graph according to all user equipment and operator equipment; calculating an optimal path from a first user device to a second user device, comprising: according to the network topology, an optimal path from the first user equipment to the second user equipment is calculated.
Specifically, before generating the optimal path, the controller needs to acquire all user equipment and VPEs of the current access network, and dynamically generates a network topology graph according to all user equipment and VPEs; after all the user equipment and the VPE dynamically generated network topology graph are obtained, calculating an optimal path between the first user equipment and the second user equipment according to the network topology graph. Wherein optionally the optimal path between VPEs may be calculated by CSPF algorithm. In other embodiments, after generating the network topology, the controller also needs to mutually direct the private network route between the first user device and the second user device, and the controller needs to direct the private network route of the second user device onto the first user device.
In the above embodiment, a topology map is generated by acquiring all user devices and operator devices of the current access network, and an optimal path is generated according to the topology map, so that traffic forwarding between the first network device and the second network device through the optimal path is realized later.
In one embodiment, there is provided a network traffic transmission method, as shown in fig. 5, including the steps of:
s502, based on the network tunnel establishment method in any one of the above embodiments, a network tunnel between the first user equipment and the second user equipment is established.
Specifically, the controller establishes the network tunnel between the first user equipment and the second user equipment according to the network tunnel establishment method, and the method for specifically establishing the network tunnel may refer to the configuration in any one of the foregoing embodiments, and detailed description is not repeated here.
And S504, when the first user equipment receives the service flow to be sent to the second user equipment, sending the service flow received by the first user equipment to the second user equipment according to the established network tunnel.
Specifically, when the first user equipment receives the traffic to be sent to the second user equipment, the traffic is forwarded to the second user equipment according to the previously established network tunnel and the method configured on the network tunnel. For example, traffic is forwarded between the first ue and the first VPE through a GRE1 tunnel, traffic is forwarded between each VPE through an SR tunnel, and traffic is forwarded between the last VPE and the second ue through a GRE2 tunnel.
In the above embodiment, the network tunnel established between the first ue and the second ue is used to forward according to the established tunnel when the first ue receives the traffic to be sent.
In one embodiment, sending the traffic received by the first ue to the second ue according to the established network tunnel includes: forwarding the service traffic received by the first user equipment to the operator equipment according to a pre-configured flow strategy; forwarding the service traffic received by the operator equipment among the operator equipment according to a pre-configured SR tunnel strategy; and sending the service flow received by the last operator equipment to the second user equipment according to the strategy of the pre-configured generated end.DT4C type SID.
The pre-configured flow strategy refers to a flow strategy configured at an inlet interface of a coloring private network route of the CPE equipment in advance; the SR tunnel policy refers to a policy for guiding traffic forwarding, which is configured in advance in an SR tunnel between each operator device.
Specifically, first, matching is performed according to a pre-configured flow policy to determine a coloring private network route of the corresponding first user equipment, and service traffic is sent to the VPE through the GRE tunnel through the coloring private network route of the first user equipment. After receiving the service traffic, the VPE forwards the service traffic between the VPEs according to a pre-configured SR tunnel policy, wherein optionally, the message may be forwarded according to a specified outgoing interface through an end.x type action. And finally, the property flow received by the last operator equipment is sent to the second user equipment according to the pre-configured generated end.DT4C type SID strategy.
In the above embodiment, the service traffic is forwarded through the preconfigured flow policy, SR tunnel policy, and preconfigured end.dt4c type SID policy generated.
In one embodiment, forwarding traffic received by the first user device to the operator device according to a pre-configured flow policy comprises: and matching the service traffic received by the first user equipment with a pre-configured flow strategy to determine a corresponding coloring private network route of the first user equipment, and transmitting the service traffic to the operator equipment through the GRE tunnel by the coloring private network route of the first user equipment.
Specifically, the controller first matches the first user equipment after receiving the service traffic according to a pre-configured flow policy to determine a coloring private network route of the corresponding first user equipment, where optionally the matching and coloring may be performed according to the service traffic characteristics. Wherein coloring refers to coloring traffic, each color representing a network slice, such as a red network slice, with particular attention to delay in the network; of the yellow slices of the network, there is a particular concern about bandwidth in the network. Illustratively, if the traffic requires minimal delay, then the remotely controlled traffic is introduced onto the network slice where delay is a concern; if the traffic is video and the bandwidth is required to be the largest, then the traffic of the video is introduced onto the network slice of interest bandwidth. Specifically, traffic is sent to the VPE through the GRE tunnel by a colored private network route of the first user equipment. In other embodiments, the tenant private network side of CPE1 (first user equipment) receives the service traffic, the destination address is 192.168.2.1, and the matching message feature hits the stream policy coloring red; looking up the coloring private network route, finding out that the interface is GRE1 tunnel, and forwarding the message (optional field KEY of GRE in the forwarded message fills in vpn 1).
In the above embodiment, the service traffic is colored by configuring the service traffic characteristics received by the first user according to the pre-configured flow policy, and the service traffic is forwarded by looking up the coloring private route of the first user, so as to realize that the service traffic is sent to the VPE through the GRE tunnel.
In one embodiment, after forwarding the traffic received by the first user equipment to the operator equipment according to a pre-configured flow policy, the method comprises: analyzing the service traffic received by the operator equipment to obtain an input interface of a coloring private network route of the operator equipment, obtaining a flow strategy of the input interface of the coloring private network route of the operator equipment to color the service traffic again, inquiring the coloring private network route of the operator equipment according to a coloring result, and forwarding the service traffic among the operator equipment according to an SR tunnel configured by an output interface of the coloring private network route of the operator equipment.
Specifically, the controller analyzes the service flow received by the VPE to obtain an ingress interface of the coloring private network route of the VPE device, for example, the VPE1 receives a message, identifies the message as a GRE message, and finds the ingress interface GRE1 according to the vpn1 in the message and the source address and the destination address in the outer layer header. Specifically, after obtaining an ingress interface of a coloring private network route of a VPE, obtaining a flow policy of the ingress interface of the coloring private network route of the VPE to color the service traffic again, inquiring the coloring private network route of the operator equipment according to a coloring result, and forwarding the service traffic among the operator equipment according to an SR tunnel configured by an egress interface of the coloring private network route of the operator equipment. Illustratively, using the flow policy generated by the previous controller on the GRE1 tunnel, coloring red traffic again, looking up the coloring private network route according to the coloring red, finding out that the interface is an SR tunnel, and forwarding the message according to the SR tunnel encapsulation SRoU.
In the above embodiment, the service traffic received by the provider device is parsed to obtain the ingress interface of the coloring private route of the VPE device, so as to implement the service traffic to be led into the SR tunnel from the GRE tunnel.
In one embodiment, forwarding traffic received by an operator device between operator devices according to a pre-configured SR tunnel policy includes: and acquiring the SID of the service flow received by the operator equipment, and forwarding the service flow according to the outlet interface designated by the SID until the last operator equipment is reached.
Specifically, the service traffic forwarding between VPEs is performed through SID types, so that it is required to obtain the SID of the service traffic received by the VPEs, and forward the service traffic according to the outgoing interface formulated by the SID. Wherein, optionally, the SID of each VPE can be set as end.X, and the end.X type inherits the action of the end.X type in the traditional SR, and forwards the message according to the appointed outgoing interface.
In the above embodiment, traffic forwarding between VPEs is achieved by setting the SID of each VPE to end.x.
In one embodiment, sending the traffic received by the last operator device to the second user device according to the policy of the end.dt4c type SID generated in advance comprises: and acquiring the received service flow of the last operator equipment, identifying the END.DT4C type SID in the service flow, re-coloring the service flow according to the SID, inquiring the coloring private network route of the operator equipment corresponding to the coloring result, and forwarding the service flow to the GRE tunnel according to the coloring private network route of the operator equipment.
Specifically, when the current VPE is the last VPE in the optimal path, obtaining the service flow received by the VPE device, re-coloring the service flow according to the current end.dt4c type SID in the SR extension header, and querying the coloring private network to find out that the interface is GRE2 for forwarding the service flow, wherein GRE2 is the GRE tunnel from the last VPE generated by the controller to the second user device. Specifically, D in end 4C is to decapsulate the message, and C means color action, and after the label is decapsulated and transferred, the IPV4 coloring private network is forwarded. In other embodiments, the last VPE receives the message, recognizes that the UDP port is 4337 is an SRoU forwarding message, and obtains the current SID in the SR extension header: 4.4.4.4:END.DT4C, coloring red according to the action specified by SID, looking up coloring private network route, finding out that interface is GRE1 tunnel, forwarding message, and filling vpn1 in optional field KEY of GRE in the forwarding message. Where vpn1 is the network segment address where the second user equipment is located.
In the above embodiment, the GRE tunnel is introduced by setting the SID type in the last VPE traffic to END.DT4C, END.DT4C to guide traffic coloring and then looking up IPV4 route forwarding; secondly, an optional field KEY is innovatively used to carry VPN information, so that the subsequent second user equipment can forward traffic using the inner layer destination IP check VPN1 private network route.
In one embodiment, the method further includes sending the traffic received by the first ue to the second ue according to the established network tunnel, and further includes: and acquiring the service flow received by the second user equipment, processing the service flow, and forwarding the service flow through a private network route of the second user equipment.
Specifically, after the service traffic received by the second device is obtained, the service traffic is processed, so that the service traffic can be forwarded through the private route of the second user device, in one embodiment, the second user device finds the ingress interface GRE2 according to the vpn1 in the message and the source address and the destination address in the outer layer header, strips the GRE header, and forwards the traffic by using the private network route of the inner layer destination IP viewing vpn 1.
In the above embodiment, since the optional field KEY is innovatively used to carry VPN information, the second user equipment may forward traffic using the IP-to-VPN 1 private network route of the inner layer destination.
In one embodiment, as shown in connection with fig. 6, fig. 6 is a schematic diagram illustrating the interworking of SR and GRE tunnels in an SDWAN scenario in one embodiment.
In this embodiment, the controller includes a first customer premise equipment CPE1, a second customer premise equipment CPE2, and N VPEs, where the optimal path includes three VPEs, namely VPE1, VPE2, and VPE3, respectively, and VPE1 is the first VPE and VPE3 is the last VPE3.
Specifically, as described in connection with fig. 6, the current tenant requires the path with the smallest latency, colored red. Firstly, collecting information of all CPE and VPE equipment by a controller, and dynamically generating a topological graph;
second, the controllers mutually direct the private network routing between CPEs, as shown in the above figures, the controllers need to direct the private network routing of CPE2 to CPE1 at vpn 1:192.168.2.1/24. The controller calculates, based on the current topology, that the end-to-end optimal path for CPE1 to CPE2 is: CPE1-VPE1-VPE2-VPE3-CPE2. The controller dynamically establishes a GRE tunnel (if there is a security requirement to establish a GRE over IPSec tunnel) between the CPE and the VPE, and dynamically establishes an SR optimal path between the VPEs. Specifically, CPE1: the CPE1 tenant private network side stream entry is the same as the model of the traditional traffic entry tunnel, and stream policy coloring red is configured at the entry interface; the controller dynamically generates a GRE tunnel GRE1 for CPE1 to VPE1, and generates a colored private network red/vpn1, 192.168.2.0/24, the output interface being tunnel GRE1, where 192.168.2.0 is the segment address of CPE 2; VPE1: the controller first generates an optimal SR tunnel of VPE1-VPE2 (VPE 1-VPE2-VPE3, VPE2 uses SID: 3.3.3:END. X, VPE3 uses SID: 4.4.4.4:END.DT4C), then generates GRE tunnel GRE1 of VPE1 to CPE1, and dynamically binds the flow policy on GRE1 tunnel interface (the action of the flow policy is coloring red), finally generates coloring private network route red/vpn1:192.168.2.0/24, the output interface is SR tunnel; wherein, optionally, the optimal SR tunnel of VPE1-VPE2 can be calculated by a CSPF algorithm; VPE2: generating an END.X type SID (3.3.3.3: END.X), wherein the END.X type inherits the END.X type action in the traditional SR, and forwards a message according to a designated outbound interface, and the forwarded outbound interface is a physical interface of the VPE2-VPE 3; VPE3: the controller first generates a dynamic GRE tunnel GRE2 for VPE3-CPE 2; then the controller generates an END.DT4C type SID (4.4.4:END.DT4C), wherein the END.DT4C is a new invention type, and is derived based on the original SR END.DT4type, C means color action, marks the unpacking and turns, and then searches an IPV4 coloring private network for forwarding; in this example, 4.4.4.4: the actions of end.dt4c are: coloring red to check the private network route forwarding of the vpn 1; finally, the controller generates that the output interface of the coloring private network route red/vpn1:192.168.2.0/24 is a GRE1 tunnel; CPE2: the controller generates a dynamic GRE tunnel GRE1 for CPE2 to VPE 3.
And finally, forwarding the service flow according to the tunnel established according to the above. Specifically, the tenant private network side of CPE1 receives service flow, the destination address is 192.168.2.1, and the matching message feature hits the stream policy coloring red; searching the coloring private network route, finding out that the interface is a GRE1 tunnel, and forwarding the message (optional field KEY of GRE in the forwarded message fills in vpn 1); the VPE1 receives the message, recognizes the message as GRE message, and finds the ingress interface GRE1 according to the vpn1 in the message, the source address (1.1.1.1) and the destination address (2.2.2.2) in the outer layer header. And re-coloring the traffic with the flow policy generated by the previous controller on the GRE1 tunnel; searching the coloring private network route, finding out that the interface is an SR tunnel, and sealing an SRoU forwarding message according to the SR tunnel; the VPE2 receives the message, recognizes that the UDP port is 4337 as an SRoU message, and acquires the current SID in the SR expansion head: 3.3.3.3:end.x, forward the message according to the outgoing interface specified by SID, and shift the position of the current SID in the SR extension header to the next SID:4.4.4.4:end.dt4c, where there is a stack of SIDs in the SR header, i.e. the "UDP-SR" part of the figure, there are two SIDs in the figure. The current SID is marked red, and the current SID can be moved to the next SID in the SID stack after passing through one node; the VPE3 receives the message, recognizes that the UDP port is 4337 and is an SRoU forwarding message, and acquires the current SID in the SR expansion head: 4.4.4.4:END.DT4C, coloring red according to the action specified by SID, looking up coloring private network route, finding out that interface is GRE1 tunnel, forwarding message (optional field KEY of GRE in the forwarded message fills in vpn 1); CPE2 receives the message, finds out an ingress interface GRE1 according to the vpn1 in the message and a source address (4.4.4.4) and a destination address (5.5.5.5) in the outer layer header, peels off the GRE header, and uses the inner layer destination IP:192.168.2.1 look-up vpn1 private network route forwards traffic.
In the above embodiment, in the GRE to SR scenario, i.e. interworking between CPE1 and VPE1, flow policy coloring traffic is dynamically generated and introduced into the SR tunnel; in the GRE message, an optional field KEY is innovatively used for carrying VPN information; secondly, in the SR to GRE scene, namely the intercommunication between the VPEs 3 and the CPEs 2, the controller creatively arranges and uses the VPEs 3END.DT4C type SID to guide the traffic coloring in the end-to-end path of the head node CPE1, then searches IPV4 route forwarding, and introduces a GRE tunnel to realize that in the SDWAN scene, the end-to-end path adopts an SR and GRE intercommunication mode, and the end-to-end optimal path is opened.
It should be understood that, although the steps in the flowcharts related to the embodiments described above are sequentially shown as indicated by arrows, these steps are not necessarily sequentially performed in the order indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least some of the steps in the flowcharts described in the above embodiments may include a plurality of steps or a plurality of stages, which are not necessarily performed at the same time, but may be performed at different times, and the order of the steps or stages is not necessarily performed sequentially, but may be performed alternately or alternately with at least some of the other steps or stages.
Based on the same inventive concept, the embodiment of the application also provides a network tunnel configuration device for realizing the above-mentioned network tunnel configuration method, a network tunnel establishment device for the network tunnel establishment method and a network traffic transmission device for the network traffic transmission method. The implementation solutions of the solutions provided by the above devices are similar to those described in the above methods, so specific limitations in the embodiments of one or more network tunnel configuration devices, network tunnel establishment devices, and network traffic transmission devices provided below may be referred to the above for the limitations of the network tunnel configuration method, the network tunnel establishment method, and the network traffic transmission method, respectively, and are not repeated herein.
In one embodiment, as shown in fig. 7, there is provided a network tunnel configuration apparatus, including: an SR tunnel configuration module 100 and a GRE tunnel configuration module 200, wherein:
the SR tunnel configuration module 100 is configured to configure a flow policy at an ingress interface of a coloring private network route of the user equipment when the network tunnel is a tunnel from the user equipment to the operator equipment, configure an egress interface as a GRE tunnel, and configure a corresponding flow policy at an ingress interface of the coloring private network route of the operator equipment, and configure the egress interface as an SR tunnel.
The GRE tunnel configuration module 200 is configured to configure a policy for generating an end.dt4c type SID at a coloring private network route of an operator device when the network tunnel is a tunnel from the operator device to the user device, where D is decapsulating the message, and T4C is the coloring private network route for querying IPV 4; the colored private network routing at the user equipment configures a GRE tunnel from the user equipment to the operator equipment.
In one embodiment, as shown in fig. 8, there is provided a network tunnel establishment apparatus, including: a message determining module 300, an optimal path calculating module 400 and a tunnel configuration module 500, wherein:
the message determining module 300 is configured to determine a first user equipment and a second user equipment of a message.
The optimal path calculation module 400 is configured to calculate an optimal path from the first user equipment to the second user equipment, where the optimal path includes a GRE tunnel between the first user equipment and the operator equipment, an SR tunnel between each operator equipment, and a GRE tunnel between the operator equipment and the second user equipment.
The tunnel configuration module 500 is configured to perform network tunnel configuration on the GRE tunnel between the first user equipment and the operator equipment and the GRE tunnel between the operator equipment and the second user equipment according to the network tunnel configuration method in any one of the foregoing embodiments.
In one embodiment, the network tunnel establishment device further includes:
and the configuration module is used for configuring the SR tunnels among the operator equipment.
In one embodiment, the network tunnel establishment device further includes:
the topology map acquisition module is used for acquiring all user equipment and operator equipment of the current access network and generating a network topology map according to all the user equipment and the operator equipment.
And the user equipment optimal path calculation module is used for calculating an optimal path from the first user equipment to the second user equipment.
In one embodiment, as shown in fig. 9, there is provided a network traffic transmission apparatus, including: a network tunnel establishment module 600 and a traffic forwarding module 700, wherein:
a network tunnel establishment module 600, configured to establish a network tunnel between the first user equipment and the second user equipment based on the network tunnel establishment method in any one of the foregoing embodiments;
and the traffic forwarding module 700 is configured to send, when the first user equipment receives the traffic to be sent to the second user equipment, the traffic received by the first user equipment to the second user equipment according to the established network tunnel.
In one embodiment, the traffic forwarding module 700 includes:
and the flow strategy forwarding unit is used for forwarding the service flow received by the first user equipment to the operator equipment according to the pre-configured flow strategy.
And the SR tunnel forwarding unit is used for forwarding the service traffic received by the operator equipment among the operator equipment according to a preconfigured SR tunnel strategy.
And the END.DT4C forwarding unit is used for sending the service flow received by the last operator equipment to the second user equipment according to the strategy of the pre-configured generated END.DT4C type SID.
In one embodiment, the flow policy forwarding unit includes:
and the first traffic forwarding subunit is used for matching the traffic received by the first user equipment with a pre-configured flow strategy to determine a corresponding coloring private network route of the first user equipment, and sending the traffic to the operator equipment through the GRE tunnel by the coloring private network route of the first user equipment.
In one embodiment, the traffic forwarding module 700 further includes:
the traffic analysis unit is used for analyzing the traffic received by the operator equipment to obtain an input interface of the coloring private network route of the operator equipment, obtaining a flow strategy of the input interface of the coloring private network route of the operator equipment to color the traffic again, inquiring the coloring private network route of the operator equipment according to the coloring result, and forwarding the traffic among the operator equipment according to the SR tunnel configured by the output interface of the coloring private network route of the operator equipment.
In one embodiment, the SR tunnel forwarding unit includes:
and the second traffic forwarding subunit is used for acquiring the SID of the traffic received by the operator equipment and forwarding the traffic according to the outlet interface specified by the SID until the last operator equipment is reached.
In one embodiment, the end.dt4c forwarding unit includes:
and the third flow forwarding subunit acquires the received service flow of the last operator equipment, identifies the END.DT4C type SID in the service flow, recolours the service flow according to the SID, inquires the coloured private network route of the operator equipment corresponding to the coloured result, and forwards the service flow to the GRE tunnel according to the coloured private network route of the operator equipment.
In one embodiment, the traffic forwarding module 700 further includes:
and the second user equipment flow forwarding unit is used for acquiring the service flow received by the second user equipment, processing the service flow and forwarding the service flow through a private network route of the second user equipment.
The above-described network tunnel configuration, network tunnel establishment means, and network traffic transmission means may be implemented in whole or in part by software, hardware, and combinations thereof. The above modules may be embedded in hardware or may be independent of a processor in the computer device, or may be stored in software in a memory in the computer device, so that the processor may call and execute operations corresponding to the above modules.
In one embodiment, a computer device is provided, which may be a controller, the internal structure of which may be as shown in fig. 10. The computer device includes a processor, a memory, and a network interface connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, computer programs, and a database. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The database of the computer device is for storing stream policy data. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a network tunnel configuration method.
It will be appreciated by those skilled in the art that the structure shown in FIG. 10 is merely a block diagram of some of the structures associated with the present inventive arrangements and is not limiting of the computer device to which the present inventive arrangements may be applied, and that a particular computer device may include more or fewer components than shown, or may combine some of the components, or have a different arrangement of components.
In one embodiment, a computer device is provided comprising a memory and a processor, the memory having stored therein a computer program, the processor when executing the computer program performing the steps of: when the network tunnel is a tunnel from the user equipment to the operator equipment, configuring a flow strategy at an input interface of the coloring private network route of the user equipment, configuring an output interface as a GRE tunnel, configuring a corresponding flow strategy at the input interface of the coloring private network route of the operator equipment, and configuring the output interface as an SR tunnel; when the network tunnel is a tunnel from the operator equipment to the user equipment, configuring a strategy for generating an end.DT4C type SID at a coloring private network route of the operator equipment, wherein D is a decapsulation of the message, and T4C is a coloring private network route for inquiring IPV 4; the colored private network routing at the user equipment configures a GRE tunnel from the user equipment to the operator equipment.
In one embodiment, a computer device is provided comprising a memory and a processor, the memory having stored therein a computer program, the processor when executing the computer program performing the steps of: determining a first user equipment and a second user equipment of a message; calculating an optimal path from the first user equipment to the second user equipment, wherein the optimal path comprises GRE tunnels between the first user equipment and the operator equipment, SR tunnels between the operator equipment and GRE tunnels between the operator equipment and the second user equipment; according to the network tunnel configuration method in any one of the embodiments, network tunnel configuration is performed on the GRE tunnel between the first user equipment and the operator equipment and the GRE tunnel between the operator equipment and the second user equipment.
In one embodiment, the implementation of the computer program when executed by the processor further includes: and configuring the SR tunnel among the operator equipment.
In one embodiment, before determining the first user equipment and the second user equipment of the message, which are implemented when the processor executes the computer program, the method includes: acquiring all user equipment and operator equipment of a current access network, and generating a network topology graph according to all user equipment and operator equipment; calculating an optimal path from a first user device to a second user device, comprising: according to the network topology, an optimal path from the first user equipment to the second user equipment is calculated.
In one embodiment, a computer device is provided comprising a memory and a processor, the memory having stored therein a computer program, the processor when executing the computer program performing the steps of: based on the network tunnel establishment method in any one of the above embodiments, a network tunnel between the first user equipment and the second user equipment is established; and when the first user equipment receives the service flow to be sent to the second user equipment, sending the service flow received by the first user equipment to the second user equipment according to the established network tunnel.
In one embodiment, the sending, by the processor, the traffic received by the first user equipment to the second user equipment according to the established network tunnel implemented when the processor executes the computer program includes: forwarding the service traffic received by the first user equipment to operator equipment according to a pre-configured flow strategy; forwarding the service traffic received by the operator equipment among the operator equipment according to a pre-configured SR tunnel strategy; and sending the service flow received by the last operator equipment to the second user equipment according to the strategy of the pre-configured generated end.DT4C type SID.
In one embodiment, the forwarding, by the processor, the traffic received by the first user equipment to the operator equipment according to a pre-configured flow policy, implemented when the processor executes the computer program, comprises: and matching the service flow received by the first user equipment with the pre-configured flow strategy to determine a corresponding coloring private network route of the first user equipment, and sending the service flow to the operator equipment through a GRE tunnel through the coloring private network route of the first user equipment.
In one embodiment, after forwarding the traffic received by the first user equipment to the operator equipment according to a pre-configured flow policy, implemented when the processor executes the computer program, comprises: analyzing the service flow received by the operator equipment to obtain an inlet interface of the coloring private network route of the operator equipment, obtaining a flow strategy of the inlet interface of the coloring private network route of the operator equipment to color the service flow again, inquiring the coloring private network route of the operator equipment according to a coloring result, and forwarding the service flow among the operator equipment according to an SR tunnel configured by an outlet interface of the coloring private network route of the operator equipment.
In one embodiment, the forwarding of the traffic received by the carrier devices between the carrier devices according to a pre-configured SR tunnel policy, implemented when the processor executes a computer program, comprises: and acquiring the SID of the service flow received by the operator equipment, and forwarding the service flow according to an outlet interface designated by the SID until the last operator equipment is reached.
In one embodiment, the sending, by the processor, the traffic received by the last operator device to the second user device according to a policy of an end.dt4c type SID generated in advance, implemented when the processor executes a computer program, includes: and acquiring the received service flow of the last operator equipment, identifying the END.DT4C type SID in the service flow, re-coloring the service flow according to the SID, inquiring the coloring private network route of the operator equipment corresponding to the coloring result, and forwarding the service flow to a GRE tunnel according to the coloring private network route of the operator equipment.
In one embodiment, the implementation of the computer program when executed by the processor further includes: and acquiring the service flow received by the second user equipment, processing the service flow, and forwarding the service flow through a private network route of the second user equipment.
In one embodiment, a computer readable storage medium is provided having a computer program stored thereon, which when executed by a processor, performs the steps of: when the network tunnel is a tunnel from the user equipment to the operator equipment, configuring a flow strategy at an input interface of the coloring private network route of the user equipment, configuring an output interface as a GRE tunnel, configuring a corresponding flow strategy at the input interface of the coloring private network route of the operator equipment, and configuring the output interface as an SR tunnel; when the network tunnel is a tunnel from the operator equipment to the user equipment, configuring a strategy for generating an end.DT4C type SID at a coloring private network route of the operator equipment, wherein D is a decapsulation of the message, and T4C is a coloring private network route for inquiring IPV 4; the colored private network routing at the user equipment configures a GRE tunnel from the user equipment to the operator equipment.
In one embodiment, a computer readable storage medium is provided having a computer program stored thereon, which when executed by a processor, performs the steps of: determining a first user equipment and a second user equipment of a message; calculating an optimal path from the first user equipment to the second user equipment, wherein the optimal path comprises GRE tunnels between the first user equipment and the operator equipment, SR tunnels between the operator equipment and GRE tunnels between the operator equipment and the second user equipment; according to the network tunnel configuration method in any one of the embodiments, network tunnel configuration is performed on the GRE tunnel between the first user equipment and the operator equipment and the GRE tunnel between the operator equipment and the second user equipment.
In one embodiment, the computer program when executed by the processor further comprises: and configuring the SR tunnel among the operator equipment.
In one embodiment, before determining the first user equipment and the second user equipment of the message, which is implemented when the computer program is executed by the processor, comprises: acquiring all user equipment and operator equipment of a current access network, and generating a network topology graph according to all user equipment and operator equipment; calculating an optimal path from a first user device to a second user device, comprising: according to the network topology, an optimal path from the first user equipment to the second user equipment is calculated.
In an embodiment, the computer program, when executed by the processor, establishes a network tunnel between the first user equipment and the second user equipment based on the network tunnel establishment method in any one of the embodiments; and when the first user equipment receives the service flow to be sent to the second user equipment, sending the service flow received by the first user equipment to the second user equipment according to the established network tunnel.
In one embodiment, a computer program, when executed by a processor, is implemented to send traffic received by a first user equipment to a second user equipment according to an established network tunnel, comprising: forwarding the service traffic received by the first user equipment to the operator equipment according to a pre-configured flow strategy; forwarding the service traffic received by the operator equipment among the operator equipment according to a pre-configured SR tunnel strategy; and sending the service flow received by the last operator equipment to the second user equipment according to the strategy of the pre-configured generated end.DT4C type SID.
In one embodiment, a computer program, when executed by a processor, implemented to forward traffic received by a first user device to an operator device according to a pre-configured flow policy, comprises: and matching the service traffic received by the first user equipment with a pre-configured flow strategy to determine a corresponding coloring private network route of the first user equipment, and transmitting the service traffic to the operator equipment through the GRE tunnel by the coloring private network route of the first user equipment.
In one embodiment, after forwarding traffic received by the first user device to the operator device according to a pre-configured flow policy, implemented when the computer program is executed by the processor, comprises:
analyzing the service traffic received by the operator equipment to obtain an input interface of a coloring private network route of the operator equipment, obtaining a flow strategy of the input interface of the coloring private network route of the operator equipment to color the service traffic again, inquiring the coloring private network route of the operator equipment according to a coloring result, and forwarding the service traffic among the operator equipment according to an SR tunnel configured by an output interface of the coloring private network route of the operator equipment.
In one embodiment, a computer program, when executed by a processor, implements forwarding traffic received by an operator device between operator devices according to a pre-configured SR tunneling policy, comprising: and acquiring the SID of the service flow received by the operator equipment, and forwarding the service flow according to the outlet interface designated by the SID until the last operator equipment is reached.
In one embodiment, the policy implemented when the computer program is executed by the processor to send traffic received by the last operator device to the second user device according to the preconfigured generated end.dt4c type SID comprises: and acquiring the received service flow of the last operator equipment, identifying the END.DT4C type SID in the service flow, re-coloring the service flow according to the SID, inquiring the coloring private network route of the operator equipment corresponding to the coloring result, and forwarding the service flow to the GRE tunnel according to the coloring private network route of the operator equipment.
In one embodiment, the computer program when executed by the processor further comprises: and acquiring the service flow received by the second user equipment, processing the service flow, and forwarding the service flow through a private network route of the second user equipment.
In one embodiment, a computer program product is provided comprising a computer program which, when executed by a processor, performs the steps of: when the network tunnel is a tunnel from the user equipment to the operator equipment, configuring a flow strategy at an input interface of the coloring private network route of the user equipment, configuring an output interface as a GRE tunnel, configuring a corresponding flow strategy at the input interface of the coloring private network route of the operator equipment, and configuring the output interface as an SR tunnel; when the network tunnel is a tunnel from the operator equipment to the user equipment, configuring a strategy for generating an end.DT4C type SID at a coloring private network route of the operator equipment, wherein D is a decapsulation of the message, and T4C is a coloring private network route for inquiring IPV 4; the colored private network routing at the user equipment configures a GRE tunnel from the user equipment to the operator equipment.
In one embodiment, a computer program product is provided comprising a computer program which, when executed by a processor, performs the steps of: determining a first user equipment and a second user equipment of a message; calculating an optimal path from the first user equipment to the second user equipment, wherein the optimal path comprises GRE tunnels between the first user equipment and the operator equipment, SR tunnels between the operator equipment and GRE tunnels between the operator equipment and the second user equipment; according to the network tunnel configuration method in any one of the embodiments, network tunnel configuration is performed on the GRE tunnel between the first user equipment and the operator equipment and the GRE tunnel between the operator equipment and the second user equipment.
In one embodiment, the computer program when executed by the processor further comprises: and configuring the SR tunnel among the operator equipment.
In one embodiment, before determining the first user equipment and the second user equipment of the message, which is implemented when the computer program is executed by the processor, comprises: acquiring all user equipment and operator equipment of a current access network, and generating a network topology graph according to all user equipment and operator equipment; calculating an optimal path from a first user device to a second user device, comprising: according to the network topology, an optimal path from the first user equipment to the second user equipment is calculated.
In one embodiment, a computer program product is provided comprising a computer program which, when executed by a processor, performs the steps of: based on the network tunnel establishment method in any one of the embodiments, establishing a network tunnel between the first user equipment and the second user equipment; and when the first user equipment receives the service flow to be sent to the second user equipment, sending the service flow received by the first user equipment to the second user equipment according to the established network tunnel.
In one embodiment, a computer program, when executed by a processor, is implemented to send traffic received by a first user equipment to a second user equipment according to an established network tunnel, comprising: forwarding the service traffic received by the first user equipment to the operator equipment according to a pre-configured flow strategy; forwarding the service traffic received by the operator equipment among the operator equipment according to a pre-configured SR tunnel strategy; and sending the service flow received by the last operator equipment to the second user equipment according to the strategy of the pre-configured generated end.DT4C type SID.
In one embodiment, a computer program, when executed by a processor, implemented to forward traffic received by a first user device to an operator device according to a pre-configured flow policy, comprises: and matching the service traffic received by the first user equipment with a pre-configured flow strategy to determine a corresponding coloring private network route of the first user equipment, and transmitting the service traffic to the operator equipment through the GRE tunnel by the coloring private network route of the first user equipment.
In one embodiment, after forwarding traffic received by the first user device to the operator device according to a pre-configured flow policy, implemented when the computer program is executed by the processor, comprises:
Analyzing the service traffic received by the operator equipment to obtain an input interface of a coloring private network route of the operator equipment, obtaining a flow strategy of the input interface of the coloring private network route of the operator equipment to color the service traffic again, inquiring the coloring private network route of the operator equipment according to a coloring result, and forwarding the service traffic among the operator equipment according to an SR tunnel configured by an output interface of the coloring private network route of the operator equipment.
In one embodiment, a computer program, when executed by a processor, implements forwarding traffic received by an operator device between operator devices according to a pre-configured SR tunneling policy, comprising: and acquiring the SID of the service flow received by the operator equipment, and forwarding the service flow according to the outlet interface designated by the SID until the last operator equipment is reached.
In one embodiment, the policy implemented when the computer program is executed by the processor to send traffic received by the last operator device to the second user device according to the preconfigured generated end.dt4c type SID comprises: and acquiring the received service flow of the last operator equipment, identifying the END.DT4C type SID in the service flow, re-coloring the service flow according to the SID, inquiring the coloring private network route of the operator equipment corresponding to the coloring result, and forwarding the service flow to the GRE tunnel according to the coloring private network route of the operator equipment.
In one embodiment, the computer program when executed by the processor further comprises: and acquiring the service flow received by the second user equipment, processing the service flow, and forwarding the service flow through a private network route of the second user equipment.
Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, database, or other medium used in embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, high density embedded nonvolatile Memory, resistive random access Memory (ReRAM), magnetic random access Memory (Magnetoresistive Random Access Memory, MRAM), ferroelectric Memory (Ferroelectric Random Access Memory, FRAM), phase change Memory (Phase Change Memory, PCM), graphene Memory, and the like. Volatile memory can include random access memory (Random Access Memory, RAM) or external cache memory, and the like. By way of illustration, and not limitation, RAM can be in the form of a variety of forms, such as static random access memory (Static Random Access Memory, SRAM) or dynamic random access memory (Dynamic Random Access Memory, DRAM), and the like. The databases referred to in the embodiments provided herein may include at least one of a relational database and a non-relational database. The non-relational database may include, but is not limited to, a blockchain-based distributed database, and the like. The processor referred to in the embodiments provided in the present application may be a general-purpose processor, a central processing unit, a graphics processor, a digital signal processor, a programmable logic unit, a data processing logic unit based on quantum computing, or the like, but is not limited thereto.
The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The foregoing examples illustrate only a few embodiments of the application and are described in detail herein without thereby limiting the scope of the application. It should be noted that it will be apparent to those skilled in the art that several variations and modifications can be made without departing from the spirit of the application, which are all within the scope of the application. Accordingly, the scope of the application should be assessed as that of the appended claims.

Claims (16)

1. A network tunnel configuration method, the method comprising:
when the network tunnel is a tunnel from user equipment to operator equipment, configuring a flow strategy at an input interface of a coloring private network route of the user equipment, configuring an output interface as a GRE tunnel, configuring a corresponding flow strategy at the input interface of the coloring private network route of the operator equipment, and configuring the output interface as an SR tunnel;
When the network tunnel is a tunnel from the operator equipment to the user equipment, configuring a strategy for generating an END.DT4C type SID at a coloring private network route of the operator equipment, wherein D is a decapsulation of a message, and T4C is a coloring private network route for inquiring IPV 4; the colored private network routing at the user equipment configures a GRE tunnel from the user equipment to the operator equipment.
2. A method for establishing a network tunnel, the method comprising:
determining a first user equipment and a second user equipment of a message;
calculating an optimal path from the first user equipment to the second user equipment, wherein the optimal path comprises GRE tunnels between the first user equipment and operator equipment, SR tunnels between the operator equipment and GRE tunnels between the operator equipment and the second user equipment;
the network tunnel configuration method according to claim 1, wherein the network tunnel configuration is performed on a GRE tunnel between the first user equipment and the operator equipment, and a GRE tunnel between the operator equipment and the second user equipment.
3. The network tunnel establishment method according to claim 2, characterized in that the method further comprises:
And configuring the SR tunnel between the operator devices.
4. The method for establishing a network tunnel according to claim 2, wherein before determining the first user equipment and the second user equipment of the message, the method comprises:
acquiring all user equipment and operator equipment of a current access network, and generating a network topology graph according to all user equipment and operator equipment;
the calculating an optimal path from the first user equipment to the second user equipment comprises:
and calculating an optimal path from the first user equipment to the second user equipment according to the network topological graph.
5. The network traffic transmission method is characterized by comprising the following steps:
establishing a network tunnel between a first user equipment and the second user equipment based on the network tunnel establishment method of any one of claims 2 to 4;
and when the first user equipment receives the service flow to be sent to the second user equipment, sending the service flow received by the first user equipment to the second user equipment according to the established network tunnel.
6. The method of claim 5, wherein said sending the traffic received by the first user device to a second user device according to the established network tunnel comprises:
Forwarding the service traffic received by the first user equipment to operator equipment according to a pre-configured flow strategy;
forwarding the service traffic received by the operator equipment among the operator equipment according to a pre-configured SR tunnel strategy;
and sending the service flow received by the last operator equipment to the second user equipment according to the strategy of the pre-configured generated end.DT4C type SID.
7. The method of claim 6, wherein forwarding the traffic received by the first user device to the operator device according to a pre-configured flow policy comprises:
and matching the service flow received by the first user equipment with the pre-configured flow strategy to determine a corresponding coloring private network route of the first user equipment, and sending the service flow to the operator equipment through a GRE tunnel through the coloring private network route of the first user equipment.
8. The method of claim 6, wherein said forwarding the traffic received by the first user device to the operator device according to the pre-configured flow policy comprises:
Analyzing the service flow received by the operator equipment to obtain an inlet interface of the coloring private network route of the operator equipment, obtaining a flow strategy of the inlet interface of the coloring private network route of the operator equipment to color the service flow again, inquiring the coloring private network route of the operator equipment according to a coloring result, and forwarding the service flow among the operator equipment according to an SR tunnel configured by an outlet interface of the coloring private network route of the operator equipment.
9. The network traffic transmission method according to claim 6, wherein forwarding the traffic received by the operator device between the operator devices according to a pre-configured SR tunnel policy comprises:
and acquiring the SID of the service flow received by the operator equipment, and forwarding the service flow according to an outlet interface designated by the SID until the last operator equipment is reached.
10. The method of claim 6, wherein the sending the traffic received by the last operator device to the second user device according to the policy of the end.dt4c type SID generated in advance comprises:
And acquiring the received service flow of the last operator equipment, identifying the END.DT4C type SID in the service flow, re-coloring the service flow according to the SID, inquiring the coloring private network route of the operator equipment corresponding to the coloring result, and forwarding the service flow to a GRE tunnel according to the coloring private network route of the operator equipment.
11. The method of claim 6, wherein the method further comprises:
and acquiring the service flow received by the second user equipment, processing the service flow, and forwarding the service flow through a private network route of the second user equipment.
12. A network tunnel configuration apparatus, the apparatus comprising:
the SR tunnel configuration module is used for configuring a flow strategy at an input interface of the coloring private network route of the user equipment when the network tunnel is a tunnel from the user equipment to the operator equipment, configuring an output interface as a GRE tunnel, configuring a corresponding flow strategy at the input interface of the coloring private network route of the operator equipment, and configuring the output interface as an SR tunnel;
the GRE tunnel configuration module is used for configuring a strategy for generating an END.DT4C type SID at a coloring private network route of the operator equipment when the network tunnel is a tunnel from the operator equipment to the user equipment, wherein D is the decapsulation of the message, and T4C is the coloring private network route for inquiring IPV 4; the colored private network routing at the user equipment configures a GRE tunnel from the user equipment to the operator equipment.
13. A network tunnel establishment apparatus, the apparatus comprising:
the message determining module is used for determining a first user equipment and a second user equipment of the message;
an optimal path calculation module, configured to calculate an optimal path from the first user equipment to the second user equipment, where the optimal path includes a GRE tunnel between the first user equipment to an operator device, an SR tunnel between each of the operator devices, and a GRE tunnel between the operator device to the second user equipment;
a tunnel configuration module, configured to perform network tunnel configuration on a GRE tunnel between the first user equipment and the operator equipment, and a GRE tunnel between the operator equipment and the second user equipment according to the network tunnel configuration apparatus of claim 12.
14. A network traffic transmitting apparatus, the apparatus comprising:
a network tunnel establishment module configured to establish a network tunnel between a first user equipment and the second user equipment based on the network tunnel establishment apparatus of claim 13;
and the flow forwarding module is used for sending the service flow received by the first user equipment to the second user equipment according to the established network tunnel when the first user equipment receives the service flow to be sent to the second user equipment.
15. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor implements the steps of the method of any of claims 1, 2-4, or 5-11 when the computer program is executed.
16. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the method of any of claims 1, 2-4, or 5-11.
CN202111588414.7A 2021-12-23 2021-12-23 Network tunnel configuration method, device, computer equipment and storage medium Active CN114422431B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111588414.7A CN114422431B (en) 2021-12-23 2021-12-23 Network tunnel configuration method, device, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111588414.7A CN114422431B (en) 2021-12-23 2021-12-23 Network tunnel configuration method, device, computer equipment and storage medium

Publications (2)

Publication Number Publication Date
CN114422431A CN114422431A (en) 2022-04-29
CN114422431B true CN114422431B (en) 2023-11-28

Family

ID=81267927

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111588414.7A Active CN114422431B (en) 2021-12-23 2021-12-23 Network tunnel configuration method, device, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN114422431B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101977250A (en) * 2010-10-29 2011-02-16 清华大学 Tunnel selection method in optimization of visit between hosts under edge network double stack access
CN111713079A (en) * 2018-10-22 2020-09-25 思科技术公司 Packet network interworking including segment routing
CN112491720A (en) * 2020-11-10 2021-03-12 网宿科技股份有限公司 Smooth upgrading method and system
WO2021093641A1 (en) * 2019-11-13 2021-05-20 中兴通讯股份有限公司 Message transmission method and system, vpn device at sending end and gre splicing device
CN113676391A (en) * 2021-08-16 2021-11-19 上海地面通信息网络股份有限公司 Data transmission method, device, communication node and storage medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101977250A (en) * 2010-10-29 2011-02-16 清华大学 Tunnel selection method in optimization of visit between hosts under edge network double stack access
CN111713079A (en) * 2018-10-22 2020-09-25 思科技术公司 Packet network interworking including segment routing
WO2021093641A1 (en) * 2019-11-13 2021-05-20 中兴通讯股份有限公司 Message transmission method and system, vpn device at sending end and gre splicing device
CN112491720A (en) * 2020-11-10 2021-03-12 网宿科技股份有限公司 Smooth upgrading method and system
CN113676391A (en) * 2021-08-16 2021-11-19 上海地面通信息网络股份有限公司 Data transmission method, device, communication node and storage medium

Also Published As

Publication number Publication date
CN114422431A (en) 2022-04-29

Similar Documents

Publication Publication Date Title
EP3863237B1 (en) Packet forwarding method, packet transmission device, and packet reception device
US11671367B1 (en) Methods and apparatus for improving load balancing in overlay networks
EP3677000B1 (en) Method and system for tracing packets in software defined networks
EP3896923A1 (en) Bier packet sending method and apparatus
EP4131872A1 (en) Multicast traffic transmission method and apparatus, communication node, and storage medium
US8605626B2 (en) Method and apparatus for preserving extensions in multi-vendor trill networks
WO2020182156A1 (en) Message forwarding method in network, network node and network system
EP3742683B1 (en) Method and device for processing packet by using unified sr label stack
CN109995654B (en) Method and device for transmitting data based on tunnel
US8165038B2 (en) Network physical connection inference for IP tunnels
CN104579954B (en) The cross-domain retransmission method of message, device and communication equipment
WO2005043302A2 (en) Methods and apparatus for implementing multiple types of network tunneling in a uniform manner
EP3364613A2 (en) Method and device for transmitting traffic via specified path
CN110535768B (en) Multicast data transmission method and related equipment
US20140146710A1 (en) Trill Network Communications Across an IP Network
CN107547399B (en) Multicast forwarding table item processing method and PE equipment
US8964749B2 (en) Method, device and system for establishing a pseudo wire
EP3032782B1 (en) Packet transmission method and apparatus
US20070041355A1 (en) Network physical connection inference for IP tunnels
CN116418632A (en) Message processing method, device, equipment and machine-readable storage medium
CN109039903B (en) Route determining method, device and machine-readable storage medium
CN113726653B (en) Message processing method and device
CN110022263B (en) Data transmission method and related device
CN114422431B (en) Network tunnel configuration method, device, computer equipment and storage medium
WO2014032494A1 (en) Discovering a peer provider edge (pe) of a virtual private lan service (vpls) instance

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant