CN118381756A

CN118381756A - Method and routing equipment for cross-forwarding plane UP communication

Info

Publication number: CN118381756A
Application number: CN202410382012.9A
Authority: CN
Inventors: 王阳; 廖以顺
Original assignee: New H3C Technologies Co Ltd
Current assignee: New H3C Technologies Co Ltd
Priority date: 2024-03-29
Filing date: 2024-03-29
Publication date: 2024-07-23

Abstract

The specification provides a method and a routing device for cross forwarding plane UP communication, wherein the method comprises the following steps: and receiving an access request of a first user, wherein the access request comprises an ARP request, judging whether a target user accessed by the first user belongs to a first UP according to the access request, if not, judging whether network access information of the target user exists in a cross-UP forwarding table, and if so, carrying out ARP response on the first user according to the network access information of the target user so as to enable the first user to access the target user according to the ARP response. By the method, the problem that users of different UPs cannot communicate due to the fact that the ODAP server adopts a shared gateway mode and the IPOE access users are online on different UPs under a control-rotation separation scene can be solved.

Description

Method and routing equipment for cross-forwarding plane UP communication

Technical Field

The present disclosure relates to the field of communications technologies, and in particular, to a method and a routing device for UP communication across a forwarding plane.

Background

The BRAS (Broadband Remote access server) is an access gateway for Broadband network application, is a bridge between a Broadband access network and a backbone network, and provides a basic access means and a management function of the Broadband access network.

ODAP (On-DEMAND ADDRESS Pool, address Pool as required) dynamically allocates and recovers sub-network segments according to actual demands, and address resources can be fully utilized.

DHCP (Dynamic Host Configuration Protocol ) adopts a client/server mode, and a server dynamically allocates network configuration parameters such as an IP address to a network device.

With the rapid increase of the number of terminals and the rapid increase of the bandwidth of users, a BRAS broadband remote access server at a key position in an operator network begins to become a bottleneck of the operator metropolitan area network, the control plane performance of the traditional BRAS device is insufficient, the forwarding performance of a large number of users after access is obviously reduced, the online of new charging service is difficult, the capacity expansion cost is high, and the operators are urgent to have new solutions to simplify the deployment of the BRAS device, and the capacity and the flexibility of the system are improved so as to adapt to the flexible expansion requirement of the service.

The control-transferring separation BRAS is used as a front-edge technology, covers all functions of the traditional BRAS equipment, but carries out comprehensive carding and division on the functions of a control surface and a forwarding surface of the traditional BRAS, and realizes the separation of control and forwarding, thereby realizing the improvement of the utilization rate of the forwarding surface, the simplification of configuration operation and maintenance and the quick online of new service. The BRAS Control Plane (Control Plane) Control Plane is called CP for short, only runs the process related to BRAS, and is responsible for processing BRAS user protocol message and managing BRAS user information. The BRAS User forwarding Plane (User Plane) is called UP for short and is responsible for forwarding User data traffic.

Based on the above technology, UP is taken as DHCP SERVER role of terminal, meanwhile taken as ODAP client role of CP, CP itself is taken as ODAP server role, terminal initiates BRAS authentication to CP device separated by conversion control through dialing, after authentication, UP will assign address to terminal, UP is taken as ODAP client, if there is no free assignable address at this time, DHCP request CP (ODAP server) is initiated to obtain new address segment resource, after obtaining new address segment, an address is assigned to user, thus user finishes online, and network resource can be accessed normally. Wherein both UPs are OADP client and CP is the common ODAP server for both UPs.

If OADP server are assigned to the sub-network segments of the ODAP client, each network segment has its own independent gateway, which results in an excessively low utilization rate of the addresses of the ODAP server in large segments, and at this time, we can solve the problem of the scene by sharing the gateway.

Although the sharing gateway brings about a great improvement of the address utilization rate, users in different UPs are in the same network segment, so that ARP requests are initiated when the users in different UPs visit each other, but in reality, the different users are on different UPs, so that ARP is not enabled, and user service is affected.

Disclosure of Invention

To overcome the problems in the related art, the present specification provides a method and a routing device for UP communication across a forwarding plane.

According to a first aspect of embodiments of the present specification, there is provided a method of cross forwarding plane UP communication, the method being applied in a first UP, the method comprising:

receiving an access request of a first user, wherein the access request comprises an ARP request;

Judging whether a target user accessed by a first user belongs to a first UP or not according to the access request;

If not, judging whether the network access information of the target user exists in the cross-UP forwarding table, if so, carrying out ARP response on the first user according to the network access information of the target user so as to enable the first user to access the target user according to the ARP response;

wherein the cross-UP forwarding table includes: network access information of a second user in other UP;

the network access information comprises: the control plane CP allocates IP address information for the second user.

The method for acquiring the cross-UP forwarding table comprises the following steps:

receiving network access information of a second user in other UPs sent by a CP;

And constructing a cross-UP forwarding table according to the networking information of the second user in each UP.

Optionally, the method further comprises:

Receiving network access information sent by a CP and aiming at a third user in a first UP;

and constructing a local UP forwarding table according to the networking information of each third user.

The determining whether the target user accessed by the first user belongs to the first UP according to the access request includes:

Acquiring a destination address in the access request;

judging whether the local UP forwarding table exists at an address matched with a destination address or not;

If yes, determining that the target user belongs to the first UP;

if not, determining that the target user is not attributed to the first UP.

The ARP response is carried out on the first user according to the network access information of the target user, and the ARP response comprises the following steps:

And generating an ARP response, wherein the source IP address of the ARP response is the IP address information of the target user obtained from the cross-UP forwarding table, the destination IP address of the ARP response is the IP address information of the first user, the source MAC address of the ARP response is the interface MAC address of the first UP, and the destination MAC address of the ARP message is the MAC address of the first user.

Wherein the enabling the first user to access the target user according to the ARP reply comprises:

So that the first user learns ARP list items after receiving ARP response and requests a message to the first UP;

the first UP queries a routing table according to the request message, and sends the request message to a target user through a three-layer network according to the query result of the routing table.

Wherein, the network access information further includes: corresponding to the UP information to which the user belongs, the method further comprises:

Receiving update information which is sent by a CP and aims at user network access information;

Updating the corresponding user item in the cross-UP forwarding table according to the UP information of the user and the updated state information carried in the updated information;

Wherein the updated state information includes: any one of a down state, a transition state, and an up state.

According to the method, whether the accessed user and the accessed user are in the same UP or not can be known through the cross-UP forwarding table, if so, the accessed user can be known through the three-layer access by ARP processing (two-layer forwarding) and if not, the accessed user can be known through the three-layer access by the cross-UP forwarding table in an ARP response mode, and therefore cross-UP communication of the user is achieved. On the other hand, because the network access information of the user is recorded in the cross UP forwarding table, whether the accessed user is online or not can be effectively distinguished, and the condition that the accessed user is frequently accessed because the accessed user is not online is prevented from causing network attack.

According to a second aspect of embodiments of the present specification, there is provided a method of cross forwarding plane UP communication, the method being applied to a CP, the method comprising:

Receiving an authentication request of a fourth user, and distributing network access information for the fourth user after passing the authentication of the fourth user, wherein the network access information comprises: distributing IP address information, or IP address information and affiliated UP information;

And sending the network access information of the fourth user to each UP so that each UP configures a cross-UP forwarding table according to the network access information of the fourth user, and enabling each UP to carry out ARP response on the first user according to the cross-UP forwarding table, so that the first user accesses the target user according to the ARP response.

According to a third aspect of embodiments of the present specification, there is provided a routing device enabling a forwarding plane UP function, the routing device comprising:

The receiving module is used for receiving an access request of a first user, wherein the access request comprises an ARP request;

The judging module is used for judging whether the target user accessed by the first user belongs to the first UP according to the access request;

the judging module is further used for continuously judging whether the network access information of the target user exists in the cross-UP forwarding table when judging that the first UP is not attributed;

The processing module is used for carrying out ARP response on the first user according to the network access information of the target user when the network access information of the target user exists in the cross-UP forwarding table, so that the first user accesses the target user according to the ARP response;

Wherein, the cross-UP forwarding table comprises: network access information of a second user in other UP;

The processing module is specifically configured to generate an ARP reply, where a source IP address of the ARP reply is IP address information of a target user obtained from a cross-UP forwarding table, a destination IP address of the ARP reply is IP address information of a first user, a source MAC address of the ARP reply is an interface MAC address of the first UP, and a destination MAC address of the ARP packet is a MAC address of the first user.

According to a fourth aspect of embodiments of the present specification, there is provided a network device enabling control plane CP functionality, the network device comprising:

the receiving module is used for receiving the authentication request of the fourth user and distributing network access information for the fourth user after the authentication of the fourth user is passed, wherein the network access information comprises: distributing IP address information, or IP address information and affiliated UP information;

And the sending module is used for sending the network access information of the fourth user to each UP so that each UP configures a cross-UP forwarding table according to the network access information of the fourth user, and each UP responds to the first user according to the cross-UP forwarding table to enable the first user to access the target user according to the ARP response.

It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.

Drawings

The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the specification and together with the description, serve to explain the principles of the specification.

FIG. 1 is a schematic diagram of a control-by-rotation separation networking architecture, according to an exemplary embodiment of the present disclosure.

Fig. 2 is a flow diagram illustrating a method of cross-forwarding plane UP communication according to an exemplary embodiment of the present disclosure.

FIG. 3 is a schematic diagram of a control-by-rotation separation networking architecture, according to an exemplary embodiment of the present disclosure.

Fig. 4 is a flow diagram illustrating a method of cross-forwarding plane UP communication according to an exemplary embodiment of the present disclosure.

Detailed Description

Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numbers in different drawings refer to the same or similar elements, unless otherwise indicated. The implementations described in the following exemplary examples do not represent all implementations consistent with the present specification. Rather, they are merely examples of apparatus and methods consistent with some aspects of the present description as detailed in the accompanying claims.

The terminology used in the description presented herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the description. As used in this specification and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any or all possible combinations of one or more of the associated listed items.

It should be understood that although the terms first, second, third, etc. may be used in this specification to describe various information, these information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, the first information may also be referred to as second information, and similarly, the second information may also be referred to as first information, without departing from the scope of the present description. The word "if" as used herein may be interpreted as "at … …" or "at … …" or "in response to a determination" depending on the context.

In a networking architecture with separated control and rotation as shown in fig. 1, disaster recovery is configured between CP1 and CP2, UP Wen Bei is configured between UP1 and UP2, and a channel-related channel is configured between CP and UP, so that the CP can normally manage UP. (it should be noted that UP Wen Bei means that after the user goes online, the final CP only issues user list items to the main UP, and the backup UP does not issue user list items, so that more UP user resources can be saved compared with the backup UP.)

Under the networking, the UP is used as a DHCP SERVER role of a terminal, and is also used as an ODAP client role of a CP, the CP is used as an ODAP server role, the terminal initiates BRAS authentication to the CP equipment, after the authentication is passed, the UP can allocate an address to the terminal, the UP is used as the ODAP client, if no address which can be allocated is idle at the moment, a DHCP request CP (ODAP server) is initiated to acquire a new address field resource, and after the new address field is acquired, an address is allocated to a user, so that the user can finish online and normally access network resources.

If OADP server are assigned to the sub-network segments of the ODAP client, each network segment has its own independent gateway, which may cause the address utilization of the ODAP server to be too low, at this time, we can solve the problem of the scenario by sharing the gateway, for example, as follows:

1. The ODAP server has a large segment of 10.1.1.1/24 (256 addresses), and the ODAP client is assigned a subnet segment length of 30 bits.

2. If the sub-network segments allocated to the ODAP client are all independent gateways, the method means that 1 address is reserved for each of 4 addresses of one sub-network segment as gateway addresses, 1 is reserved for broadcasting addresses of the sub-network segment, only 2 addresses remain to be allocated to the terminals for use, and the method means that 256 addresses of the whole ODAP server can only support 128 terminals for access, and the waste of the addresses is huge.

3. If the ODAP server uses the shared gateway mode, it is assumed that the gateway is 10.1.1.1, the broadcast reserved address is 10.1.1.255, and the gateway is used for 64 sub-network segments, so that 256 addresses can be used to support 254 terminals to access, and the utilization rate of the addresses is greatly improved.

As described above, although the shared gateway brings about a great improvement in address utilization, users in different UPs are in the same network segment, resulting in an ARP request being initiated when users in different UPs visit each other, as shown in FIG. 1, the address pool of the ODAP server is 10.1.1.1/24, the shared gateway address is 10.1.1.1, the sub-network segment allocated to UP1 is 10.1.1/30, the sub-network segment allocated to UP2 is 10.1.1.4/30, the user1 access the access address from UP1 is 10.1.1.2, the gateway is 10.1.1.1, the mask is 24 bits, the user2 access the access address from UP2 is 10.1.1.4, the gateway is 10.1.1.1, and the mask is 24 bits.

If the user1 accesses the user2, because the user1 and the user2 are in the same network segment, the ARP request will be directly sent, but in reality, there are two UP units of the user1 and the user2, which will cause the ARP to be not enabled, and the service to be not enabled.

To solve the above technical problem, an embodiment of the present disclosure provides a method for cross-forwarding plane UP communication, where the method is applied to a first UP, as shown in fig. 2, and the method includes:

S201, receiving an access request of a first user, wherein the access request comprises an ARP request;

S202, judging whether a target user accessed by a first user belongs to a first UP according to the access request;

s203, if not, judging whether the network access information of the target user exists in the cross-UP forwarding table, if so, carrying out ARP response on the first user according to the network access information of the target user, so that the first user accesses the target user according to the ARP response;

the network access information comprises: and the CP is the IP address information allocated for the second user.

In this embodiment, the forwarding plane UP may be deployed on a data forwarding device, such as a switch or a router, or may be deployed in a Virtualized Network Function (VNF), such as a virtual router or a virtual switch. The control plane CP may be deployed in a server or a network device.

In this embodiment, the CP assigns different subnets segments to different UP (ODAP client) in the shared gateway mode as an ODAP server role.

To implement the solution in the present application, each UP may construct a cross-UP forwarding table in which network access information of users in other UPs is recorded (for convenience of distinction, users in other UPs are referred to as second users). For ease of explanation, the present example is explained with a network structure of one CP and two UP, and in practical application, there may be a standby CP and more than two UP.

As shown in fig. 3, a first user (MAC: 1-1-3) initiates authentication to a CP through an IPOE, and the CP configures network access information for the first user after the first user passes the authentication, for example, the network access information may include: the first user is assigned an IP address of 10.1.1.2, mask 24 bits, gateway IP address: 10.1.1.1. after configuring the network access information for the first user, the CP may send the network access information of the first user to UP1 and UP2.

Similarly, a second user in UP2 (for convenience of explanation, one user is shown in UP2, in practice, a plurality of users may be considered as second users in UP 2) initiates authentication to the CP through the IPOE, and after the CP authenticates the second user, the CP configures network access information for the second user, for example, the network access information may include: the second user is assigned an IP address 10.1.1.5, mask 24 bits, gateway IP address, UP 2: 10.1.1.1. after configuring the network access information for the second user, the CP may send the network access information of the second user to UP1 and UP2.

In this embodiment, after the UP1 receives the network access information of the second user, a cross-UP forwarding table may be established according to the network access information of the second user, as shown in table 1:

Index	IP	UP	Aging
				1	10.1.1.5	UP2	T1

TABLE 1

Wherein, IP field: the address acquired by the IPOE user online, namely the IP address of the terminal;

UP field: the UP to which the IPOE user is online;

the Aging field: the entry ages.

It should be noted that, the table entry may also further add other relevant fields in the IPOE user table, for example, an access vlan, a terminal mac, etc. corresponding to the IPOE user table, which may be added according to the actual situation.

Similarly, after the UP2 receives the network access information of the first user, a cross-UP forwarding table can be established according to the network access information of the first user.

In this embodiment, after the UP1 receives the network access information of the first user from the CP, a local UP forwarding table may be constructed, and in practical application, the cross-UP forwarding table and the local UP forwarding table may be the same table, and the UP may distinguish whether to perform three-layer forwarding or local two-layer forwarding across the UP according to the UP information in the table.

In this embodiment, the above-mentioned cross-UP forwarding table and/or local UP forwarding table may be issued to each UP when the user is online, i.e., if the first user is online UP to UP1, the CP synchronizes other UP devices other than UP1 to issue the table. Meanwhile, the CP can monitor the user who is on line, and when the user is off line, the CP can recover the network access information of the user from various UP types, for example, after the first user is off line, the CP can recover the network access information about the first user from the UP2 across the UP forwarding table. Through this step, the UP may predict whether the accessed user is still online when receiving the access user (for example, the first user is to access the second user, and the first user is the access user, and the second user is the accessed user), and execute step S203 if online, and discard the access request of the access user if not online, so as to avoid a network attack caused by frequent access of a malicious user to the accessed user that is not online.

In step S202, when the UP1 receives an access request (ARP request) of the first user, the UP1 acquires destination address information in the access request, and can match address information in a local UP forwarding table by using the acquired destination address information, if a matching item exists, the access request can be considered as a non-cross-UP access, and then communication between the first user and the accessed user can be completed according to a two-layer protocol; if no matching item exists, the obtained destination address information can be used for matching the address information in the cross-UP forwarding table, and if the matching item exists, step S203 can be executed; if no matching item exists in the local UP forwarding table and the cross UP forwarding table, discarding the access request so as to avoid forming network attack.

In step S203, when it is determined that the target user to be accessed by the first user is a cross-UP user, access information of the target user in the cross-UP forwarding table may be obtained, and an ARP reply is generated, where a source IP address of the ARP reply is IP address information of the target user obtained from the cross-UP forwarding table, a destination IP address of the ARP reply is IP address information of the first user, a source MAC address of the ARP reply is an interface MAC address of the first UP, and a destination MAC address of the ARP message is a MAC address of the first user. And sending the ARP response to the first user in the UP1, so that the first user learns ARP list items after receiving the ARP response and requests a message to the first UP, and the first UP queries a routing table according to the request message and sends the request message to a target user through a three-layer network according to the query result of the routing table.

Referring to the example of fig. 3, after receiving the ARP request of the first user, UP1 first determines whether the destination ip:10.1.1.5 in the ARP message is for the local machine, and if so, then the normal ARP reply flow is performed to complete the two-layer forwarding.

If the address 10.1.1.5 exists in the cross-UP forwarding table, the access request can be determined to be cross-UP access, and an ARP response is generated at the moment, wherein 10.1.1.5 is used as a source IP, the destination IP is 10.1.1.2, the source MAC is 1-1-1 (UP 1 interface MAC), and the destination MAC is 1-1-3, and the ARP response message is packaged and sent to the first user.

After receiving the ARP response sent by the UP1, the first user learns the ARP table entry and sends a request message to the UP1, for example, the entry UP1 sends an ICMP request message, the destination IP address of the ICMP request message is 10.1.1.2, the source IP address is 10.1.1.5, the destination MAC address is 1-1-1, and the source MAC address is 1-1-3.

After the UP1 receives the ICMP request message, the route searching hit 10.1.1.0/30 route is forwarded to the CR, the CR route searching is forwarded to the UP2, the UP2 continues to search the route hitting the target user route, and finally forwarded to the target user (i.e., the second user).

In this embodiment, after the second user receives the ICMP request message, it needs to respond to the ICMP response, and also needs to initiate an ARP request first, where the processing procedure is the same as that of the first user initiating the ARP request, and is not described herein again, and after the second user learns the ARP message, the forwarding procedure after the ICMP response message reaches UP2 is the same as that of the first user sending the ICMP request message, and is not described herein again.

And finally, the first user receives the ICMP response message, and the whole forwarding interaction is completed, so that the same network section cross-UP communication of the first user and the second user is realized.

From the above embodiments, it can be seen that, under the networking with separated control and rotation, the ODAP server uses the shared gateway mode, and the IPOE access terminal is on-line on different UP, by constructing the cross-UP forwarding table, and by steps S201-S203, the user under different UP can implement communication.

The embodiment of the disclosure also provides a method for cross forwarding plane UP communication, which is applied to CP, as shown in fig. 4, and includes:

S401, receiving an authentication request of a fourth user, and distributing network access information for the fourth user after passing the authentication of the fourth user, wherein the network access information comprises: distributing IP address information, or IP address information and affiliated UP information;

S402, sending the network access information of the fourth user to each UP, so that each UP configures a cross-UP forwarding table according to the network access information of the fourth user, and makes each UP respond to the first user according to the cross-UP forwarding table, and makes the first user access the target user according to the ARP response.

By the method, the CP instructs the UP to establish the cross-UP forwarding table, so that the cross-UP communication of the user is realized.

The embodiment of the disclosure also provides a routing device, which enables a forwarding plane UP function, comprising:

The embodiment of the disclosure also provides a network device, which enables a control plane CP function, comprising:

For the device embodiments, reference is made to the description of the method embodiments for the relevant points, since they essentially correspond to the method embodiments. The apparatus embodiments described above are merely illustrative, wherein the modules illustrated as separate components may or may not be physically separate, and the components shown as modules may or may not be physical, i.e., may be located in one place, or may be distributed over a plurality of network modules. Some or all of the modules may be selected according to actual needs to achieve the purposes of the present description. Those of ordinary skill in the art will understand and implement the present invention without undue burden.

The foregoing describes specific embodiments of the present disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims can be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.

Other embodiments of the present description will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This specification is intended to cover any variations, uses, or adaptations of the specification following, in general, the principles of the specification and including such departures from the present disclosure as come within known or customary practice within the art to which the specification pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the specification being indicated by the following claims.

It is to be understood that the present description is not limited to the precise arrangements and instrumentalities shown in the drawings, which have been described above, and that various modifications and changes may be made without departing from the scope thereof. The scope of the present description is limited only by the appended claims.

The foregoing description of the preferred embodiments is provided for the purpose of illustration only, and is not intended to limit the scope of the disclosure, since any modifications, equivalents, improvements, etc. that fall within the spirit and principles of the disclosure are intended to be included within the scope of the disclosure.

Claims

1. A method of cross-forwarding plane UP communication, wherein the method is applied to a first UP, the method comprising:

2. The method of claim 1 wherein the method of obtaining the cross-UP forwarding table comprises:

3. The method according to claim 1, wherein the method further comprises:

4. The method of claim 3 wherein the determining whether the target user accessed by the first user is attributed to the first UP based on the access request comprises:

Acquiring a destination address in the access request;

If yes, determining that the target user belongs to the first UP;

if not, determining that the target user is not attributed to the first UP.

5. The method of claim 1, wherein the ARP reply for the first user based on the network access information of the target user comprises:

6. The method of claim 1, wherein said causing the first user to access the target user in accordance with the ARP reply comprises:

7. The method of claim 1, wherein the networking information further comprises: corresponding to the UP information to which the user belongs, the method further comprises:

8. A method of cross-forwarding plane UP communication, wherein the method is applied to a CP, the method comprising:

9. A routing device, wherein the routing device enables a forwarding plane UP function, the routing device comprising:

10. The routing device of claim 9, wherein the routing device is configured to,

11. A network device, the network device enabling control plane CP functionality, the network device comprising: