CN1486033A - Method for routing among accessing users of multiple ISP - Google Patents
Method for routing among accessing users of multiple ISP Download PDFInfo
- Publication number
- CN1486033A CN1486033A CNA021317860A CN02131786A CN1486033A CN 1486033 A CN1486033 A CN 1486033A CN A021317860 A CNA021317860 A CN A021317860A CN 02131786 A CN02131786 A CN 02131786A CN 1486033 A CN1486033 A CN 1486033A
- Authority
- CN
- China
- Prior art keywords
- access
- user
- message
- encapsulation
- routing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention belongs the data correspondence field, especially refers to several switch-in user routing method of internet service providers. The method includes: switch-in user net browsing process: the switch-in server sends routing addition information to out router; switch-in user online process: the switch-in server and out router carry on open routing sealing and unsealing process to the up and down data packages; the switch-in user offline process: the switch-in server sends route deleting information to the out router. The method can reduce the occupation of net resources.
Description
Technical field
The invention belongs to data communication technology field, particularly a plurality of ISPs' access user method for routing.
Background technology
Local common access platform is set up in telecom operators, provides the passage rental service to social ISP, and these ISPs share all of the port of common access platform, helps to improve the utilance of resource, optimizes network configuration.As the access server of common access platform chief component, need have the ability that inserts user area divided data stream for different ISPs.
Traditional implementation method of a plurality of ISPs' access user route is used the source address route technology usually.The method of source address route is: on access server, each ISP is inserted the packet of user uplink to the internet, source address (promptly inserting user's address) according to this packet is carried out route, and each ISP's access user can share the port of common access platform like this.
The source address route technology has solved the problem that route that the user goes out and packet focus on ISP's egress router under it that inserts preferably.But because the user is unfixed from which access server online, therefore the route of getting back to access server through egress router can only generate by dynamic routing protocol, this just causes the expansion of ISP's egress router routing table inevitably, cause the decline of router efficiency, when ISP's user is a lot, the restriction that might exceed the router memory resource makes router exhausted at a standstill because of memory source; On the other hand, when network capacity was very big, online a large amount of routing iinformation broadcast packets were to cause one of factors of instability, and losing also of broadcast packet can cause the obstructed of user network.When ISP's access user was a lot, its egress router often was busy with handling a large amount of routing iinformation broadcast packets, and actual treatment effeciency can descend greatly.
Summary of the invention
The objective of the invention is for overcoming the weak point of prior art, a kind of a plurality of ISPs' access user method for routing is proposed, be intended to set up on access server and the router routing iinformation that each ISP inserts the user, to avoid using dynamic routing protocol to generate about inserting user's the descending route from the egress router to the access server, thereby reduce use to Internet resources, accelerate butt joint access customer processing data packets speed, improve the stability of access server and router operation.
The present invention proposes a kind of a plurality of ISPs' access user method for routing, may further comprise the steps:
1) insert the user and go up network process: access server sends route to egress router and adds message;
2) insert the user at line process: the uplink and downlink packet of access server and egress router butt joint access customer carries out open routed encapsulation (PRE encapsulation) and opening processing;
3) insert network process under the user: access server sends route deletion message to egress router.
The present invention is said to insert the user in line process, can carry out the PRE encapsulation to the user's data bag is to wrap three layers of simple tunnel encapsulation that PRE head of encapsulation constitutes in access user initial data, and said PRE head is made up of an IP head and ISP ID two parts.
Said access user can may further comprise the steps in line process:
1) this access server carries out on the PRE encapsulation back forwarding backbone network user's upstream data bag;
2) after this egress router is received packet after this encapsulation from backbone network, remove the PRE encapsulation, the packet of removing after the encapsulation is sent to the internet;
3) this egress router carries out being forwarded on the backbone network after the PRE encapsulation to receive the downlink data packet that inserts the user from the internet;
4) after this access server is received packet after this encapsulation from backbone network, remove the PRE encapsulation, transmit to give and insert the user removing packet after the encapsulation.
In the online process of said access user, comprise that also this access server writes down all users' access information, and periodically access information is sent to ISP's egress router by the form of timing routing update message.
Said timing routing update message can comprise following format content: type of message, access server IP address, the access customer number amount, each that be made up of ISP ID under access IP address, the access user and access user ID three parts inserts user's information, and the cryptographic check sign indicating number.
Said access user goes up network process, also can may further comprise the steps:
1) access server authenticates this access user by certificate server;
2) the IP address assignment server distributes an IP address for this access user.
Network process under the said access user also can comprise:
This access server sends the address and reclaims message, reclaims the IP address.
The said route of the present invention is added message, route deletion message can comprise the following format content: type of message, insert IP address, and access server IP address, ISP ID inserts user ID and cryptographic check sign indicating number territory.
The present invention can comprise that also the content that said route is added message, route deletion message and routing update message carries out cryptographic check, the identical shared key of configuration on access server and ISP's egress router.
The present invention also can comprise: the route aging mechanism that inserts is set on egress router, is about to not receive in the certain hour section access route deletion of routing update.
Characteristics of the present invention and effect:
1) the invention solves access server and the router routing issue to different ISP's access user datas streams: the upstream data bag that a plurality of ISPs are inserted subscriber to access Internet focuses on the problem on the egress router under it; And the downlink data packet of returning from the internet that will insert the user is got back to problem on the access server that the user inserts through egress router.
2) the present invention has reduced the machine utilization of access server and ISP's egress router: the packet of butt joint access customer has adopted three layers simple tunnel protocol to handle, encapsulation and the process fast processing of sealing off have effectively reduced the machine utilization of access server and egress router.
3) the present invention has reduced network traffics: use this method, in the access server process off line on the user, the notice egress router inserts route messages.Regularly routing update message quantity seldom.Compare with the mode that adopts dynamic routing protocol generation access user to return route, it is few to send data, and does not send data in the mode of broadcasting, and has reduced network traffics.
Description of drawings
Fig. 1 is applied in application networking diagram in the common access platform for the inventive method.
Fig. 2 goes up the embodiment flow chart of steps of network process for the inventive method user.
Fig. 3 is that the inventive method user is in the embodiment of line process flow chart of steps.
Fig. 4 is the embodiment flow chart of steps of network process under the inventive method user.
Specific implementation
The embodiment of a kind of a plurality of ISPs' that the present invention proposes access user method for routing is described with reference to the accompanying drawings as follows:
The inventive method is illustrated by using the concrete application networking example at as shown in Figure 1 common access platform.In Fig. 1, four access servers and three ISPs are arranged, these three ISPs' egress router is egress router 1, egress router 2, egress router 3.Be the backbone network of region, place between each access server and the ISP's egress router, when having router (shown in frame of broken lines among the figure) in the backbone network as intermediate router, during a certain internet site of user capture, intermediate router carries out route according to the destination address of user data package and seeks the footpath, can cause certain ISP's access user's data can not be directed to this ISP's egress router like this, not reach the purpose of data flow orientation.
Insert the egress router that user's data stream is directed to affiliated ISP in order to make, the inventive method adopts three layers simple tunnel protocol to reach the purpose of data flow orientation between access server and ISP's egress router, is called for short PRE (the open routed encapsulation of Public RoutingEncapsulation).Be that access server and ISP's egress router all will carry out the PRE encapsulation when the forwarding of access user data bag.
In the method for the invention, when also requiring each access user to surf the Net, the routing update of access server on finishing access server handled, also to send RAM (Route Add Message route is added message) message to the egress router of the ISP under this inserts the user, be included as the IP address of inserting user's IP address allocated and access server in this message, thereby on this egress router, form the access route that this access user's data bag returns from the internet; Insert the user simultaneously when off line, send RDM (Route Delete Message route deletion message) message to egress router, latter's deletion inserts user's access route corresponding to this.
Simultaneously, add message or route deletion information drop-out in order to prevent route, access server also writes down all users' access information, and periodically the form of access information by TRUM (Time Route UpdateMessage regularly routing update message) message sent to ISP's egress router, can comprise the access information that belongs to a plurality of access of this Internet server merchant users in this message.
The route aging mechanism that inserts is set on the egress router of the present invention, will receive the access route deletion of routing update in the certain hour section.In order to prevent that RAM, RDM and TRUM message packet from being distorted in the transmission course on backbone network, use the MD5 algorithm that message content is carried out cryptographic check, on access server and ISP's egress router, need the identical shared key of configuration.The access server of present embodiment uses the multi-service access server, and it has comprised dialing and ISDN access, access via telephone line, application such as cascade between frame.
The shared key of configuration use MD5 algorithm for encryption verification is " hello " on this access server and egress router.The TRUM timed sending time is set on access server is spaced apart 60 seconds.It is 180 seconds that the expired time that inserts route is set on router.If this egress router does not receive that in 180 seconds certain inserts user's TRUM message, this inserts user's access route with deletion.
The embodiment general steps of the inventive method is described in detail as follows:
The access user of present embodiment goes up network process, and its step comprises as shown in Figure 2:
1) insert the user and connect access server, access server is according to access code, go this ISP the certificate server authentication, authentication is by then continuing next step.Otherwise refuse this user, the user inserts the online failure;
2) after the certificate server authentication was passed through, this ISP's IP address assignment server distributed an IP address for this access user, and next step is then continued in the IP address, otherwise refuses this user, and the user inserts the online failure;
3) behind the access user address acquisition, access server is set up this access user's main frame route and relevant access information, and the egress router of the ISP under this access user is sent out RAM message then; The egress router of ISP under this access user is received this RAM message, sets up the access route that this access user's data bag returns from the internet according to the IP address of access user's IP address in the message and access server.
The step of access user in line process of present embodiment as shown in Figure 3, comprising:
1) if access server is received the upstream data bag of the access the Internet that inserts the user, according to user's access information, the user's data bag is carried out the PRE encapsulation, the packet after the encapsulation is sent on the backbone network;
2) egress router is received the packet after this PRE encapsulates, and removes the PRE encapsulation, and the packet of removing after encapsulating is sent to the internet;
3) egress router is received the downlink data packet of returning from the internet that inserts the user, looks into the access route of this user's correspondence, learns the access server address, and the user's data bag is carried out the PRE encapsulation, and the packet after the encapsulation is sent on the backbone network;
4) after access server is received packet after this PRE encapsulation, remove the PRE encapsulation, transmit to give and insert the user removing packet after the encapsulation;
5) the access server cycle sends regularly routing update message to egress router;
Network process under the access user of present embodiment, its step comprises as shown in Figure 4:
1) ISP of access server under this inserts the user egress router sends RDM message; This egress router is received this RDM message, deletes this access user's access route;
2) ISP of access server under this inserts the user IP address assignment server sends the address and reclaims message, reclaims the IP address.
Present embodiment on above-mentioned in the network process, the 1st) step and the 2nd) step is that the necessity that inserts user's online is handled, in network process down, the 2nd) step is to insert the off line necessity processing of user, all the other steps are feature technology contents of the inventive method.
The embodiment of the feature technology of the inventive method is described in detail as follows; After inserting user's online, access server sends RAM message to egress router, after egress router is received this message, sets up the route of returning that inserts the user.RAM message format such as table 1 in the present embodiment:
Table 1
| Type of message | Insert IP address | Access server IP address | ISP ID | Insert user ID | The cryptographic check sign indicating number |
Each itemization format in the table 1 is defined as follows: the type of message territory is used for representing that this message is RAM message, and content is a numerical value 65537.Insert IP address territory content for inserting user's IP address.Access server IP address field content is the IP address of access server.On access server,, it is numbered identification respectively in order to distinguish different ISPs.ISP ID territory content is this ID number of inserting the affiliated ISP of user on the access server.On access server,, also it is numbered identification respectively in order to distinguish current all users that insert.Inserting user ID territory content is that access server inserts ID number that the user distributes for this reason.Content to type of message, access IP address, access server IP address, ISP ID, the several fields of access user ID, use shared key " hello " to carry out cryptographic check, the check code of encrypting the back generation is inserted cryptographic check sign indicating number territory with the MD5 algorithm.The MD5 algorithm is a kind of disclosed, ripe cryptographic algorithm, introduces no longer in detail herein.
Insert the user and send the packet that is up to the internet, access server carries out forwarding egress router to after the PRE encapsulation, and egress router is forwarded to the internet with packet after removing the PRE encapsulation.Egress router is received and is inserted the packet that the user returns from the internet, carries out the PRE encapsulation according to returning route, is forwarded to access server, and access server is transmitted to the user with packet after removing the PRE encapsulation.The form of present embodiment PRE encapsulation and concrete the definition as table 2:
Table 2
| The IP head | ISP ID | Insert user's raw data packets |
The PRE encapsulation is one three layers a simple tunnel encapsulation, promptly wraps PRE head of encapsulation in access user initial data.The PRE head is made up of an IP head and ISP ID two parts.
During the access user was online, access server sent the TRUM message informing every 60 seconds to egress router, and this inserted user's access information.Present embodiment TRUM message format such as table 3:
Table 3
| Type of message | Access server IP address | The access customer number amount | Insert IP address | Insert user ISP ID | Insert user ID | Insert IP address | Insert user ISP ID | Insert user ID | … … … | The cryptographic check sign indicating number |
Specifically being defined as of each form in the table 3: the type of message territory is used for representing that this message is TRUM message, and content is a numerical value 65539.Access server IP address field content is the IP address of access server.Owing to can carry a plurality of access users' information in the TRUM message, access customer number amount territory content is carried the number that inserts user profile in the TRUM message for this reason.Each is inserted user's information, form by ISP ID under access IP address, the access user and access user ID three parts.The meaning of these three parts is no longer described in the existing explanation in detail of RAM message herein.Access customer number amount territory content is N, and N information that inserts the user is just arranged in the TRUM message.The cryptographic check sign indicating number that is to use the MD5 algorithm that above content is generated at last of message.
After inserting user offline, access server sends RDM message to egress router, and after egress router was received this message, deletion inserted user's the route of returning.The form of RDM message is just the same with RAM message.Just the type of message territory is used for representing that this message is RDM message, and content is a numerical value 65538.
Claims (10)
1, a kind of a plurality of ISPs' access user method for routing is characterized in that, may further comprise the steps:
1) insert the user and go up network process: access server sends route to egress router and adds message;
2) insert the user at line process: the uplink and downlink packet of access server and egress router butt joint access customer carries out open routed encapsulation (PRE encapsulation) and opening processing;
3) insert network process under the user: access server sends route deletion message to egress router.
2, a plurality of ISPs' as claimed in claim 1 access user method for routing, it is characterized in that, saidly inserting the user in line process, it is to wrap three layers of simple tunnel encapsulation that PRE head of encapsulation constitutes in access user initial data that the user's data bag is carried out the PRE encapsulation, and said PRE head is made up of an IP head and ISP ID two parts.
3, a plurality of ISPs' that state as claim 1 or 2 access user method for routing is characterized in that said access user specifically may further comprise the steps at line process:
1) this access server carries out on the PRE encapsulation back forwarding backbone network user's upstream data bag;
2) after this egress router is received packet after this encapsulation from backbone network, remove the PRE encapsulation, the packet of removing after the encapsulation is sent to the internet;
3) this egress router carries out being forwarded on the backbone network after the PRE encapsulation to receive the downlink data packet that inserts the user from the internet;
4) after this access server is received packet after this encapsulation from backbone network, remove the PRE encapsulation, transmit to give and insert the user removing packet after the encapsulation.
4, a plurality of ISPs' as claimed in claim 3 access user method for routing, it is characterized in that, in the online process of said access user, comprise that also this access server writes down all users' access information, and periodically access information is sent to ISP's egress router by the form of timing routing update message.
5, method as claimed in claim 4, it is characterized in that, said timing routing update message comprises following format content: type of message, access server IP address, the access customer number amount, each that be made up of ISP ID under access IP address, the access user and access user ID three parts inserts user's information, and the cryptographic check sign indicating number.
6, a plurality of ISPs' as claimed in claim 1 access user method for routing is characterized in that, said access user goes up network process, and is further comprising the steps of:
1) access server authenticates this access user by certificate server;
2) the IP address assignment server distributes an IP address for this access user.
7, a plurality of ISPs' as claimed in claim 1 access user method for routing is characterized in that, network process under the said access user also comprises: this access server sends the address and reclaims message, reclaims the IP address.
8, as claim 1,6 or 7 described methods, it is characterized in that, said route is added message, route deletion message comprises the following format content: type of message, insert IP address, access server IP address, ISP ID inserts user ID and cryptographic check sign indicating number territory.
9, as claim 1,6 or 7 described a plurality of ISPs' access user method for routing, it is characterized in that, also comprise and the content of said route interpolation message, route deletion message and routing update message is carried out cryptographic check, the identical shared key of configuration on access server and ISP's egress router.
10, a plurality of ISPs' as claimed in claim 1 access user method for routing, it is characterized in that, also comprise: the route aging mechanism that inserts is set on egress router, is about to not receive in the certain hour section access route deletion of routing update.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB021317860A CN100414898C (en) | 2002-09-23 | 2002-09-23 | Method for routing among accessing users of multiple ISP |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB021317860A CN100414898C (en) | 2002-09-23 | 2002-09-23 | Method for routing among accessing users of multiple ISP |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1486033A true CN1486033A (en) | 2004-03-31 |
| CN100414898C CN100414898C (en) | 2008-08-27 |
Family
ID=34145037
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB021317860A Expired - Fee Related CN100414898C (en) | 2002-09-23 | 2002-09-23 | Method for routing among accessing users of multiple ISP |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100414898C (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101001205B (en) * | 2006-12-29 | 2010-08-11 | 华为技术有限公司 | Method of link linkage and communication equipment thereof |
| CN108183859A (en) * | 2017-12-27 | 2018-06-19 | 杭州迪普科技股份有限公司 | A kind of internet traffic dispatching method and system |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6577643B1 (en) * | 1997-10-14 | 2003-06-10 | Lucent Technologies Inc. | Message and communication system in a network |
| US6335936B1 (en) * | 1999-04-22 | 2002-01-01 | Ameritech Corporation | Wide area communication networking |
| EP1202507A1 (en) * | 2000-10-31 | 2002-05-02 | BRITISH TELECOMMUNICATIONS public limited company | Telecommunications systems |
-
2002
- 2002-09-23 CN CNB021317860A patent/CN100414898C/en not_active Expired - Fee Related
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101001205B (en) * | 2006-12-29 | 2010-08-11 | 华为技术有限公司 | Method of link linkage and communication equipment thereof |
| CN108183859A (en) * | 2017-12-27 | 2018-06-19 | 杭州迪普科技股份有限公司 | A kind of internet traffic dispatching method and system |
| CN108183859B (en) * | 2017-12-27 | 2021-01-26 | 杭州迪普科技股份有限公司 | Internet traffic scheduling method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN100414898C (en) | 2008-08-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1254059C (en) | Method of realizing special multiple-protocol label exchanging virtual network | |
| CN101075962A (en) | Method and apparatus for realizing DHCP repeater in two-layer network exchanger | |
| US7257643B2 (en) | Method and apparatus to improve network routing | |
| CN1135689A (en) | Method for interconnecting local network and apparatus thereof | |
| CN101047618A (en) | Method and system for acquiring network route information | |
| CN1511399A (en) | Method and apparatus to perform network routing | |
| CN1859292A (en) | Household gateway and method for ensuring household network service terminal QoS | |
| CN1781283A (en) | Method for the automatic configuration of a communications device | |
| CN1716904A (en) | Group broadcast realizing method based on multiple service transmission platform | |
| CN101068227A (en) | System for protecting QoS system based on family gateway and reservation band width technique and method thereof | |
| CN1863127A (en) | Method for core network access to multi-protocol sign exchange virtual special network | |
| CN106713144A (en) | Read-write method of message exit information and forwarding engine | |
| CN1297105C (en) | Method for implementing multirole main machine based on virtual local network | |
| CN102571375A (en) | Multicast forwarding method and device as well as network device | |
| CN1859417A (en) | Method for realizing multiple network device link aggregation | |
| CN101075924A (en) | Method for accessing server by customer end | |
| CN1543132A (en) | Method for implementing multicast spanning VLAN | |
| CN1152313C (en) | Section-by-section congestion control method based on random early detection | |
| CN1176540C (en) | Method for realizing switch in with mixed multiple users'types in Ethernet network switch in devices | |
| CN1905560A (en) | Method of using non-number port in route protocol based on IPV4 | |
| CN1809070A (en) | Method of implementing resource control on access layer per VC in L2VPN | |
| CN1716910A (en) | Method to provide multicast data transmission in a discontinuous network | |
| CN1412988A (en) | Packaging retransmission method of message in network communication | |
| CN1306770C (en) | A method for bearing IP message protocol on ATM network supported by broadband access equipment | |
| CN101043392A (en) | Apparatus and base station equipment for transmitting IP packet in WiMAX network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20080827 Termination date: 20150923 |
|
| EXPY | Termination of patent right or utility model |