CN1759572A - 一种实现以太网业务安全隔离的方法 - Google Patents
一种实现以太网业务安全隔离的方法 Download PDFInfo
- Publication number
- CN1759572A CN1759572A CN03826210.XA CN03826210A CN1759572A CN 1759572 A CN1759572 A CN 1759572A CN 03826210 A CN03826210 A CN 03826210A CN 1759572 A CN1759572 A CN 1759572A
- Authority
- CN
- China
- Prior art keywords
- voip identifiers
- business
- vlan
- ethernet service
- security isolation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0272—Virtual private networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4604—LAN interconnection over a backbone network, e.g. Internet, Frame Relay
- H04L12/462—LAN interconnection over a bridge based backbone
- H04L12/4625—Single bridge functionality, e.g. connection of two networks over a single bridge
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Air Bags (AREA)
- Auxiliary Devices For And Details Of Packaging Control (AREA)
- Small-Scale Networks (AREA)
Abstract
本发明涉及一种实现以太网业务安全隔离的方法,以满足电信运营商建立第二层以太网业务虚拟专用网(VPN)的需求。首先为连接客户业务的物理端口分配一个客户标识符,将进入物理端口的业务打上客户标识符;经过业务的交换或者路由处理之后,当希望在某物理端口下业务的时候,判断业务中的客户标识符是否与该端口的客户标识符相符合,只有符合的业务才能够通过。这种方法克服了VLAN技术仅仅面向一个独立企业的缺点,解决了电信运营者为多个企业用户提供以太网/VLAN业务时面临的安全隔离问题,在此基础上,还提供完全的虚拟网桥功能,实现业务的透明传送,可以不关心用户业务中的VLAN信息,降低管理复杂度,提高设备的独立性;适合电信运营商经营以太网业务,提高以太网业务的运营能力和可测试性。
Description
PCT国内申请,说明书已公开。
Claims (1)
- PCT国内申请,权利要求书已公开。
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/CN2003/000478 WO2004114605A1 (fr) | 2003-06-20 | 2003-06-20 | Procede d'isolation securise de services de reseau ethernet |
Publications (2)
Publication Number | Publication Date |
---|---|
CN1759572A true CN1759572A (zh) | 2006-04-12 |
CN100463440C CN100463440C (zh) | 2009-02-18 |
Family
ID=33520365
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CNB03826210XA Expired - Lifetime CN100463440C (zh) | 2003-06-20 | 2003-06-20 | 一种实现以太网业务安全隔离的方法 |
Country Status (7)
Country | Link |
---|---|
EP (1) | EP1646188B2 (zh) |
CN (1) | CN100463440C (zh) |
AT (1) | ATE513389T1 (zh) |
AU (1) | AU2003304229A1 (zh) |
ES (1) | ES2367629T3 (zh) |
PT (1) | PT1646188E (zh) |
WO (1) | WO2004114605A1 (zh) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN100452773C (zh) * | 2006-08-02 | 2009-01-14 | 杭州华三通信技术有限公司 | 基于虚拟局域网的数据发送方法与装置 |
CN101197760B (zh) * | 2006-12-05 | 2010-09-29 | 中兴通讯股份有限公司 | 虚拟专网服务中用户分组互通/隔离装置 |
CN103546473A (zh) * | 2013-10-28 | 2014-01-29 | 中国软件与技术服务股份有限公司 | 一种基于浏览器的业务系统动态隔离保护方法及系统 |
CN114301736A (zh) * | 2021-12-29 | 2022-04-08 | 凯通科技股份有限公司 | 一种混合组网下非对称标签的业务配置方法及相关设备 |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN100373867C (zh) * | 2005-01-14 | 2008-03-05 | 北邮英科(北京)信息技术研究所有限公司 | 网络隔离与信息交换模块的大规模并行处理装置及方法 |
KR100715673B1 (ko) | 2005-09-07 | 2007-05-09 | 한국전자통신연구원 | 가입자 식별 태그를 이용한 사용자 패킷 처리방법 |
US8705534B2 (en) | 2009-11-13 | 2014-04-22 | Telefonaktiebolaget L M Ericsson (Publ) | Provider edge bridge with remote customer service interface |
CN102902617A (zh) * | 2011-07-27 | 2013-01-30 | 中兴通讯股份有限公司 | 软件仿真实现sdh虚级联业务的方法及系统 |
CN106953793B (zh) * | 2017-02-21 | 2021-07-16 | 林星裕 | 基于即时通讯操作界面的团队成员管理系统 |
CN114036031B (zh) * | 2022-01-05 | 2022-06-24 | 阿里云计算有限公司 | 一种企业数字中台中资源服务应用的调度系统和方法 |
Family Cites Families (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6937574B1 (en) * | 1999-03-16 | 2005-08-30 | Nortel Networks Limited | Virtual private networks and methods for their operation |
US6990106B2 (en) | 2001-03-19 | 2006-01-24 | Alcatel | Classification and tagging rules for switching nodes |
JP2003032259A (ja) * | 2001-07-18 | 2003-01-31 | Hitachi Cable Ltd | ギガビットイーサネット多重装置 |
CN1180359C (zh) * | 2001-08-01 | 2004-12-15 | 苏毅 | 网络连接/隔离的控制方法 |
JP4236398B2 (ja) * | 2001-08-15 | 2009-03-11 | 富士通株式会社 | 通信方法、通信システム及び通信接続プログラム |
JP2003078548A (ja) * | 2001-08-31 | 2003-03-14 | Hitachi Kokusai Electric Inc | 加入者無線アクセスシステム |
US8713185B2 (en) * | 2001-12-07 | 2014-04-29 | Rockstar Bidco, LP | Methods of establishing virtual circuits and of providing a virtual private network service through a shared network, and provider edge device for such network |
EP1318631B1 (en) | 2001-12-07 | 2005-12-21 | Nortel Networks Limited | Address resolution method for a virtual private network, and customer edge device for implementing the method |
CN1125545C (zh) * | 2001-12-31 | 2003-10-22 | 刘军民 | 实现局域网虚通道传送的数据转发方法 |
-
2003
- 2003-06-20 AU AU2003304229A patent/AU2003304229A1/en not_active Abandoned
- 2003-06-20 AT AT03739963T patent/ATE513389T1/de active
- 2003-06-20 PT PT03739963T patent/PT1646188E/pt unknown
- 2003-06-20 ES ES03739963T patent/ES2367629T3/es not_active Expired - Lifetime
- 2003-06-20 WO PCT/CN2003/000478 patent/WO2004114605A1/zh active Application Filing
- 2003-06-20 EP EP03739963.1A patent/EP1646188B2/en not_active Expired - Lifetime
- 2003-06-20 CN CNB03826210XA patent/CN100463440C/zh not_active Expired - Lifetime
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN100452773C (zh) * | 2006-08-02 | 2009-01-14 | 杭州华三通信技术有限公司 | 基于虚拟局域网的数据发送方法与装置 |
CN101197760B (zh) * | 2006-12-05 | 2010-09-29 | 中兴通讯股份有限公司 | 虚拟专网服务中用户分组互通/隔离装置 |
CN103546473A (zh) * | 2013-10-28 | 2014-01-29 | 中国软件与技术服务股份有限公司 | 一种基于浏览器的业务系统动态隔离保护方法及系统 |
CN103546473B (zh) * | 2013-10-28 | 2016-08-31 | 中国软件与技术服务股份有限公司 | 一种基于浏览器的业务系统动态隔离保护方法及系统 |
CN114301736A (zh) * | 2021-12-29 | 2022-04-08 | 凯通科技股份有限公司 | 一种混合组网下非对称标签的业务配置方法及相关设备 |
CN114301736B (zh) * | 2021-12-29 | 2023-08-29 | 凯通科技股份有限公司 | 一种混合组网下非对称标签的业务配置方法及相关设备 |
Also Published As
Publication number | Publication date |
---|---|
ATE513389T1 (de) | 2011-07-15 |
ES2367629T3 (es) | 2011-11-07 |
PT1646188E (pt) | 2011-09-09 |
EP1646188B1 (en) | 2011-06-15 |
AU2003304229A1 (en) | 2005-01-04 |
WO2004114605A1 (fr) | 2004-12-29 |
EP1646188A1 (en) | 2006-04-12 |
CN100463440C (zh) | 2009-02-18 |
EP1646188A4 (en) | 2007-06-13 |
EP1646188B2 (en) | 2018-10-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Knight et al. | Layer 2 and 3 virtual private networks: taxonomy, technology, and standardization efforts | |
EP1585262B1 (en) | Method for transporting time-division multiplexed communications through a packet-switched access network | |
US8228928B2 (en) | System and method for providing support for multipoint L2VPN services in devices without local bridging | |
EP3706374B1 (en) | Point-to-multipoint functionality in a bridged network | |
US9065680B2 (en) | Methods of establishing virtual circuits and of providing a virtual private network service through a shared network, and provider edge device for such network | |
CN100479409C (zh) | 用于增加可用的用户vlan空间的方法和系统 | |
US8249082B2 (en) | System method for a communications access network | |
JP2005341591A (ja) | 仮想プライベートネットワーク、マルチサービスプロビジョニングプラットフォーム及び方法 | |
US20070253432A1 (en) | Network device providing access to both layer 2 and layer 3 services on a single physical interface | |
US20130272161A1 (en) | System and method for indicating classification of a communications flow | |
JP2005086820A (ja) | チャネライズイーサネットオーバーソネット(EoS)インターフェースを用いる仮想プライベートネットワーク(VPN)、エッジルータ及び方法 | |
CN1759572A (zh) | 一种实现以太网业务安全隔离的方法 | |
CN100358322C (zh) | 多层虚拟局域网交换的方法 | |
CN101536410B (zh) | Lan拓扑检测和地址分配 | |
IL146995A (en) | Install and method in a branded communication system | |
WO2004039001A1 (fr) | Procede d'emission a debit secondaire d'un service de donnees utilisateur dans un emetteur de reseau longue distance | |
EP1526681B1 (en) | A method of transmitting data of different users in the vc -trunk of man | |
US7599373B1 (en) | Method and apparatus for automated provisioning for customer premises transport equipment | |
KR100781017B1 (ko) | 이더넷 서비스의 안전 격리를 실현하는 방법 | |
JP4146861B2 (ja) | ネットワーク接続方法及びその装置 | |
EP1770913A1 (en) | System and method for port mapping in a communications network switch | |
US7969966B2 (en) | System and method for port mapping in a communications network switch | |
JP2003078548A (ja) | 加入者無線アクセスシステム |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CX01 | Expiry of patent term | ||
CX01 | Expiry of patent term |
Granted publication date: 20090218 |