WO2007076692A1 - Method, system and device for bearing vpls service in ip backbone network - Google Patents

Method, system and device for bearing vpls service in ip backbone network Download PDF

Info

Publication number
WO2007076692A1
WO2007076692A1 PCT/CN2006/003606 CN2006003606W WO2007076692A1 WO 2007076692 A1 WO2007076692 A1 WO 2007076692A1 CN 2006003606 W CN2006003606 W CN 2006003606W WO 2007076692 A1 WO2007076692 A1 WO 2007076692A1
Authority
WO
WIPO (PCT)
Prior art keywords
vpls
l2tpv3
packet
vsi
service
Prior art date
Application number
PCT/CN2006/003606
Other languages
French (fr)
Chinese (zh)
Inventor
Kalyankumar S. Asangi
Vikram Tankasali
Original Assignee
Huawei Technologies Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co., Ltd. filed Critical Huawei Technologies Co., Ltd.
Publication of WO2007076692A1 publication Critical patent/WO2007076692A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/50Routing or path finding of packets in data switching networks using label swapping, e.g. multi-protocol label switch [MPLS]

Definitions

  • the present invention relates to the field of network communication technologies, and in particular, to a method, system, and device for carrying a VPLS (Virtual Private LAN Service) service on an IP (Internet Protocol) backbone network.
  • VPLS Virtual Private LAN Service
  • IP Internet Protocol
  • VPLS can be used to interconnect LANs in branch offices of enterprises. Users can access the network from multiple geographically dispersed points and access each other. VPLS allows users to extend their LAN (Local Area Network) to MAN. (Municipality Area Network, Metropolitan Area Network), and even WAN (Wild Area Network), providing a foundation for wide-area, multipoint-to-multipoint LAN interconnection.
  • LAN Local Area Network
  • MAN Metropolitan Area Network
  • WAN Wide Area Network
  • the VPLS needs to simulate the forwarding mechanism of the LAN, that is, the packet is forwarded by the MAC (Medium Access Control) address, and the packet whose MAC address cannot be hit is forwarded to the port that receives the packet. All other ports of the LAN.
  • MAC Medium Access Control
  • VPLS needs to simulate the LAN learning function, that is, when a message enters from a port, it learns the correspondence between the source MAC address of the packet and the port that the packet enters.
  • the VPLS simulates the PW (Pseudo Wire) as an Ethernet port.
  • PW Pulseudo Wire
  • the PW is dynamically established by the VPLS according to a predetermined rule.
  • the VPLS also needs to simulate the broadcast function of the LAN, that is, when receiving a packet whose destination MAC address is a broadcast address or a multicast address, the packet is forwarded to other ports.
  • the PEs Provider Edges, Provider Edges
  • LSP Link State Protocol
  • LDP Label Distribution Protocol
  • BGP Border Gate Protocol
  • the corresponding backbone network must adopt an MPLS network, that is, the existing VPLS service is a service provided on the MPLS network, and cannot be separated from the MPLS network.
  • the existing VPLS service is a service provided on the MPLS network, and cannot be separated from the MPLS network.
  • the VPLS service cannot be carried on the IP backbone network, which is not conducive to the further promotion and application of VPLS technology.
  • the embodiments of the present invention provide a method, a system, and a device for carrying a VPLS service on an IP backbone network, so that the VPLS service can be implemented by using an IP network as a backbone network, thereby facilitating the promotion and application of the VPLS service.
  • a method for carrying a VPLS service on an IP backbone network includes:
  • the VPLS service to be sent is encapsulated into an L2TPv3 packet and sent by the L2TPv3 tunnel.
  • the VPLS service is parsed from the received L2TPv3 message and sent to the VPLS service receiving end.
  • a system for supporting a VPLS service on an IP backbone network includes a PE device connected through an IP backbone network;
  • the configuration information saving module is configured to be configured in the PE device to save VSI configuration information of the VPLS service, where the VSI configuration information includes VSI information indexed by the VSI ID.
  • An L2TPv3 tunnel establishment module is configured to establish a corresponding L2TPv3 tunnel between the source PE and the destination PE of the VPLS service.
  • the VPLS transmission processing module is configured to be configured in the VPLS source PE device, and configured to encapsulate the VPLS packet to be sent into an L2TPv3 packet according to the configuration information, and send the packet through the L2TPv3 tunnel.
  • the VPLS receiving and processing module is configured on the VPLS destination PE device, and is configured to receive the L2TPv3 packet from the L2TPv3 tunnel, and forward the VPLS packet to the corresponding CE according to the configuration information.
  • a PE device includes:
  • a configuration information saving module configured to save VSI configuration information of the VPLS service, where the VSI configuration information includes VSI information indexed by the VSI ID;
  • An L2TPv3 tunnel establishment module is configured to establish a corresponding L2TPv3 tunnel between the peer PE and the peer PE of the VPLS service;
  • the VPLS transmission processing module is configured to encapsulate the VPLS packet to be sent as an L2TPv3 packet according to the configuration information, and send the packet to the L2TPv3 tunnel.
  • the VPLS receiving and processing module is configured to receive the L2TPv3 packet from the L2TPv3 tunnel and forward the VPLS packet to the corresponding CE according to the configuration information when the PE device is the VPLS destination PE device.
  • a system for supporting a VPLS service on an IP backbone network includes: a first PE device and a VPLS source PE device and a VPLS destination PE device interconnected by an IP backbone network a second PE device; the first PE device and the second PE device have an L2TPv3 tunnel for transmitting VPLS services;
  • the VPLS source PE device is configured to encapsulate the VPLS service to be sent as an L2TPv3 packet, and send the packet through the L2TPv3 tunnel.
  • the VPLS destination PE device is configured to parse the VPLS service from the received L2TPv3 message and send it to the VPLS service receiver.
  • the embodiment of the present invention supports the VPLS service on the IP backbone network by using the L2TPv3 signaling protocol, so that the VPLS service can be implemented by using the IP backbone network from the MPLS network, so that the VPLS service can be widely used in the communication network based on the widely used IP network.
  • Application which makes the promotion and application of VPLS more convenient.
  • FIG. 1 is a schematic diagram of an L2TPv3 technology used in an embodiment of the present invention to establish a layer 2 on an IP network.
  • FIG. 2 is a schematic structural diagram of a VPLS service networking according to an embodiment of the present invention.
  • FIG. 3 is a schematic diagram of a specific implementation process of an embodiment of a method according to the present invention.
  • FIG. 4 is a schematic structural diagram of a specific implementation of an embodiment of the system of the present invention.
  • FIG. 5 is a block diagram of an embodiment of the PE device shown in Figure 4.
  • FIG. 6 is a block diagram of an embodiment of a VPLS service message sending module shown in FIG. 5.
  • Embodiments of the present invention implement a VPLS solution based on an extended L2TPv3 (Layer 2 Tunnel Protocol Version 3, Layer 3 Layer 2 Tunneling Protocol) technology.
  • the extended L2TPv3 technology can be based on an IP backbone network of the same geographical area. Establish a connection between point-to-multipoint. Since the embodiment of the present invention uses L2TPv3 as signaling to support VPLS services, VPLS services based on the IP backbone network can be implemented.
  • L2TPv3 technology is a standard tunneling technology that allows a connection between a pair of routers to transmit Layer 2 data, which can be passed through one or more Layer 3 networks in a point-to-point manner. Therefore, the L2TPv3 technology can be used to form a Layer 2 VPN (Virtual Private Network) or to support the interconnection of traditional Frame Relay, ATM (Asynchronous Transfer Mode), and leased line networks.
  • Layer 2 VPN Virtual Private Network
  • ATM Asynchronous Transfer Mode
  • FIG. 1 illustrates an example of establishing a Layer 2 VPN on an IP network by using the L2TPv3 technology adopted in the embodiment of the present invention.
  • CE Customer Edge, User Edge Devices
  • CEs 112 and 114 are connected to PE 122.
  • the L2TPv3 tunnel is established between the interface 1 and the interface 4, and between the interface 5 and the interface 6.
  • the interface 1 and the interface 4 are connected by a pseudo wire (PW, Pseudo Wire) 131, and between the interface 5 and the interface 6 Pseudowires 132 are connected, and each L2TP (Layer 2 Tunneling Protocol) session corresponds to one PW.
  • PW pseudo wire
  • Embodiments of the present invention need to establish a control connection and session of L2TPv3 in the implementation process.
  • the control connection and session establishment of the L2TPv3 can be implemented by using existing technologies, and details are not described herein.
  • point-to-point and point-to-multipoint pseudowires can be established on the same control connection.
  • the VSI (Virtual Switch Instance) of the VPLS needs to be saved in the embodiment of the present invention.
  • the VSI is required to forward the data packet to assist the PE in performing the forwarding decision of each VPLS packet.
  • the VSI is indexed by the VSI ID (Virtual Switch Instance Identity).
  • the VSI ID is an identifier of the VSI. Different VSIs have different VSI IDs, and all pseudowires belonging to the same VPLS must have the same VSI ID. .
  • the VSI ID can be implemented through configuration when the L2TPv3 session is established. That is, when an L2TPv3 session is established, the VSI ID can be configured to determine the VPLS to which the pseudowire belongs.
  • the VSI includes a list of all learned MAC addresses, and the VSI is required to forward the data packets.
  • the embodiment of the present invention introduces an AC (Attachment Circuit) to identify a VSI at the ingress of the packet, that is, a port or an interface is used to identify a VSI at the CE to PE entry.
  • AC Adtachment Circuit
  • the PE receives the packet from the CE, Find the destination MAC address from the VSI corresponding to the port or interface that receives the packet to determine the encapsulation type of the packet and the destination PE of the packet. If the packet received by the PE from the CE is a broadcast or multicast packet. Or if the destination MAC address is not found in the VSI, then the message should be sent to all other PEs in the VPLS.
  • the embodiment of the present invention uses the local session ID to identify the VSI at the exit of the message.
  • the PE receives the L2TPv3 message sent by the other PE, the PE searches for the corresponding VSI according to the session ID in the message, and The destination MAC address is searched in the VSI to determine the CE that the packet should forward.
  • Embodiments of the present invention employ a 64-bit random number as an important barrier to anti-message spoofing attacks.
  • a PE is assigned two random cookies. Only the packets carrying the correct cookie value will be accepted in the L2TPv3 message entering the PE. Thus, the probability that a cookie is guessed is 1/2 ⁇ 63. Assuming that it is guessed at the speed of lOMpps, it takes about 29,000 years to guess a correct cookie value.
  • CE 211 and CE 213 are connected to PE 221, CE 212 and CE 214 are connected to PE 222, CE 215, CE 216 and CE 217. Connect to PE 223.
  • PE 221, PE 222, and PE 223 interact through the IP backbone network.
  • the implementation process specifically includes: operation processing of the control plane and data processing of the data plane.
  • the data processing performed by the data plane includes: the processing procedure when the PE receives the VPLS service sent by the CE, and the processing procedure when the PE receives the VPLS service that needs to be sent to the CE.
  • Step 31 Configure the related information on each PE.
  • the configuration information includes: the VSI ID of the VSI index, the IP address of the peer PE, and the cookie value assigned by the local PE.
  • the peer PE is any other PE connected to the local PE.
  • the IP address of the peer PE is configured to ensure the establishment of the L2TPv3 tunnel and the transmission of VPLS service data.
  • Step 32 Based on the L2TPv3 protocol, the local PE exchanges local cookie information with the peer PE to establish a corresponding L2TPv3-based control connection and session in the subsequent process.
  • Step 33 Establish a point-to-point pseudowire or a point-to-multipoint pseudowire for carrying the VPLS based on the L2TPv3, and then use the cookie information of the peer PE obtained by the exchange to establish a corresponding L2TPv3 control connection and session based on the L2TPv3.
  • Point-to-point and point-to-multipoint pseudowires required for the same VPLS transmission can be established on the same L2TPv3 control connection.
  • the remote VSI ID is used in the L2TPv3-based I2Q (Incoming-Call-Request) message to determine whether a pseudo-line or a point-to-multipoint pseudo-line needs to be established.
  • the VSI ID needs to establish a point-to-point pseudowire. Otherwise, a point-to-multipoint pseudowire needs to be established.
  • the two attributes in the ICRQ message are independent of each other.
  • Step 34 Associate the session ID corresponding to the session established by the pseudowire with the VSI ID, that is, the corresponding pseudowire belongs to the VPLS determined by the VSI ID, and is used for transmitting the corresponding VPLS service data, specifically, configuring the session ID of the pseudowire. Correlation of the VSI ID of the VSI; At the same time, in order to ensure that the peer PE can forward the packet to the corresponding CE according to the VSI information, the association information between the session ID and the VSI ID of the VSI needs to be carried in the message. The peer PE is sent to the peer PE and saved in the peer PE.
  • the corresponding data processing can be performed in the data plane, including the following two processes:
  • Step 35 The VPLS packet is sent to the PE at the ingress of the PE, that is, the port on which the PE receives the packet from the CE, and is encapsulated into an L2TPv3 packet according to the configured information.
  • the VSI ID information of the corresponding VPLS is determined by the auxiliary circuit, and the pseudowire information corresponding to the corresponding VSI is searched for, and the L2TPv3 ⁇ message is encapsulated according to the corresponding pseudowire information, and the L2TPv3 packet includes the VSI ID corresponding to the VSI ID. Session ID information.
  • Step 36 The encapsulated L2TPv3 packet is transmitted to the corresponding PE through the L2TPv3 tunnel (that is, the established pseudowire).
  • It can be a single PE or a lot of PEs.
  • the PE is a plurality of destination PEs.
  • the PE should send the packet to all other PEs in the VPLS.
  • the text is sent to all the pseudowires in the VPLS.
  • the packet is encapsulated in L2TPv3 and then transmitted to the corresponding PE.
  • the packet will be directly forwarded to the corresponding CE through the corresponding interface of the PE. Any L2TPv3 encapsulation is required, and the corresponding interface for forwarding the packet is specifically obtained according to the VSI lookup.
  • the PE After the PE receives a VPLS packet from the CE, if the source MAC address of the packet does not exist in the VSI, the MAC address M can be learned in the VSI corresponding to the port where the MAC address is located. Processing 4 ⁇ text application.
  • Step 37 The PE receives the L2TPv3 packet that needs to be sent to the CE and carries the VPLS service.
  • Step 38 Remove the L2TPv3 header of the packet before forwarding the packet through the PE egress. VPLS service packet;
  • Step 39 The VPLS service packet is sent to the corresponding CE through the PE egress end. Specifically, the VSI information is forwarded to the corresponding CE according to the destination MAC address information of the received packet, that is, the packet is forwarded to the corresponding CE.
  • the packet is forwarded to the corresponding CE through all the interfaces of the VPLS. If the destination MAC address exists in the VSI, the packet is only passed from the VSI. The specified interface found in the forwarding is forwarded to the corresponding CE.
  • the MAC address M can be associated with the session ID of the remote PE, so that the local PE returns the corresponding information to the peer PE.
  • searching the message is accurately returned to the remote PE through the corresponding pseudowire.
  • the MAC address in the VSI described in the present invention needs to be aged.
  • an aging timer is started.
  • the aging timer of the entry corresponding to the MAC address M will be refreshed.
  • FIG. 4 A system for supporting a VPLS service on an IP backbone network according to an embodiment of the present invention is shown in FIG. 4, and an embodiment of the system includes PE devices 401 and 402 interconnected by an IP backbone network.
  • the PE devices 401 and 402 have an L2TPv3 tunnel for transmitting VPLS services.
  • PEs 401 and 402 can be VPLS source PEs and VPLS destination PEs.
  • the VPLS source PE device When the VPLS packet is transmitted, the VPLS source PE device encapsulates the VPLS service to be sent as an L2TPv3 packet and sends the packet through the L2TPv3 tunnel.
  • the VPLS destination PE device parses the VPLS service from the received L2TPv3 packet and sends it to the VPLS service receiver.
  • the PE devices 401 and 402 are respectively provided with:
  • the configuration information saving module 410 is configured to save VSI configuration information of the VPLS service, where
  • the VSI configuration information includes the specific VSI information indexed by the VSI ID, and the association information between the VSI ID and the session ID of the L2TPv3 tunnel, the MAC address list, and the IP address information of the peer PE and the cookie obtained by the local PE. information;
  • the L2TPv3 tunnel establishment module 420 is configured to establish a corresponding L2TPv3 tunnel between the source PE and the destination PE of the VPLS service, that is, establish an L2TPv3 pseudowire for transmitting the VPLS service.
  • the VPLS transmission processing module 430 is configured to encapsulate the VPLS packet to be sent received by the CE into an L2TPv3 packet according to the information stored in the configuration information saving module 410, and send the packet through the corresponding L2TPv3 pseudowire.
  • the VPLS packet is forwarded to the corresponding CE by the corresponding interface of the PE obtained by the VSI search.
  • the VPLS receiving and processing module 440 is configured to: receive the L2TPv3 packet sent by the VPLS sending processing module of the peer end, and remove the L2TPv3 packet header; forward the obtained VPLS packet according to the information held by the configuration information saving module 410 to the corresponding CE.
  • FIG. 5 is a block diagram of an embodiment of the PE device shown in FIG.
  • the PE device includes: a configuration information saving module 410, an L2TPv3 tunnel establishment module 420, a VPLS transmission processing module 430, and a VPLS reception processing module 440.
  • the L2TPv3 tunnel establishment module 420 includes:
  • the information exchange module 421 is configured to exchange local cookie information based on the L2TPv3 and the peer PE, so as to establish a corresponding L2TPv3-based control connection and session in a subsequent process;
  • the pseudowire establishing module 422 is configured to establish, according to the L2TPv3, a pseudowire or a point-to-multipoint pseudowire for carrying a point-to-point transmission of the VPLS;
  • connection and session establishment module 423 exchanges the obtained cookie information of the peer PE by using the information exchange module 421 to establish a corresponding L2TPv3 control connection and session based on the L2TPv3.
  • the association module 424 is configured to associate a session ID corresponding to the session established based on the pseudowire with a VSI ID.
  • the VPLS transmission processing module 430 includes:
  • the VPLS packet encapsulating unit 431 is configured to determine, according to an affiliation circuit of the VPLS packet, the VSI ID information of the corresponding VPLS, and find the pseudowire information corresponding to the corresponding VSI, and perform L2TPv3 according to the corresponding pseudowire information. Packet encapsulation processing;
  • the L2TPv3 packet sending module 432 is configured to search for a corresponding VSI according to the destination MAC address, determine the destination PE according to the search result, and transmit the encapsulated L2TPv3 packet to the destination PE through the L2TPv3 pseudowire;
  • the VPLS packet sending unit 433 is configured to search for a corresponding VSI when the localized MAC address is exchanged, and forward the VPLS packet to the corresponding CE by using the corresponding interface of the PE obtained by the VSI. .
  • the destination PE may be a single PE or many PEs. If the VPLS is a point-to-multipoint service, the PE is a plurality of destination PEs. If the packet received from the CE is a broadcast or multicast message or the destination MAC address does not find a corresponding match in the VSI, the PE should send the packet to all other PEs in the VPLS. The text is sent to all the pseudowires in the VPLS.
  • the packet is encapsulated in L2TPv3 and then transmitted to the corresponding PE. If the destination address is in the VSI, but the exchange is local, that is, a CE sends the packet to the other CE through the PE, the packet is forwarded directly to the corresponding CE through the corresponding interface of the PE. Any L2TPv3 encapsulation is required, and the corresponding interface for forwarding the packet is specifically obtained according to the VSI lookup.
  • the VPLS receiving processing module 440 includes:
  • the L2TPv3 decapsulation module 441 is configured to decapsulate the received L2TPv3 packet carrying the VPLS service, and obtain the VPLS service packet.
  • the VPLS service packet sending module 442 is configured to search for the destination MAC address information of the received packet according to the configured VSI information, and forward the packet to the corresponding CE according to the search result.
  • the VPLS service packet sending module 442 may include:
  • the VSI determining module 4421 is configured to determine, by using the session ID carried in the received L2TPv3 packet, the VSI to which the packet belongs.
  • the address information searching module 4422 is configured to search for a corresponding destination MAC address information in the VSI determined by the VSI determining module.
  • the forwarding module 4423 is configured to forward the address information found by the address information lookup module to the corresponding CE.
  • the packet is forwarded to the corresponding CE through all interfaces of the VPLS; if the destination MAC address is in the VSI If yes, only the packet is forwarded to the corresponding CE through the specified interface found in the VSI.
  • the PE device may further include a first address learning module and a second address learning module. After the PE receives a VPLS packet from the CE, if the source MAC address M of the packet does not exist in the VSI, the first address learning module is configured to learn the MAC address M into the VSI corresponding to the port where the MAC address M is located. , in case of processing the text application next time.
  • the second address learning module is configured to associate the MAC address M with the session ID of the remote PE, so as to facilitate the local PE to the peer end.
  • the PE returns the corresponding packet, it searches for the packet and returns the packet to the remote PE through the corresponding pseudowire.
  • each of the above modules is usually set in each PE device, so as to facilitate any
  • the PE can be used as the source and destination of the VPLS to ensure reliable transmission of the VPLS based on the L2TPv3 tunnel.
  • the embodiment of the present invention encapsulates a VPLS packet into an L2TPv3 packet and then transmits the VPLS network on the IP backbone network.
  • a 64-bit random number is set in the VLPS protocol packet. To improve system security and prevent packet spoofing attacks.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

A method, system and device for bearing VPLS service in an IP backbone network. According to present invention, in the IP network, corresponding L2TPv3 tunnel for transmitting VPLS service is established based on L2TPv3; then the transmission for VPLS service is processed using said L2TPv3 tunnel. Thus, the L2TPv3 signaling protocol is used in IP backbone network, which supports VPLS service, so that the VPLS service is implemented in an IP backbone network, deviating from the MPLS network. Therefore, the VPLS service could be used in a communication popularly, based on the IP network that is well used, while spreading the use of VPLS conveniently.

Description

在 IP骨干网上承载 VPLS业务的方法及系统、 设备  Method, system and device for carrying VPLS service on IP backbone network
本申请要求于 2005 年 12 月 31 日提交中国专利局、 申请号为 200510137224.8、 发明名称为"在 IP骨干网上支持 VPLS业务的实现方法及 系统"的中国专利申请的优先权, 其全部内容通过引用结合在本申请中。 技术领域 本发明涉及网络通信技术领域, 尤其涉及在 IP ( Internet Protocol, 互联 网协议)骨干网上承载 VPLS ( Virtual Private LAN Service, 虚拟私有局域 网月艮务)业务的方法及系统、 设备。 This application claims priority to Chinese Patent Application No. 200510137224.8, entitled "Implementation Method and System for Supporting VPLS Services on IP Backbone Network", filed on December 31, 2005, the entire contents of which are hereby incorporated by reference. Combined in this application. The present invention relates to the field of network communication technologies, and in particular, to a method, system, and device for carrying a VPLS (Virtual Private LAN Service) service on an IP (Internet Protocol) backbone network.
背景技术 Background technique
VPLS可以用于实现企业分支办公室局域网的互连, 使用户可以从多个 地理位置分散的点同时接入网絡, 相互访问, 即 VPLS使用户可以将其 LAN ( Local Area Network, 局域网)延伸到 MAN ( Municipality Area Network, 城域网) , 甚至 WAN ( Wild Area Network, 广域网) , 从而为广域范围的 多点到多点 LAN互连提供实现基础。  VPLS can be used to interconnect LANs in branch offices of enterprises. Users can access the network from multiple geographically dispersed points and access each other. VPLS allows users to extend their LAN (Local Area Network) to MAN. (Municipality Area Network, Metropolitan Area Network), and even WAN (Wild Area Network), providing a foundation for wide-area, multipoint-to-multipoint LAN interconnection.
VPLS需要模拟 LAN的转发机制 , 即通过 MAC ( Medium Access Control, 媒体接入控制)地址转发报文, 将查找 MAC地址不能命中的报文转发到除 接收该报文的端口.外的属于同一个 LAN的其他所有端口。  The VPLS needs to simulate the forwarding mechanism of the LAN, that is, the packet is forwarded by the MAC (Medium Access Control) address, and the packet whose MAC address cannot be hit is forwarded to the port that receives the packet. All other ports of the LAN.
VPLS需要模拟 LAN的学习功能, 即当一个报文从一个端口进入时, 学 习该报文的源 MAC地址和报文进入的端口的对应关系。 而且, VPLS将 PW ( Pseudo Wire, 伪线)模拟成一个以太网端口, 在学习 MAC地址时, 需要 学习源 MAC地址与 PW的对应关系。 所述的 PW是 VPLS根据预定规则动态建 立的。  VPLS needs to simulate the LAN learning function, that is, when a message enters from a port, it learns the correspondence between the source MAC address of the packet and the port that the packet enters. In addition, the VPLS simulates the PW (Pseudo Wire) as an Ethernet port. When learning the MAC address, you need to learn the correspondence between the source MAC address and the PW. The PW is dynamically established by the VPLS according to a predetermined rule.
VPLS还需要模拟 LAN的广播功能, 即当接收到目的 MAC地址为广播地 址或组播地址的报文时, 将报文转发到其他各端口。  The VPLS also needs to simulate the broadcast function of the LAN, that is, when receiving a packet whose destination MAC address is a broadcast address or a multicast address, the packet is forwarded to other ports.
现有技术中, 在实现 VPLS技术时, 服务于同一 VPLS域的 PE ( Provider Edge,提供商边缘设备)之间需要运行相应的信令协议,从而实现 LSP( Label Switch Path,标签交换路径 )的建立及 MPLS ( Multiple Protocol Label Switch, 多协议标签交换)标签的分配。 In the prior art, when the VPLS technology is implemented, the PEs (Provider Edges, Provider Edges) serving the same VPLS domain need to run corresponding signaling protocols to implement LSPs. The establishment of the Switch Path (label switching path) and the allocation of the MPLS (Multi Protocol Label Switch) label.
目前, 主要有两种信令协议可以支持现有的 VPLS服务: 一种是 LDP ( Label Distribution Protocol, 标签分发协议) , 另一种是 BGP ( Border Gate Protocol, 边界网关协议) 。  Currently, there are two types of signaling protocols that can support existing VPLS services: one is LDP (Label Distribution Protocol), and the other is BGP (Border Gate Protocol).
现有技术中, 在基于所述两种信令协议的 VPLS解决方案中,相应的骨 干网必须采用 MPLS网, 即现有的 VPLS业务是一种在 MPLS网络上提供 的业务, 不能脱离 MPLS网来实现 VPLS业务。 由于 VPLS业务无法承载在 IP骨干网上, 不利于 VPLS技术的进一步推广应用。  In the prior art, in the VPLS solution based on the two signaling protocols, the corresponding backbone network must adopt an MPLS network, that is, the existing VPLS service is a service provided on the MPLS network, and cannot be separated from the MPLS network. To implement VPLS services. The VPLS service cannot be carried on the IP backbone network, which is not conducive to the further promotion and application of VPLS technology.
发明内容 Summary of the invention
本发明实施例提供一种在 IP骨干网上承载 VPLS业务的方法及系统、 设备, 使得 VPLS业务可以采用 IP网作为骨干网实现, 从而便于 VPLS业 务的推广应用。  The embodiments of the present invention provide a method, a system, and a device for carrying a VPLS service on an IP backbone network, so that the VPLS service can be implemented by using an IP network as a backbone network, thereby facilitating the promotion and application of the VPLS service.
根据本发明的一个实施例, 一种在 IP骨干网上承载 VPLS业务的方法, 包括:  According to an embodiment of the present invention, a method for carrying a VPLS service on an IP backbone network includes:
建立用于传输虚拟私有局域网服务 VPLS业务的第三版二层隧道协议 L2TPv3隧道;  Establish a third version of the Layer 2 tunneling protocol L2TPv3 tunnel for transmitting the virtual private LAN service VPLS service;
在 L2TP报文发送端,将待发送的 VPLS业务封装为 L2TPv3报文,并通过 所述 L2TPv3隧道发送;  The VPLS service to be sent is encapsulated into an L2TPv3 packet and sent by the L2TPv3 tunnel.
在 L2TPv3报文接收端, 从接收的 L2TPv3报文中解析出所述 VPLS业务, 并发送给 VPLS业务接收端。  The VPLS service is parsed from the received L2TPv3 message and sent to the VPLS service receiving end.
根据本发明的再一实施例, 一种在 IP骨干网上支持 VPLS业务的系统, 包括通过 IP骨干网相连的 PE设备; 还包括:  According to still another embodiment of the present invention, a system for supporting a VPLS service on an IP backbone network includes a PE device connected through an IP backbone network;
配置信息保存模块, 设置于 PE设备中, 用于保存 VPLS业务的 VSI配置 信息, 所述的 VSI配置信息包括以 VSI ID索引的 VSI信息;  The configuration information saving module is configured to be configured in the PE device to save VSI configuration information of the VPLS service, where the VSI configuration information includes VSI information indexed by the VSI ID.
L2TPv3隧道建立模块, 用于在 VPLS业务的源端 PE和目的端 PE之间建 立相应的 L2TPv3隧道;  An L2TPv3 tunnel establishment module is configured to establish a corresponding L2TPv3 tunnel between the source PE and the destination PE of the VPLS service.
VPLS发送处理模块, 设置于 VPLS源端 PE设备中, 用于根据所述配置 信息将待发送的 VPLS报文封装为 L2TPv3报文, 并通过 L2TPv3隧道发送; VPLS接收处理模块, 设置于 VPLS目的端 PE设备中, 用于从 L2TPv3 隧道接收 L2TPv3报文, 并将其中的 VPLS报文根据配置信息转发给相应的 CE。 The VPLS transmission processing module is configured to be configured in the VPLS source PE device, and configured to encapsulate the VPLS packet to be sent into an L2TPv3 packet according to the configuration information, and send the packet through the L2TPv3 tunnel. The VPLS receiving and processing module is configured on the VPLS destination PE device, and is configured to receive the L2TPv3 packet from the L2TPv3 tunnel, and forward the VPLS packet to the corresponding CE according to the configuration information.
才艮据本发明的另一实施例, 一种 PE设备, 包括:  According to another embodiment of the present invention, a PE device includes:
配置信息保存模块, 用于保存 VPLS业务的 VSI配置信息, 所述的 VSI配 置信息包括以 VSI ID索引的 VSI信息;  a configuration information saving module, configured to save VSI configuration information of the VPLS service, where the VSI configuration information includes VSI information indexed by the VSI ID;
L2TPv3隧道建立模块, 用于和 VPLS业务的对端 PE之间建立相应的 L2TPv3隧道;  An L2TPv3 tunnel establishment module is configured to establish a corresponding L2TPv3 tunnel between the peer PE and the peer PE of the VPLS service;
VPLS发送处理模块, 在所在 PE设备为 VPLS源端 PE设备时, 用于根据 所述配置信息将待发送的 VPLS报文封装为 L2TPv3报文,并通过 L2TPv3隧道 发送;  The VPLS transmission processing module is configured to encapsulate the VPLS packet to be sent as an L2TPv3 packet according to the configuration information, and send the packet to the L2TPv3 tunnel.
VPLS接收处理模块,在所在 PE设备为 VPLS目的端 PE设备时,用于 从 L2TPv3隧道接收 L2TPv3报文, 并将其中的 VPLS报文根据配置信息转 发给相应的 CE。  The VPLS receiving and processing module is configured to receive the L2TPv3 packet from the L2TPv3 tunnel and forward the VPLS packet to the corresponding CE according to the configuration information when the PE device is the VPLS destination PE device.
根据本发明的又一实施例,一种在 IP骨干网上支持 VPLS业务的系统, 包括: 通过 IP骨干网互连的互为 VPLS源端 PE设备和 VPLS目的端 PE设 备的第一 PE设备和第二 PE设备; 所述第一 PE设备和第二 PE设备之间具 有用于传输 VPLS业务的 L2TPv3隧道;  According to still another embodiment of the present invention, a system for supporting a VPLS service on an IP backbone network includes: a first PE device and a VPLS source PE device and a VPLS destination PE device interconnected by an IP backbone network a second PE device; the first PE device and the second PE device have an L2TPv3 tunnel for transmitting VPLS services;
VPLS源端 PE设备用于将待发送的 VPLS业务封装为 L2TPv3报文, 并通过所述 L2TPv3隧道发送;  The VPLS source PE device is configured to encapsulate the VPLS service to be sent as an L2TPv3 packet, and send the packet through the L2TPv3 tunnel.
所述 VPLS 目的端 PE设备用于从接收的 L2TPv3报文中解析出所述 VPLS业务, 并发送给 VPLS业务接收端。  The VPLS destination PE device is configured to parse the VPLS service from the received L2TPv3 message and send it to the VPLS service receiver.
本发明的实施例使用 L2TPv3信令协议在 IP骨干网上支持 VPLS业务, 使得 VPLS业务可以脱离 MPLS网络而采用 IP骨干网实现,从而便于 VPLS 业务可以基于已经被广泛应用的 IP 网在通信网络中广泛应用, 进而使得 VPLS的推广应用更为方便。  The embodiment of the present invention supports the VPLS service on the IP backbone network by using the L2TPv3 signaling protocol, so that the VPLS service can be implemented by using the IP backbone network from the MPLS network, so that the VPLS service can be widely used in the communication network based on the widely used IP network. Application, which makes the promotion and application of VPLS more convenient.
附图说明 DRAWINGS
图 1为本发明实施例中使用的 L2TPv3技术用来在 IP网络上建立二层 VPN的实例示意图; FIG. 1 is a schematic diagram of an L2TPv3 technology used in an embodiment of the present invention to establish a layer 2 on an IP network. An example of a VPN instance;
图 2为本发明实施例的 VPLS业务组网结构示意图;  2 is a schematic structural diagram of a VPLS service networking according to an embodiment of the present invention;
图 3为本发明的方法的实施例的具体实现过程示意图;  3 is a schematic diagram of a specific implementation process of an embodiment of a method according to the present invention;
图 4为本发明的系统的实施例的具体实现结构示意图;  4 is a schematic structural diagram of a specific implementation of an embodiment of the system of the present invention;
图 5为图 4所示的 PE设备的一个实施例的框图;  Figure 5 is a block diagram of an embodiment of the PE device shown in Figure 4;
图 6为图 5所示的 VPLS业务报文发送模块的一个实施例的框图。  6 is a block diagram of an embodiment of a VPLS service message sending module shown in FIG. 5.
具体实施方式 本发明的实施例基于扩展的 L2TPv3 ( Layer 2 Tunnel Protocol Version 3 , 第三版二层隧道协议 )技术来实现 VPLS的解决方案, 扩展的 L2TPv3技术 可以基于同一个地理区域的 IP骨干网在点到多点之间建立连接。 由于本发 明的实施例使用 L2TPv3作为信令来支持 VPLS业务, 因此可以实现基于 IP 骨干网的 VPLS业务。 DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Embodiments of the present invention implement a VPLS solution based on an extended L2TPv3 (Layer 2 Tunnel Protocol Version 3, Layer 3 Layer 2 Tunneling Protocol) technology. The extended L2TPv3 technology can be based on an IP backbone network of the same geographical area. Establish a connection between point-to-multipoint. Since the embodiment of the present invention uses L2TPv3 as signaling to support VPLS services, VPLS services based on the IP backbone network can be implemented.
L2TPv3技术是一种标准的隧道技术, 允许在一对路由器之间建立连接 来传输二层数据, 可以通过点对点方式穿过一个或多个三层网络。 因此, L2TPv3技术可以用来组建二层 VPN( Virtual Private Network,虚拟专用网), 或者用来支持传统的帧中继、 ATM ( Asynchronous Transfer Mode, 异步传输 模式)、 专线等网络的互连。  L2TPv3 technology is a standard tunneling technology that allows a connection between a pair of routers to transmit Layer 2 data, which can be passed through one or more Layer 3 networks in a point-to-point manner. Therefore, the L2TPv3 technology can be used to form a Layer 2 VPN (Virtual Private Network) or to support the interconnection of traditional Frame Relay, ATM (Asynchronous Transfer Mode), and leased line networks.
如图 1所示, 图 1描述使用本发明实施例采用的 L2TPv3技术在 IP网 络上建立二层 VPN的实例。 CE ( Customer Edge, 用户侧边缘设备) 111和 113连接到 PE 121, CE 112和 114连接到 PE 122。 L2TPv3隧道建立在相应 的接口 1和接口 4, 以及接口 5和接口 6之间, 而且, 接口 1和接口 4之间 以伪线(PW, Pseudo Wire ) 131连接, 接口 5和接口 6之间以伪线 132连 接, 每一个 L2TP (二层隧道协议)会话对应一条 PW。  As shown in FIG. 1, FIG. 1 illustrates an example of establishing a Layer 2 VPN on an IP network by using the L2TPv3 technology adopted in the embodiment of the present invention. CE (Customer Edge, User Edge Devices) 111 and 113 are connected to PE 121, and CEs 112 and 114 are connected to PE 122. The L2TPv3 tunnel is established between the interface 1 and the interface 4, and between the interface 5 and the interface 6. Moreover, the interface 1 and the interface 4 are connected by a pseudo wire (PW, Pseudo Wire) 131, and between the interface 5 and the interface 6 Pseudowires 132 are connected, and each L2TP (Layer 2 Tunneling Protocol) session corresponds to one PW.
下面将对本发明的实施例使用 L2TPv3信令在 IP骨干网上承载 VPLS 业务的实现方案进行说明。  The implementation scheme of carrying the VPLS service on the IP backbone network by using the L2TPv3 signaling in the embodiment of the present invention is described below.
本发明的实施例在实现过程中需要建立 L2TPv3的控制连接及会话。 所 述的 L2TPv3 的控制连接和会话的建立可以釆用现有技术来实现, 此不赘 述。, 其中, 点到点和点到多点的伪线可以建立在同一个控制连接上。 本发明的实施方式需要进行 VPLS的 VSI ( Virtual Switch Instance, 虚 拟交换实例)保存 , VSI对转发数据包是必须的,用于协助 PE执行每个 VPLS 报文的转发决定。 VSI以 VSI ID ( Virtual Switch Instance Identity, 虚拟交换 实例标识)索引,即 VSI ID是 VSI的一个标识,不同的 VSI有不同的 VSI ID , 而且所有属于同一个 VPLS的伪线必须有相同的 VSI ID。 Embodiments of the present invention need to establish a control connection and session of L2TPv3 in the implementation process. The control connection and session establishment of the L2TPv3 can be implemented by using existing technologies, and details are not described herein. , where point-to-point and point-to-multipoint pseudowires can be established on the same control connection. The VSI (Virtual Switch Instance) of the VPLS needs to be saved in the embodiment of the present invention. The VSI is required to forward the data packet to assist the PE in performing the forwarding decision of each VPLS packet. The VSI is indexed by the VSI ID (Virtual Switch Instance Identity). The VSI ID is an identifier of the VSI. Different VSIs have different VSI IDs, and all pseudowires belonging to the same VPLS must have the same VSI ID. .
VSI ID具体可以在 L2TPv3会话建立时通过配置实现。 也就是说, 当建 立 L2TPv3会话时, 可以配置 VSI ID以决定伪线所属的 VPLS。  The VSI ID can be implemented through configuration when the L2TPv3 session is established. That is, when an L2TPv3 session is established, the VSI ID can be configured to determine the VPLS to which the pseudowire belongs.
所述的 VSI包括所有学习到的 MAC地址列表, VSI对转发数据包是必 须的。  The VSI includes a list of all learned MAC addresses, and the VSI is required to forward the data packets.
本发明的实施方式在报文的入口处引入 AC ( Attachment Circuit, 附属 电路)来标识一个 VSI,即在 CE到 PE的入口采用端口或接口标识一个 VSI, 当 PE从 CE接收到报文时, 从与接收报文的端口或接口相应的 VSI中查找 目的 MAC地址以决定该报文需要的封装类型以及该报文的目的 PE; 如果 PE从 CE收到的报文是一个广播或多播报文或是目的 MAC地址在 VSI中 找不到 , 那么应该向该 VPLS中的其他所有 PE发送这个艮文。  The embodiment of the present invention introduces an AC (Attachment Circuit) to identify a VSI at the ingress of the packet, that is, a port or an interface is used to identify a VSI at the CE to PE entry. When the PE receives the packet from the CE, Find the destination MAC address from the VSI corresponding to the port or interface that receives the packet to determine the encapsulation type of the packet and the destination PE of the packet. If the packet received by the PE from the CE is a broadcast or multicast packet. Or if the destination MAC address is not found in the VSI, then the message should be sent to all other PEs in the VPLS.
本发明的实施方式在报文的出口处釆用本地会话 ID来标识 VSI, 当 PE 接收到其他 PE发来的 L2TPv3报文时, 才艮据 ^艮文中的会话 ID查找对应的 VSI, 并在该 VSI中查找目的 MAC地址以决定报文应该转发的 CE。  The embodiment of the present invention uses the local session ID to identify the VSI at the exit of the message. When the PE receives the L2TPv3 message sent by the other PE, the PE searches for the corresponding VSI according to the session ID in the message, and The destination MAC address is searched in the VSI to determine the CE that the packet should forward.
本发明的实施方式采用一个 64位的随机数来作为防报文欺骗攻击的一 个重要屏障。 具体为: 一个 PE被分配两个随机的 Cookie, 在进入 PE 的 L2TPv3报文中, 只有携带正确 Cookie值的报文才会被接受。 这样, 一个 Cookie被猜中的概率是 1/2Λ63,假设以 lOMpps的速度猜, 猜出一个正确的 Cookie值大约需要 29,000年。 Embodiments of the present invention employ a 64-bit random number as an important barrier to anti-message spoofing attacks. Specifically, a PE is assigned two random cookies. Only the packets carrying the correct cookie value will be accepted in the L2TPv3 message entering the PE. Thus, the probability that a cookie is guessed is 1/2 Λ 63. Assuming that it is guessed at the speed of lOMpps, it takes about 29,000 years to guess a correct cookie value.
下面将结合附图对本发明所述的方法的具体实现方式进行详细说明。 如图 2所示,本发明的实施例中实现 VPLS的系统的組网结构中, CE 211 和 CE 213连接到 PE 221 , CE 212和 CE 214连接到 PE 222, CE 215、 CE 216 和 CE 217连接到 PE 223。 PE 221、 PE 222和 PE 223通过 IP骨干网进行交 互。 如图 3所示, 当需要基于 L2TPv3进行 VPLS业务的承载传输时, 实施 过程具体包括: 控制平面的操作处理和数据平面的数据处理。 而数据平面进 行的数据处理又包括: PE收到 CE发来的 VPLS业务时的处理过程和 PE接 收到需要发送给 CE的 VPLS业务时的处理过程。 The specific implementation manner of the method according to the present invention will be described in detail below with reference to the accompanying drawings. As shown in FIG. 2, in the networking structure of the system for implementing VPLS in the embodiment of the present invention, CE 211 and CE 213 are connected to PE 221, CE 212 and CE 214 are connected to PE 222, CE 215, CE 216 and CE 217. Connect to PE 223. PE 221, PE 222, and PE 223 interact through the IP backbone network. As shown in FIG. 3, when the bearer transmission of the VPLS service is performed based on the L2TPv3, the implementation process specifically includes: operation processing of the control plane and data processing of the data plane. The data processing performed by the data plane includes: the processing procedure when the PE receives the VPLS service sent by the CE, and the processing procedure when the PE receives the VPLS service that needs to be sent to the CE.
本发明方法的一个实施例的流程包括:  The flow of an embodiment of the method of the present invention includes:
步驟 31 : 在各 PE上进行相关信息的配置操作, 配置的信息具体包括: 作为 VSI索引的 VSI ID、 对端 PE的 IP地址和本端 PE分配的 Cookie值。 所述的对端 PE是指与本端 PE连接的其他任何 PE, 配置对端 PE的 IP地址 是为了保证 L2TPv3隧道的建立及 VPLS业务数据的传输。  Step 31: Configure the related information on each PE. The configuration information includes: the VSI ID of the VSI index, the IP address of the peer PE, and the cookie value assigned by the local PE. The peer PE is any other PE connected to the local PE. The IP address of the peer PE is configured to ensure the establishment of the L2TPv3 tunnel and the transmission of VPLS service data.
具体处理是在基于 L2TPv3的网络中的各 PE上分别进行上述配置。 步骤 32: 基于 L2TPv3协议, 本端 PE将和对端 PE交换本地的 Cookie 信息, 以便于后续过程中建立相应的基于 L2TPv3的控制连接和会话。  The specific processing is performed on each PE in the L2TPv3-based network. Step 32: Based on the L2TPv3 protocol, the local PE exchanges local cookie information with the peer PE to establish a corresponding L2TPv3-based control connection and session in the subsequent process.
步驟 33:基于 L2TPv3建立用于承载传输 VPLS的点对点的伪线或点对 多点的伪线,进而利用交换获得的对端 PE的 Cookie信息基于 L2TPv3建立 相应的 L2TPv3控制连接和会话。  Step 33: Establish a point-to-point pseudowire or a point-to-multipoint pseudowire for carrying the VPLS based on the L2TPv3, and then use the cookie information of the peer PE obtained by the exchange to establish a corresponding L2TPv3 control connection and session based on the L2TPv3.
对于同一 VPLS 传输需要的点对点和点对多点的伪线可以建立在同一 个 L2TPv3控制连接上。  Point-to-point and point-to-multipoint pseudowires required for the same VPLS transmission can be established on the same L2TPv3 control connection.
具体是由发起的基于 L2TPv3 的 ICRQ ( Incoming - Call - Request, 呼 入请求) 消息中是否带远端 VSI ID来决定需要建立点对点的伪线还是点对 多点的伪线, 如果带有远端 VSI ID则需要建立点对点的伪线, 否则, 需要 建立点对多点的伪线, 在 ICRQ消息中的这两个属性是相互独立的。  Specifically, whether the remote VSI ID is used in the L2TPv3-based I2Q (Incoming-Call-Request) message to determine whether a pseudo-line or a point-to-multipoint pseudo-line needs to be established. The VSI ID needs to establish a point-to-point pseudowire. Otherwise, a point-to-multipoint pseudowire needs to be established. The two attributes in the ICRQ message are independent of each other.
步驟 34: 将基于该伪线建立的会话对应的会话 ID与 VSI ID关联, 即 相应的伪线属于 VSI ID决定的 VPLS, 并用于相应 VPLS业务数据的传输, 具体为配置伪线的会话 ID与 VSI的 VSI ID的关联; 同时, 为保证对端 PE 可以根据 VSI信息将报文转给相应的 CE, 此时还需要将所述的会话 ID与 VSI的 VSI ID的关联信息承载于消息中发送给对端 PE, 并保存于对端 PE 中。  Step 34: Associate the session ID corresponding to the session established by the pseudowire with the VSI ID, that is, the corresponding pseudowire belongs to the VPLS determined by the VSI ID, and is used for transmitting the corresponding VPLS service data, specifically, configuring the session ID of the pseudowire. Correlation of the VSI ID of the VSI; At the same time, in order to ensure that the peer PE can forward the packet to the corresponding CE according to the VSI information, the association information between the session ID and the VSI ID of the VSI needs to be carried in the message. The peer PE is sent to the peer PE and saved in the peer PE.
经过上述步骤 31至步骤 34的处理, 即完成控制平面的操作处理后,便 —Ί— After the processing of the above steps 31 to 34, that is, after the operation processing of the control plane is completed, —Ί—
可以在数据平面进行相应的数据处理, 具体包括以下两种过程: The corresponding data processing can be performed in the data plane, including the following two processes:
(一)与 CE连接的 ΡΕ收到 CE发来的 VPLS业务时相应的处理过程 为:  (1) The process of connecting to the CE and receiving the VPLS service sent by the CE is:
步骤 35: VPLS数据包在 PE入口端(即 PE从 CE接收报文的端口)进 入 PE, 并在 PE上根据配置的信息将其封装成 L2TPv3报文。  Step 35: The VPLS packet is sent to the PE at the ingress of the PE, that is, the port on which the PE receives the packet from the CE, and is encapsulated into an L2TPv3 packet according to the configured information.
具体为 居附属电路确定对应的 VPLS的 VSI ID信息,查找相应的 VSI 对应的伪线信息, 根据相应的伪线信息进行 L2TPv3 ^艮文的封装处理, L2TPv3报文中包含与所述 VSI ID相应的会话 ID信息。  Specifically, the VSI ID information of the corresponding VPLS is determined by the auxiliary circuit, and the pseudowire information corresponding to the corresponding VSI is searched for, and the L2TPv3^ message is encapsulated according to the corresponding pseudowire information, and the L2TPv3 packet includes the VSI ID corresponding to the VSI ID. Session ID information.
步骤 36: 将封装后的 L2TPv3报文经过 L2TPv3隧道(即建立的伪线) 传送给相应的 PE。  Step 36: The encapsulated L2TPv3 packet is transmitted to the corresponding PE through the L2TPv3 tunnel (that is, the established pseudowire).
具体可以为单个 PE, 也可能是很多 PE。  It can be a single PE or a lot of PEs.
如果 VPLS为点到多点的业务, 则所述 PE便为多个目的 PE。  If the VPLS is a point-to-multipoint service, the PE is a plurality of destination PEs.
如果从 CE 收到的报文是一个广播或多播报文或是目的 MAC地址在 VSI中未找到相应的匹配项, 则该 PE应该向该 VPLS中的所有其他 PE发 该报文, 即将该报文发给该 VPLS中所有的伪线。  If the packet received from the CE is a broadcast or multicast message or the destination MAC address does not find a corresponding match in the VSI, the PE should send the packet to all other PEs in the VPLS. The text is sent to all the pseudowires in the VPLS.
需要说明的是, 如果目的 MAC在 VSI中存在, 并且交换是远端, 则将 该报文进行 L2TPv3封装后传给相应的 PE。  It should be noted that if the destination MAC exists in the VSI and the exchange is remote, the packet is encapsulated in L2TPv3 and then transmitted to the corresponding PE.
如果目的地址在 VSI中存在, 但交换是本地的, 即由一个 CE通过该 PE将报文发送给另一个 CE, 则该报文将通过该 PE的相应接口直接转发给 相应的 CE, 而不再需要进行任何 L2TPv3封装, 转发该报文的相应接口具 体是根据 VSI查找获得的。  If the destination address is in the VSI, but the exchange is local, that is, a CE sends the packet to the other CE through the PE, the packet will be directly forwarded to the corresponding CE through the corresponding interface of the PE. Any L2TPv3 encapsulation is required, and the corresponding interface for forwarding the packet is specifically obtained according to the VSI lookup.
当 PE从 CE收到一个 VPLS报文后, 如果这个报文的源 MAC地址 M 没有存在于 VSI中, 则可以将 MAC地址 M学习到这个 MAC地址 M所在 端口对应的 VSI中, 以备下次处理 4艮文时应用。  After the PE receives a VPLS packet from the CE, if the source MAC address of the packet does not exist in the VSI, the MAC address M can be learned in the VSI corresponding to the port where the MAC address is located. Processing 4 艮 text application.
(二)与 CE连接的 PE接收到需要发送给 CE的 VPLS业务时, 相应 的处理过程具体为:  (2) When the PE connected to the CE receives the VPLS service to be sent to the CE, the corresponding processing procedure is as follows:
步骤 37: PE接收需要发送给 CE的承载有 VPLS业务的 L2TPv3报文; 步骤 38: 在通过 PE出口端转发报文之前去掉报文的 L2TPv3头, 获得 VPLS业务报文; Step 37: The PE receives the L2TPv3 packet that needs to be sent to the CE and carries the VPLS service. Step 38: Remove the L2TPv3 header of the packet before forwarding the packet through the PE egress. VPLS service packet;
步骤 39: 将所述 VPLS业务报文通过 PE出口端发送给相应的 CE; 具体为才艮据接收报文的目的 MAC地址信息查找配置的 VSI信息将报文 转发给相应的 CE,也就是说,在 PE出口端需要将报文转发给相应的 CE时: 首先需要通过收到的 L2TPv3报文中携带的 Session ID (会话 ID )来决 定该报文属于哪个 VSI;  Step 39: The VPLS service packet is sent to the corresponding CE through the PE egress end. Specifically, the VSI information is forwarded to the corresponding CE according to the destination MAC address information of the received packet, that is, the packet is forwarded to the corresponding CE. To forward the packet to the corresponding CE at the egress end of the PE: First, determine the VSI to which the packet belongs by using the session ID (session ID) carried in the received L2TPv3 packet.
之后, 再在相应的 VSI 中查找相应的目的 MAC地址信息。 如果目的 MAC是广播、 组播或在 VSI中不存在, 则将该报文通过该 VPLS所有的接 口转发给相应的 CE; 如果目的 MAC地址在 VSI中存在, 则仅将该报文通 过从 VSI中查找到的指定的接口转发给相应的 CE。  Then, find the corresponding destination MAC address information in the corresponding VSI. If the destination MAC address is broadcast, multicast, or does not exist in the VSI, the packet is forwarded to the corresponding CE through all the interfaces of the VPLS. If the destination MAC address exists in the VSI, the packet is only passed from the VSI. The specified interface found in the forwarding is forwarded to the corresponding CE.
此外, 当该 PE从远端 PE收到带有 MAC地址是 M的数据报文时, 可 以将 MAC地址 M和远端 PE的会话 ID相关联, 以便于本端 PE向对端 PE 返回相应的 艮文时查找, 并通过相应的伪线将报文准确返回给远端 PE。  In addition, when the PE receives the data packet with the MAC address being M from the remote PE, the MAC address M can be associated with the session ID of the remote PE, so that the local PE returns the corresponding information to the peer PE. When searching, the message is accurately returned to the remote PE through the corresponding pseudowire.
另外, 本发明中所述的 VSI中的 MAC地址是需要被老化的, 当在 VSI 中增加一个 MAC地址表项时, 将同时会启动一个老化定时器。 当收到一个 源 MAC是 M的报文时, MAC地址 M对应的表项的老化定时器将被刷新。  In addition, the MAC address in the VSI described in the present invention needs to be aged. When a MAC address entry is added to the VSI, an aging timer is started. When receiving a packet whose source MAC address is M, the aging timer of the entry corresponding to the MAC address M will be refreshed.
本发明实施例的在 IP骨干网上支持 VPLS业务的系统如图 4所示, 所 述的系统的实施例包括通过 IP骨干网互连的 PE设备 401和 402。其中, PE 设备 401和 402之间具有用于传输 VPLS业务的 L2TPv3隧道。 PE设备 401 和 402可以互为 VPLS源端 PE设备和 VPLS目的端 PE设备。  A system for supporting a VPLS service on an IP backbone network according to an embodiment of the present invention is shown in FIG. 4, and an embodiment of the system includes PE devices 401 and 402 interconnected by an IP backbone network. The PE devices 401 and 402 have an L2TPv3 tunnel for transmitting VPLS services. PEs 401 and 402 can be VPLS source PEs and VPLS destination PEs.
在传输 VPLS报文时, VPLS源端 PE设备将待发送的 VPLS业务封装 为 L2TPv3报文, 并通过所述 L2TPv3隧道发送。 VPLS目的端 PE设备从接 收的 L2TPv3报文中解析出所述 VPLS业务, 并发送给 VPLS业务接收端。  When the VPLS packet is transmitted, the VPLS source PE device encapsulates the VPLS service to be sent as an L2TPv3 packet and sends the packet through the L2TPv3 tunnel. The VPLS destination PE device parses the VPLS service from the received L2TPv3 packet and sends it to the VPLS service receiver.
在一种具体实现中, 在 PE设备 401和 402中分别设置有:  In a specific implementation, the PE devices 401 and 402 are respectively provided with:
配置信息保存模块 410: 用于保存 VPLS业务的 VSI配置信息, 所述的 The configuration information saving module 410 is configured to save VSI configuration information of the VPLS service, where
VSI配置信息包括以 VSI ID索引的具体的 VSI信息,以及 VSI ID与 L2TPv3 隧道的会话 ID的关联信息, MAC地址列表; 还保存有对端 PE的 IP地址 信息, 及本端 PE分配获得的 Cookie信息; L2TPv3隧道建立模块 420: 用于在 VPLS业务的源端 PE和目的端 PE 之间建立相应的 L2TPv3隧道,即建立用于传输 VPLS业务的 L2TPv3伪线;The VSI configuration information includes the specific VSI information indexed by the VSI ID, and the association information between the VSI ID and the session ID of the L2TPv3 tunnel, the MAC address list, and the IP address information of the peer PE and the cookie obtained by the local PE. information; The L2TPv3 tunnel establishment module 420 is configured to establish a corresponding L2TPv3 tunnel between the source PE and the destination PE of the VPLS service, that is, establish an L2TPv3 pseudowire for transmitting the VPLS service.
VPLS发送处理模块 430: 用于在交换为远端时, 根据配置信息保存模 块 410中保存的信息将从 CE接收的待发送的 VPLS报文封装为 L2TPv3报 文, 并通过相应的 L2TPv3伪线发送; 在交换为本地时, 通过根据 VSI查找 获得的该 PE的相应接口将 VPLS报文转发给相应的 CE。 The VPLS transmission processing module 430 is configured to encapsulate the VPLS packet to be sent received by the CE into an L2TPv3 packet according to the information stored in the configuration information saving module 410, and send the packet through the corresponding L2TPv3 pseudowire. When the switch is local, the VPLS packet is forwarded to the corresponding CE by the corresponding interface of the PE obtained by the VSI search.
VPLS接收处理模块 440: 用于接收对端的 VPLS发送处理模块发来的 L2TPv3报文, 并去掉 L2TPv3报文头; 将获得的 VPLS报文根据配置信息 保存模块 410保存的信息将其转发给相应的 CE。  The VPLS receiving and processing module 440 is configured to: receive the L2TPv3 packet sent by the VPLS sending processing module of the peer end, and remove the L2TPv3 packet header; forward the obtained VPLS packet according to the information held by the configuration information saving module 410 to the corresponding CE.
请参阅图 5, 图 5是图 4所示的 PE设备的一个实施例的框图。  Please refer to FIG. 5. FIG. 5 is a block diagram of an embodiment of the PE device shown in FIG.
该实施例中, PE设备包括: 配置信息保存模块 410、 L2TPv3隧道建立 模块 420、 VPLS发送处理模块 430和 VPLS接收处理模块 440。  In this embodiment, the PE device includes: a configuration information saving module 410, an L2TPv3 tunnel establishment module 420, a VPLS transmission processing module 430, and a VPLS reception processing module 440.
其中 , 所述 L2TPv3隧道建立模块 420包括:  The L2TPv3 tunnel establishment module 420 includes:
信息交换模块 421 , 用于基于 L2TPv3和对端 PE交换本地的 Cookie信 息, 以便于后续过程中建立相应的基于 L2TPv3的控制连接和会话;  The information exchange module 421 is configured to exchange local cookie information based on the L2TPv3 and the peer PE, so as to establish a corresponding L2TPv3-based control connection and session in a subsequent process;
伪线建立模块 422, 用于基于 L2TPv3建立用来承载传输 VPLS的点对 点的伪线或点对多点的伪线;  The pseudowire establishing module 422 is configured to establish, according to the L2TPv3, a pseudowire or a point-to-multipoint pseudowire for carrying a point-to-point transmission of the VPLS;
连接和会话建立模块 423, 利用信息交换模块 421 交换获得的对端 PE 的 Cookie信息基于 L2TPv3建立相应的 L2TPv3控制连接和会话。  The connection and session establishment module 423 exchanges the obtained cookie information of the peer PE by using the information exchange module 421 to establish a corresponding L2TPv3 control connection and session based on the L2TPv3.
关联模块 424, 用于将基于该伪线建立的会话对应的会话 ID与 VSI ID 关联。  The association module 424 is configured to associate a session ID corresponding to the session established based on the pseudowire with a VSI ID.
所述 VPLS发送处理模块 430包括:  The VPLS transmission processing module 430 includes:
VPLS报文封装单元 431 , 用于在交换为远端时根据 VPLS报文进入的 附属电路确定对应的 VPLS的 VSI ID信息, 查找相应的 VSI对应的伪线信 息, 根据相应的伪线信息进行 L2TPv3报文的封装处理;  The VPLS packet encapsulating unit 431 is configured to determine, according to an affiliation circuit of the VPLS packet, the VSI ID information of the corresponding VPLS, and find the pseudowire information corresponding to the corresponding VSI, and perform L2TPv3 according to the corresponding pseudowire information. Packet encapsulation processing;
L2TPv3报文发送模块 432, 用于根据目的 MAC地址查找相应的 VSI, 根据查找结果确定目的 PE,将封装后的 L2TPv3报文经过 L2TPv3伪线传送 给目的 PE; VPLS报文发送单元 433, 用于在交换为本地时 居目的 MAC地址查 找相应的 VSI, 通过根据 VSI查找获得的该 PE的相应接口将 VPLS报文转 发给相应的 CE。。 The L2TPv3 packet sending module 432 is configured to search for a corresponding VSI according to the destination MAC address, determine the destination PE according to the search result, and transmit the encapsulated L2TPv3 packet to the destination PE through the L2TPv3 pseudowire; The VPLS packet sending unit 433 is configured to search for a corresponding VSI when the localized MAC address is exchanged, and forward the VPLS packet to the corresponding CE by using the corresponding interface of the PE obtained by the VSI. .
所述目的 PE具体可以为单个 PE, 也可能是很多 PE。 如果 VPLS为点 到多点的业务, 则所述 PE便为多个目的 PE。 如果从 CE收到的报文是一个 广播或多播报文或是目的 MAC地址在 VSI中未找到相应的匹配项, 则该 PE应该向该 VPLS中的所有其他 PE发该报文,即将该报文发给该 VPLS中 所有的伪线。  The destination PE may be a single PE or many PEs. If the VPLS is a point-to-multipoint service, the PE is a plurality of destination PEs. If the packet received from the CE is a broadcast or multicast message or the destination MAC address does not find a corresponding match in the VSI, the PE should send the packet to all other PEs in the VPLS. The text is sent to all the pseudowires in the VPLS.
需要说明的是, 如果目的 MAC在 VSI中存在, 并且交换是远端, 则将 该报文进行 L2TPv3封装后传给相应的 PE。 如果目的地址在 VSI中存在, 但交换是本地的, 即由一个 CE通过该 PE将报文发送给另一个 CE, 则该报 文将通过该 PE 的相应接口直接转发给相应的 CE, 而不再需要进行任何 L2TPv3封装, 转发该报文的相应接口具体是根据 VSI查找获得的。  It should be noted that if the destination MAC exists in the VSI and the exchange is remote, the packet is encapsulated in L2TPv3 and then transmitted to the corresponding PE. If the destination address is in the VSI, but the exchange is local, that is, a CE sends the packet to the other CE through the PE, the packet is forwarded directly to the corresponding CE through the corresponding interface of the PE. Any L2TPv3 encapsulation is required, and the corresponding interface for forwarding the packet is specifically obtained according to the VSI lookup.
所述 VPLS接收处理模块 440包括:  The VPLS receiving processing module 440 includes:
L2TPv3解封装模块 441 , 用于对接收的承载有 VPLS业务的 L2TPv3 报文进行解封装, 获得 VPLS业务报文;  The L2TPv3 decapsulation module 441 is configured to decapsulate the received L2TPv3 packet carrying the VPLS service, and obtain the VPLS service packet.
VPLS业务报文发送模块 442, 用于根据在配置的 VSI信息中查找所接 收报文的目的 MAC地址信息, 根据查找结果将报文转发给相应的 CE。  The VPLS service packet sending module 442 is configured to search for the destination MAC address information of the received packet according to the configured VSI information, and forward the packet to the corresponding CE according to the search result.
请一并参阅图 6, 具体实现时, 所述 VPLS业务报文发送模块 442可以 包括:  Referring to FIG. 6, the VPLS service packet sending module 442 may include:
VSI确定模块 4421 , 用于通过收到的 L2TPv3报文中携带的会话 ID确 定该报文所属的 VSI;  The VSI determining module 4421 is configured to determine, by using the session ID carried in the received L2TPv3 packet, the VSI to which the packet belongs.
地址信息查找模块 4422, 用于在所述 VSI确定模块确定的 VSI中查找 相应的目的 MAC地址信息;  The address information searching module 4422 is configured to search for a corresponding destination MAC address information in the VSI determined by the VSI determining module.
转发模块 4423, 用于根据所述地址信息查找模块查找到的地址信息转 发给相应的 CE。  The forwarding module 4423 is configured to forward the address information found by the address information lookup module to the corresponding CE.
具体地, 如果目的 MAC是广播、 組播或在 VSI中不存在, 则将该报文 通过该 VPLS所有的接口转发给相应的 CE; 如果目的 MAC地址在 VSI中 存在 , 则仅将该报文通过从 VSI中查找到的指定的接口转发给相应的 CE。 此外,所述: PE设备还可以包括第一地址学习模块和第二地址学习模块。 当 PE从 CE收到一个 VPLS报文后, 如果这个报文的源 MAC地址 M 没有存在于 VSI中,第一地址学习模块用于将 MAC地址 M学习到这个 MAC 地址 M所在端口对应的 VSI中, 以备下次处理 文时应用。 Specifically, if the destination MAC address is broadcast, multicast, or does not exist in the VSI, the packet is forwarded to the corresponding CE through all interfaces of the VPLS; if the destination MAC address is in the VSI If yes, only the packet is forwarded to the corresponding CE through the specified interface found in the VSI. In addition, the PE device may further include a first address learning module and a second address learning module. After the PE receives a VPLS packet from the CE, if the source MAC address M of the packet does not exist in the VSI, the first address learning module is configured to learn the MAC address M into the VSI corresponding to the port where the MAC address M is located. , in case of processing the text application next time.
当该 PE从远端 PE收到带有 MAC地址是 M的数据报文时, 第二地址 学习模块用于将 MAC地址 M和远端 PE的会话 ID相关联, 以便于本端 PE 向对端 PE返回相应的报文时查找, 并通过相应的伪线将报文准确返回给远 端 PE。  When the PE receives the data packet with the MAC address being M from the remote PE, the second address learning module is configured to associate the MAC address M with the session ID of the remote PE, so as to facilitate the local PE to the peer end. When the PE returns the corresponding packet, it searches for the packet and returns the packet to the remote PE through the corresponding pseudowire.
需要说明的是, 通常会在各 PE设备中均设置上述各模块, 以便于任一 It should be noted that each of the above modules is usually set in each PE device, so as to facilitate any
PE均可以作为 VPLS的源端及目的端, 从而保证 VPLS基于 L2TPv3隧道 的可靠传送。 The PE can be used as the source and destination of the VPLS to ensure reliable transmission of the VPLS based on the L2TPv3 tunnel.
综上所述, 本发明的实施例通过将 VPLS报文封装为 L2TPv3报文后在 IP骨干网传输, 使 VPLS网络建立在 IP骨干网上; 此外, 在 VLPS协议报 文中设置 64位随机数, 以提高系统的安全性, 防止报文欺骗攻击。  In summary, the embodiment of the present invention encapsulates a VPLS packet into an L2TPv3 packet and then transmits the VPLS network on the IP backbone network. In addition, a 64-bit random number is set in the VLPS protocol packet. To improve system security and prevent packet spoofing attacks.
以上所述,仅为本发明较佳的具体实施方式,但本发明的保护范围并不 局限于此,任何熟悉本技术领域的技术人员在本发明揭露的技术范围内,可 轻易想到的变化或替换, 都应涵盖在本发明的保护范围之内。 因此, 本发明 的保护范围应该以权利要求的保护范围为准。  The above is only a preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily think of changes or within the technical scope disclosed by the present invention. Alternatives are intended to be covered by the scope of the present invention. Therefore, the scope of protection of the present invention should be determined by the scope of the claims.

Claims

权 利 要 求 Rights request
1、 一种在 IP骨干网上承载 VPLS业务的方法, 其特征在于, 包括: 建立用于传输虚拟私有局域网服务 VPLS业务的第三版二层隧道协议 A method for carrying a VPLS service on an IP backbone network, the method comprising: establishing a third version of a Layer 2 tunneling protocol for transmitting a virtual private local area network service VPLS service
L2TPv3隧道; L2TPv3 tunnel;
在 L2TP报文发送端,将待发送的 VPLS业务封装为 L2TPv3报文, 并通过 所述 L2TPv3隧道发送;  The VPLS service to be sent is encapsulated into an L2TPv3 packet and sent by the L2TPv3 tunnel.
在 L2TPv3报文接收端, 从接收的 L2TPv3报文中解析出所述 VPLS业务, 并发送给 VPLS业务接收端。  The VPLS service is parsed from the received L2TPv3 message and sent to the VPLS service receiving end.
2、 居权利要求 1所述的在 IP骨干网上承载 VPLS业务的方法, 其特征 在于, 所述的建立用于传输 VPLS业务的 L2TPv3隧道, 包括:  The method for carrying the VPLS service on the IP backbone network according to claim 1, wherein the establishing the L2TPv3 tunnel for transmitting the VPLS service includes:
根据待发送的 VPLS业务的目的端信息建立本端的服务提供商边缘设备 PE与至少一个对端 PE之间的 L2TPv3隧道;  Establishing an L2TPv3 tunnel between the service provider edge device PE and the at least one peer PE according to the destination information of the VPLS service to be sent;
关联所述建立的 L2TPv3隧道信息与所述 VPLS业务对应的虚拟交换实 例 VSI。  Associate the established L2TPv3 tunnel information with the virtual switching instance VSI corresponding to the VPLS service.
3、 才艮据权利要求 2所述的在 IP骨干网上承载 VPLS业务的方法, 其特征 在于, 所述的建立用于传输 VPLS业务的 L2TPv3隧道, 还包括:  The method for carrying the VPLS service on the IP backbone network according to claim 2, wherein the establishing the L2TPv3 tunnel for transmitting the VPLS service, the method further includes:
本端 PE将建立的 L2TPv3隧道信息与 VPLS业务对应的 VSI的关联发送给 各 L2TPv3隧道的对端 PE, 并保存于对端 PE中。  The local PE sends the association between the L2TPv3 tunnel information and the VSI corresponding to the VPLS service to the peer PE of each L2TPv3 tunnel and saves it in the peer PE.
4、 才艮据权利要求 3所述的在 IP骨干网上支持 VPLS业务的实现方法, 其 特征在于, 所述的本端 PE将建立的 L2TPv3隧道信息与 VPLS业务对应的 VSI 的关联发送给各 L2TPv3隧道的对端 PE, 具体为:  The method for supporting the VPLS service on the IP backbone network according to claim 3, wherein the local PE sends the association between the established L2TPv3 tunnel information and the VSI corresponding to the VPLS service to each L2TPv3. The peer PE of the tunnel is specifically:
本端 PE将建立的 L2TPv3隧道对应的会话标识 ID和与其关联的 VPLS业 务对应的虚拟交换实例标识 VSI ID信息发送给对端 PE。  The local PE sends the session ID of the L2TPv3 tunnel and the VSI ID of the virtual switch instance ID corresponding to the VPLS service to the peer PE.
5、 根据权利要求 1所述的在 IP骨干网上承载 VPLS业务的方法, 其特征 在于, 在所述的建立用于传输 VPLS业务的 L2TPv3隧道之后, 还包括:  The method for carrying the VPLS service on the IP backbone network according to claim 1, wherein after the establishing the L2TPv3 tunnel for transmitting the VPLS service, the method further includes:
通过建立的 L2TPv3隧道在两端 PE之间的信息交换过程交换两端 PE间 的各自分配的 Cookie信息。  Through the established L2TPv3 tunnel, the information exchange process between the PEs at both ends exchanges the respective cookie information between the two PEs.
6、 根据权利要求 1所述的在 IP骨干网上承载 VPLS业务的方法, 其特征 在于, 所述的将待发送的 VPLS业务封装为 L2TPv3报文, 包括: 本端 PE接收到用户侧边缘设备 CE发来的需要发送的 VPLS业务报文时, 查找配置的以附属电路标识的该 VPLS业务对应的 VSI信息, 确定目的 PE的 媒体接入控制 MAC地址; The method for carrying the VPLS service on the IP backbone network according to claim 1, wherein the VPLS service to be sent is encapsulated into an L2TPv3 message, including: When receiving the VPLS service packet sent by the user-side edge device CE, the local PE searches for the VSI information corresponding to the VPLS service identified by the attached circuit, and determines the media access control MAC address of the destination PE.
根据查找确定的目的 PE的 MAC地址将所述的 VPLS业务报文封装为 L2TPv3报文。  The VPLS service packet is encapsulated into an L2TPv3 packet according to the MAC address of the destination PE.
7、 根据权利要求 1所述的在 IP骨干网上承载 VPLS业务的方法, 其特征 在于, 所述的将待发送的 VPLS业务封装为 L2TPv3报文, 并通过所述 L2TPv3 隧道发送, 包括:  The method for carrying a VPLS service on an IP backbone network according to claim 1, wherein the VPLS service to be sent is encapsulated into an L2TPv3 message and sent through the L2TPv3 tunnel, including:
当所述的 VPLS业务报文为广播或多播报文,或者,在 VSI信息中未查找 到相应的 MAC地址,则将所述 VPLS业务报文封装为 L2TPv3报文后,发送给 , 该 VPLS包括的所有对端 PE。  And when the VPLS service packet is a broadcast or a multicast packet, or the corresponding MAC address is not found in the VSI information, the VPLS service packet is encapsulated into an L2TPv3 packet, and the VPLS is included. All peer PEs.
8、 根据权利要求 1所述的在 IP骨干网上承载 VPLS业务的方法, 其特征 在于, 还包括:  The method for carrying a VPLS service on an IP backbone network according to claim 1, further comprising:
当 PE接收到 CE发来的 VPLS业务报文为本地交换时, 则将所述 VPLS业 务 4艮文通过本地接口转发给相应的 CE。  When the PE receives the VPLS service packet sent by the CE as the local exchange, the PE forwards the VPLS service to the corresponding CE through the local interface.
9、 根据权利要求 1所述的在 IP骨干网上承载 VPLS业务的方法, 其特征 在于,所述的从接收的 L2TPv3报文中解析出所述 VPLS业务,并发送给 VPLS 业务接收端的步骤, 包括:  The method for carrying a VPLS service on an IP backbone network according to claim 1, wherein the step of parsing the VPLS service from the received L2TPv3 message and sending it to the VPLS service receiving end includes :
作为目的 PE接收所述 L2TPv3报文后, 根据所述报文中的会话 ID确定该 报文对应的 VSI, 并在该 VSI中查找确定目的 CE的 MAC地址;  After receiving the L2TPv3 packet, the PE determines the VSI corresponding to the packet according to the session ID in the packet, and searches for a MAC address of the destination CE in the VSI.
根据查找确定的目的 CE的 MAC地址信息, 将去掉 L2TPv3报文头的 VPLS业务报文发送给相应的 CE。  The VPLS service packet with the L2TPv3 packet header removed is sent to the corresponding CE according to the MAC address information of the destination CE.
10、根据权利要求 1所述的在 IP骨干网上承载 VPLS业务的方法, 其特征 在于, 所述的从接收的 L2TP报文中解析出所述 VPLS业务, 并发送给 VPLS 业务接收端, 包括:  The method for carrying the VPLS service on the IP backbone network according to claim 1, wherein the parsing the VPLS service from the received L2TP packet and sending the VPLS service to the VPLS service receiving end includes:
如果 PE接收到的 L2TPv3报文为广播或多播报文,或者,在 VSI中未找到 目的 CE的 MAC地址, 则将去掉 L2TPv3报文头的 VPLS业务报文发送给该 VPLS包含的该 PE下连接的所有 CE。  If the L2TPv3 message received by the PE is a broadcast or a multicast message, or the MAC address of the destination CE is not found in the VSI, the VPLS service packet with the L2TPv3 packet header is removed and sent to the PE connection included in the VPLS. All CE.
11、根据权利要求 1所述的在 IP骨千网上承载 VPLS业务的方法, 其特征 在于, 还包括: 11. The method for carrying VPLS services on an IP backbone network according to claim 1, characterized in that It also includes:
当 PE接收到 CE发来的 VPLS报文时, 如果该报文的源 MAC地址不存在 于 VSI中, 则将其加入到学习到该 MAC地址的端口对应的 VSI中;  When the PE receives the VPLS packet from the CE, if the source MAC address of the packet does not exist in the VSI, the PE adds it to the VSI corresponding to the port that learns the MAC address.
当该 PE接收到对端 PE发来的 L2TPv3报文时,则将报文中 MAC地址信息 与对端 PE的会话 ID关联。  When the PE receives the L2TPv3 packet from the peer PE, it associates the MAC address information of the packet with the session ID of the peer PE.
12、 根据权利要求 11所述的在 IP骨干网上支持 VPLS业务的实现方法, 其特征在于, 所述的 VSI中的 MAC地址信息设置有对应的老化定时器。  The method for implementing the VPLS service on the IP backbone network according to claim 11, wherein the MAC address information in the VSI is set with a corresponding aging timer.
13、 一种在 IP骨千网上支持 VPLS业务的系统, 包括通过 IP骨干网相连 的 PE设备; 其特征在于, 所述 PE设备包括: '  A system for supporting a VPLS service on an IP backbone network, including a PE device connected through an IP backbone network, wherein the PE device includes:
配置信息保存模块, 用于保存 VPLS业务的 VSI配置信息, 所述的 VSI配 置信息包括以 VSI ID索引的 VSI信息;  a configuration information saving module, configured to save VSI configuration information of the VPLS service, where the VSI configuration information includes VSI information indexed by the VSI ID;
L2TPv3隧道建立模块, 用于在 VPLS业务的源端 PE和目的端 PE之间建 立相应的 L2TPv3隧道;  An L2TPv3 tunnel establishment module is configured to establish a corresponding L2TPv3 tunnel between the source PE and the destination PE of the VPLS service.
VPLS发送处理模块,用于根据所述配置信息将待发送的 VPLS报文封装 为 L2TPv3报文, 并通过 L2TJPv3隧道发送;  The VPLS transmission processing module is configured to encapsulate the VPLS packet to be sent into an L2TPv3 packet according to the configuration information, and send the packet through the L2TJPv3 tunnel;
VPLS接收处理模块, 用于从 L2TPv3隧道接收 L2TPv3报文, 并将其 中的 VPLS报文根据配置信息转发给相应的 CE。  The VPLS receiving and processing module is configured to receive the L2TPv3 packet from the L2TPv3 tunnel, and forward the VPLS packet to the corresponding CE according to the configuration information.
14、 一种 PE设备, 其特征在于, 包括:  14. A PE device, comprising:
配置信息保存模块, 用于保存 VPLS业务的 VSI配置信息, 所述的 VSI配 置信息包括以 VSI ID索引的 VSI信息;  a configuration information saving module, configured to save VSI configuration information of the VPLS service, where the VSI configuration information includes VSI information indexed by the VSI ID;
L2TPv3隧道建立模块, 用于和 VPLS业务的对端 PE之间建立相应的 L2TPv3隧道;  An L2TPv3 tunnel establishment module is configured to establish a corresponding L2TPv3 tunnel between the peer PE and the peer PE of the VPLS service;
VPLS发送处理模块,用于根据所迷配置信息将待发送的 VPLS报文封装 为 L2TPv3报文, 并通过 L2TPv3隧道发送;  The VPLS transmission processing module is configured to encapsulate the VPLS packet to be sent as an L2TPv3 packet according to the configuration information, and send the packet through the L2TPv3 tunnel;
VPLS接收处理模块, 用于从 L2TPv3隧道接收 L2TPv3报文, 并将其 中的 VPLS报文根据配置信息转发给相应的 C  The VPLS receiving and processing module is configured to receive the L2TPv3 packet from the L2TPv3 tunnel, and forward the VPLS packet to the corresponding C according to the configuration information.
15、 根据权利要求 14所述的 PE设备, 其特征在于, 所述 L2TPv3隧道 建立模块包括:  The PE device according to claim 14, wherein the L2TPv3 tunnel establishment module comprises:
信息交换模块, 用于基于 L2TPv3和对端 PE交换本地的 Cookie信息; 伪线建立模块, 用于基于 L2TPv3建立用来承载传输 VPLS的点对点的 伪线或点对多点的伪线; An information exchange module, configured to exchange local cookie information based on the L2TPv3 and the peer PE; a pseudowire establishing module, configured to establish a pseudowire or a point-to-multipoint pseudowire for carrying a point-to-point transmission of the VPLS based on the L2TPv3;
连接和会话建立模块, 利用 Cookie信息交换模块交换获得的对端 PE 的 Cookie信息基于 L2TPv3建立相应的 L2TPv3控制连接和会话。  The connection and session establishment module uses the cookie information exchange module to exchange the obtained cookie information of the peer PE based on the L2TPv3 to establish a corresponding L2TPv3 control connection and session.
关联模块,用于将基于该伪线建立的会话对应的会话 ID与 VSI ID关联。 An association module is configured to associate a session ID corresponding to the session established based on the pseudowire with a VSI ID.
16、 根据权利要求 14所述的 PE设备, 其特征在于, 所述 VPLS发送 处理模块包括: The PE device according to claim 14, wherein the VPLS transmission processing module comprises:
VPLS报文封装模块, 用于根据 VPLS报文进入的附属电路确定对应的 VPLS的 VSI ID信息, 查找相应的 VSI对应的伪线信息, 根据相应的伪线 信息进行 L2TPv3 4艮文的封装处理;  The VPLS packet encapsulating module is configured to determine the VSI ID information of the corresponding VPLS according to the auxiliary circuit that the VPLS packet enters, find the pseudowire information corresponding to the corresponding VSI, and perform L2TPv3 packet encapsulation processing according to the corresponding pseudowire information;
L2TPv3报文发送模块, 用于根据目的 MAC地址查找相应的 VSI, 根 据查找结果确定目的 PE,将封装后的 L2TPv3报文经过 L2TPv3伪线传送给 目的 PE。  The L2TPv3 packet sending module is configured to search for a corresponding VSI according to the destination MAC address, determine the destination PE according to the search result, and transmit the encapsulated L2TPv3 packet to the destination PE through the L2TPv3 pseudowire.
17、 根据权利要求 14所述的 PE设备, 其特征在于, 所述 VPLS接收 处理模块包括:  The PE device according to claim 14, wherein the VPLS receiving processing module comprises:
L2TPv3解封装模块, 用于对接收的承载有 VPLS业务的 L2TPv3报文 进行解封装, 获得 VPLS业务报文;  The L2TPv3 decapsulation module is configured to decapsulate the received L2TPv3 packet carrying the VPLS service, and obtain the VPLS service packet.
VPLS业务报文发送模块, 用于根据所接收报文的目的 MAC地址信息 查找配置的 VSI信息将报文转发给相应的 CE。  The VPLS service packet sending module is configured to forward the configured VSI information to the corresponding CE according to the destination MAC address information of the received packet.
18、 根据权利要求 17所述的 PE设备, 其特征在于, 所述 VPLS业务 报文发送模块包括-.  The PE device according to claim 17, wherein the VPLS service message sending module includes -.
VSI确定模块, 用于通过收到的 L2TPv3报文中携带的会话 ID确定该 才艮文所属的 VSI;  a VSI determining module, configured to determine, by using the session ID carried in the received L2TPv3 packet, the VSI to which the packet belongs;
地址信息查找模块, 用于在所述 VSI确定模块确定的 VSI中查找相应 的目的 MAC地址信息;  An address information searching module, configured to search for a corresponding destination MAC address information in the VSI determined by the VSI determining module;
转发模块,用于根据所述地址信息查找模块查找到的地址信息转发给相 应的 CE。  And a forwarding module, configured to forward, according to the address information found by the address information searching module, to the corresponding CE.
19、 根据权利要求 14所述的 PE设备, 其特征在于, 还包括: 第一地址学习模块,用于学习未存在于 VSI中的从 CE收到的 VPLS报 文的源 MAC地址, 将其加入所在端口对应的 VSI中。 The PE device according to claim 14, further comprising: The first address learning module is configured to learn the source MAC address of the VPLS packet received from the CE that does not exist in the VSI, and add it to the VSI corresponding to the port.
20、 根据权利要求 14所述的 PE设备, 其特征在于, 还包括: 第二地址学习模块, 用于学习从远端 PE收到数据报文的 MAC地址, 将 MAC地址 M和远端 PE的会话 ID相关联。  The PE device according to claim 14, further comprising: a second address learning module, configured to learn a MAC address of the data packet received from the remote PE, and the MAC address M and the remote PE The session ID is associated.
21、 一种在 IP骨干网上支持 VPLS业务的系统, 其特征在于, 包括: 通过 IP骨干网互连的互为 VPLS源端 PE设备和 VPLS目的端 PE设备的第 一 PE设备和第二 PE设备; 所述第一 PE设备和第二 PE设备之间具有用于 传输 VPLS业务的 L2TPv3隧道;  A system for supporting a VPLS service on an IP backbone network, comprising: a first PE device and a second PE device that are interconnected by an IP backbone network and are VPLS source PE devices and VPLS destination PE devices. Having an L2TPv3 tunnel for transmitting VPLS services between the first PE device and the second PE device;
VPLS源端 PE设备用于将待发送的 VPLS业务封装为 L2TPv3报文, 并通过所述 L2TPv3隧道发送;  The VPLS source PE device is configured to encapsulate the VPLS service to be sent as an L2TPv3 packet, and send the packet through the L2TPv3 tunnel.
所述 VPLS 目的端 PE设备用于从接收的 L2TPv3报文中解析出所述 VPLS业务, 并发送给 VPLS业务接收端。  The VPLS destination PE device is configured to parse the VPLS service from the received L2TPv3 message and send it to the VPLS service receiver.
PCT/CN2006/003606 2005-12-31 2006-12-26 Method, system and device for bearing vpls service in ip backbone network WO2007076692A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN200510137224.8 2005-12-31
CNB2005101372248A CN100428739C (en) 2005-12-31 2005-12-31 Implementing method and system for support VPLS service on IP skeletal network

Publications (1)

Publication Number Publication Date
WO2007076692A1 true WO2007076692A1 (en) 2007-07-12

Family

ID=37444139

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2006/003606 WO2007076692A1 (en) 2005-12-31 2006-12-26 Method, system and device for bearing vpls service in ip backbone network

Country Status (2)

Country Link
CN (1) CN100428739C (en)
WO (1) WO2007076692A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114143283A (en) * 2021-11-26 2022-03-04 迈普通信技术股份有限公司 Tunnel self-adaptive configuration method and device, center-end equipment and communication system

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101272403B (en) * 2008-05-27 2011-02-09 华为技术有限公司 Method, system and device for implementing DHCP user service wholesale
CN101931582B (en) * 2009-06-24 2012-07-18 中兴通讯股份有限公司 Method and device for implementing Ethernet two-layer pseudo wire emulation service
CN101729409B (en) * 2009-12-01 2012-05-23 杭州华三通信技术有限公司 Method and device for implementing multirole host computer
CN102891788B (en) * 2011-07-20 2017-08-08 南京中兴软件有限责任公司 VPLS service establishing methods and device
CN102316030B (en) * 2011-09-01 2014-04-09 杭州华三通信技术有限公司 Method for realizing two-layer internetworking of data center and device
CN107261502A (en) * 2017-05-10 2017-10-20 珠海金山网络游戏科技有限公司 A kind of anti-external store system of game on line based on procotol and method
CN113709254B (en) * 2021-09-06 2023-06-16 迈普通信技术股份有限公司 Point-to-multipoint communication method and device, electronic equipment and storage medium

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1468007A (en) * 2002-07-10 2004-01-14 华为技术有限公司 Virtual switch for supplying virtual LAN service and method
CN1503506A (en) * 2002-11-20 2004-06-09 日立通讯技术株式会社 Virtual insertion router

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100399767C (en) * 2003-09-26 2008-07-02 华为技术有限公司 Method for access of IP public net of virtual exchanger system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1468007A (en) * 2002-07-10 2004-01-14 华为技术有限公司 Virtual switch for supplying virtual LAN service and method
CN1503506A (en) * 2002-11-20 2004-06-09 日立通讯技术株式会社 Virtual insertion router

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
LI X.: "Research and Implementation of IP-VPN", ENGINEERING SCIENCE, vol. 4, no. 3, March 2002 (2002-03-01), pages 84 - 91 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114143283A (en) * 2021-11-26 2022-03-04 迈普通信技术股份有限公司 Tunnel self-adaptive configuration method and device, center-end equipment and communication system
CN114143283B (en) * 2021-11-26 2023-10-24 迈普通信技术股份有限公司 Tunnel self-adaptive configuration method and device, central terminal equipment and communication system

Also Published As

Publication number Publication date
CN1870588A (en) 2006-11-29
CN100428739C (en) 2008-10-22

Similar Documents

Publication Publication Date Title
US11528223B2 (en) Enhanced hierarchical virtual private local area network service (VPLS) system and method for Ethernet-Tree (E-Tree) services
WO2009021458A1 (en) Method, apparatus and system for connecting layer2 network and layer3 network
US7339929B2 (en) Virtual private LAN service using a multicast protocol
CN102215170B (en) Method and processor for restraining Internet storm
CA2413570C (en) Address resolution method for a virtual private network, and customer edge device for implementing the method
US8159989B2 (en) Relay network system and terminal adaptor apparatus
US7961738B2 (en) Method for accessing virtual private network, virtual private system, virtual private network and provider edge device thereof
WO2007076692A1 (en) Method, system and device for bearing vpls service in ip backbone network
WO2015074394A1 (en) Method and device for message forwarding
WO2009033428A1 (en) Method, system and device for removing media access control address
WO2009012688A1 (en) Method, system and apparatus for forwarding message in three-layer virtual private network
WO2007062592A1 (en) A system, a method, and a router device of layer 2 virtual private network for interconnecting point/multi-points and multi-points
JP2010506439A (en) Point-to-multipoint capability in bridged networks
WO2011113340A1 (en) Access method and apparatus for multi-protocol label switching layer 2 virtual private network
WO2009021371A1 (en) A method and a device for implementing pseudo wire emulation edge to edge
WO2009067917A1 (en) A method, system and device for sampling message
WO2013139270A1 (en) Method, device, and system for implementing layer3 virtual private network
CN102045250B (en) Forwarding method for multicast message in VPLS, and service provider edge equipment
WO2007031006A1 (en) A virtual switching method which could be routed
WO2008028383A1 (en) Method for identifying the layer 3 protocol in l2vpn heterogeneous medium interconnection and the apparatus and system thereof
EP1318631B1 (en) Address resolution method for a virtual private network, and customer edge device for implementing the method
CN113923076A (en) SD-WAN-based Ethernet two-layer data exchange method
US20070058622A1 (en) Low latency working VPLS
JP2004304574A (en) Communication equipment
WO2014075421A1 (en) Method and apparatus for sending multi-link transparent interconnected data frame

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 06840649

Country of ref document: EP

Kind code of ref document: A1