WO2009082978A1 - Procédé de protection de réseau d'accès, système et nœud de bord d'accès - Google Patents

Procédé de protection de réseau d'accès, système et nœud de bord d'accès Download PDF

Info

Publication number
WO2009082978A1
WO2009082978A1 PCT/CN2008/073811 CN2008073811W WO2009082978A1 WO 2009082978 A1 WO2009082978 A1 WO 2009082978A1 CN 2008073811 W CN2008073811 W CN 2008073811W WO 2009082978 A1 WO2009082978 A1 WO 2009082978A1
Authority
WO
WIPO (PCT)
Prior art keywords
access
backup
edge node
message
virtual
Prior art date
Application number
PCT/CN2008/073811
Other languages
English (en)
Chinese (zh)
Inventor
Zhenting Yang
Original Assignee
Huawei Technologies Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co., Ltd. filed Critical Huawei Technologies Co., Ltd.
Publication of WO2009082978A1 publication Critical patent/WO2009082978A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/2854Wide area networks, e.g. public data networks
    • H04L12/2856Access arrangements, e.g. Internet access

Definitions

  • the present invention relates to the field of communications, and in particular, to a method, a system for accessing a network, a virtual access edge node, and an access edge node. Background technique
  • Network access management and control is an important part of network functionality.
  • users are controlled and managed by creating user access sessions, including user access authentication, authorization, and accounting.
  • access management and control are performed on users of broadband networks mainly by establishing a Point to Point Protocol (PPP) session.
  • PPP Point to Point Protocol
  • IP Internet Protocol
  • the typical single access network system architecture is depicted in Figure 1, including user terminals, access nodes, access aggregation nodes, access edge nodes, and AAA servers/DHCP servers.
  • the user equipment may include a User Equipment (UE) and a Residential Gateway (RG) device; the access node includes a Digital Subscriber Line Access Multiplexer (DSLAM), and a wireless base station. (Base Station, BS), etc.; access aggregation nodes include Ethernet switches, etc.; Access Edge Nodes, ⁇ include access gateways, Broadband Network Gateways (BNGs), broadband remote access servers
  • BRAS Broadband Remote Access Server
  • NAS network servers
  • IP edge devices IP edge devices
  • Policy server includes authentication and accounting
  • AAA Authentication, Authorization and Accounting
  • DHCP dynamic host configuration protocol
  • policy server Store the control policy and deploy the policy to the access node (AN) or AEN.
  • the AAA server configures the subscriber's subscriber profile to the NAS device such as BNG or BRAS to control the user access session.
  • Control policies mainly include Quality of Service (QoS), multicast rights, and deep packet inspection (DPI).
  • QoS Quality of Service
  • DPI deep packet inspection
  • a Layer 2 Control Mechanism (L2CM) or an Access Node Control Protocol (ANCP) connection is a session used by the access network to perform control policy deployment.
  • L2CM Layer 2 Control Mechanism
  • ANCP Access Node Control Protocol
  • a user access session refers to a connection established between a user terminal and an access edge node, such as an IP session.
  • An IP session represents an IP-based access session associated with an IP address.
  • the IP address is the key to identifying an IP session, which is typically dynamically assigned by a DHCP server.
  • IP sessions mainly include the creation of sessions, the maintenance of sessions, and the termination of sessions.
  • the Layer 2 Control Mechanism (L2CM) or the Access Node Control Protocol (ANCP) is an important network edge control mechanism.
  • ANCP is a protocol that implements L2CM. Device control and management are performed between the network edge devices by establishing an L2CM or ANCP device to control the access session.
  • the L2CM or ANCP mechanism generally includes two peer functions: a control function body and a report execution function body.
  • the control function body controls and manages the report execution function body through the ANCP protocol, such as parameter configuration for the report execution function body, the report execution function body is responsible for responding to the control request, and the report execution function body actively reports some status information to the control function body. Such as access link status information (digital subscriber line bandwidth, etc.).
  • the embodiments of the present invention provide a method, a system, and an access edge node for protecting an access network, which can provide redundancy protection for access services in the access network.
  • an embodiment of the present invention provides a method for protecting an access network, where the method includes: when a first virtual access edge node member in a backup group receives a handover indication message, according to the handover indication message, The corresponding stored service control data provides a corresponding IP user access session service and/or a device control access session service to replace the second virtual access edge node member in the same backup group.
  • an embodiment of the present invention provides an access edge node, where the system includes at least one backup group, where the backup group includes at least a first virtual access edge node member and a second virtual access edge.
  • the first virtual access edge node member is configured to provide an access service for the user
  • the second virtual access edge node member is configured to: when the access service fails, according to the received inclusion switch And the switching indication of the identity, performing an access service switching, to replace the first virtual access edge node member.
  • An embodiment of the present invention further provides a protection system for an access network, where the system includes at least one backup group, where the backup group includes at least two virtual access edge nodes, and the virtual access edge node is connected.
  • the ingress edge node establishes an access session for the user and performs an access session switch, where the access edge node includes:
  • a service providing module configured to provide user access session management and/or device control access session management according to activated service control data in the data storage module; and activate corresponding service control data in the data storage module according to the notification of the handover processing module ;
  • a data storage module configured to store service control data and member status information
  • a switching processing module configured to notify the service providing module according to the received first switching indication Corresponding service control data in the live data storage module;
  • a member management module configured to manage member status information of the backup group where the virtual access edge node is located in the data storage module, and send a first handover indication to the handover processing module when the member status is faulty.
  • At least one AEN is added to the access network.
  • the other AEN can switch the access service on the faulty AEN to ensure the normal operation of the access service.
  • the incoming service provides a redundant protection mechanism that increases the reliability of the network.
  • FIG. 1 is a schematic structural diagram of an access network system in the prior art
  • FIG. 2 is a schematic diagram of an architecture of a specific embodiment of a protection system for an access network according to the present invention
  • FIG. 3 is a schematic diagram of a specific embodiment of a virtual access edge node of FIG. 2
  • FIG. 4 is a schematic diagram showing the composition of a specific embodiment of the switching processing module of FIG. 3;
  • FIG. 5 is a schematic diagram showing the composition of a specific embodiment of the member management module in FIG. 3;
  • FIG. 6 is a schematic diagram of another embodiment of a virtual access edge node in FIG. 2.
  • FIG. 6.1 is a schematic diagram of a specific embodiment of the data backup module in FIG. 6.
  • FIG. 7.0 is a protection diagram of an access network according to the present invention.
  • FIG. 7 is a schematic flowchart diagram of a second specific embodiment of a method for protecting an access network according to the present invention;
  • FIG. 8 is a specific implementation of a method for implementing member management by a member management module in FIG. Schematic diagram of the process;
  • FIG. 9 is a schematic flowchart diagram of a third specific embodiment of a method for protecting an access network according to the present invention.
  • 10 is a schematic flowchart of a fourth embodiment of a method for protecting an access network according to the present invention.
  • FIG. 11 is a schematic flowchart of a fifth embodiment of a method for protecting an access network according to the present invention.
  • FIG. 13 is a schematic diagram of a specific embodiment of a method for implementing a VAEN by a virtual road entity;
  • FIG. 9 is a schematic flowchart diagram of a third specific embodiment of a method for protecting an access network according to the present invention.
  • 10 is a schematic flowchart of a fourth embodiment of a method for protecting an access network according to the present invention.
  • FIG. 11 is a schematic flowchart of a fifth embodiment of a method for protecting an access network according to the present invention.
  • FIG. 13 is a schematic diagram of a specific embodiment of a method for implementing a VAEN by a virtual road
  • Figure 14 is a schematic illustration of one embodiment of the composition of various corresponding messages in the present invention. detailed description
  • the access network protection system has at least one backup group, and the backup group includes at least two members of a virtual access edge node (VAEN), wherein the VAEN provides a user access session.
  • VAEN virtual access edge node
  • Accessing services such as management or access control policy deployment (device control access session management), and controlling the access service to switch between members of the backup group in which the VAEN is located, for example: when in the access network
  • VAEN of the user establishment session cannot continue to serve the user access session due to a fault or the like
  • the session can be switched to other VAENs in the backup group to protect the access session.
  • User access session management provided by VAEN includes user access session creation, maintenance, and termination management.
  • the device control access session management provided by VAEN includes management report execution function device, such as: DSLAM, report status information, management report execution function device configuration access control policy, such as: multicast permission table, access control list, and so on.
  • the backup group members can be used as the primary VAEN and the standby VAEN, that is, in the active/standby mode, or the backup members are mutually backup, that is, in the load sharing protection mode.
  • Working in primary and backup protection Only one VAEN in the backup group in the mode is in the active state. Only the VAEN in the active state provides the access service, and the VAEN in the standby state provides protection. In the load sharing protection mode, the VAENs in the backup group protect each other.
  • the backup group includes two VAEN (VAEN1 and VAEN2) members. VAEN1 and VAEN2 can work in active/standby protection or load sharing protection mode.
  • VAEN1 and VAEN2 can work in active/standby protection or load sharing protection mode.
  • VAEN can be a logical entity. Different VAENs in the same backup group can be located in the same physical AEN device. For example: Different VAENs can be implemented on different boards of AEN, or can be distributed in multiple independent AENs. In the device, but an AEN device includes at least one VAEN. In a specific implementation, the VAEN can be a virtual router (VR) or a logical partition of the AEN.
  • VR virtual router
  • the access network protection system may further include an AN and/or a user terminal, and the AN has a connection link between at least one VAEN, and the AN may use different connection links (ie, a redundant connection link) with different VAENs.
  • the same connection link can also be used.
  • the connection link includes a physical connection link or a logical connection link, and the logical connection link refers to a logical channel implemented on the physical connection link, for example: Virtual Local Area Network (VLAN), ? j Permanent Virtual Circuit (PVC), Label Switched Path (LSP), Operational Backbone Transfer (PBT) channel, etc.
  • VLAN Virtual Local Area Network
  • PVC Permanent Virtual Circuit
  • LSP Label Switched Path
  • PBT Operational Backbone Transfer
  • the virtual access edge node (VAEN) 20 includes a service providing module 200, a handover processing module 202, Member management module 204, data storage module 206, wherein:
  • the service providing module 200 is configured to provide access services such as user access session management and/or device control access session management, and specifically includes creating or deleting a service control data record being used.
  • the service control data record includes a user access session data record, a control policy data record, a topology information data record, and the like.
  • the service providing module 200 may further include a user access session management sub-module 2002 and/or a policy deployment management sub-module 2004.
  • the user access session management sub-module 2002 is configured to provide a user access session management service, including: creating or terminating a user access session, charging a user access session, and forwarding a user access session message.
  • the user terminal negotiates with the user terminal to create or delete a user access session data record, and performs charging for the user access session, forwarding the user access session, and the like according to the user access session data record.
  • the policy deployment management sub-module 2004 is used to provide device control access session management, including creating or updating a control policy data record or topology information data record being used.
  • the control policy may be configured for the AN or the AN topology information may be collected or the AN policy execution feedback information may be collected.
  • the handover processing module 202 is configured to process the handover indication and perform a corresponding traffic handover.
  • the service switching may include: according to the received handover indication, the notification service providing module 200 activates the dormant service control data record, and the service providing module 200 may The activated service control data provides an access session service service.
  • the service switching includes sending a handover indication, notifying the service providing module 200 to sleep or delete the corresponding service control data record, and the service providing module 200 stops providing the access corresponding to the service control data record. Conversational business.
  • the member management module 204 is configured to manage member status information of the backup group, and trigger a handover processing indication according to the member status of the backup group managed by the member.
  • the data storage module 206 is configured to store service control data and member status information of the backup group. Member status tracking records may also be included in the member status information of the backup group.
  • the stored service control data includes the service control data record being used and the dormant service control data record.
  • the handover processing module 202 of the virtual access edge node 20 may further include a handover indication submodule 2020 and a handover smoothing submodule 2022.
  • the handover indication sub-module 2020 is configured to send or receive a handover indication.
  • the handover indication sub-module 2020 can be configured to receive a handover indication.
  • the handover indication is performed.
  • Sub-module 2020 can be used to send a handover indication.
  • the handover smoothing sub-module 2022 is configured to perform handover smoothing processing according to the handover indication of the handover indication sub-module 2020, that is, to determine the dormant traffic control data record according to the handover instruction and perform handover processing according to the data.
  • the handover smoothing sub-module 2022 can be used to complete the handover smoothing process of the session switching from the other VAEN to the local VAEN according to the handover indication received by the handover indication sub-module; when the session is switched from the VAEN to the other At the time of VAEN, the switching smoothing sub-module 2022 can be used to complete the switching process of the present VAEN according to the switching instruction.
  • the member management module 204 further includes a member registration sub-module 2040, a member maintenance sub-module 2042, and a member aging sub-module 2044.
  • the member registration sub-module 2040 is used for members to negotiate registration and record member status information
  • the member maintenance sub-module 2042 is used to monitor the member status, including its own status and peer member status.
  • the member aging sub-module 2044 is configured to: after the member maintenance sub-module 2042 monitors the member status failure, set the member of the status failure to be unavailable or remove the member from the backup group, and send the switching indication to the handover indication sub-module 2020. .
  • the virtual access edge node 20 may further include a data backup module 208, configured to process backup data, such as sending backup service control data or receiving backup service control data, and processing the received backup service control data.
  • the data backup module 208 further includes a batch backup sub-module 2082 and a real-time backup sub-module 2084, and the batch backup sub-module 2082 is used. Receiving the instructions of the member management module, and processing the backup service control data in batches according to the instructions, such as batch backup service data.
  • the real-time backup sub-module 2084 is used to process backup service control data in real time, such as real-time backup service data. For details, refer to the description of the session protection method.
  • Two or more virtual access edge nodes 20 having the above functions may form a backup group, and virtual access edge nodes are mutually protected for backup, and different virtual access edge nodes 20 are implemented by backup stored in the data storage module.
  • the protection of the session is controlled by the member management module, the switching processing module, and the data backup module. This effectively improves the reliability of the network.
  • a specific embodiment of the present invention also provides a method for protecting an access network.
  • the access network includes at least one backup group, and the backup group includes at least two members, such as VAEN1 and VAEN2, and the two VAENs have the function of VAEN in the system as described above, and the protection is through backup.
  • the group member VAEN provides backup protection for access services such as user access session management and/or access policy deployment (device control access session management), that is, the service providing modules of VAEN1 and VAEN2 can alternately provide access session management and/or Access policy deployment (device control access session management).
  • the access network protection method includes:
  • the first virtual access edge node member in the backup group receives the handover indication message.
  • the first virtual access edge node activates the corresponding stored service control data according to the handover indication message, and provides a corresponding IP user access session service and/or a device control access session service to replace the same backup.
  • the second virtual access edge node member in the group is not limited to the group.
  • FIG. 7 is a schematic flowchart of a second specific embodiment of a method for protecting an access network according to the present invention, which mainly includes the following processes:
  • S701 member registration processing.
  • members of the backup group Before the backup group member provides backup protection, members of the backup group must register, that is, record the member status information of the backup group. This information can be recorded by creating a backup group member status record record table.
  • the member of the backup group refers to the virtual access edge node in the backup group.
  • the member status information of the backup group can be pre-configured and saved in the AEN (that is, member registration is performed in advance).
  • the member status information of the backup group can include member ID, member priority, member registration mode, member backup group ID, virtual gateway, Virtual BFD network and so on.
  • the members of the backup group ID of all members form a backup group.
  • AEN can configure one or more backup group members (ie VAEN).
  • the member registration mode can include dynamic registration or static registration.
  • Static registration refers to static creation, such as manual configuration, backup group member status tracking records.
  • Dynamic registration means that members dynamically create backup group member status tracking records through member registration messages.
  • the member VAEN1 starts, it monitors the member registration message.
  • VAEN2 starts, it sends a member registration message.
  • VAEN1 creates a backup group member status tracking record according to the received message.
  • VAEN1 responds to the registration message of VAEN2, and VAEN2 also receives the message of VAEN1.
  • the backup group member status trace record includes a list of members that are currently available (normal status) for the backup group.
  • the member registration sub-module is responsible for handling member registrations (for example: receiving or responding to member registration messages) and triggering the data storage module to store member status trace records.
  • the member status tracking record table also includes the protection mode of the member.
  • the protection mode mainly includes the active/standby protection mode or the load sharing protection mode.
  • the active/standby mode the members in the backup group are classified into the active state and the standby state.
  • the VAEN in the active state provides access session services
  • the standby state provides backup protection.
  • the load sharing protection mode the status of the members in all the backup groups is equal.
  • the access session service can be provided by any member of the backup group (which can be according to a certain policy), that is, the VAEN in the backup group. Provide services together and provide backup protection to each other. In the specific embodiment of the method, this step is optional, that is, when the backup group member has been pre-registered, the registration does not need to be repeated before the session is switched.
  • batch backup processing After the registration of a member of a backup group is completed, the batch backup process is required.
  • the VAEN is used to start the VAEN batch backup service control data.
  • the registered VAEN receives the service control data and caches the service control data.
  • VAEN1 backs up the business control data in bulk to VAEN2.
  • the service control data includes user access session data records and/or control policy data records or topology information data records being used.
  • the batch backup submodule of VAEN1 obtains the service control data being used from the data storage module of the VAEN (ie, VAEN1), and then encapsulates the service control data into the batch backup message, and sends the message to the VAEN2, VAEN2 batch backup.
  • the submodule receives the batch backup message, obtains the service control data, and notifies the service providing module to cache the service control data, that is, saves as the dormant service control data record. This step is optional depending on the actual application.
  • VAEN's service control changes for example: the service provision module creates or terminates a user access session, collects new topology information from the AN, or collects new policy enforcement feedback information from the AN, VAEN's ongoing service control data
  • the service providing module notifies the real-time backup sub-module to encapsulate the changed service control data into the real-time backup message, and then sends the message to VAEN2, and the real-time backup sub-module of VAEN2 receives the real-time backup message and obtains the service control parameter.
  • the service providing module of the VAEN2 is notified to manage the dormant service control data record in the data storage module, for example: adding a dormant service control data record or removing a dormant service control data record. This step is optional depending on the actual application.
  • the VAEN receives the handover indication message, and performs switching or smoothing processing of the access service according to the handover indication.
  • VAEN1 sends a handover indication message to VAEN2, and the handover indication message includes a handover indicator.
  • the switching identifier indicates the switching range, for example, switching all user access sessions created by VAEN1 or a certain user access session.
  • the VAEN2 After receiving the handover indication, the VAEN2 performs the handover of the access service: the handover smoothing submodule of the VAEN2 extracts the dormant service control data record according to the handover indication, for example: extracts all the service control data records corresponding to the session from the VAEN1 backup according to the handover identifier.
  • the service providing module continues to provide the service by using the activated service control data (the dormant service control data record is switched to the service control data being used), if VAEN2 is in the primary backup mode, VAEN2
  • the switch smoothing sub-module also activates the service provisioning module to begin providing services.
  • the VAEN1 can perform the session switching process, which specifically includes: the handover indication module of the VAEN1 triggers the handover smoothing submodule to perform handover according to the handover indication, notifies the service providing module to sleep or delete the service control data record determined by the handover indication, and the service providing module stops providing The dormant or deleted service control data record corresponds to the service of the session.
  • the handover indication may also be sent by the other devices in the access network to the handover smoothing sub-module of VAEN2. If VAEN2 detects a failure of VAEN1, it can generate a handover indication message and send it to the handover smoothing submodule of VAEN2 for session switching processing.
  • the user or the AN may send an access session switch message to the user or the AN of the access session to notify the user or the AN that the current access session needs to be switched.
  • the session switching message is used to perform the switching process of the present.
  • a plurality of virtual access edge nodes are provided to provide a backup access path for an access session, so that backup access can be used when a connection failure occurs in a session.
  • the path serves the access session and improves the reliability of the network.
  • the virtual access edge node used in the access path of the backup can be implemented on the same physical device, which can implement backup protection without adding hardware, and realizes and saves resources.
  • the present invention further provides a backup group.
  • a member management method which can be implemented by the member management module described above. Referring to FIG. 8, the method mainly includes the following steps:
  • the member maintenance process mainly monitors and tracks the member status, and triggers the switching processing operation when the member status failure is detected.
  • Monitoring member status includes monitoring the status of this VAEN status or other VAEN (ie, the remote VAEN) in the backup group, for example, VAEN1 monitors its own status or the status of member VAEN2 in this backup group.
  • VAEN can maintain the status of the member through the member maintenance message. That is, the member sends the message periodically. If the member does not receive the message from the peer in the specified time, the status of the peer member is determined to be faulty.
  • the handover indicator included in the handover indication may be a state failure member identifier.
  • the present invention further provides a method for protecting a hot backup of a user access session of an access network.
  • the method further includes the following steps:
  • VAEN1 creates a user access session (in this example, an IP session) and notify the backup user of the access session.
  • the user access session management sub-module of VAEN1 detects that the user terminal accesses the network request, it negotiates with the user terminal, and VAEN1 creates an IP session (creates and saves the IP session record being used) to provide a user for the user terminal. Access session management service.
  • the user access session management submodule of VAEN1 notifies the data backup module to perform data backup after the IP session is created.
  • VAEN1 sends a real-time backup message, and after receiving the message, VAEN2 caches the IP session (creates and stores the sleeping IP session record).
  • the data backup module of VAEN1 receives the IP session backup notification, checks the peer VAEN2 with the normal state, and the real-time backup submodule of the data backup module of VAEN1 encapsulates the IP session parameters into the real-time backup message. In, then send the message to VAEN2, after receiving the message, VAEN2 caches the IP session (creates and stores the sleeping IP session record).
  • IP session parameters may include IP address, link identifier (PVC, VLAN, access location, etc.), MAC address, lifetime, account name (User-Name), configuration parameters (QoS parameters, multicast rights control table, DPI policy) Etc.), backup type (hot backup or cold backup), survival mechanism parameters (BFD network IP address, My/Your Discriminator local/peer BFD ID, time interval, etc.), gateway ID, etc. Batch backups can also be performed before this real-time backup processing.
  • VAEN1 detects a user access session failure, or receives a network management command sent by another network device (including a handover indication in the instruction), or a VAEN1 failure
  • the handover indication notification VAEN2 performs a handover process.
  • VAEN1 can detect the interruption of the IP session through the survival mechanism or the line failure of the AN reporting user access session to determine the access session failure.
  • the specific implementation may be: after the VAEN1 user access session management submodule detects that the user access session is faulty or the member maintenance submodule detects the VAEN1 fault, notifies the handover indication submodule, and the handover indication submodule constructs a handover indication message according to the fault condition, and then Send to VAEN2.
  • VAEN2 receives the handover indication, parses the handover indication message, and obtains the handover identifier, for example: IP session identifier or member identifier; of course, VAEN2 can trigger VAEN2 to perform handover processing by detecting the state of VAEN1, and start switching or smoothing processing. , this process includes:
  • VAEN2 sends an ARP (Address Resolution Protocol) request message to the user, and the request message can be used to refresh the data forwarding table of the aggregation network or the AN.
  • the ARP request message source IP and MAC address are the gateway IP and MAC address, and the destination IP and MAC address can be the broadcast address or the address of the IP session.
  • VAEN2 can send ARP request messages according to the gateway, interface or user access session. For example: VAEN2 sends the message one by one according to the dormant IP session record, or sends an ARP request message in one VLAN. This step is optional.
  • VAEN2 notifies the AN to perform protection switching.
  • VAEN2 controls the access session to notify the AN protection switching information through the ANCP/L2CM device.
  • the AN After receiving the handover notification, the AN starts the handover process, including the destination path of the AN to switch the DHCP relay or the destination path of the IP session. This step is also an optional step.
  • VAEN2 activates the IP session.
  • the VAEN2 obtains the IP parameters from the dormant IP session record, sets the data forwarding table of the IP session, starts the accounting, and starts the negotiation of the survival mechanism. For example, renegotiating the BFD monitoring connection or starting the ARP probe or neighbor according to the BFD parameters of the backup. Unreachable detection of the NUD, where the renegotiation of the BFD monitoring connection includes the VAEN2 sending the BFD control packet to the user terminal, and the BFD control packet parameters are obtained from the backup BFD parameters.
  • the source IP address of the BFD control packet remains the same as that before the handover. Or establish a security association (IKE negotiation).
  • the IP session is switched to VAEN2, and the user continues to use the user access session for communication, such as file download or web browsing.
  • the IP session of the user terminal can be switched between different VAENs, and the user access session is continually maintained during the handover process.
  • the method can effectively solve the failure of the VAEN or the link failure of the access user.
  • the present invention provides a method for real-time backup of an IP session in detail, which provides consistent IP session data for the backup group members, and ensures that the IP session is backed up. Smooth switching between group members.
  • the method mainly includes the following steps:
  • VAEN1 finally creates an IP session for the user terminal.
  • the specific process can be:
  • the user access session management submodule of the service providing module of the VAEN receives the DHCP discovery (Discovery) message sent by the user terminal, and the VAEN can process the DHCP message according to its own state and configuration, for example: VAEN can discard the message, or The message is forwarded immediately or delayed.
  • the DHCP discovery message sent by the user terminal may be broadcasted.
  • VAEN1 or VAEN2 may receive the DHCP discovery message. In this example, VAEN2 discards the message according to its own state, and VAEN1 forwards the message to the DHCP server.
  • VAEN1 forwards the DHCP offer (Offer) message
  • the user access session management submodule of the service providing module of VAEN1 forwards the message as a DHCP relay or proxy
  • VAEN1 receives the DHCP offer message sent by the DHCP server in response to the DHCP discover message.
  • VAEN1 forwards the DHCP offer message to the user terminal.
  • VAEN1 forwards a DHCP request (Request) message
  • the user access session management sub-module of the service providing module of VAEN1 forwards the message as a DHCP relay or proxy
  • VAEN1 receives the DHCP request message sent by the user terminal, and VAEN1 forwards the DHCP request message.
  • DHCP server To the DHCP server.
  • VAEN1 forwards the DHCP acknowledgement (ACK) message and creates an IP session.
  • VAEN1 receives the DHCP acknowledgement message sent by the DHCP server, parses the message to obtain the IP session parameters, and then creates and stores the IP session record being used.
  • VAEN1 forwards the DHCP acknowledgment message to the user terminal.
  • VAEN1 triggers real-time backup.
  • the specific implementation may be that the user access session management sub-module notifies the real-time backup sub-module to create a real-time backup of the user access session.
  • VAEN1 can select the protection mode according to the user level. For example, if the user corresponding to the IP session is an important customer, the hot backup protection is used. For customers with low level, the protection or cold backup protection can be omitted (for details, see the subsequent description). In this example, the IP session implements hot backup protection.
  • VAEN1 real-time backup created IP session The specific implementation may be that the real-time backup sub-module encapsulates the IP session parameters into a real-time backup message and sends a real-time backup message to VAEN2.
  • the real-time backup message may further include a data type and an operation type, the data type may be an IP session, and the operation type is a creation operation.
  • VAEN2 parses the real-time backup message and obtains the IP address. S1006 to S1007 and VAEN1 negotiate with the user terminal to update the IP session parameters.
  • the specific process may be:
  • VAEN1 forwards a DHCP Request message, and the DHCP request message sent by the user terminal received by VAEN1 is forwarded to the DHCP server.
  • the DHCP request message is used by the user terminal to request an update of the IP session parameters, such as an IP address lease.
  • the VAEN1 forwards the DHCP acknowledgement message and updates the IP session.
  • the VAEN1 receives the DHCP acknowledgement message sent by the DHCP server, parses the message to obtain the IP session update parameter, and then updates the IP session record.
  • VAEN1 forwards the DHCP acknowledgment message to the user terminal.
  • VAEN1 triggers real-time backup. Specifically, the user access session management sub-module notifies the real-time backup sub-module to perform real-time backup of the update session.
  • VAEN1 backs up the updated IP session in real time.
  • the real-time backup sub-module encapsulates the IP session parameters into real-time backup messages and sends real-time backup messages to VAEN2.
  • the real-time backup message may also include an update operation type.
  • VAEN2 After receiving the real-time backup message, VAEN2 obtains the cached sleep IP session record according to the IP session parameters, and finally updates the cached sleep IP session record parameters.
  • VAEN1 receives the DHCP release message sent by the user terminal or detects the IP session terminal through the survival mechanism. VAEN1 terminates the IP session and deletes the IP session record. At the same time, VAEN1 triggers real-time backup. Specifically, the user access session management sub-module notifies the real-time backup sub-module to terminate the session real-time backup.
  • VAEN1 real-time backup terminates the IP session.
  • the real-time backup sub-module encapsulates the IP session parameters into real-time backup messages and sends real-time backup messages to VAEN2.
  • the real-time backup message may also include a termination operation type.
  • VAEN2 After receiving the real-time backup message, VAEN2 obtains the cached dormant IP session record according to the IP session parameters, and finally deletes the cached IP session (delete the dormant IP session record).
  • the method for protecting the cold backup of the user access session is described in detail in the following, and the method mainly includes the following steps:
  • VAEN1 creates a user access session.
  • VAEN1 detects a user access session failure or network management command or VAEN1 failure, and then sends a handover indication, which can notify VAEN2 to perform handover processing.
  • the VAEN1 fault includes an uplink interface failure of the VAEN1 connected to the IP network or a downlink interface failure of the connection access aggregation network.
  • VAEN2 detects VAEN1 abnormality, it can also trigger its own switching process.
  • VAEN2 receives the handover indication, parses the handover indication message, and acquires the handover identifier, and starts the handover process.
  • the switching process includes:
  • VAEN2 sends an ARP message or a neighbor discovery ND message for refreshing the data forwarding table to the user terminal. This step is optional.
  • VAEN2 notifies the AN to perform protection switching. This step is also an optional step.
  • VAEN2 sends an online notification message to the user terminal to indicate that the terminal is back online (ie, re-establishes an IP session).
  • VAEN2 can send an online notification message according to the VLAN or according to the user access session.
  • the online notification message includes a DHCP update message or a BFD message, and the destination address of the message may be a broadcast or multicast address.
  • the IP session of the user terminal can be switched between different VAENs. This method can effectively solve the problem of refusing to provide access services to users after the VAEN failure.
  • the related data of the session being used is backed up to the other virtual access edge nodes in the backup group at the beginning of the session establishment and/or at the time of session switching, and when the session is in use, the user's The session interruption is being used.
  • the other virtual access edge nodes acquire the relevant data, they can notify the user to go online again and use the new session to communicate.
  • the present invention also describes a method for protecting the access control session of the device of the L2CM or the ANCP of the access network.
  • the method mainly includes the following steps:
  • L2C connection 1 L2C connection 1 in this example.
  • the L2C connection 1 can be established using the General Switch Management Protocol (GSMP) adjacency protocol, that is, the policy deployment management submodule of VAEN1 and the AN establish an L2C connection through the GSMP protocol.
  • GSMP General Switch Management Protocol
  • the control connection is used for policy deployment and collects topology information or policy execution feedback information.
  • the policy feedback information includes information such as multicast charging and permission control response.
  • VAEN2 establishes an L2CM or ANCP control access session with the AN (referred to as L2C connection 2 in this example).
  • L2C connection 2 is established after L2C connection 1 is established.
  • VAEN1 member registration processing receives the member registration indication message sent by the AN, and performs member registration processing according to the message.
  • the member registration indication message in this example may be a GSMP Adjacency Update message.
  • the AN After the AN completes establishing the L2C connection 2, the AN sends a contiguous update message to notify VAEN1.
  • VAEN1 After receiving the adjacency update message, VAEN1 parses the message to obtain the member information. For example, by adding the number of connections (Code) field of the adjacency update message, the member is added, and VAEN1 is in the member state. The new member is activated in the state trace record.
  • VAEN1 may activate a new member based on the member ID carried in the member registration indication message or activate the new member according to a pre-configured default value.
  • VAEN2 member registration processing.
  • VAEN2 sets its own state according to the pre-configured protection mode, such as standby protection mode or load sharing protection mode.
  • S1203 and S1204 can be registered by sending a member registration message between VAEN1 and VAEN2, and can also be directly registered by default when the L2C connection is established in S1201 or S1202 (that is, a new member is activated in the member status tracking record). .
  • VAEN1 or VAEN2 can also perform batch backup processing.
  • VAEN1 will use topology information, policy execution feedback information, and control policy (or called configuration parameters).
  • Batch backup to VAEN2 VAEN2 cache topology information, policy execution feedback information, control strategy.
  • VAEN1 receives the topology information report sent by the AN. After processing the topology information report, VAEN1 can trigger the real-time backup processing of the topology information. Generally, after detecting the topology change event, the AN sends a topology information report, for example, the interface rate or state of the AN changes, the AN sends a topology information report, and the VAEN1 policy management module adjusts the control parameters according to the topology information.
  • VAEN1 After processing the topology information report, VAEN1 sends a real-time backup message containing the topology information to VAEN2. After receiving the real-time backup message, VAEN2 caches the topology information.
  • Steps S1208, S1209, S1210, and S1211 describe the process of real-time backup of policy deployment:
  • control policy configuration In this example, VAEN1 sends a configuration request message to control the policy. Slightly configured.
  • the control policy mainly includes the control policy of the user accessing the session, for example, the multicast permission of the user access session, the address filtering table of the user access session, and the like.
  • VAEN1 receives a configuration confirmation message from the AN response configuration request. Trigger control policy real-time backup processing.
  • VAEN1 sends a real-time backup message containing the control policy to VAEN2.
  • VAEN2 caches the control policy.
  • VAEN2 receives the switching instruction and starts the switching process.
  • the handover indication in this example is the GSMP Adjacency Update message.
  • the AN detects the L2C connection 1 failure, sends an Adjacency Update message to VAEN2, and VAEN2 switches according to this message.
  • VAEN1 can send a switching indication directly to VAEN2.
  • VAEN2 performs switching and smoothing processing according to the received switching indication, and may mainly include:
  • VAEN2 and AN to control data synchronization.
  • the AN can send control policy data, topology information, and policy execution information to VAEN2 through 12CM synchronization messages.
  • VAEN can check the consistency of these control data to prevent inconsistent data.
  • VAEN2 sets the control strategy of this and activates the topology information base.
  • VAEN2 can activate the user access session according to the cached user access session data (for example, a dormant IP session record).
  • the cached user access session control data is derived from the synchronization data sent by the AN or the user access session control data backed up by VAEN1 to VAEN2.
  • the present invention also describes the implementation of the virtual router element (VRE) in the Virtual Router Redundancy Protocol (VRRP).
  • VRE virtual router element
  • VRRP Virtual Router Redundancy Protocol
  • VAEN's functional system the above VAEN pair It should be a logical VRRP virtual routing entity in the AEN device or device.
  • the virtual routing IDs of the virtual routing entities are equal to each other to form a backup group.
  • VAEN runs virtual routing redundancy protocols such as VRRP, as shown in Figure 13.
  • AEN 1301 and AEN 1302 respectively contain at least one virtual routing entity supporting the VRRP protocol, such as: VRE1 of AEN 1301 and VRE2 of AEN 1302.
  • VEN1 of AEN 1301 corresponds to VAEN 130101
  • VRE2 of AEN 1302 corresponds to VAEN 130201.
  • the virtual router IDs (VRIDs) of VRE1 and VRE2 are equal.
  • the VRID is 1.
  • VRE records are saved as members of the backup group (ie VAEN130101 and VAEN130201).
  • the VRE record includes the virtual router ID, the priority, the virtual IP address, and the actual IP address.
  • the virtual IP address of the VRE acts as the gateway address of the access session established by the user terminal.
  • the record of VRE2 is: virtual route identifier: 1, priority 200, virtual IP address: 20.1.1.1, actual IP address: 20.1.1.253.
  • the record of VRE1 is: Virtual route identifier: 1, Priority 255, Virtual IP address: 20.1.1.1, Actual IP address: 20.1.1.254.
  • the VAEN of the backup group uses the active/standby protection mode. The steps to VAEN member management and access session protection are explained in detail below:
  • VAEN uses the VRRP protocol Advertisement message for member registration.
  • the state of VAEN remains synchronized with the state of VRE, ie VAEN and VRE include three states: initialization, active, and standby.
  • VRE1 is used as the main.
  • the standby VAEN does not directly provide services (for example: the user terminal cannot directly establish an IP session with the standby VAEN).
  • User terminal 1 and VAEN 130101 establish IP session 1
  • user terminal 2 and VAEN 130101 establish IP session 2
  • VAEN130101 provides access for user terminal Service.
  • the gateway addresses of IP session 1 and IP session 2 are both virtual IP addresses of VAEN 130101.
  • the IP address of IP session 1 is 20.1.1.20.
  • the primary VAEN After the primary VAEN receives the standby VAEN registration and the registration process is completed, the primary VAEN backs up the service control data to the standby VAEN.
  • the VAEN130101 sends a batch backup message to the VAEN130201.
  • the destination address of the batch backup message backup is the address of the standby VAEN.
  • the address can be pre-configured or obtained through the member registration message. In this example, the member registration message is obtained.
  • the destination address of the batch backup message of VAEN130101 to VAEN130201 is 20.1.1.253.
  • Real-time backup After the main VAEN's service control data is changed, the active VAEN backs up the service control data to the standby VAEN.
  • VAEN130101 sends a real-time backup message to VAEN130201, and the real-time backup message destination address is the same as the batch backup.
  • VAEN uses the VRRP protocol Advertisement message to maintain membership status. The state of the VAEN remains in sync with the state of the VRE.
  • member registration message, the member maintenance message, the handover indication message, the batch backup message, and the real-time backup message described in the specific embodiments of the present invention may be selected according to actual conditions, including but not limited to VRRP, GSMP, Diamiter ( Extended License Agreement), H.248, Common Open Policy Service (COSS), Hot Standby Router Protocol (HSRP), SNMP (Trouble Network Management Protocol).
  • member registration message and member maintenance message can use VRRP advertisement message or SNMP trace (TRAP) message; batch backup message and real-time backup message SNMP setting (Set) or extract (Get) message.
  • an embodiment of the present invention provides the foregoing member registration message, member maintenance message, and cut
  • the specific implementation format of the backup protection message such as the indication message, the batch backup message, and the real-time backup message: the message includes at least a bearer header 1401 and a message content 1402, the bearer header 1401 is used for path finding of the message, and the message content 1402 is used to carry the member.
  • Information or business control data such as the indication message, the batch backup message, and the real-time backup message
  • the bearer header 1401 may include a link header 1401A (eg, an Ethernet header) and/or an IP header 1401B.
  • the bearer header 1401 may further include a UDP header (header) or the like; the IP header 1401B further includes a destination IP 1401 IB and a source IP 14012B. .
  • the message content 1402 includes at least a message type 1402A and a data record 1402C, and the message content 1402 may further include an operation type 1402B.
  • the message type 1402A mainly includes a member registration message, a member maintenance message, a real-time backup message, a batch backup message, a handover indication message, and the like.
  • the operation type 1402B mainly includes creation, update, deletion, and the like.
  • the data record 1402C may further include a type 14021C, a length 14022C, and a data 14023C.
  • the length 14022C is the actual length of the data 14023C.
  • a message can contain one or more data records 1402C.
  • the data 14023C may further include a plurality of sub-data records, the sub-data records mainly including subtypes, sub-lengths, and sub-data.
  • the destination address of the IP header or link header of the first 1401 header may be a multicast address (for example: multicast or broadcast address).
  • the source address of the IP header or link header of the bearer header 1401 is the sender address.
  • Message Content 1402 Data contains member information such as VAEN flag, VAEN priority, VAEN capability parameter, VAEN status, and so on.
  • the destination address of the IP header or link header of the bearer header 1401 is generally the address of the destination VAEN. 7
  • the source address of the IP header or link header of the header 1401 is the sender address.
  • Message Content 1402 Data contains member information or handover indication information, such as VAEN identification, access session identification, and the like.
  • the bearer header 1401 is consistent with the definition of the bearer header in the member maintenance message.
  • the data 1402C of the message content 1402 records the packaged service control data, for example: IP session parameters or topology information or control policies.
  • the specific encapsulation may be: Type 14021C is an IP session record, and data 14023C encapsulates sub-data records of multiple IP session parameters, for example, the address is 20.1.1.20.
  • the 14023C data encapsulation of the IP session with the gateway being 20.1.1.1 includes subtype 1 as an IP session.
  • the identifier, the sub-length 1 is 4, the sub-data 1 is 20.1 ⁇ 20, the sub-type 2 is the gateway address, the sub-length 2 is 4, and the sub-data 2 is 20.1.1.1.
  • At least one backup group is provided for the access network, and at least two VAENs are in the backup group, and the VAENs can be backed up and protected, access session management, and/or access policy deployment.
  • the access service can be switched between the VAENs of the backup group, so that when one of the VAENs in use fails, the other VAEN can switch the access service on the faulty VAEN, thereby ensuring the normal operation of the service and increasing the connection. The reliability of access to the network.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Procédé de protection de réseau d'accès comprenant les étapes suivantes : un nœud de bord d'accès virtuel envoie ou reçoit ou détecte une indication de commutation ; lorsque le nœud de bord d'accès virtuel envoie l'indication de commutation, il laisse ou efface l'enregistrement des données de contrôle de service qui correspondent à la session d'accès qui doit être arrêtée ; ou, lorsque le nœud de bord d'accès virtuel reçoit ou détecte l'indication de commutation, il active les données de contrôle de service qui correspondent à la session d'accès qui doit être activée. L'invention se rapporte également à un système de protection de réseau d'accès, à un nœud de bord d'accès virtuel et à un nœud de bord d'accès. Le réseau comporte au moins deux nœuds de bord d'accès virtuels ; quand l'un des nœuds de bord d'accès virtuels qui fournit le service d'accès de session présente une défaillance de fonctionnement, le service d'accès commute vers l'autre nœud de bord d'accès virtuel, de manière à garantir que le service d'accès fonctionne normalement, à fournir un mécanisme de protection de redondance pour le service d'accès et à accroître la fiabilité du réseau.
PCT/CN2008/073811 2007-12-28 2008-12-29 Procédé de protection de réseau d'accès, système et nœud de bord d'accès WO2009082978A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2007100329752A CN101471898B (zh) 2007-12-28 2007-12-28 一种接入网的保护方法、系统和虚拟接入边缘节点
CN200710032975.2 2007-12-28

Publications (1)

Publication Number Publication Date
WO2009082978A1 true WO2009082978A1 (fr) 2009-07-09

Family

ID=40823792

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2008/073811 WO2009082978A1 (fr) 2007-12-28 2008-12-29 Procédé de protection de réseau d'accès, système et nœud de bord d'accès

Country Status (2)

Country Link
CN (1) CN101471898B (fr)
WO (1) WO2009082978A1 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016095322A1 (fr) * 2014-12-16 2016-06-23 北京东土科技股份有限公司 Procédé et appareil de transmission de données basée sur vrrp
CN109150745A (zh) * 2018-10-26 2019-01-04 新华三信息安全技术有限公司 一种报文处理方法及装置
WO2023185136A1 (fr) * 2022-03-31 2023-10-05 苏州浪潮智能科技有限公司 Procédé et appareil de traitement de nœud périphérique, et support

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103139023A (zh) * 2011-11-25 2013-06-05 华为技术有限公司 用户接入控制的方法、网络设备及系统
CN102387083B (zh) * 2011-11-28 2014-11-26 中国联合网络通信集团有限公司 网络访问控制方法和系统
CN102420731B (zh) * 2011-11-28 2014-01-22 中国联合网络通信集团有限公司 网络访问控制方法和系统
CN103336798B (zh) * 2013-06-17 2017-10-20 华南理工大学 嵌入式网络设备的虚拟化数据访问系统及方法
CN103441938B (zh) * 2013-08-28 2015-05-13 南车株洲电力机车研究所有限公司 一种端口切换方法及一种通信设备
CN106161077B (zh) * 2015-04-24 2019-07-09 中兴通讯股份有限公司 接入汇聚装置和认证注册方法
CN109803029B (zh) * 2017-11-17 2020-11-06 华为技术有限公司 数据处理方法、装置及设备
CN108667682B (zh) * 2018-03-21 2020-11-06 北京天融信网络安全技术有限公司 基于安全网关深度包检测的连接同步方法、装置及介质
CN110290567B (zh) * 2019-07-03 2021-04-09 深信服科技股份有限公司 虚拟局域网切换方法、装置、终端、系统及存储介质
CN110581782B (zh) * 2019-09-17 2022-07-12 中国联合网络通信集团有限公司 一种容灾数据的处理方法、装置及系统

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040198372A1 (en) * 2002-06-28 2004-10-07 Otso Auterinen Redundancy and load balancing in a telecommunication unit and system
JP2005184666A (ja) * 2003-12-22 2005-07-07 Mitsubishi Electric Corp リング型ネットワーク装置、リング型ネットワークの冗長化方法およびリング型ネットワークのノード装置
CN1934561A (zh) * 2004-02-12 2007-03-21 城域信息包系统公司 网络拓扑的恢复机制
CN101039172A (zh) * 2007-05-15 2007-09-19 华为技术有限公司 以太环网系统及其保护方法和备用主节点

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040198372A1 (en) * 2002-06-28 2004-10-07 Otso Auterinen Redundancy and load balancing in a telecommunication unit and system
JP2005184666A (ja) * 2003-12-22 2005-07-07 Mitsubishi Electric Corp リング型ネットワーク装置、リング型ネットワークの冗長化方法およびリング型ネットワークのノード装置
CN1934561A (zh) * 2004-02-12 2007-03-21 城域信息包系统公司 网络拓扑的恢复机制
CN101039172A (zh) * 2007-05-15 2007-09-19 华为技术有限公司 以太环网系统及其保护方法和备用主节点

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016095322A1 (fr) * 2014-12-16 2016-06-23 北京东土科技股份有限公司 Procédé et appareil de transmission de données basée sur vrrp
CN109150745A (zh) * 2018-10-26 2019-01-04 新华三信息安全技术有限公司 一种报文处理方法及装置
CN109150745B (zh) * 2018-10-26 2022-06-21 新华三信息安全技术有限公司 一种报文处理方法及装置
WO2023185136A1 (fr) * 2022-03-31 2023-10-05 苏州浪潮智能科技有限公司 Procédé et appareil de traitement de nœud périphérique, et support

Also Published As

Publication number Publication date
CN101471898A (zh) 2009-07-01
CN101471898B (zh) 2011-12-28

Similar Documents

Publication Publication Date Title
WO2009082978A1 (fr) Procédé de protection de réseau d'accès, système et nœud de bord d'accès
JP6092873B2 (ja) OpenFlowデータ及び制御プレーンでのクラウドコンピュータにおける3Gパケットコアの実装
JP4020753B2 (ja) リング切替方法
US8264956B2 (en) Service redundancy in wireless networks
EP2087656B1 (fr) Procédés et agencements pour une émulation de réseau local dans des réseaux mobiles
US20080172582A1 (en) Method and system for providing peer liveness for high speed environments
US20050086385A1 (en) Passive connection backup
US20160127149A1 (en) Method for implementing gre tunnel, access device and aggregation gateway
KR102050910B1 (ko) 연결 실패 시에 홈 네트워크에 대한 재라우팅을 인에이블시키는 방법 및 시스템
WO2008119300A1 (fr) Procédé et dispositif de protection pour service d'arborescence ethernet
WO2007009347A1 (fr) Méthode et appareil de transmission de flux de service sur un système d’échange virtuel
WO2008058477A1 (fr) Procédé, appareil et système de gestion d'informations de localisation
CN101312456B (zh) 对订户会话进行存活监控的方法及系统
Malkin Dial-in virtual private networks using layer 3 tunneling
US7567522B2 (en) Suppression of router advertisement
Carugi et al. Service requirements for layer 3 provider provisioned virtual private networks (PPVPNs)
EP4262176A1 (fr) Signalisation de fonction de passerelle d'accès en veille pour un protocole de configuration d'hôte dynamique
Cisco Cisco IOS Command References Master Index
Cisco Release Notes for the Cisco AS5100 and AS5200 for Cisco IOS Release 11.2
Cisco Release Notes for the Cisco AS5100 and AS5200 for Cisco IOS Release 11.2
Cisco Release Notes for the Cisco AS5100 and AS5200 for Cisco IOS Release 11.2
Cisco Release Notes for the Cisco AS5100 and AS5200 for Cisco IOS Release 11.2
US8953434B1 (en) Providing high availability as a service with network devices
Cisco Release Notes for the Cisco 1000 Series Routers for Cisco IOS Release 11.2
Cisco Release Notes for the Cisco 1000 Series Routers for Cisco IOS Release 11.2

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08868116

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 08868116

Country of ref document: EP

Kind code of ref document: A1